[USN-3470-1] Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel.
Qian Zhang discovered a heap-based buffer overflow in the tipc_msg_build()
function in the Linux kernel. A local attacker could use to cause a denial
of service (system crash) or possibly execute arbitrary code with
administrative privileges. (CVE-2016-8632)
Dmitry Vyukov discovered that a race condition existed in the timerfd
subsystem of the Linux kernel when handling might_cancel queuing. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2017-10661)
It was discovered that the Flash-Friendly File System (f2fs) implementation
in the Linux kernel did not properly validate superblock metadata. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2017-10662, CVE-2017-10663)
Anthony Perard discovered that the Xen virtual block driver did not
properly initialize some data structures before passing them to user space.
A local attacker in a guest VM could use this to expose sensitive
information from the host OS or other guest VMs. (CVE-2017-10911)
It was discovered that a use-after-free vulnerability existed in the POSIX
message queue implementation in the Linux kernel. A local attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2017-11176)
Dave Chinner discovered that the XFS filesystem did not enforce that the
realtime inode flag was settable only on filesystems on a realtime device.
A local attacker could use this to cause a denial of service (system
crash). (CVE-2017-14340)
Package | Affected Version |
---|---|
pkg:deb/ubuntu/linux-image-extra-3.13.0-135-generic?distro=trusty | < 3.13.0-135.184 |
pkg:deb/ubuntu/linux-image-3.13.0-135-powerpc64-smp?distro=trusty | < 3.13.0-135.184 |
pkg:deb/ubuntu/linux-image-3.13.0-135-powerpc64-emb?distro=trusty | < 3.13.0-135.184 |
pkg:deb/ubuntu/linux-image-3.13.0-135-powerpc-smp?distro=trusty | < 3.13.0-135.184 |
pkg:deb/ubuntu/linux-image-3.13.0-135-powerpc-e500mc?distro=trusty | < 3.13.0-135.184 |
pkg:deb/ubuntu/linux-image-3.13.0-135-powerpc-e500?distro=trusty | < 3.13.0-135.184 |
pkg:deb/ubuntu/linux-image-3.13.0-135-lowlatency?distro=trusty | < 3.13.0-135.184 |
pkg:deb/ubuntu/linux-image-3.13.0-135-generic?distro=trusty | < 3.13.0-135.184 |
pkg:deb/ubuntu/linux-image-3.13.0-135-generic-lpae?distro=trusty | < 3.13.0-135.184 |
- ID
- USN-3470-1
- Severity
- medium
- URL
- https://ubuntu.com/security/notices/USN-3470-1
- Published
-
2017-10-31T10:13:24
(6 years ago) - Modified
-
2017-10-31T10:13:24
(6 years ago) - Other Advisories
-
- ALAS-2017-868
- ALAS-2017-914
- ALPINE:CVE-2017-10911
- DSA-3920-1
- DSA-3927-1
- DSA-3945-1
- DSA-3981-1
- ELSA-2017-2930
- ELSA-2017-3533
- ELSA-2017-3632
- ELSA-2017-3633
- ELSA-2017-3636
- ELSA-2017-3637
- ELSA-2018-0169
- ELSA-2018-3083
- FEDORA-2017-544eef948f
- FEDORA-2017-5c6a9b07a3
- FEDORA-2017-98548b066b
- FEDORA-2017-c3149b5fcb
- FEDORA-2017-deb70b495e
- RHSA-2017:2930
- RHSA-2017:2931
- RHSA-2018:0169
- RHSA-2018:3083
- RHSA-2018:3096
- SUSE-SU-2016:3039-1
- SUSE-SU-2016:3049-1
- SUSE-SU-2016:3063-1
- SUSE-SU-2017:0226-1
- SUSE-SU-2017:0227-1
- SUSE-SU-2017:0228-1
- SUSE-SU-2017:0229-1
- SUSE-SU-2017:0230-1
- SUSE-SU-2017:0231-1
- SUSE-SU-2017:0233-1
- SUSE-SU-2017:0234-1
- SUSE-SU-2017:0235-1
- SUSE-SU-2017:0244-1
- SUSE-SU-2017:0245-1
- SUSE-SU-2017:0246-1
- SUSE-SU-2017:0247-1
- SUSE-SU-2017:0248-1
- SUSE-SU-2017:0249-1
- SUSE-SU-2017:0268-1
- SUSE-SU-2017:0278-1
- SUSE-SU-2017:0333-1
- SUSE-SU-2017:0407-1
- SUSE-SU-2017:0437-1
- SUSE-SU-2017:0494-1
- SUSE-SU-2017:1102-1
- SUSE-SU-2017:1795-1
- SUSE-SU-2017:1812-1
- SUSE-SU-2017:2342-1
- SUSE-SU-2017:2389-1
- SUSE-SU-2017:2525-1
- SUSE-SU-2017:2694-1
- SUSE-SU-2017:2908-1
- SUSE-SU-2017:2920-1
- SUSE-SU-2017:2924-1
- SUSE-SU-2017:2936-1
- SUSE-SU-2017:2946-1
- SUSE-SU-2017:3265-1
- SUSE-SU-2017:3286-1
- SUSE-SU-2017:3287-1
- SUSE-SU-2017:3288-1
- SUSE-SU-2017:3289-1
- SUSE-SU-2017:3290-1
- SUSE-SU-2017:3291-1
- SUSE-SU-2017:3292-1
- SUSE-SU-2017:3293-1
- SUSE-SU-2017:3296-1
- SUSE-SU-2017:3299-1
- SUSE-SU-2017:3301-1
- SUSE-SU-2017:3302-1
- SUSE-SU-2017:3303-1
- SUSE-SU-2017:3304-1
- SUSE-SU-2017:3305-1
- SUSE-SU-2017:3306-1
- SUSE-SU-2017:3308-1
- SUSE-SU-2017:3309-1
- SUSE-SU-2017:3310-1
- SUSE-SU-2017:3312-1
- SUSE-SU-2017:3313-1
- SUSE-SU-2017:3316-1
- SUSE-SU-2017:3318-1
- SUSE-SU-2017:3320-1
- SUSE-SU-2017:3321-1
- SUSE-SU-2017:3322-1
- SUSE-SU-2017:3323-1
- SUSE-SU-2017:3332-1
- SUSE-SU-2017:3336-1
- SUSE-SU-2017:3337-1
- SUSE-SU-2017:3340-1
- SUSE-SU-2018:0040-1
- USN-3190-1
- USN-3190-2
- USN-3312-1
- USN-3312-2
- USN-3405-1
- USN-3405-2
- USN-3414-1
- USN-3420-1
- USN-3420-2
- USN-3468-1
- USN-3468-2
- USN-3468-3
- USN-3469-1
- USN-3469-2
- USN-3470-2
- XSA-216
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/linux-image-extra-3.13.0-135-generic?distro=trusty | ubuntu | linux-image-extra-3.13.0-135-generic | < 3.13.0-135.184 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.13.0-135-powerpc64-smp?distro=trusty | ubuntu | linux-image-3.13.0-135-powerpc64-smp | < 3.13.0-135.184 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.13.0-135-powerpc64-emb?distro=trusty | ubuntu | linux-image-3.13.0-135-powerpc64-emb | < 3.13.0-135.184 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.13.0-135-powerpc-smp?distro=trusty | ubuntu | linux-image-3.13.0-135-powerpc-smp | < 3.13.0-135.184 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.13.0-135-powerpc-e500mc?distro=trusty | ubuntu | linux-image-3.13.0-135-powerpc-e500mc | < 3.13.0-135.184 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.13.0-135-powerpc-e500?distro=trusty | ubuntu | linux-image-3.13.0-135-powerpc-e500 | < 3.13.0-135.184 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.13.0-135-lowlatency?distro=trusty | ubuntu | linux-image-3.13.0-135-lowlatency | < 3.13.0-135.184 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.13.0-135-generic?distro=trusty | ubuntu | linux-image-3.13.0-135-generic | < 3.13.0-135.184 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.13.0-135-generic-lpae?distro=trusty | ubuntu | linux-image-3.13.0-135-generic-lpae | < 3.13.0-135.184 | trusty |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |