1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-2887-1

[USN-2887-1] Linux kernel vulnerabilities

Severity Medium
Affected Packages 9
CVEs 4
Info Packages Vulnerabilities

Several security issues were fixed in the kernel.

It was discovered that a use-after-free vulnerability existed in the
AF_UNIX implementation in the Linux kernel. A local attacker could use
crafted epoll_ctl calls to cause a denial of service (system crash) or
expose sensitive information. (CVE-2013-7446)

It was discovered that the KVM implementation in the Linux kernel did not
properly restore the values of the Programmable Interrupt Timer (PIT). A
user-assisted attacker in a KVM guest could cause a denial of service in
the host (system crash). (CVE-2015-7513)

Sasha Levin discovered that the Reliable Datagram Sockets (RDS)
implementation in the Linux kernel had a race condition when checking
whether a socket was bound or not. A local attacker could use this to cause
a denial of service (system crash). (CVE-2015-7990)

It was discovered that the Btrfs implementation in the Linux kernel
incorrectly handled compressed inline extants on truncation. A local
attacker could use this to expose sensitive information. (CVE-2015-8374)

Package Affected Version
pkg:deb/ubuntu/linux-image-extra-3.13.0-77-generic?distro=trusty < 3.13.0-77.121
pkg:deb/ubuntu/linux-image-3.13.0-77-powerpc64-smp?distro=trusty < 3.13.0-77.121
pkg:deb/ubuntu/linux-image-3.13.0-77-powerpc64-emb?distro=trusty < 3.13.0-77.121
pkg:deb/ubuntu/linux-image-3.13.0-77-powerpc-smp?distro=trusty < 3.13.0-77.121
pkg:deb/ubuntu/linux-image-3.13.0-77-powerpc-e500mc?distro=trusty < 3.13.0-77.121
pkg:deb/ubuntu/linux-image-3.13.0-77-powerpc-e500?distro=trusty < 3.13.0-77.121
pkg:deb/ubuntu/linux-image-3.13.0-77-lowlatency?distro=trusty < 3.13.0-77.121
pkg:deb/ubuntu/linux-image-3.13.0-77-generic?distro=trusty < 3.13.0-77.121
pkg:deb/ubuntu/linux-image-3.13.0-77-generic-lpae?distro=trusty < 3.13.0-77.121
ID
USN-2887-1
Severity
medium
URL
https://ubuntu.com/security/notices/USN-2887-1
Published
2016-02-02T00:37:40
(8 years ago)
Modified
2016-02-02T00:37:40
(8 years ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/linux-image-extra-3.13.0-77-generic?distro=trusty ubuntu linux-image-extra-3.13.0-77-generic < 3.13.0-77.121 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-77-powerpc64-smp?distro=trusty ubuntu linux-image-3.13.0-77-powerpc64-smp < 3.13.0-77.121 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-77-powerpc64-emb?distro=trusty ubuntu linux-image-3.13.0-77-powerpc64-emb < 3.13.0-77.121 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-77-powerpc-smp?distro=trusty ubuntu linux-image-3.13.0-77-powerpc-smp < 3.13.0-77.121 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-77-powerpc-e500mc?distro=trusty ubuntu linux-image-3.13.0-77-powerpc-e500mc < 3.13.0-77.121 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-77-powerpc-e500?distro=trusty ubuntu linux-image-3.13.0-77-powerpc-e500 < 3.13.0-77.121 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-77-lowlatency?distro=trusty ubuntu linux-image-3.13.0-77-lowlatency < 3.13.0-77.121 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-77-generic?distro=trusty ubuntu linux-image-3.13.0-77-generic < 3.13.0-77.121 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-77-generic-lpae?distro=trusty ubuntu linux-image-3.13.0-77-generic-lpae < 3.13.0-77.121 trusty
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date