[USN-3251-2] Linux kernel (HWE) vulnerability
Severity
High
Affected Packages
4
CVEs
1
The system could be made to crash or run programs as an administrator.
USN-3251-1 fixed a vulnerability in the Linux kernel for Ubuntu 16.10.
This update provides the corresponding updates for the Linux Hardware
Enablement (HWE) kernel from Ubuntu 16.10 for Ubuntu 16.04 LTS.
It was discovered that the xfrm framework for transforming packets in the
Linux kernel did not properly validate data received from user space. A
local attacker could use this to cause a denial of service (system crash)
or execute arbitrary code with administrative privileges.
Package | Affected Version |
---|---|
pkg:deb/ubuntu/linux-image-extra-4.8.0-45-generic?distro=xenial | < 4.8.0-45.48~16.04.1 |
pkg:deb/ubuntu/linux-image-4.8.0-45-lowlatency?distro=xenial | < 4.8.0-45.48~16.04.1 |
pkg:deb/ubuntu/linux-image-4.8.0-45-generic?distro=xenial | < 4.8.0-45.48~16.04.1 |
pkg:deb/ubuntu/linux-image-4.8.0-45-generic-lpae?distro=xenial | < 4.8.0-45.48~16.04.1 |
- ID
- USN-3251-2
- Severity
- high
- URL
- https://ubuntu.com/security/notices/USN-3251-2
- Published
-
2017-03-30T00:15:03
(7 years ago) - Modified
-
2017-03-30T00:15:03
(7 years ago) - Other Advisories
-
- ALAS-2017-811
- ELSA-2017-2930
- ELSA-2017-3539
- ELSA-2017-3566
- ELSA-2017-3567
- FEDORA-2017-02174df32f
- FEDORA-2017-93dec9eba5
- RHSA-2017:2930
- RHSA-2017:2931
- SUSE-SU-2017:0864-1
- SUSE-SU-2017:0865-1
- SUSE-SU-2017:0866-1
- SUSE-SU-2017:0867-1
- SUSE-SU-2017:0868-1
- SUSE-SU-2017:0869-1
- SUSE-SU-2017:0870-1
- SUSE-SU-2017:0871-1
- SUSE-SU-2017:0872-1
- SUSE-SU-2017:0873-1
- SUSE-SU-2017:0874-1
- SUSE-SU-2017:0875-1
- SUSE-SU-2017:0876-1
- SUSE-SU-2017:0877-1
- SUSE-SU-2017:0878-1
- SUSE-SU-2017:0879-1
- SUSE-SU-2017:0880-1
- SUSE-SU-2017:0881-1
- SUSE-SU-2017:0882-1
- SUSE-SU-2017:0883-1
- SUSE-SU-2017:0884-1
- SUSE-SU-2017:0885-1
- SUSE-SU-2017:0886-1
- SUSE-SU-2017:0887-1
- SUSE-SU-2017:0888-1
- SUSE-SU-2017:0889-1
- SUSE-SU-2017:1301-1
- SUSE-SU-2017:1990-1
- SUSE-SU-2017:2342-1
- SUSE-SU-2017:2525-1
- USN-3248-1
- USN-3249-1
- USN-3249-2
- USN-3250-1
- USN-3250-2
- USN-3251-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/linux-image-extra-4.8.0-45-generic?distro=xenial | ubuntu | linux-image-extra-4.8.0-45-generic | < 4.8.0-45.48~16.04.1 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.8.0-45-lowlatency?distro=xenial | ubuntu | linux-image-4.8.0-45-lowlatency | < 4.8.0-45.48~16.04.1 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.8.0-45-generic?distro=xenial | ubuntu | linux-image-4.8.0-45-generic | < 4.8.0-45.48~16.04.1 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.8.0-45-generic-lpae?distro=xenial | ubuntu | linux-image-4.8.0-45-generic-lpae | < 4.8.0-45.48~16.04.1 | xenial |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |