Linux kernel (Utopic HWE) vulnerabilities

2015-04-09T00:00:00
ID USN-2564-1
Type ubuntu
Reporter Ubuntu
Modified 2015-04-09T00:00:00

Description

An integer overflow was discovered in the stack randomization feature of the Linux kernel on 64 bit platforms. A local attacker could exploit this flaw to bypass the Address Space Layout Randomization (ASLR) protection mechanism. (CVE-2015-1593)

An information leak was discovered in the Linux Kernel’s handling of userspace configuration of the link layer control (LLC). A local user could exploit this flaw to read data from other sysctl settings. (CVE-2015-2041)

An information leak was discovered in how the Linux kernel handles setting the Reliable Datagram Sockets (RDS) settings. A local user could exploit this flaw to read data from other sysctl settings. (CVE-2015-2042)

A memory corruption flaw was discovered in the Linux kernel’s scsi subsystem. A local attacker could potentially exploit this flaw to cause a denial of service (system crash). (CVE-2015-4036)