Severity

Medium

Vendor

Canonical Ubuntu

Versions Affected

• Canonical Ubuntu 14.04

Description

USN-3753-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS.

It was discovered that the generic SCSI driver in the Linux kernel did not properly enforce permissions on kernel memory access. A local attacker could use this to expose sensitive information or possibly elevate privileges. (CVE-2017-13168)

Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-10876, CVE-2018-10879)

Wen Xu discovered that a buffer overflow existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-10877)

Wen Xu discovered that an out-of-bounds write vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-10878, CVE-2018-10882)

Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly keep meta-data information consistent in some situations. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash). (CVE-2018-10881)

Shankara Pailoor discovered that the JFS filesystem implementation in the Linux kernel contained a buffer overflow when handling extended attributes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-12233)

Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly handle an error condition with a corrupted xfs image. An attacker could use this to construct a malicious xfs image that, when mounted, could cause a denial of service (system crash). (CVE-2018-13094)

It was discovered that the Linux kernel did not properly handle setgid file creation when performed by a non-member of the group. A local attacker could use this to gain elevated privileges. (CVE-2018-13405)

Silvio Cesare discovered that the generic VESA frame buffer driver in the Linux kernel contained an integer overflow. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-13406)

Affected Cloud Foundry Products and Versions

Severity is medium unless otherwise noted.

• Cloud Foundry BOSH trusty-stemcells are vulnerable, including:
  • 3363.x versions prior to 3363.74
  • 3421.x versions prior to 3421.81
  • 3445.x versions prior to 3445.66
  • 3468.x versions prior to 3468.67
  • 3541.x versions prior to 3541.46
  • 3586.x versions prior to 3586.40
  • All other stemcells not listed.

Mitigation

OSS users are strongly encouraged to follow one of the mitigations below:

• The Cloud Foundry project recommends upgrading the following BOSH trusty-stemcells:
  • Upgrade 3363.x versions to 3363.74
  • Upgrade 3421.x versions to 3421.81
  • Upgrade 3445.x versions to 3445.66
  • Upgrade 3468.x versions to 3468.67
  • Upgrade 3541.x versions to 3541.46
  • Upgrade 3586.x versions to 3586.40
  • All other stemcells should be upgraded to the latest version available on bosh.io.

References

• USN-3753-2
• CVE-2017-13168
• CVE-2018-10876
• CVE-2018-10877
• CVE-2018-10878
• CVE-2018-10879
• CVE-2018-10881
• CVE-2018-10882
• CVE-2018-12233
• CVE-2018-13094
• CVE-2018-13405
• CVE-2018-13406