1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-3445-2

[USN-3445-2] Linux kernel (Trusty HWE) vulnerabilities

Severity Medium
CVEs 2
Info Vulnerabilities

Several security issues were fixed in the Linux kernel.

USN-3445-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu
12.04 ESM.

Eyal Itkin discovered that the IP over IEEE 1394 (FireWire) implementation
in the Linux kernel contained a buffer overflow when handling fragmented
packets. A remote attacker could use this to possibly execute arbitrary
code with administrative privileges. (CVE-2016-8633)

Andrey Konovalov discovered that a divide-by-zero error existed in the TCP
stack implementation in the Linux kernel. A local attacker could use this
to cause a denial of service (system crash). (CVE-2017-14106)

ID
USN-3445-2
Severity
medium
Severity from
CVE-2016-8633
URL
https://ubuntu.com/security/notices/USN-3445-2
Published
2017-10-11T06:14:19
(7 years ago)
Modified
2017-10-11T06:14:19
(7 years ago)
Other Advisories
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date