[USN-3581-1] Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel.
Mohamed Ghannam discovered that the IPv4 raw socket implementation in the
Linux kernel contained a race condition leading to uninitialized pointer
usage. A local attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2017-17712)
ChunYu Wang discovered that a use-after-free vulnerability existed
in the SCTP protocol implementation in the Linux kernel. A local
attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code, (CVE-2017-15115)
Mohamed Ghannam discovered a use-after-free vulnerability in the DCCP
protocol implementation in the Linux kernel. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2017-8824)
USN-3541-1 mitigated CVE-2017-5715 (Spectre Variant 2) for the
amd64 architecture in Ubuntu 17.10. This update provides the
compiler-based retpoline kernel mitigation for the amd64 and i386
architectures. Original advisory details:
Jann Horn discovered that microprocessors utilizing speculative execution
and branch prediction may allow unauthorized memory reads via sidechannel
attacks. This flaw is known as Spectre. A local attacker could use this to
expose sensitive information, including kernel memory. (CVE-2017-5715)
- ID
- USN-3581-1
- Severity
- high
- Severity from
- CVE-2017-15115
- URL
- https://ubuntu.com/security/notices/USN-3581-1
- Published
-
2018-02-22T08:25:04
(6 years ago) - Modified
-
2018-02-22T08:25:04
(6 years ago) - Other Advisories
-
- ALAS-2017-937
- ALAS-2018-939
- ALAS-2018-942
- ALAS-2018-944
- ALAS2-2018-939
- ALAS2-2018-942
- ALAS2-2018-952
- ALAS2-2018-953
- ALAS2-2018-962
- ALPINE:CVE-2017-5715
- ASA-201801-1
- ASA-201801-10
- ASA-201801-2
- ASA-201801-3
- ASA-201801-4
- CISCO-SA-20180104-CPUSIDECHANNEL
- DSA-4073-1
- DSA-4082-1
- DSA-4187-1
- DSA-4188-1
- DSA-4201-1
- DSA-4213-1
- ELSA-2018-0007
- ELSA-2018-0008
- ELSA-2018-0012
- ELSA-2018-0013
- ELSA-2018-0023
- ELSA-2018-0024
- ELSA-2018-0029
- ELSA-2018-0030
- ELSA-2018-1062
- ELSA-2018-1196
- ELSA-2018-1319
- ELSA-2018-4004
- ELSA-2018-4020
- ELSA-2018-4022
- ELSA-2018-4025
- ELSA-2018-4040
- ELSA-2018-4041
- ELSA-2018-4285
- ELSA-2018-4289
- ELSA-2019-4585
- ELSA-2019-4668
- ELSA-2019-4710
- ELSA-2019-4785
- FEDORA-2017-129969aa8a
- FEDORA-2017-1b4d140781
- FEDORA-2017-62e3a94f2a
- FEDORA-2017-7810b7c59f
- FEDORA-2017-ba6b6e71f7
- FEDORA-2017-f73d3f1fc4
- FEDORA-2017-f7cb245861
- FEDORA-2018-0590e4af13
- FEDORA-2018-1c80fea1cd
- FEDORA-2018-1e033dc308
- FEDORA-2018-2a0f8b2c9d
- FEDORA-2018-2b053454a4
- FEDORA-2018-2ee3411cb8
- FEDORA-2018-2f6df9abfb
- FEDORA-2018-49bda79bd5
- FEDORA-2018-4ca01704a2
- FEDORA-2018-6367a17aa3
- FEDORA-2018-690989736a
- FEDORA-2018-6c1be5e1c8
- FEDORA-2018-79d7c3d2df
- FEDORA-2018-8484550fff
- FEDORA-2018-884a105c04
- FEDORA-2018-93c2e74446
- FEDORA-2018-94315e9a6b
- FEDORA-2018-9d0e4e40b5
- FEDORA-2018-9f02e5ed7b
- FEDORA-2018-b57db4753c
- FEDORA-2018-b68776e5b0
- FEDORA-2018-b997780dca
- FEDORA-2018-c0a1284064
- FEDORA-2018-c449dc1c9c
- FEDORA-2018-d77cc41f35
- FEDORA-2018-e71875c4aa
- FEDORA-2018-e8f793bbfc
- FREEBSD:1CE95BC7-3278-11E8-B527-00012E582166
- FREEBSD:74DAA370-2797-11E8-95EC-A4BADB2F4699
- FREEBSD:FBE10A8A-05A1-11EA-9DFA-F8B156AC3FF9
- GLSA-201804-08
- GLSA-201810-06
- RHBA-2018:0042
- RHSA-2018:0016
- RHSA-2018:0023
- RHSA-2018:0676
- RHSA-2018:1062
- RHSA-2018:1319
- SSA:2018-016-01
- SSA:2018-037-01
- SUSE-SU-2017:3398-1
- SUSE-SU-2017:3410-1
- SUSE-SU-2018:0007-1
- SUSE-SU-2018:0008-1
- SUSE-SU-2018:0010-1
- SUSE-SU-2018:0011-1
- SUSE-SU-2018:0012-1
- SUSE-SU-2018:0019-1
- SUSE-SU-2018:0020-1
- SUSE-SU-2018:0031-1
- SUSE-SU-2018:0036-1
- SUSE-SU-2018:0039-1
- SUSE-SU-2018:0040-1
- SUSE-SU-2018:0041-1
- SUSE-SU-2018:0051-1
- SUSE-SU-2018:0056-1
- SUSE-SU-2018:0068-1
- SUSE-SU-2018:0069-1
- SUSE-SU-2018:0113-1
- SUSE-SU-2018:0114-1
- SUSE-SU-2018:0115-1
- SUSE-SU-2018:0131-1
- SUSE-SU-2018:0171-1
- SUSE-SU-2018:0180-1
- SUSE-SU-2018:0213-1
- SUSE-SU-2018:0219-1
- SUSE-SU-2018:0269-1
- SUSE-SU-2018:0272-1
- SUSE-SU-2018:0273-1
- SUSE-SU-2018:0277-1
- SUSE-SU-2018:0278-1
- SUSE-SU-2018:0280-1
- SUSE-SU-2018:0281-1
- SUSE-SU-2018:0282-1
- SUSE-SU-2018:0285-1
- SUSE-SU-2018:0294-1
- SUSE-SU-2018:0296-1
- SUSE-SU-2018:0297-1
- SUSE-SU-2018:0298-1
- SUSE-SU-2018:0301-1
- SUSE-SU-2018:0340-1
- SUSE-SU-2018:0345-1
- SUSE-SU-2018:0346-1
- SUSE-SU-2018:0347-1
- SUSE-SU-2018:0383-1
- SUSE-SU-2018:0416-1
- SUSE-SU-2018:0431-1
- SUSE-SU-2018:0433-1
- SUSE-SU-2018:0436-1
- SUSE-SU-2018:0437-1
- SUSE-SU-2018:0438-1
- SUSE-SU-2018:0472-1
- SUSE-SU-2018:0482-1
- SUSE-SU-2018:0525-1
- SUSE-SU-2018:0552-1
- SUSE-SU-2018:0552-2
- SUSE-SU-2018:0555-1
- SUSE-SU-2018:0601-1
- SUSE-SU-2018:0609-1
- SUSE-SU-2018:0638-1
- SUSE-SU-2018:0660-1
- SUSE-SU-2018:0678-1
- SUSE-SU-2018:0705-1
- SUSE-SU-2018:0708-1
- SUSE-SU-2018:0757-1
- SUSE-SU-2018:0762-1
- SUSE-SU-2018:0831-1
- SUSE-SU-2018:0838-1
- SUSE-SU-2018:0841-1
- SUSE-SU-2018:0861-1
- SUSE-SU-2018:0909-1
- SUSE-SU-2018:0920-1
- SUSE-SU-2018:0986-1
- SUSE-SU-2018:1077-1
- SUSE-SU-2018:1080-1
- SUSE-SU-2018:1295-1
- SUSE-SU-2018:1308-1
- SUSE-SU-2018:1363-1
- SUSE-SU-2018:1368-1
- SUSE-SU-2018:1376-1
- SUSE-SU-2018:1386-1
- SUSE-SU-2018:1465-1
- SUSE-SU-2018:1486-1
- SUSE-SU-2018:1498-1
- SUSE-SU-2018:1503-1
- SUSE-SU-2018:1567-1
- SUSE-SU-2018:1570-1
- SUSE-SU-2018:1571-1
- SUSE-SU-2018:1571-2
- SUSE-SU-2018:1603-1
- SUSE-SU-2018:1658-1
- SUSE-SU-2018:1699-1
- SUSE-SU-2018:1699-2
- SUSE-SU-2018:1759-1
- SUSE-SU-2018:1784-1
- SUSE-SU-2018:1822-1
- SUSE-SU-2018:2082-1
- SUSE-SU-2018:2092-1
- SUSE-SU-2018:2141-1
- SUSE-SU-2018:2189-1
- SUSE-SU-2018:2528-1
- SUSE-SU-2018:2631-1
- SUSE-SU-2018:2631-2
- USN-3516-1
- USN-3530-1
- USN-3531-1
- USN-3531-3
- USN-3540-1
- USN-3540-2
- USN-3541-1
- USN-3541-2
- USN-3542-1
- USN-3542-2
- USN-3549-1
- USN-3560-1
- USN-3561-1
- USN-3580-1
- USN-3581-2
- USN-3581-3
- USN-3582-1
- USN-3582-2
- USN-3583-1
- USN-3583-2
- USN-3594-1
- USN-3597-1
- USN-3597-2
- USN-3620-2
- USN-3690-1
- USN-3777-3
- VU:584653
- XSA-254
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |