[USN-3049-1] Linux kernel vulnerabilities
Several security issues were fixed in the kernel.
Ben Hawkes discovered that the Linux netfilter implementation did not
correctly perform validation when handling IPT_SO_SET_REPLACE events. A
local unprivileged attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code with administrative
privileges. (CVE-2016-3134)
Vitaly Kuznetsov discovered that the Linux kernel did not properly suppress
hugetlbfs support in X86 paravirtualized guests. An attacker in the guest
OS could cause a denial of service (guest system crash). (CVE-2016-3961)
It was discovered that the keyring implementation in the Linux kernel did
not ensure a data structure was initialized before referencing it after an
error condition occurred. A local attacker could use this to cause a denial
of service (system crash). (CVE-2016-4470)
Kangjie Lu discovered an information leak in the netlink implementation of
the Linux kernel. A local attacker could use this to obtain sensitive
information from kernel memory. (CVE-2016-5243)
- ID
- USN-3049-1
- Severity
- high
- Severity from
- CVE-2016-3134
- URL
- https://ubuntu.com/security/notices/USN-3049-1
- Published
-
2016-08-10T09:39:22
(8 years ago) - Modified
-
2016-08-10T09:39:22
(8 years ago) - Other Advisories
-
- ALAS-2016-694
- ALAS-2016-703
- ALAS-2016-726
- DSA-3607-1
- ELSA-2016-1539
- ELSA-2016-1847
- ELSA-2016-2006
- ELSA-2016-3591
- ELSA-2016-3592
- ELSA-2016-3593
- ELSA-2016-3623
- ELSA-2016-3624
- ELSA-2016-3625
- FEDORA-2016-02ed08bf15
- FEDORA-2016-1c409313f4
- FEDORA-2016-373c063e79
- FEDORA-2016-3a57b19360
- FEDORA-2016-3daf782dfa
- FEDORA-2016-63ee0999e4
- FEDORA-2016-73a733f4d9
- FEDORA-2016-7f37d42add
- FEDORA-2016-80edb9d511
- FEDORA-2016-81fd1b03aa
- FEDORA-2016-8a1f49149e
- FEDORA-2016-e0f3fcd7df
- RHSA-2016:1539
- RHSA-2016:1541
- RHSA-2016:1847
- RHSA-2016:1875
- RHSA-2016:2006
- SUSE-SU-2016:1672-1
- SUSE-SU-2016:1690-1
- SUSE-SU-2016:1696-1
- SUSE-SU-2016:1764-1
- SUSE-SU-2016:1937-1
- SUSE-SU-2016:1961-1
- SUSE-SU-2016:1985-1
- SUSE-SU-2016:1994-1
- SUSE-SU-2016:1995-1
- SUSE-SU-2016:1998-1
- SUSE-SU-2016:1999-1
- SUSE-SU-2016:2000-1
- SUSE-SU-2016:2001-1
- SUSE-SU-2016:2002-1
- SUSE-SU-2016:2003-1
- SUSE-SU-2016:2005-1
- SUSE-SU-2016:2006-1
- SUSE-SU-2016:2007-1
- SUSE-SU-2016:2009-1
- SUSE-SU-2016:2010-1
- SUSE-SU-2016:2011-1
- SUSE-SU-2016:2014-1
- SUSE-SU-2016:2018-1
- SUSE-SU-2016:2074-1
- SUSE-SU-2016:2105-1
- SUSE-SU-2016:2245-1
- SUSE-SU-2017:0333-1
- SUSE-SU-2017:0471-1
- SUSE-SU-2017:1247-1
- SUSE-SU-2017:1301-1
- SUSE-SU-2017:1360-1
- SUSE-SU-2017:2342-1
- SUSE-SU-2017:2525-1
- USN-2929-1
- USN-2929-2
- USN-2930-1
- USN-2930-2
- USN-2930-3
- USN-2931-1
- USN-2932-1
- USN-3001-1
- USN-3002-1
- USN-3003-1
- USN-3004-1
- USN-3005-1
- USN-3006-1
- USN-3007-1
- USN-3050-1
- USN-3051-1
- USN-3052-1
- USN-3053-1
- USN-3054-1
- USN-3055-1
- USN-3056-1
- USN-3057-1
- USN-3127-1
- USN-3127-2
- XSA-174
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |