1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-3908-2

[USN-3908-2] Linux kernel (Trusty HWE) vulnerability

Severity Medium
Affected Packages 5
CVEs 1
Info Packages Vulnerabilities

The system could be made to run programs as an administrator.

USN-3908-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu
12.04 ESM.

Jann Horn discovered a race condition in the fork() system call in the
Linux kernel. A local attacker could use this to gain access to services
that cache authorizations.

Package Affected Version
pkg:deb/ubuntu/linux-image-generic-lts-trusty?distro=precise < 3.13.0.166.156
pkg:deb/ubuntu/linux-image-generic-lpae-lts-trusty?distro=precise < 3.13.0.166.156
pkg:deb/ubuntu/linux-image-3.13.0-166-lowlatency?distro=precise < 3.13.0-166.216~precise1
pkg:deb/ubuntu/linux-image-3.13.0-166-generic?distro=precise < 3.13.0-166.216~precise1
pkg:deb/ubuntu/linux-image-3.13.0-166-generic-lpae?distro=precise < 3.13.0-166.216~precise1
ID
USN-3908-2
Severity
medium
Severity from
CVE-2019-6133
URL
https://ubuntu.com/security/notices/USN-3908-2
Published
2019-03-13T18:02:30
(5 years ago)
Modified
2019-03-13T18:02:30
(5 years ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/linux-image-generic-lts-trusty?distro=precise ubuntu linux-image-generic-lts-trusty < 3.13.0.166.156 precise
Affected pkg:deb/ubuntu/linux-image-generic-lpae-lts-trusty?distro=precise ubuntu linux-image-generic-lpae-lts-trusty < 3.13.0.166.156 precise
Affected pkg:deb/ubuntu/linux-image-3.13.0-166-lowlatency?distro=precise ubuntu linux-image-3.13.0-166-lowlatency < 3.13.0-166.216~precise1 precise
Affected pkg:deb/ubuntu/linux-image-3.13.0-166-generic?distro=precise ubuntu linux-image-3.13.0-166-generic < 3.13.0-166.216~precise1 precise
Affected pkg:deb/ubuntu/linux-image-3.13.0-166-generic-lpae?distro=precise ubuntu linux-image-3.13.0-166-generic-lpae < 3.13.0-166.216~precise1 precise
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date