[USN-2713-1] Linux kernel vulnerabilities

Severity High

CVEs 3

Several security issues were fixed in the kernel.

Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's
SCTP address configuration lists when using Address Configuration Change
(ASCONF) options on a socket. An unprivileged local user could exploit this
flaw to cause a denial of service (system crash). (CVE-2015-3212)

A flaw was discovered in how the Linux kernel handles invalid UDP
checksums. A remote attacker could exploit this flaw to cause a denial of
service using a flood of UDP packets with invalid checksums.
(CVE-2015-5364)

A flaw was discovered in how the Linux kernel handles invalid UDP
checksums. A remote attacker can cause a denial of service against
applications that use epoll by injecting a single packet with an invalid
checksum. (CVE-2015-5366)

ID

USN-2713-1

Severity

high

Severity from

CVE-2015-5364

URL

https://ubuntu.com/security/notices/USN-2713-1

Published