USN-3099-2 Linux kernel vulnerabilities | Cloud Foundry

2016-10-01T00:00:00
ID CFOUNDRY:DC8819DC530904F76913C7D9F499576C
Type cloudfoundry
Reporter Cloud Foundry
Modified 2016-10-01T00:00:00

Description

USN-3099-2 Linux kernel vulnerabilities

High

Vendor

Canonical Ubuntu

Versions Affected

  • Canonical Ubuntu 14.04 LTS

Description

USN-3099-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS.

Vladimír Beneš discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload (GRO) processing implementations in the Linux kernel. A remote attacker could use this to cause a stack corruption, leading to a denial of service (system crash). (CVE-2016-7039)

Marco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-6828)

Pengfei Wang discovered a race condition in the Adaptec AAC RAID controller driver in the Linux kernel when handling ioctl()s. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-6480)

Affected Products and Versions

Severity is high unless otherwise noted.

  • Cloud Foundry BOSH stemcells are vulnerable, including:
    • All versions prior to 3146.24
    • 3151.x versions prior to 3151.2
    • 3232.x versions prior to 3232.22
    • 3233.x versions prior to 3233.2
    • 3262.x versions prior to 3262.21
    • Other versions prior to 3263.7

Mitigation

Users of affected versions should apply the following mitigation:

  • The Cloud Foundry team recommends upgrading to the following BOSH stemcells:
    • Upgrade all versions prior to 3146.x to 3146.24
    • Upgrade 3151.x versions to 3151.2
    • Upgrade 3232.x versions to 3232.22
    • Upgrade 3233.x versions to 3233.2
    • Upgrade 3262.x versions to 3262.21
    • Upgrade other versions to 3263.7

Credit

Vladimír Beneš, Marco Grassi, Pengfei Wang

References

  • <https://www.ubuntu.com/usn/usn-3099-2/>
  • <http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6480.html>
  • <http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6828.html>
  • <http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7039.html>