[USN-2909-1] Linux kernel (Utopic HWE) vulnerabilities
Several security issues were fixed in the kernel.
halfdog discovered that OverlayFS, when mounting on top of a FUSE mount,
incorrectly propagated file attributes, including setuid. A local
unprivileged attacker could use this to gain privileges. (CVE-2016-1576)
halfdog discovered that OverlayFS in the Linux kernel incorrectly
propagated security sensitive extended attributes, such as POSIX ACLs. A
local unprivileged attacker could use this to gain privileges.
(CVE-2016-1575)
It was discovered that the Linux kernel's Filesystem in Userspace (FUSE)
implementation did not handle initial zero length segments properly. A
local attacker could use this to cause a denial of service (unkillable
task). (CVE-2015-8785)
Package | Affected Version |
---|---|
pkg:deb/ubuntu/linux-image-extra-3.16.0-62-generic?distro=trusty | < 3.16.0-62.82~14.04.1 |
pkg:deb/ubuntu/linux-image-3.16.0-62-powerpc64-smp?distro=trusty | < 3.16.0-62.82~14.04.1 |
pkg:deb/ubuntu/linux-image-3.16.0-62-powerpc64-emb?distro=trusty | < 3.16.0-62.82~14.04.1 |
pkg:deb/ubuntu/linux-image-3.16.0-62-powerpc-smp?distro=trusty | < 3.16.0-62.82~14.04.1 |
pkg:deb/ubuntu/linux-image-3.16.0-62-powerpc-e500mc?distro=trusty | < 3.16.0-62.82~14.04.1 |
pkg:deb/ubuntu/linux-image-3.16.0-62-lowlatency?distro=trusty | < 3.16.0-62.82~14.04.1 |
pkg:deb/ubuntu/linux-image-3.16.0-62-generic?distro=trusty | < 3.16.0-62.82~14.04.1 |
pkg:deb/ubuntu/linux-image-3.16.0-62-generic-lpae?distro=trusty | < 3.16.0-62.82~14.04.1 |
- ID
- USN-2909-1
- Severity
- high
- URL
- https://ubuntu.com/security/notices/USN-2909-1
- Published
-
2016-02-22T21:09:23
(8 years ago) - Modified
-
2016-02-22T21:09:23
(8 years ago) - Other Advisories
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/linux-image-extra-3.16.0-62-generic?distro=trusty | ubuntu | linux-image-extra-3.16.0-62-generic | < 3.16.0-62.82~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.16.0-62-powerpc64-smp?distro=trusty | ubuntu | linux-image-3.16.0-62-powerpc64-smp | < 3.16.0-62.82~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.16.0-62-powerpc64-emb?distro=trusty | ubuntu | linux-image-3.16.0-62-powerpc64-emb | < 3.16.0-62.82~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.16.0-62-powerpc-smp?distro=trusty | ubuntu | linux-image-3.16.0-62-powerpc-smp | < 3.16.0-62.82~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.16.0-62-powerpc-e500mc?distro=trusty | ubuntu | linux-image-3.16.0-62-powerpc-e500mc | < 3.16.0-62.82~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.16.0-62-lowlatency?distro=trusty | ubuntu | linux-image-3.16.0-62-lowlatency | < 3.16.0-62.82~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.16.0-62-generic?distro=trusty | ubuntu | linux-image-3.16.0-62-generic | < 3.16.0-62.82~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.16.0-62-generic-lpae?distro=trusty | ubuntu | linux-image-3.16.0-62-generic-lpae | < 3.16.0-62.82~14.04.1 | trusty |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |