[USN-3146-1] Linux kernel vulnerabilities
Several security issues were fixed in the kernel.
It was discovered that the __get_user_asm_ex implementation in the Linux
kernel for x86/x86_64 contained extended asm statements that were
incompatible with the exception table. A local attacker could use this to
gain administrative privileges. (CVE-2016-9644)
Andreas Gruenbacher and Jan Kara discovered that the filesystem
implementation in the Linux kernel did not clear the setgid bit during a
setxattr call. A local attacker could use this to possibly elevate group
privileges. (CVE-2016-7097)
Marco Grassi discovered that the driver for Areca RAID Controllers in the
Linux kernel did not properly validate control messages. A local attacker
could use this to cause a denial of service (system crash) or possibly gain
privileges. (CVE-2016-7425)
Daxing Guo discovered a stack-based buffer overflow in the Broadcom
IEEE802.11n FullMAC driver in the Linux kernel. A local attacker could use
this to cause a denial of service (system crash) or possibly gain
privileges. (CVE-2016-8658)
Package | Affected Version |
---|---|
pkg:deb/ubuntu/linux-image-extra-4.4.0-51-generic?distro=xenial | < 4.4.0-51.72 |
pkg:deb/ubuntu/linux-image-4.4.0-51-powerpc64-smp?distro=xenial | < 4.4.0-51.72 |
pkg:deb/ubuntu/linux-image-4.4.0-51-powerpc64-emb?distro=xenial | < 4.4.0-51.72 |
pkg:deb/ubuntu/linux-image-4.4.0-51-powerpc-smp?distro=xenial | < 4.4.0-51.72 |
pkg:deb/ubuntu/linux-image-4.4.0-51-powerpc-e500mc?distro=xenial | < 4.4.0-51.72 |
pkg:deb/ubuntu/linux-image-4.4.0-51-lowlatency?distro=xenial | < 4.4.0-51.72 |
pkg:deb/ubuntu/linux-image-4.4.0-51-generic?distro=xenial | < 4.4.0-51.72 |
pkg:deb/ubuntu/linux-image-4.4.0-51-generic-lpae?distro=xenial | < 4.4.0-51.72 |
- ID
- USN-3146-1
- Severity
- medium
- URL
- https://ubuntu.com/security/notices/USN-3146-1
- Published
-
2016-11-30T20:16:59
(7 years ago) - Modified
-
2016-11-30T20:16:59
(7 years ago) - Other Advisories
-
- ALAS-2017-805
- DSA-3696-1
- ELSA-2017-0817
- ELSA-2017-1842
- ELSA-2017-3533
- ELSA-2017-3534
- ELSA-2017-3535
- ELSA-2017-3596
- FEDORA-2016-f3d1f79398
- FEDORA-2017-6cc158c193
- FEDORA-2017-81fbd592d4
- RHSA-2017:0817
- RHSA-2017:1842
- RHSA-2017:2077
- SUSE-SU-2016:2912-1
- SUSE-SU-2016:2976-1
- SUSE-SU-2016:3069-1
- SUSE-SU-2016:3304-1
- SUSE-SU-2017:0181-1
- SUSE-SU-2017:0333-1
- SUSE-SU-2017:0471-1
- SUSE-SU-2017:0494-1
- SUSE-SU-2017:1102-1
- USN-3144-1
- USN-3144-2
- USN-3145-1
- USN-3145-2
- USN-3146-2
- USN-3147-1
- USN-3161-3
- USN-3161-4
- USN-3162-2
- USN-3422-1
- USN-3422-2
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/linux-image-extra-4.4.0-51-generic?distro=xenial | ubuntu | linux-image-extra-4.4.0-51-generic | < 4.4.0-51.72 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-51-powerpc64-smp?distro=xenial | ubuntu | linux-image-4.4.0-51-powerpc64-smp | < 4.4.0-51.72 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-51-powerpc64-emb?distro=xenial | ubuntu | linux-image-4.4.0-51-powerpc64-emb | < 4.4.0-51.72 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-51-powerpc-smp?distro=xenial | ubuntu | linux-image-4.4.0-51-powerpc-smp | < 4.4.0-51.72 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-51-powerpc-e500mc?distro=xenial | ubuntu | linux-image-4.4.0-51-powerpc-e500mc | < 4.4.0-51.72 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-51-lowlatency?distro=xenial | ubuntu | linux-image-4.4.0-51-lowlatency | < 4.4.0-51.72 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-51-generic?distro=xenial | ubuntu | linux-image-4.4.0-51-generic | < 4.4.0-51.72 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-51-generic-lpae?distro=xenial | ubuntu | linux-image-4.4.0-51-generic-lpae | < 4.4.0-51.72 | xenial |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |