[USN-3422-1] Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel.
It was discovered that a buffer overflow existed in the Bluetooth stack of
the Linux kernel when handling L2CAP configuration responses. A physically
proximate attacker could use this to cause a denial of service (system
crash). (CVE-2017-1000251)
It was discovered that the asynchronous I/O (aio) subsystem of the Linux
kernel did not properly set permissions on aio memory mappings in some
situations. An attacker could use this to more easily exploit other
vulnerabilities. (CVE-2016-10044)
Baozeng Ding and Andrey Konovalov discovered a race condition in the L2TPv3
IP Encapsulation implementation in the Linux kernel. A local attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2016-10200)
Andreas Gruenbacher and Jan Kara discovered that the filesystem
implementation in the Linux kernel did not clear the setgid bit during a
setxattr call. A local attacker could use this to possibly elevate group
privileges. (CVE-2016-7097)
Sergej Schumilo, Ralf Spenneberg, and Hendrik Schwartke discovered that the
key management subsystem in the Linux kernel did not properly allocate
memory in some situations. A local attacker could use this to cause a
denial of service (system crash). (CVE-2016-8650)
Vlad Tsyrklevich discovered an integer overflow vulnerability in the VFIO
PCI driver for the Linux kernel. A local attacker with access to a vfio PCI
device file could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2016-9083, CVE-2016-9084)
It was discovered that an information leak existed in __get_user_asm_ex()
in the Linux kernel. A local attacker could use this to expose sensitive
information. (CVE-2016-9178)
CAI Qian discovered that the sysctl implementation in the Linux kernel did
not properly perform reference counting in some situations. An unprivileged
attacker could use this to cause a denial of service (system hang).
(CVE-2016-9191)
It was discovered that the keyring implementation in the Linux kernel in
some situations did not prevent special internal keyrings from being joined
by userspace keyrings. A privileged local attacker could use this to bypass
module verification. (CVE-2016-9604)
It was discovered that an integer overflow existed in the trace subsystem
of the Linux kernel. A local privileged attacker could use this to cause a
denial of service (system crash). (CVE-2016-9754)
Andrey Konovalov discovered that the IPv4 implementation in the Linux
kernel did not properly handle invalid IP options in some situations. An
attacker could use this to cause a denial of service or possibly execute
arbitrary code. (CVE-2017-5970)
Dmitry Vyukov discovered that the Linux kernel did not properly handle TCP
packets with the URG flag. A remote attacker could use this to cause a
denial of service. (CVE-2017-6214)
It was discovered that a race condition existed in the AF_PACKET handling
code in the Linux kernel. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2017-6346)
It was discovered that the keyring implementation in the Linux kernel did
not properly restrict searches for dead keys. A local attacker could use
this to cause a denial of service (system crash). (CVE-2017-6951)
Dmitry Vyukov discovered that the generic SCSI (sg) subsystem in the Linux
kernel contained a stack-based buffer overflow. A local attacker with
access to an sg device could use this to cause a denial of service (system
crash) or possibly execute arbitrary code. (CVE-2017-7187)
Eric Biggers discovered a memory leak in the keyring implementation in the
Linux kernel. A local attacker could use this to cause a denial of service
(memory consumption). (CVE-2017-7472)
It was discovered that a buffer overflow existed in the Broadcom FullMAC
WLAN driver in the Linux kernel. A local attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2017-7541)
Package | Affected Version |
---|---|
pkg:deb/ubuntu/linux-image-extra-3.13.0-132-generic?distro=trusty | < 3.13.0-132.181 |
pkg:deb/ubuntu/linux-image-3.13.0-132-powerpc64-smp?distro=trusty | < 3.13.0-132.181 |
pkg:deb/ubuntu/linux-image-3.13.0-132-powerpc64-emb?distro=trusty | < 3.13.0-132.181 |
pkg:deb/ubuntu/linux-image-3.13.0-132-powerpc-smp?distro=trusty | < 3.13.0-132.181 |
pkg:deb/ubuntu/linux-image-3.13.0-132-powerpc-e500mc?distro=trusty | < 3.13.0-132.181 |
pkg:deb/ubuntu/linux-image-3.13.0-132-powerpc-e500?distro=trusty | < 3.13.0-132.181 |
pkg:deb/ubuntu/linux-image-3.13.0-132-lowlatency?distro=trusty | < 3.13.0-132.181 |
pkg:deb/ubuntu/linux-image-3.13.0-132-generic?distro=trusty | < 3.13.0-132.181 |
pkg:deb/ubuntu/linux-image-3.13.0-132-generic-lpae?distro=trusty | < 3.13.0-132.181 |
- ID
- USN-3422-1
- Severity
- high
- URL
- https://ubuntu.com/security/notices/USN-3422-1
- Published
-
2017-09-18T20:29:06
(7 years ago) - Modified
-
2017-09-18T20:29:06
(7 years ago) - Other Advisories
-
- ALAS-2016-772
- ALAS-2017-782
- ALAS-2017-805
- ALAS-2017-828
- ALAS-2017-914
- ASA-201709-12
- ASA-201709-4
- ASA-201709-8
- ASA-201709-9
- DSA-3791-1
- DSA-3804-1
- DSA-3927-1
- DSA-3945-1
- DSA-3981-1
- ELSA-2016-3648
- ELSA-2016-3651
- ELSA-2017-0386
- ELSA-2017-0817
- ELSA-2017-0933
- ELSA-2017-1372
- ELSA-2017-1615
- ELSA-2017-1842
- ELSA-2017-2679
- ELSA-2017-2681
- ELSA-2017-2863
- ELSA-2017-2930
- ELSA-2017-3514
- ELSA-2017-3533
- ELSA-2017-3534
- ELSA-2017-3535
- ELSA-2017-3539
- ELSA-2017-3566
- ELSA-2017-3567
- ELSA-2017-3596
- ELSA-2017-3605
- ELSA-2017-3606
- ELSA-2017-3607
- ELSA-2017-3620
- ELSA-2017-3621
- ELSA-2017-3622
- ELSA-2017-3629
- ELSA-2017-3636
- ELSA-2017-3637
- ELSA-2017-3640
- ELSA-2018-0151
- ELSA-2018-1854
- ELSA-2018-4041
- ELSA-2022-9852
- FEDORA-2016-6afdd2b61d
- FEDORA-2016-96d276367e
- FEDORA-2016-a820774fc2
- FEDORA-2016-b18410c59c
- FEDORA-2016-ee3a114958
- FEDORA-2017-0054c7b1f0
- FEDORA-2017-0aa0f69e0c
- FEDORA-2017-17d1c05236
- FEDORA-2017-39b5facda0
- FEDORA-2017-3a9ec92dd6
- FEDORA-2017-502cf68d68
- FEDORA-2017-544eef948f
- FEDORA-2017-6cc158c193
- FEDORA-2017-7369ea045c
- FEDORA-2017-787bc0d5b4
- FEDORA-2017-81fbd592d4
- FEDORA-2017-e07d7fb18e
- FEDORA-2018-4ca01704a2
- FEDORA-2018-6367a17aa3
- FEDORA-2018-884a105c04
- RHSA-2017:0386
- RHSA-2017:0387
- RHSA-2017:0817
- RHSA-2017:0931
- RHSA-2017:0933
- RHSA-2017:1372
- RHSA-2017:1615
- RHSA-2017:1616
- RHSA-2017:1842
- RHSA-2017:2077
- RHSA-2017:2679
- RHSA-2017:2681
- RHSA-2017:2704
- RHSA-2017:2863
- RHSA-2017:2930
- RHSA-2017:2931
- RHSA-2018:0151
- RHSA-2018:0152
- RHSA-2018:1854
- SSA:2017-258-02
- SUSE-SU-2016:2912-1
- SUSE-SU-2016:2976-1
- SUSE-SU-2016:3304-1
- SUSE-SU-2017:0181-1
- SUSE-SU-2017:0333-1
- SUSE-SU-2017:0407-1
- SUSE-SU-2017:0464-1
- SUSE-SU-2017:0471-1
- SUSE-SU-2017:0494-1
- SUSE-SU-2017:0517-1
- SUSE-SU-2017:0575-1
- SUSE-SU-2017:0759-1
- SUSE-SU-2017:0760-1
- SUSE-SU-2017:0762-1
- SUSE-SU-2017:0763-1
- SUSE-SU-2017:0764-1
- SUSE-SU-2017:0766-1
- SUSE-SU-2017:0767-1
- SUSE-SU-2017:0768-1
- SUSE-SU-2017:0769-1
- SUSE-SU-2017:0770-1
- SUSE-SU-2017:0771-1
- SUSE-SU-2017:0772-1
- SUSE-SU-2017:0773-1
- SUSE-SU-2017:0774-1
- SUSE-SU-2017:0775-1
- SUSE-SU-2017:0776-1
- SUSE-SU-2017:0777-1
- SUSE-SU-2017:0778-1
- SUSE-SU-2017:0779-1
- SUSE-SU-2017:0780-1
- SUSE-SU-2017:0781-1
- SUSE-SU-2017:0786-1
- SUSE-SU-2017:1102-1
- SUSE-SU-2017:1183-1
- SUSE-SU-2017:1247-1
- SUSE-SU-2017:1281-1
- SUSE-SU-2017:1301-1
- SUSE-SU-2017:1360-1
- SUSE-SU-2017:1990-1
- SUSE-SU-2017:2286-1
- SUSE-SU-2017:2342-1
- SUSE-SU-2017:2389-1
- SUSE-SU-2017:2459-1
- SUSE-SU-2017:2521-1
- SUSE-SU-2017:2523-1
- SUSE-SU-2017:2525-1
- SUSE-SU-2017:2534-1
- SUSE-SU-2017:2548-1
- SUSE-SU-2017:2694-1
- SUSE-SU-2017:2769-1
- SUSE-SU-2017:2770-1
- SUSE-SU-2017:2771-1
- SUSE-SU-2017:2772-1
- SUSE-SU-2017:2773-1
- SUSE-SU-2017:2774-1
- SUSE-SU-2017:2776-1
- SUSE-SU-2017:2777-1
- SUSE-SU-2017:2778-1
- SUSE-SU-2017:2779-1
- SUSE-SU-2017:2780-1
- SUSE-SU-2017:2781-1
- SUSE-SU-2017:2782-1
- SUSE-SU-2017:2783-1
- SUSE-SU-2017:2784-1
- SUSE-SU-2017:2785-1
- SUSE-SU-2017:2786-1
- SUSE-SU-2017:2787-1
- SUSE-SU-2017:2788-1
- SUSE-SU-2017:2790-1
- SUSE-SU-2017:2792-1
- SUSE-SU-2017:2793-1
- SUSE-SU-2017:2794-1
- SUSE-SU-2017:2796-1
- SUSE-SU-2017:2797-1
- SUSE-SU-2017:2798-1
- SUSE-SU-2017:2799-1
- SUSE-SU-2017:2800-1
- SUSE-SU-2017:2801-1
- SUSE-SU-2017:2802-1
- SUSE-SU-2017:2803-1
- SUSE-SU-2017:2804-1
- SUSE-SU-2017:2805-1
- SUSE-SU-2017:2806-1
- SUSE-SU-2017:2807-1
- SUSE-SU-2017:2809-1
- SUSE-SU-2017:2811-1
- SUSE-SU-2017:2816-1
- SUSE-SU-2017:2869-1
- SUSE-SU-2017:2908-1
- SUSE-SU-2017:2920-1
- SUSE-SU-2017:2956-1
- SUSE-SU-2018:0011-1
- SUSE-SU-2018:0040-1
- SUSE-SU-2018:0180-1
- SUSE-SU-2019:1289-1
- USN-3146-1
- USN-3146-2
- USN-3147-1
- USN-3161-3
- USN-3161-4
- USN-3162-2
- USN-3208-1
- USN-3208-2
- USN-3265-1
- USN-3265-2
- USN-3291-1
- USN-3291-2
- USN-3291-3
- USN-3293-1
- USN-3312-1
- USN-3312-2
- USN-3314-1
- USN-3361-1
- USN-3405-1
- USN-3405-2
- USN-3419-1
- USN-3419-2
- USN-3420-1
- USN-3420-2
- USN-3422-2
- USN-3423-1
- VU:240311
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/linux-image-extra-3.13.0-132-generic?distro=trusty | ubuntu | linux-image-extra-3.13.0-132-generic | < 3.13.0-132.181 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.13.0-132-powerpc64-smp?distro=trusty | ubuntu | linux-image-3.13.0-132-powerpc64-smp | < 3.13.0-132.181 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.13.0-132-powerpc64-emb?distro=trusty | ubuntu | linux-image-3.13.0-132-powerpc64-emb | < 3.13.0-132.181 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.13.0-132-powerpc-smp?distro=trusty | ubuntu | linux-image-3.13.0-132-powerpc-smp | < 3.13.0-132.181 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.13.0-132-powerpc-e500mc?distro=trusty | ubuntu | linux-image-3.13.0-132-powerpc-e500mc | < 3.13.0-132.181 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.13.0-132-powerpc-e500?distro=trusty | ubuntu | linux-image-3.13.0-132-powerpc-e500 | < 3.13.0-132.181 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.13.0-132-lowlatency?distro=trusty | ubuntu | linux-image-3.13.0-132-lowlatency | < 3.13.0-132.181 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.13.0-132-generic?distro=trusty | ubuntu | linux-image-3.13.0-132-generic | < 3.13.0-132.181 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.13.0-132-generic-lpae?distro=trusty | ubuntu | linux-image-3.13.0-132-generic-lpae | < 3.13.0-132.181 | trusty |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |