[USN-2978-1] Linux kernel vulnerabilities

Severity High

CVEs 2

Several security issues were fixed in the kernel.

David Matlack discovered that the Kernel-based Virtual Machine (KVM)
implementation in the Linux kernel did not properly restrict variable
Memory Type Range Registers (MTRR) in KVM guests. A privileged user in a
guest VM could use this to cause a denial of service (system crash) in the
host, expose sensitive information from the host, or possibly gain
administrative privileges in the host. (CVE-2016-3713)

Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did
not properly process certificate files with tags of indefinite length. A
local unprivileged attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code with administrative
privileges. (CVE-2016-0758)

ID

USN-2978-1

Severity

high

Severity from

CVE-2016-0758

URL

https://ubuntu.com/security/notices/USN-2978-1

Published