[USN-3072-2] Linux kernel (OMAP4) vulnerabilities

Severity High

CVEs 3

Several security issues were fixed in the kernel.

Kangjie Lu discovered an information leak in the Reliable Datagram Sockets
(RDS) implementation in the Linux kernel. A local attacker could use this
to obtain potentially sensitive information from kernel memory.
(CVE-2016-5244)

Yue Cao et al discovered a flaw in the TCP implementation's handling of
challenge acks in the Linux kernel. A remote attacker could use this to
cause a denial of service (reset connection) or inject content into an TCP
stream. (CVE-2016-5696)

It was discovered that a heap based buffer overflow existed in the USB HID
driver in the Linux kernel. A local attacker could use this cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2016-5829)

ID

USN-3072-2

Severity

high

Severity from

CVE-2016-5829

URL

https://ubuntu.com/security/notices/USN-3072-2

Published