[USN-3908-1] Linux kernel vulnerability

Severity Medium

Affected Packages 27

CVEs 1

The system could be made to run programs as an administrator.

Jann Horn discovered a race condition in the fork() system call in the
Linux kernel. A local attacker could use this to gain access to services
that cache authorizations.

Package	Affected Version
pkg:deb/ubuntu/linux-image-virtual?distro=trusty	< 3.13.0.166.177
pkg:deb/ubuntu/linux-image-powerpc64-smp?distro=trusty	< 3.13.0.166.177
pkg:deb/ubuntu/linux-image-powerpc64-emb?distro=trusty	< 3.13.0.166.177
pkg:deb/ubuntu/linux-image-powerpc-smp?distro=trusty	< 3.13.0.166.177
pkg:deb/ubuntu/linux-image-powerpc-e500mc?distro=trusty	< 3.13.0.166.177
pkg:deb/ubuntu/linux-image-powerpc-e500?distro=trusty	< 3.13.0.166.177
pkg:deb/ubuntu/linux-image-omap?distro=trusty	< 3.13.0.166.177
pkg:deb/ubuntu/linux-image-lowlatency?distro=trusty	< 3.13.0.166.177
pkg:deb/ubuntu/linux-image-lowlatency-pae?distro=trusty	< 3.13.0.166.177
pkg:deb/ubuntu/linux-image-highbank?distro=trusty	< 3.13.0.166.177
pkg:deb/ubuntu/linux-image-generic?distro=trusty	< 3.13.0.166.177
pkg:deb/ubuntu/linux-image-generic-pae?distro=trusty	< 3.13.0.166.177
pkg:deb/ubuntu/linux-image-generic-lts-trusty?distro=trusty	< 3.13.0.166.177
pkg:deb/ubuntu/linux-image-generic-lts-saucy?distro=trusty	< 3.13.0.166.177
pkg:deb/ubuntu/linux-image-generic-lts-raring?distro=trusty	< 3.13.0.166.177
pkg:deb/ubuntu/linux-image-generic-lts-quantal?distro=trusty	< 3.13.0.166.177
pkg:deb/ubuntu/linux-image-generic-lpae?distro=trusty	< 3.13.0.166.177
pkg:deb/ubuntu/linux-image-generic-lpae-lts-trusty?distro=trusty	< 3.13.0.166.177
pkg:deb/ubuntu/linux-image-generic-lpae-lts-saucy?distro=trusty	< 3.13.0.166.177
pkg:deb/ubuntu/linux-image-3.13.0-166-powerpc64-smp?distro=trusty	< 3.13.0-166.216
pkg:deb/ubuntu/linux-image-3.13.0-166-powerpc64-emb?distro=trusty	< 3.13.0-166.216
pkg:deb/ubuntu/linux-image-3.13.0-166-powerpc-smp?distro=trusty	< 3.13.0-166.216
pkg:deb/ubuntu/linux-image-3.13.0-166-powerpc-e500mc?distro=trusty	< 3.13.0-166.216
pkg:deb/ubuntu/linux-image-3.13.0-166-powerpc-e500?distro=trusty	< 3.13.0-166.216
pkg:deb/ubuntu/linux-image-3.13.0-166-lowlatency?distro=trusty	< 3.13.0-166.216
pkg:deb/ubuntu/linux-image-3.13.0-166-generic?distro=trusty	< 3.13.0-166.216
pkg:deb/ubuntu/linux-image-3.13.0-166-generic-lpae?distro=trusty	< 3.13.0-166.216

ID

USN-3908-1

Severity

medium

URL

https://ubuntu.com/security/notices/USN-3908-1

Published

2019-03-12T21:40:38
(5 years ago)

Modified

2019-03-12T21:40:38
(5 years ago)

Other Advisories

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform
Affected	pkg:deb/ubuntu/linux-image-virtual?distro=trusty	ubuntu	linux-image-virtual	< 3.13.0.166.177	trusty
Affected	pkg:deb/ubuntu/linux-image-powerpc64-smp?distro=trusty	ubuntu	linux-image-powerpc64-smp	< 3.13.0.166.177	trusty
Affected	pkg:deb/ubuntu/linux-image-powerpc64-emb?distro=trusty	ubuntu	linux-image-powerpc64-emb	< 3.13.0.166.177	trusty
Affected	pkg:deb/ubuntu/linux-image-powerpc-smp?distro=trusty	ubuntu	linux-image-powerpc-smp	< 3.13.0.166.177	trusty
Affected	pkg:deb/ubuntu/linux-image-powerpc-e500mc?distro=trusty	ubuntu	linux-image-powerpc-e500mc	< 3.13.0.166.177	trusty
Affected	pkg:deb/ubuntu/linux-image-powerpc-e500?distro=trusty	ubuntu	linux-image-powerpc-e500	< 3.13.0.166.177	trusty
Affected	pkg:deb/ubuntu/linux-image-omap?distro=trusty	ubuntu	linux-image-omap	< 3.13.0.166.177	trusty
Affected	pkg:deb/ubuntu/linux-image-lowlatency?distro=trusty	ubuntu	linux-image-lowlatency	< 3.13.0.166.177	trusty
Affected	pkg:deb/ubuntu/linux-image-lowlatency-pae?distro=trusty	ubuntu	linux-image-lowlatency-pae	< 3.13.0.166.177	trusty
Affected	pkg:deb/ubuntu/linux-image-highbank?distro=trusty	ubuntu	linux-image-highbank	< 3.13.0.166.177	trusty
Affected	pkg:deb/ubuntu/linux-image-generic?distro=trusty	ubuntu	linux-image-generic	< 3.13.0.166.177	trusty
Affected	pkg:deb/ubuntu/linux-image-generic-pae?distro=trusty	ubuntu	linux-image-generic-pae	< 3.13.0.166.177	trusty
Affected	pkg:deb/ubuntu/linux-image-generic-lts-trusty?distro=trusty	ubuntu	linux-image-generic-lts-trusty	< 3.13.0.166.177	trusty
Affected	pkg:deb/ubuntu/linux-image-generic-lts-saucy?distro=trusty	ubuntu	linux-image-generic-lts-saucy	< 3.13.0.166.177	trusty
Affected	pkg:deb/ubuntu/linux-image-generic-lts-raring?distro=trusty	ubuntu	linux-image-generic-lts-raring	< 3.13.0.166.177	trusty
Affected	pkg:deb/ubuntu/linux-image-generic-lts-quantal?distro=trusty	ubuntu	linux-image-generic-lts-quantal	< 3.13.0.166.177	trusty
Affected	pkg:deb/ubuntu/linux-image-generic-lpae?distro=trusty	ubuntu	linux-image-generic-lpae	< 3.13.0.166.177	trusty
Affected	pkg:deb/ubuntu/linux-image-generic-lpae-lts-trusty?distro=trusty	ubuntu	linux-image-generic-lpae-lts-trusty	< 3.13.0.166.177	trusty
Affected	pkg:deb/ubuntu/linux-image-generic-lpae-lts-saucy?distro=trusty	ubuntu	linux-image-generic-lpae-lts-saucy	< 3.13.0.166.177	trusty
Affected	pkg:deb/ubuntu/linux-image-3.13.0-166-powerpc64-smp?distro=trusty	ubuntu	linux-image-3.13.0-166-powerpc64-smp	< 3.13.0-166.216	trusty
Affected	pkg:deb/ubuntu/linux-image-3.13.0-166-powerpc64-emb?distro=trusty	ubuntu	linux-image-3.13.0-166-powerpc64-emb	< 3.13.0-166.216	trusty
Affected	pkg:deb/ubuntu/linux-image-3.13.0-166-powerpc-smp?distro=trusty	ubuntu	linux-image-3.13.0-166-powerpc-smp	< 3.13.0-166.216	trusty
Affected	pkg:deb/ubuntu/linux-image-3.13.0-166-powerpc-e500mc?distro=trusty	ubuntu	linux-image-3.13.0-166-powerpc-e500mc	< 3.13.0-166.216	trusty
Affected	pkg:deb/ubuntu/linux-image-3.13.0-166-powerpc-e500?distro=trusty	ubuntu	linux-image-3.13.0-166-powerpc-e500	< 3.13.0-166.216	trusty
Affected	pkg:deb/ubuntu/linux-image-3.13.0-166-lowlatency?distro=trusty	ubuntu	linux-image-3.13.0-166-lowlatency	< 3.13.0-166.216	trusty
Affected	pkg:deb/ubuntu/linux-image-3.13.0-166-generic?distro=trusty	ubuntu	linux-image-3.13.0-166-generic	< 3.13.0-166.216	trusty
Affected	pkg:deb/ubuntu/linux-image-3.13.0-166-generic-lpae?distro=trusty	ubuntu	linux-image-3.13.0-166-generic-lpae	< 3.13.0-166.216	trusty

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date