[USN-2616-1] Linux kernel vulnerabilities
Several security issues were fixed in the kernel.
Alexandre Oliva reported a race condition flaw in the btrfs file system's
handling of extended attributes (xattrs). A local attacker could exploit
this flaw to bypass ACLs and potentially escalate privileges.
(CVE-2014-9710)
A memory corruption issue was discovered in AES decryption when using the
Intel AES-NI accelerated code path. A remote attacker could exploit this
flaw to cause a denial of service (system crash) or potentially escalate
privileges on Intel base machines with AEC-GCM mode IPSec security
association. (CVE-2015-3331)
A flaw was discovered in the Linux kernel's IPv4 networking when using TCP
fast open to initiate a connection. An unprivileged local user could
exploit this flaw to cause a denial of service (system crash).
(CVE-2015-3332)
- ID
- USN-2616-1
- Severity
- high
- Severity from
- CVE-2015-3331
- URL
- https://ubuntu.com/security/notices/USN-2616-1
- Published
-
2015-05-20T11:34:40
(9 years ago) - Modified
-
2015-05-20T11:34:40
(9 years ago) - Other Advisories
-
- ALAS-2015-523
- DSA-3237-1
- ELSA-2015-0987
- ELSA-2015-1081
- ELSA-2015-3035
- ELSA-2015-3036
- ELSA-2017-3597
- RHSA-2015:0981
- RHSA-2015:0987
- RHSA-2015:1081
- SUSE-SU-2015:0581-1
- SUSE-SU-2015:0736-1
- SUSE-SU-2015:1071-1
- SUSE-SU-2015:1174-1
- SUSE-SU-2015:1224-1
- SUSE-SU-2015:1376-1
- SUSE-SU-2015:1478-1
- SUSE-SU-2015:1487-1
- SUSE-SU-2015:1488-1
- SUSE-SU-2015:1489-1
- SUSE-SU-2015:1491-1
- USN-2613-1
- USN-2614-1
- USN-2615-1
- USN-2619-1
- USN-2620-1
- USN-2631-1
- USN-2632-1
- USN-2662-1
- USN-2663-1
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |