[USN-3106-2] Linux kernel (Xenial HWE) vulnerability
Severity
High
Affected Packages
8
CVEs
1
The system could be made to run programs as an administrator.
USN-3106-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu
14.04 LTS.
It was discovered that a race condition existed in the memory manager of
the Linux kernel when handling copy-on-write breakage of private read-only
memory mappings. A local attacker could use this to gain administrative
privileges.
Package | Affected Version |
---|---|
pkg:deb/ubuntu/linux-image-extra-4.4.0-45-generic?distro=trusty | < 4.4.0-45.66~14.04.1 |
pkg:deb/ubuntu/linux-image-4.4.0-45-powerpc64-smp?distro=trusty | < 4.4.0-45.66~14.04.1 |
pkg:deb/ubuntu/linux-image-4.4.0-45-powerpc64-emb?distro=trusty | < 4.4.0-45.66~14.04.1 |
pkg:deb/ubuntu/linux-image-4.4.0-45-powerpc-smp?distro=trusty | < 4.4.0-45.66~14.04.1 |
pkg:deb/ubuntu/linux-image-4.4.0-45-powerpc-e500mc?distro=trusty | < 4.4.0-45.66~14.04.1 |
pkg:deb/ubuntu/linux-image-4.4.0-45-lowlatency?distro=trusty | < 4.4.0-45.66~14.04.1 |
pkg:deb/ubuntu/linux-image-4.4.0-45-generic?distro=trusty | < 4.4.0-45.66~14.04.1 |
pkg:deb/ubuntu/linux-image-4.4.0-45-generic-lpae?distro=trusty | < 4.4.0-45.66~14.04.1 |
- ID
- USN-3106-2
- Severity
- high
- URL
- https://ubuntu.com/security/notices/USN-3106-2
- Published
-
2016-10-20T02:55:19
(8 years ago) - Modified
-
2016-10-20T02:55:19
(8 years ago) - Other Advisories
-
- ALAS-2016-757
- ASA-201610-11
- ASA-201610-14
- CISA-2022:0303
- CISCO-SA-20161026-LINUX
- DSA-3696-1
- ELSA-2016-2098
- ELSA-2016-2105
- ELSA-2016-2124
- ELSA-2016-3632
- ELSA-2016-3633
- ELSA-2016-3634
- FEDORA-2016-c3558808cd
- FEDORA-2016-c8a0c7eece
- FEDORA-2016-db4b75b352
- openSUSE-SU-2020:0554-1
- RHSA-2016:2098
- RHSA-2016:2105
- RHSA-2016:2110
- RHSA-2017:0372
- SSA:2016-305-01
- SUSE-SU-2016:2585-1
- SUSE-SU-2016:2592-1
- SUSE-SU-2016:2593-1
- SUSE-SU-2016:2596-1
- SUSE-SU-2016:2614-1
- SUSE-SU-2016:2629-1
- SUSE-SU-2016:2630-1
- SUSE-SU-2016:2631-1
- SUSE-SU-2016:2632-1
- SUSE-SU-2016:2633-1
- SUSE-SU-2016:2634-1
- SUSE-SU-2016:2635-1
- SUSE-SU-2016:2636-1
- SUSE-SU-2016:2637-1
- SUSE-SU-2016:2638-1
- SUSE-SU-2016:2655-1
- SUSE-SU-2016:2657-1
- SUSE-SU-2016:2658-1
- SUSE-SU-2016:2659-1
- SUSE-SU-2016:2673-1
- SUSE-SU-2016:3069-1
- SUSE-SU-2016:3304-1
- USN-3104-1
- USN-3104-2
- USN-3105-1
- USN-3105-2
- USN-3106-1
- USN-3106-3
- USN-3106-4
- USN-3107-1
- USN-3107-2
- VU:243144
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/linux-image-extra-4.4.0-45-generic?distro=trusty | ubuntu | linux-image-extra-4.4.0-45-generic | < 4.4.0-45.66~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-45-powerpc64-smp?distro=trusty | ubuntu | linux-image-4.4.0-45-powerpc64-smp | < 4.4.0-45.66~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-45-powerpc64-emb?distro=trusty | ubuntu | linux-image-4.4.0-45-powerpc64-emb | < 4.4.0-45.66~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-45-powerpc-smp?distro=trusty | ubuntu | linux-image-4.4.0-45-powerpc-smp | < 4.4.0-45.66~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-45-powerpc-e500mc?distro=trusty | ubuntu | linux-image-4.4.0-45-powerpc-e500mc | < 4.4.0-45.66~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-45-lowlatency?distro=trusty | ubuntu | linux-image-4.4.0-45-lowlatency | < 4.4.0-45.66~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-45-generic?distro=trusty | ubuntu | linux-image-4.4.0-45-generic | < 4.4.0-45.66~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-45-generic-lpae?distro=trusty | ubuntu | linux-image-4.4.0-45-generic-lpae | < 4.4.0-45.66~14.04.1 | trusty |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |