Linux kernel (Utopic HWE) vulnerabilities

2015-06-10T00:00:00
ID USN-2635-1
Type ubuntu
Reporter Ubuntu
Modified 2015-06-10T00:00:00

Description

Xiong Zhou discovered a bug in the way the EXT4 filesystem handles fallocate zero range functionality when the page size is greater than the block size. A local attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2015-0275)

Wen Xu discovered a use-after-free flaw in the Linux kernel’s ipv4 ping support. A local user could exploit this flaw to cause a denial of service (system crash) or gain administrative privileges on the system. (CVE-2015-3636)