[USN-2976-1] Linux kernel (Utopic HWE) vulnerability
Severity
High
Affected Packages
8
CVEs
1
The system could be made to crash or run programs as an administrator.
Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did
not properly process certificate files with tags of indefinite length. A
local unprivileged attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code with administrative
privileges.
Package | Affected Version |
---|---|
pkg:deb/ubuntu/linux-image-extra-3.16.0-71-generic?distro=trusty | < 3.16.0-71.92~14.04.1 |
pkg:deb/ubuntu/linux-image-3.16.0-71-powerpc64-smp?distro=trusty | < 3.16.0-71.92~14.04.1 |
pkg:deb/ubuntu/linux-image-3.16.0-71-powerpc64-emb?distro=trusty | < 3.16.0-71.92~14.04.1 |
pkg:deb/ubuntu/linux-image-3.16.0-71-powerpc-smp?distro=trusty | < 3.16.0-71.92~14.04.1 |
pkg:deb/ubuntu/linux-image-3.16.0-71-powerpc-e500mc?distro=trusty | < 3.16.0-71.92~14.04.1 |
pkg:deb/ubuntu/linux-image-3.16.0-71-lowlatency?distro=trusty | < 3.16.0-71.92~14.04.1 |
pkg:deb/ubuntu/linux-image-3.16.0-71-generic?distro=trusty | < 3.16.0-71.92~14.04.1 |
pkg:deb/ubuntu/linux-image-3.16.0-71-generic-lpae?distro=trusty | < 3.16.0-71.92~14.04.1 |
- ID
- USN-2976-1
- Severity
- high
- URL
- https://ubuntu.com/security/notices/USN-2976-1
- Published
-
2016-05-16T17:17:16
(8 years ago) - Modified
-
2016-05-16T17:17:16
(8 years ago) - Other Advisories
-
- ALAS-2016-703
- ELSA-2016-1033
- ELSA-2016-3559
- ELSA-2016-3565
- FEDORA-2016-06f1572324
- FEDORA-2016-84fdc82b74
- FEDORA-2016-f8739a80b0
- RHSA-2016:1033
- RHSA-2016:1051
- SUSE-SU-2016:1672-1
- SUSE-SU-2016:1690-1
- SUSE-SU-2016:1937-1
- SUSE-SU-2016:1961-1
- SUSE-SU-2016:1985-1
- SUSE-SU-2016:1994-1
- SUSE-SU-2016:1995-1
- SUSE-SU-2016:2000-1
- SUSE-SU-2016:2001-1
- SUSE-SU-2016:2002-1
- SUSE-SU-2016:2003-1
- SUSE-SU-2016:2005-1
- SUSE-SU-2016:2006-1
- SUSE-SU-2016:2007-1
- SUSE-SU-2016:2009-1
- SUSE-SU-2016:2010-1
- SUSE-SU-2016:2011-1
- SUSE-SU-2016:2014-1
- SUSE-SU-2016:2105-1
- SUSE-SU-2016:2245-1
- USN-2975-1
- USN-2975-2
- USN-2977-1
- USN-2978-1
- USN-2978-2
- USN-2978-3
- USN-2979-1
- USN-2979-2
- USN-2979-3
- USN-2979-4
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/linux-image-extra-3.16.0-71-generic?distro=trusty | ubuntu | linux-image-extra-3.16.0-71-generic | < 3.16.0-71.92~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.16.0-71-powerpc64-smp?distro=trusty | ubuntu | linux-image-3.16.0-71-powerpc64-smp | < 3.16.0-71.92~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.16.0-71-powerpc64-emb?distro=trusty | ubuntu | linux-image-3.16.0-71-powerpc64-emb | < 3.16.0-71.92~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.16.0-71-powerpc-smp?distro=trusty | ubuntu | linux-image-3.16.0-71-powerpc-smp | < 3.16.0-71.92~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.16.0-71-powerpc-e500mc?distro=trusty | ubuntu | linux-image-3.16.0-71-powerpc-e500mc | < 3.16.0-71.92~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.16.0-71-lowlatency?distro=trusty | ubuntu | linux-image-3.16.0-71-lowlatency | < 3.16.0-71.92~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.16.0-71-generic?distro=trusty | ubuntu | linux-image-3.16.0-71-generic | < 3.16.0-71.92~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.16.0-71-generic-lpae?distro=trusty | ubuntu | linux-image-3.16.0-71-generic-lpae | < 3.16.0-71.92~14.04.1 | trusty |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |