1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-3510-1

[USN-3510-1] Linux kernel vulnerabilities

Severity High
Affected Packages 9
CVEs 2
Info Packages Vulnerabilities

Several security issues were fixed in the Linux kernel.

Mohamed Ghannam discovered that a use-after-free vulnerability existed in
the Netlink subsystem (XFRM) in the Linux kernel. A local attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2017-16939)

It was discovered that the Linux kernel did not properly handle copy-on-
write of transparent huge pages. A local attacker could use this to cause a
denial of service (application crashes) or possibly gain administrative
privileges. (CVE-2017-1000405)

Package Affected Version
pkg:deb/ubuntu/linux-image-extra-3.13.0-137-generic?distro=trusty < 3.13.0-137.186
pkg:deb/ubuntu/linux-image-3.13.0-137-powerpc64-smp?distro=trusty < 3.13.0-137.186
pkg:deb/ubuntu/linux-image-3.13.0-137-powerpc64-emb?distro=trusty < 3.13.0-137.186
pkg:deb/ubuntu/linux-image-3.13.0-137-powerpc-smp?distro=trusty < 3.13.0-137.186
pkg:deb/ubuntu/linux-image-3.13.0-137-powerpc-e500mc?distro=trusty < 3.13.0-137.186
pkg:deb/ubuntu/linux-image-3.13.0-137-powerpc-e500?distro=trusty < 3.13.0-137.186
pkg:deb/ubuntu/linux-image-3.13.0-137-lowlatency?distro=trusty < 3.13.0-137.186
pkg:deb/ubuntu/linux-image-3.13.0-137-generic?distro=trusty < 3.13.0-137.186
pkg:deb/ubuntu/linux-image-3.13.0-137-generic-lpae?distro=trusty < 3.13.0-137.186
ID
USN-3510-1
Severity
high
URL
https://ubuntu.com/security/notices/USN-3510-1
Published
2017-12-08T00:14:02
(6 years ago)
Modified
2017-12-08T00:14:02
(6 years ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/linux-image-extra-3.13.0-137-generic?distro=trusty ubuntu linux-image-extra-3.13.0-137-generic < 3.13.0-137.186 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-137-powerpc64-smp?distro=trusty ubuntu linux-image-3.13.0-137-powerpc64-smp < 3.13.0-137.186 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-137-powerpc64-emb?distro=trusty ubuntu linux-image-3.13.0-137-powerpc64-emb < 3.13.0-137.186 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-137-powerpc-smp?distro=trusty ubuntu linux-image-3.13.0-137-powerpc-smp < 3.13.0-137.186 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-137-powerpc-e500mc?distro=trusty ubuntu linux-image-3.13.0-137-powerpc-e500mc < 3.13.0-137.186 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-137-powerpc-e500?distro=trusty ubuntu linux-image-3.13.0-137-powerpc-e500 < 3.13.0-137.186 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-137-lowlatency?distro=trusty ubuntu linux-image-3.13.0-137-lowlatency < 3.13.0-137.186 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-137-generic?distro=trusty ubuntu linux-image-3.13.0-137-generic < 3.13.0-137.186 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-137-generic-lpae?distro=trusty ubuntu linux-image-3.13.0-137-generic-lpae < 3.13.0-137.186 trusty
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date