[USN-3265-1] Linux kernel vulnerabilities
Several security issues were fixed in the kernel.
It was discovered that a use-after-free flaw existed in the filesystem
encryption subsystem in the Linux kernel. A local attacker could use this
to cause a denial of service (system crash). (CVE-2017-7374)
Andrey Konovalov discovered an out-of-bounds access in the IPv6 Generic
Routing Encapsulation (GRE) tunneling implementation in the Linux kernel.
An attacker could use this to possibly expose sensitive information.
(CVE-2017-5897)
Andrey Konovalov discovered that the IPv4 implementation in the Linux
kernel did not properly handle invalid IP options in some situations. An
attacker could use this to cause a denial of service or possibly execute
arbitrary code. (CVE-2017-5970)
Gareth Evans discovered that the shm IPC subsystem in the Linux kernel did
not properly restrict mapping page zero. A local privileged attacker could
use this to execute arbitrary code. (CVE-2017-5669)
Alexander Popov discovered that a race condition existed in the Stream
Control Transmission Protocol (SCTP) implementation in the Linux kernel. A
local attacker could use this to cause a denial of service (system crash).
(CVE-2017-5986)
Dmitry Vyukov discovered that the Linux kernel did not properly handle TCP
packets with the URG flag. A remote attacker could use this to cause a
denial of service. (CVE-2017-6214)
Andrey Konovalov discovered that the LLC subsytem in the Linux kernel did
not properly set up a destructor in certain situations. A local attacker
could use this to cause a denial of service (system crash). (CVE-2017-6345)
It was discovered that a race condition existed in the AF_PACKET handling
code in the Linux kernel. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2017-6346)
Andrey Konovalov discovered that the IP layer in the Linux kernel made
improper assumptions about internal data layout when performing checksums.
A local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2017-6347)
Dmitry Vyukov discovered race conditions in the Infrared (IrDA) subsystem
in the Linux kernel. A local attacker could use this to cause a denial of
service (deadlock). (CVE-2017-6348)
- ID
- USN-3265-1
- Severity
- high
- URL
- https://ubuntu.com/security/notices/USN-3265-1
- Published
-
2017-04-25T01:26:56
(7 years ago) - Modified
-
2017-04-25T01:26:56
(7 years ago) - Other Advisories
-
- ALAS-2017-805
- ALAS-2017-811
- ALAS-2017-814
- ASA-201702-17
- ASA-201702-18
- DSA-3791-1
- DSA-3804-1
- ELSA-2017-1308
- ELSA-2017-1372
- ELSA-2017-1615
- ELSA-2017-1842
- ELSA-2017-3533
- ELSA-2017-3534
- ELSA-2017-3535
- ELSA-2017-3539
- ELSA-2017-3566
- ELSA-2017-3567
- FEDORA-2017-0054c7b1f0
- FEDORA-2017-2e1f3694b2
- FEDORA-2017-387ff46a66
- FEDORA-2017-787bc0d5b4
- FEDORA-2017-92d84f68cf
- FEDORA-2017-ad67543fc5
- FEDORA-2017-d875ae8299
- FEDORA-2017-fb89ca752a
- RHSA-2017:1308
- RHSA-2017:1372
- RHSA-2017:1615
- RHSA-2017:1616
- RHSA-2017:1842
- RHSA-2017:2077
- SUSE-SU-2017:0517-1
- SUSE-SU-2017:0575-1
- SUSE-SU-2017:0759-1
- SUSE-SU-2017:0760-1
- SUSE-SU-2017:0762-1
- SUSE-SU-2017:0763-1
- SUSE-SU-2017:0764-1
- SUSE-SU-2017:0766-1
- SUSE-SU-2017:0767-1
- SUSE-SU-2017:0768-1
- SUSE-SU-2017:0769-1
- SUSE-SU-2017:0770-1
- SUSE-SU-2017:0771-1
- SUSE-SU-2017:0772-1
- SUSE-SU-2017:0773-1
- SUSE-SU-2017:0774-1
- SUSE-SU-2017:0775-1
- SUSE-SU-2017:0776-1
- SUSE-SU-2017:0777-1
- SUSE-SU-2017:0778-1
- SUSE-SU-2017:0779-1
- SUSE-SU-2017:0780-1
- SUSE-SU-2017:0781-1
- SUSE-SU-2017:0786-1
- SUSE-SU-2017:1183-1
- SUSE-SU-2017:1247-1
- SUSE-SU-2017:1281-1
- SUSE-SU-2017:1301-1
- SUSE-SU-2017:1360-1
- SUSE-SU-2017:1990-1
- SUSE-SU-2017:2342-1
- SUSE-SU-2017:2525-1
- USN-3264-1
- USN-3264-2
- USN-3265-2
- USN-3266-1
- USN-3266-2
- USN-3342-1
- USN-3342-2
- USN-3361-1
- USN-3422-1
- USN-3422-2
- USN-3583-1
- USN-3583-2
- USN-3754-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/linux-image-extra-4.4.0-75-generic?distro=xenial | ubuntu | linux-image-extra-4.4.0-75-generic | < 4.4.0-75.96 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-extra-4.4.0-1012-gke?distro=xenial | ubuntu | linux-image-extra-4.4.0-1012-gke | < 4.4.0-1012.12 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-75-powerpc64-smp?distro=xenial | ubuntu | linux-image-4.4.0-75-powerpc64-smp | < 4.4.0-75.96 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-75-powerpc64-emb?distro=xenial | ubuntu | linux-image-4.4.0-75-powerpc64-emb | < 4.4.0-75.96 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-75-powerpc-smp?distro=xenial | ubuntu | linux-image-4.4.0-75-powerpc-smp | < 4.4.0-75.96 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-75-powerpc-e500mc?distro=xenial | ubuntu | linux-image-4.4.0-75-powerpc-e500mc | < 4.4.0-75.96 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-75-lowlatency?distro=xenial | ubuntu | linux-image-4.4.0-75-lowlatency | < 4.4.0-75.96 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-75-generic?distro=xenial | ubuntu | linux-image-4.4.0-75-generic | < 4.4.0-75.96 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-75-generic-lpae?distro=xenial | ubuntu | linux-image-4.4.0-75-generic-lpae | < 4.4.0-75.96 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-1057-snapdragon?distro=xenial | ubuntu | linux-image-4.4.0-1057-snapdragon | < 4.4.0-1057.61 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-1054-raspi2?distro=xenial | ubuntu | linux-image-4.4.0-1054-raspi2 | < 4.4.0-1054.61 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-1016-aws?distro=xenial | ubuntu | linux-image-4.4.0-1016-aws | < 4.4.0-1016.25 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-1012-gke?distro=xenial | ubuntu | linux-image-4.4.0-1012-gke | < 4.4.0-1012.12 | xenial |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |