[USN-2887-2] Linux kernel (Trusty HWE) vulnerabilities
Several security issues were fixed in the kernel.
It was discovered that a use-after-free vulnerability existed in the
AF_UNIX implementation in the Linux kernel. A local attacker could use
crafted epoll_ctl calls to cause a denial of service (system crash) or
expose sensitive information. (CVE-2013-7446)
It was discovered that the KVM implementation in the Linux kernel did not
properly restore the values of the Programmable Interrupt Timer (PIT). A
user-assisted attacker in a KVM guest could cause a denial of service in
the host (system crash). (CVE-2015-7513)
Sasha Levin discovered that the Reliable Datagram Sockets (RDS)
implementation in the Linux kernel had a race condition when checking
whether a socket was bound or not. A local attacker could use this to cause
a denial of service (system crash). (CVE-2015-7990)
It was discovered that the Btrfs implementation in the Linux kernel
incorrectly handled compressed inline extants on truncation. A local
attacker could use this to expose sensitive information. (CVE-2015-8374)
- ID
- USN-2887-2
- Severity
- medium
- Severity from
- CVE-2015-7513
- URL
- https://ubuntu.com/security/notices/USN-2887-2
- Published
-
2016-02-02T01:29:37
(8 years ago) - Modified
-
2016-02-02T01:29:37
(8 years ago) - Other Advisories
-
- DSA-3396-1
- DSA-3426-1
- DSA-3434-1
- ELSA-2016-2574
- ELSA-2016-3617
- ELSA-2016-3618
- ELSA-2017-3515
- ELSA-2017-3516
- FEDORA-2015-115c302856
- FEDORA-2015-ac9a19888e
- FEDORA-2015-c1c2f5e168
- FEDORA-2015-c4ed00a68f
- FEDORA-2015-c59710b05d
- FEDORA-2015-cd94ad8d7c
- FEDORA-2015-f2c534bc12
- FEDORA-2016-26e19f042a
- FEDORA-2016-5d43766e33
- FEDORA-2016-b59fd603be
- RHSA-2016:2574
- RHSA-2016:2584
- SUSE-SU-2015:2108-1
- SUSE-SU-2015:2194-1
- SUSE-SU-2015:2292-1
- SUSE-SU-2015:2339-1
- SUSE-SU-2015:2350-1
- SUSE-SU-2016:0335-1
- SUSE-SU-2016:0337-1
- SUSE-SU-2016:0354-1
- SUSE-SU-2016:0380-1
- SUSE-SU-2016:0381-1
- SUSE-SU-2016:0383-1
- SUSE-SU-2016:0384-1
- SUSE-SU-2016:0386-1
- SUSE-SU-2016:0387-1
- SUSE-SU-2016:0434-1
- SUSE-SU-2016:0585-1
- SUSE-SU-2016:0745-1
- SUSE-SU-2016:0746-1
- SUSE-SU-2016:0747-1
- SUSE-SU-2016:0749-1
- SUSE-SU-2016:0750-1
- SUSE-SU-2016:0751-1
- SUSE-SU-2016:0752-1
- SUSE-SU-2016:0753-1
- SUSE-SU-2016:0754-1
- SUSE-SU-2016:0755-1
- SUSE-SU-2016:0756-1
- SUSE-SU-2016:0757-1
- SUSE-SU-2016:0785-1
- SUSE-SU-2016:0911-1
- SUSE-SU-2016:1102-1
- SUSE-SU-2016:1203-1
- SUSE-SU-2016:1961-1
- SUSE-SU-2016:1994-1
- SUSE-SU-2016:1995-1
- SUSE-SU-2016:2000-1
- SUSE-SU-2016:2001-1
- SUSE-SU-2016:2002-1
- SUSE-SU-2016:2003-1
- SUSE-SU-2016:2005-1
- SUSE-SU-2016:2006-1
- SUSE-SU-2016:2007-1
- SUSE-SU-2016:2009-1
- SUSE-SU-2016:2010-1
- SUSE-SU-2016:2011-1
- SUSE-SU-2016:2014-1
- SUSE-SU-2016:2074-1
- SUSE-SU-2016:2245-1
- SUSE-SU-2016:2976-1
- SUSE-SU-2016:3069-1
- SUSE-SU-2017:0333-1
- USN-2886-1
- USN-2886-2
- USN-2887-1
- USN-2888-1
- USN-2889-1
- USN-2889-2
- USN-2890-1
- USN-2890-2
- USN-2890-3
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |