USN-2949-1 Linux kernel (Vivid HWE) vulnerabilities

Low/Medium

Vendor

Canonical Ubuntu

Versions Affected

• Canonical Ubuntu 14.04 LTS

Description

Venkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel’s CXGB3 driver. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2015-8812)

Xiaofei Rex Guo discovered a timing side channel vulnerability in the Linux Extended Verification Module (EVM). An attacker could use this to affect system integrity. (CVE-2016-2085)

David Herrmann discovered that the Linux kernel incorrectly accounted file descriptors to the original opener for in-flight file descriptors sent over a unix domain socket. A local attacker could use this to cause a denial of service (resource exhaustion). (CVE-2016-2550)

It was discovered that the Linux kernel did not enforce limits on the amount of data allocated to buffer pipes. A local attacker could use this to cause a denial of service (resource exhaustion). (CVE-2016-2847)

Affected Products and Versions

_Severity is low/medium unless otherwise noted.
_

• Cloud Foundry BOSH stemcells 3146.x versions prior to 3146.11 AND other versions prior to 3215.4 are vulnerable

Mitigation

Users of affected versions should apply the following mitigation:

• The Cloud Foundry project recommends that Cloud Foundry upgrade BOSH stemcell 3146.x versions to 3146.11 OR other versions to 3232.2

Credit

Venkatesh Pottem, Xiaofei Rex Guo, David Herrmann

References

• <http://www.ubuntu.com/usn/usn-2949-1/&gt;
• <http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-8812.html&gt;
• <http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2085.html&gt;
• <http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2550.html&gt;
• <http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2847.html&gt;