[USN-3161-1] Linux kernel vulnerabilities
Several security issues were fixed in the kernel.
Tilman Schmidt and Sasha Levin discovered a use-after-free condition in the
TTY implementation in the Linux kernel. A local attacker could use this to
expose sensitive information (kernel memory). (CVE-2015-8964)
It was discovered that the Video For Linux Two (v4l2) implementation in the
Linux kernel did not properly handle multiple planes when processing a
VIDIOC_DQBUF ioctl(). A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2016-4568)
CAI Qian discovered that shared bind mounts in a mount namespace
exponentially added entries without restriction to the Linux kernel's mount
table. A local attacker could use this to cause a denial of service (system
crash). (CVE-2016-6213)
It was discovered that the KVM implementation for x86/x86_64 in the Linux
kernel could dereference a null pointer. An attacker in a guest virtual
machine could use this to cause a denial of service (system crash) in the
KVM host. (CVE-2016-8630)
Eyal Itkin discovered that the IP over IEEE 1394 (FireWire) implementation
in the Linux kernel contained a buffer overflow when handling fragmented
packets. A remote attacker could use this to possibly execute arbitrary
code with administrative privileges. (CVE-2016-8633)
Marco Grassi discovered that the TCP implementation in the Linux kernel
mishandles socket buffer (skb) truncation. A local attacker could use this
to cause a denial of service (system crash). (CVE-2016-8645)
Andrey Konovalov discovered that the SCTP implementation in the Linux
kernel improperly handled validation of incoming data. A remote attacker
could use this to cause a denial of service (system crash). (CVE-2016-9555)
| Package | Affected Version |
|---|---|
 pkg:deb/ubuntu/linux-image-extra-4.4.0-57-generic?distro=xenial
|
< 4.4.0-57.78 |
|
pkg:deb/ubuntu/linux-image-4.4.0-57-powerpc64-smp?distro=xenial
|
< 4.4.0-57.78 |
|
pkg:deb/ubuntu/linux-image-4.4.0-57-powerpc64-emb?distro=xenial
|
< 4.4.0-57.78 |
|
pkg:deb/ubuntu/linux-image-4.4.0-57-powerpc-smp?distro=xenial
|
< 4.4.0-57.78 |
|
pkg:deb/ubuntu/linux-image-4.4.0-57-powerpc-e500mc?distro=xenial
|
< 4.4.0-57.78 |
|
pkg:deb/ubuntu/linux-image-4.4.0-57-lowlatency?distro=xenial
|
< 4.4.0-57.78 |
|
pkg:deb/ubuntu/linux-image-4.4.0-57-generic?distro=xenial
|
< 4.4.0-57.78 |
|
pkg:deb/ubuntu/linux-image-4.4.0-57-generic-lpae?distro=xenial
|
< 4.4.0-57.78 |
- ID
- USN-3161-1
- Severity
- medium
- URL
- https://ubuntu.com/security/notices/USN-3161-1
- Published
-
2016-12-20T21:03:28
(7 years ago) - Modified
-
2016-12-20T21:03:28
(7 years ago) - Other Advisories
-
-
ALAS-2016-772
-
ELSA-2016-3648
-
ELSA-2016-3651
-
ELSA-2016-3652
-
ELSA-2017-0086
-
ELSA-2017-0307
-
ELSA-2017-0386
-
ELSA-2017-1842
-
ELSA-2017-3514
-
ELSA-2017-3533
-
ELSA-2017-3534
-
ELSA-2017-3535
-
ELSA-2017-3605
-
ELSA-2018-1062
-
FEDORA-2016-14c4187e3a
-
FEDORA-2016-29cde72f15
-
FEDORA-2016-3548475bca
-
FEDORA-2016-876deae183
-
FEDORA-2016-ee3a114958
-
RHSA-2017:0086
-
RHSA-2017:0091
-
RHSA-2017:0307
-
RHSA-2017:0386
-
RHSA-2017:0387
-
RHSA-2017:1842
-
RHSA-2017:2077
-
RHSA-2018:0676
-
RHSA-2018:1062
-
SUSE-SU-2016:3039-1
-
SUSE-SU-2016:3049-1
-
SUSE-SU-2016:3063-1
-
SUSE-SU-2016:3093-1
-
SUSE-SU-2016:3094-1
-
SUSE-SU-2016:3096-1
-
SUSE-SU-2016:3098-1
-
SUSE-SU-2016:3100-1
-
SUSE-SU-2016:3104-1
-
SUSE-SU-2016:3109-1
-
SUSE-SU-2016:3111-1
-
SUSE-SU-2016:3112-1
-
SUSE-SU-2016:3113-1
-
SUSE-SU-2016:3116-1
-
SUSE-SU-2016:3117-1
-
SUSE-SU-2016:3119-1
-
SUSE-SU-2016:3169-1
-
SUSE-SU-2016:3183-1
-
SUSE-SU-2016:3197-1
-
SUSE-SU-2016:3205-1
-
SUSE-SU-2016:3206-1
-
SUSE-SU-2016:3247-1
-
SUSE-SU-2016:3249-1
-
SUSE-SU-2017:0181-1
-
SUSE-SU-2017:0333-1
-
SUSE-SU-2017:0407-1
-
SUSE-SU-2017:0437-1
-
SUSE-SU-2017:0464-1
-
SUSE-SU-2017:0471-1
-
SUSE-SU-2017:0494-1
-
SUSE-SU-2017:1102-1
-
USN-3160-1
-
USN-3160-2
-
USN-3161-2
-
USN-3161-3
-
USN-3161-4
-
USN-3162-1
-
USN-3162-2
-
USN-3187-1
-
USN-3187-2
-
USN-3188-1
-
USN-3188-2
-
USN-3290-1
-
USN-3360-1
-
USN-3360-2
-
USN-3445-1
-
USN-3445-2
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:deb/ubuntu/linux-image-extra-4.4.0-57-generic?distro=xenial | ubuntu |
linux-image-extra-4.4.0-57-generic
|
< 4.4.0-57.78 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-4.4.0-57-powerpc64-smp?distro=xenial | ubuntu |
linux-image-4.4.0-57-powerpc64-smp
|
< 4.4.0-57.78 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-4.4.0-57-powerpc64-emb?distro=xenial | ubuntu |
linux-image-4.4.0-57-powerpc64-emb
|
< 4.4.0-57.78 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-4.4.0-57-powerpc-smp?distro=xenial | ubuntu |
linux-image-4.4.0-57-powerpc-smp
|
< 4.4.0-57.78 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-4.4.0-57-powerpc-e500mc?distro=xenial | ubuntu |
linux-image-4.4.0-57-powerpc-e500mc
|
< 4.4.0-57.78 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-4.4.0-57-lowlatency?distro=xenial | ubuntu |
linux-image-4.4.0-57-lowlatency
|
< 4.4.0-57.78 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-4.4.0-57-generic?distro=xenial | ubuntu |
linux-image-4.4.0-57-generic
|
< 4.4.0-57.78 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-4.4.0-57-generic-lpae?distro=xenial | ubuntu |
linux-image-4.4.0-57-generic-lpae
|
< 4.4.0-57.78 | xenial |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |