41 matches found
Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerabilities (USN-3053-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3053-1 advisory. A missing permission check when settings ACLs was discovered in nfsd. A local user could exploit this flaw to gain access to any file by setting an ACL...
Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerability (USN-3037-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3037-1 advisory. Jan Stancek discovered that the Linux kernel's memory manager did not properly handle moving pages mapped by the asynchronous I/O AIO ring buffer to the other...
USN-3037-1: Linux kernel (Vivid HWE) vulnerability
Jan Stancek discovered that the Linux kernel's memory manager did not properly handle moving pages mapped by the asynchronous I/O AIO ring buffer to the other nodes. A local attacker could use this to cause a denial of service system crash...
USN-3020-1: Linux kernel (Vivid HWE) vulnerabilities
Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPTSOSETREPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service system crash or execute...
USN-3001-1: Linux kernel (Vivid HWE) vulnerabilities
Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. CVE-2016-2117 Jann Horn discovered that eCryptfs improperly attempted to use...
USN-2977-1 Linux kernel (Vivid HWE) vulnerabilities | Cloud Foundry
USN-2977-1 Linux kernel Vivid HWE vulnerabilities High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 LTS Description Philip Pettersson discovered that the Linux kernel’s ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local...
USN-2977-1: Linux kernel (Vivid HWE) vulnerability
Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...
USN-2970-1: Linux kernel (Vivid HWE) vulnerabilities
Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not properly validate the endpoints reported by the device. An attacker with physical access could cause a denial of service system crash. CVE-2015-7515 Ben Hawkes discovered that the Linux kernel's AIO...
USN-2949-1 Linux kernel (Vivid HWE) vulnerabilities | Cloud Foundry
USN-2949-1 Linux kernel Vivid HWE vulnerabilities Low/Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 LTS Description Venkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel’s CXGB3 driver. A local attacker could use this to cause a denial of service...
Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerabilities (USN-2949-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2949-1 advisory. Venkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of servi...
USN-2949-1: Linux kernel (Vivid HWE) vulnerabilities
Venkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2015-8812 Xiaofei Rex Guo discovered a timing side channel vulnerability in the Linux...
Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerabilities (USN-2932-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2932-1 advisory. Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPTSOSETREPLACE events. A local...
USN-2932-1: Linux kernel (Vivid HWE) vulnerabilities
Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPTSOSETREPLACE events. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges...
Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) regression (USN-2910-2)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2910-2 advisory. USN-2910-1 fixed vulnerabilities in the Ubuntu 15.04 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect locking fix caused a regression that broke graphics...
USN-2910-2: Linux kernel (Vivid HWE) regression
USN-2910-1 fixed vulnerabilities in the Ubuntu 15.04 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 14.04 LTS guests running the Ubuntu 15.04 backport kernel within VMWare virtual machines. This update fixes the...
Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerabilities (USN-2910-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2910-1 advisory. halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged...
USN-2910-1: Linux kernel (Vivid HWE) vulnerabilities
halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. CVE-2016-1576 halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security...
USN-2889-2: Linux kernel (Vivid HWE) vulnerabilities
It was discovered that a use-after-free vulnerability existed in the AFUNIX implementation in the Linux kernel. A local attacker could use crafted epollctl calls to cause a denial of service system crash or expose sensitive information. CVE-2013-7446 It was discovered that the KVM implementation ...
Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerabilities (USN-2889-2)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2889-2 advisory. It was discovered that a use-after-free vulnerability existed in the AFUNIX implementation in the Linux kernel. A local attacker could use crafted epollc...
USN-2871-2: Linux kernel (Vivid HWE) vulnerability
Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...