1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-2688-1

[USN-2688-1] Linux kernel vulnerabilities

Severity High
Affected Packages 9
CVEs 4
Info Packages Vulnerabilities

Several security issues were fixed in the kernel.

Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested
NMIs (non-maskable interrupts). An unprivileged local user could exploit
this flaw to cause a denial of service (system crash) or potentially
escalate their privileges. (CVE-2015-3290)

Colin King discovered a flaw in the add_key function of the Linux kernel's
keyring subsystem. A local user could exploit this flaw to cause a denial
of service (memory exhaustion). (CVE-2015-1333)

Andy Lutomirski discovered a flaw that allows user to cause the Linux
kernel to ignore some NMIs (non-maskable interrupts). A local unprivileged
user could exploit this flaw to potentially cause the system to miss
important NMIs resulting in unspecified effects. (CVE-2015-3291)

Andy Lutomirski and Petr Matousek discovered that an NMI (non-maskable
interrupt) that interrupts userspace and encounters an IRET fault is
incorrectly handled by the Linux kernel. An unprivileged local user could
exploit this flaw to cause a denial of service (kernel OOPs), corruption,
or potentially escalate privileges on the system. (CVE-2015-5157)

Package Affected Version
pkg:deb/ubuntu/linux-image-extra-3.13.0-59-generic?distro=trusty < 3.13.0-59.98
pkg:deb/ubuntu/linux-image-3.13.0-59-powerpc64-smp?distro=trusty < 3.13.0-59.98
pkg:deb/ubuntu/linux-image-3.13.0-59-powerpc64-emb?distro=trusty < 3.13.0-59.98
pkg:deb/ubuntu/linux-image-3.13.0-59-powerpc-smp?distro=trusty < 3.13.0-59.98
pkg:deb/ubuntu/linux-image-3.13.0-59-powerpc-e500mc?distro=trusty < 3.13.0-59.98
pkg:deb/ubuntu/linux-image-3.13.0-59-powerpc-e500?distro=trusty < 3.13.0-59.98
pkg:deb/ubuntu/linux-image-3.13.0-59-lowlatency?distro=trusty < 3.13.0-59.98
pkg:deb/ubuntu/linux-image-3.13.0-59-generic?distro=trusty < 3.13.0-59.98
pkg:deb/ubuntu/linux-image-3.13.0-59-generic-lpae?distro=trusty < 3.13.0-59.98
ID
USN-2688-1
Severity
high
URL
https://ubuntu.com/security/notices/USN-2688-1
Published
2015-07-28T09:11:51
(9 years ago)
Modified
2015-07-28T09:11:51
(9 years ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/linux-image-extra-3.13.0-59-generic?distro=trusty ubuntu linux-image-extra-3.13.0-59-generic < 3.13.0-59.98 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-59-powerpc64-smp?distro=trusty ubuntu linux-image-3.13.0-59-powerpc64-smp < 3.13.0-59.98 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-59-powerpc64-emb?distro=trusty ubuntu linux-image-3.13.0-59-powerpc64-emb < 3.13.0-59.98 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-59-powerpc-smp?distro=trusty ubuntu linux-image-3.13.0-59-powerpc-smp < 3.13.0-59.98 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-59-powerpc-e500mc?distro=trusty ubuntu linux-image-3.13.0-59-powerpc-e500mc < 3.13.0-59.98 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-59-powerpc-e500?distro=trusty ubuntu linux-image-3.13.0-59-powerpc-e500 < 3.13.0-59.98 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-59-lowlatency?distro=trusty ubuntu linux-image-3.13.0-59-lowlatency < 3.13.0-59.98 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-59-generic?distro=trusty ubuntu linux-image-3.13.0-59-generic < 3.13.0-59.98 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-59-generic-lpae?distro=trusty ubuntu linux-image-3.13.0-59-generic-lpae < 3.13.0-59.98 trusty
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date