[USN-2796-1] Linux kernel (OMAP4) vulnerabilities
Several security issues were fixed in the kernel.
Dmitry Vyukov discovered that the Linux kernel did not properly initialize
IPC object state in certain situations. A local attacker could use this to
escalate their privileges, expose confidential information, or cause a
denial of service (system crash). (CVE-2015-7613)
It was discovered that the Linux kernel did not check if a new IPv6 MTU set
by a user space application was valid. A remote attacker could forge a
route advertisement with an invalid MTU that a user space daemon like
NetworkManager would honor and apply to the kernel, causing a denial of
service. (CVE-2015-0272)
It was discovered that in certain situations, a directory could be renamed
outside of a bind mounted location. An attacker could use this to escape
bind mount containment and gain access to sensitive information.
(CVE-2015-2925)
Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver contained
hardcoded attributes about the USB devices. An attacker could construct a
fake WhiteHEAT USB device that, when inserted, causes a denial of service
(system crash). (CVE-2015-5257)
- ID
- USN-2796-1
- Severity
- medium
- Severity from
- CVE-2015-2925
- URL
- https://ubuntu.com/security/notices/USN-2796-1
- Published
-
2015-11-05T17:19:41
(9 years ago) - Modified
-
2015-11-05T17:19:41
(9 years ago) - Other Advisories
-
- ALAS-2015-603
- DSA-3372-1
- ELSA-2015-2152
- ELSA-2015-2315
- ELSA-2015-2636
- ELSA-2015-3101
- ELSA-2016-3501
- ELSA-2016-3502
- ELSA-2016-3503
- ELSA-2017-3566
- ELSA-2017-3567
- FEDORA-2015-3c8c8ba072
- FEDORA-2015-43145298f4
- FEDORA-2015-d7e074ba30
- FEDORA-2015-dcc260f2f2
- RHSA-2015:2152
- RHSA-2015:2315
- RHSA-2015:2411
- RHSA-2015:2636
- SUSE-SU-2015:1727-1
- SUSE-SU-2015:2084-1
- SUSE-SU-2015:2085-1
- SUSE-SU-2015:2086-1
- SUSE-SU-2015:2087-1
- SUSE-SU-2015:2089-1
- SUSE-SU-2015:2090-1
- SUSE-SU-2015:2091-1
- SUSE-SU-2015:2108-1
- SUSE-SU-2015:2194-1
- SUSE-SU-2015:2292-1
- SUSE-SU-2015:2339-1
- SUSE-SU-2015:2350-1
- SUSE-SU-2016:0335-1
- SUSE-SU-2016:0337-1
- SUSE-SU-2016:0354-1
- SUSE-SU-2016:0380-1
- SUSE-SU-2016:0381-1
- SUSE-SU-2016:0383-1
- SUSE-SU-2016:0384-1
- SUSE-SU-2016:0386-1
- SUSE-SU-2016:0387-1
- SUSE-SU-2016:0434-1
- SUSE-SU-2016:0585-1
- SUSE-SU-2016:2074-1
- USN-2761-1
- USN-2762-1
- USN-2763-1
- USN-2764-1
- USN-2765-1
- USN-2775-1
- USN-2776-1
- USN-2778-1
- USN-2779-1
- USN-2792-1
- USN-2794-1
- USN-2795-1
- USN-2797-1
- USN-2798-1
- USN-2799-1
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |