USN-3099-2 Linux kernel vulnerabilities | Cloud Foundry


USN-3099-2 Linux kernel vulnerabilities # High # Vendor Canonical Ubuntu # Versions Affected * Canonical Ubuntu 14.04 LTS # Description USN-3099-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Vladimír Beneš discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload (GRO) processing implementations in the Linux kernel. A remote attacker could use this to cause a stack corruption, leading to a denial of service (system crash). ([CVE-2016-7039](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7039.html>)) Marco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. ([CVE-2016-6828](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6828.html>)) Pengfei Wang discovered a race condition in the Adaptec AAC RAID controller driver in the Linux kernel when handling ioctl()s. A local attacker could use this to cause a denial of service (system crash). ([CVE-2016-6480](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6480.html>)) # Affected Products and Versions _Severity is high unless otherwise noted._ * Cloud Foundry BOSH stemcells are vulnerable, including: * All versions prior to 3146.24 * 3151.x versions prior to 3151.2 * 3232.x versions prior to 3232.22 * 3233.x versions prior to 3233.2 * 3262.x versions prior to 3262.21 * Other versions prior to 3263.7 # Mitigation Users of affected versions should apply the following mitigation: * The Cloud Foundry team recommends upgrading to the following BOSH stemcells: * Upgrade all versions prior to 3146.x to 3146.24 * Upgrade 3151.x versions to 3151.2 * Upgrade 3232.x versions to 3232.22 * Upgrade 3233.x versions to 3233.2 * Upgrade 3262.x versions to 3262.21 * Upgrade other versions to 3263.7 # Credit Vladimír Beneš, Marco Grassi, Pengfei Wang # References * <https://www.ubuntu.com/usn/usn-3099-2/> * <http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6480.html> * <http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6828.html> * <http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7039.html>