Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-2949-1
HistoryApr 06, 2016 - 12:00 a.m.

Linux kernel (Vivid HWE) vulnerabilities

2016-04-0600:00:00
ubuntu.com
50

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.054 Low

EPSS

Percentile

93.0%

JSON

Releases

  • Ubuntu 14.04 ESM

Packages

  • linux-lts-vivid - Linux hardware enablement kernel from Vivid for Trusty

Details

Venkatesh Pottem discovered a use-after-free vulnerability in the Linux
kernel’s CXGB3 driver. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2015-8812)

Xiaofei Rex Guo discovered a timing side channel vulnerability in the Linux
Extended Verification Module (EVM). An attacker could use this to affect
system integrity. (CVE-2016-2085)

David Herrmann discovered that the Linux kernel incorrectly accounted file
descriptors to the original opener for in-flight file descriptors sent over
a unix domain socket. A local attacker could use this to cause a denial of
service (resource exhaustion). (CVE-2016-2550)

It was discovered that the Linux kernel did not enforce limits on the
amount of data allocated to buffer pipes. A local attacker could use this
to cause a denial of service (resource exhaustion). (CVE-2016-2847)

OSVersionArchitecturePackageVersionFilename
Ubuntu14.04noarchlinux-image-3.19.0-58-generic< 3.19.0-58.64~14.04.1UNKNOWN
Ubuntu14.04noarchblock-modules-3.19.0-58-generic-di< 3.19.0-58.64~14.04.1UNKNOWN
Ubuntu14.04noarchcrypto-modules-3.19.0-58-generic-di< 3.19.0-58.64~14.04.1UNKNOWN
Ubuntu14.04noarchfat-modules-3.19.0-58-generic-di< 3.19.0-58.64~14.04.1UNKNOWN
Ubuntu14.04noarchfb-modules-3.19.0-58-generic-di< 3.19.0-58.64~14.04.1UNKNOWN
Ubuntu14.04noarchfirewire-core-modules-3.19.0-58-generic-di< 3.19.0-58.64~14.04.1UNKNOWN
Ubuntu14.04noarchfloppy-modules-3.19.0-58-generic-di< 3.19.0-58.64~14.04.1UNKNOWN
Ubuntu14.04noarchfs-core-modules-3.19.0-58-generic-di< 3.19.0-58.64~14.04.1UNKNOWN
Ubuntu14.04noarchfs-secondary-modules-3.19.0-58-generic-di< 3.19.0-58.64~14.04.1UNKNOWN
Ubuntu14.04noarchinput-modules-3.19.0-58-generic-di< 3.19.0-58.64~14.04.1UNKNOWN
Rows per page:
1-10 of 571

Related

ubuntu 10
openvas 31
nessus 49
cloudfoundry 1
amazon 1
prion 5
debiancve 4
ubuntucve 4
f5 2
fedora 6
cve 5
redhat 3
suse 29
osv 2
debian 3
ibm 5
oraclelinux 3
centos 1
mageia 3
lenovo 1
oracle 1
ubuntu
ubuntu
Linux kernel (Trusty HWE) vulnerabilities
2016-04-06 00:00:00
Linux kernel vulnerabilities
2016-04-06 00:00:00
Linux kernel (Wily HWE) vulnerabilities
2016-04-06 00:00:00
openvas
openvas
Ubuntu Update for linux-lts-trusty USN-2946-2
2016-04-07 00:00:00
Ubuntu Update for linux USN-2946-1
2016-04-07 00:00:00
Ubuntu Update for linux-lts-vivid USN-2949-1
2016-04-07 00:00:00
nessus
nessus
Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2946-2)
2016-04-07 00:00:00
Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerabilities (USN-2949-1)
2016-04-07 00:00:00
Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2946-1)
2016-04-07 00:00:00
cloudfoundry
cloudfoundry
USN-2949-1 Linux kernel (Vivid HWE) vulnerabilities | Cloud Foundry
2016-05-06 00:00:00
amazon
amazon
Medium: kernel
2016-03-16 16:30:00
prion
prion
Code injection
2016-04-27 17:59:00
Design/Logic Flaw
2016-04-27 17:59:00
Design/Logic Flaw
2016-04-27 17:59:00
debiancve
debiancve
CVE-2016-2085
2016-04-27 17:59:00
CVE-2015-8812
2016-04-27 17:59:00
CVE-2016-2847
2016-04-27 17:59:00
ubuntucve
ubuntucve
CVE-2015-8812
2015-12-31 00:00:00
CVE-2016-2085
2016-02-15 00:00:00
CVE-2016-2847
2016-03-03 00:00:00
f5
f5
SOL80758444 - Linux kernel vulnerability CVE-2015-8812
2016-06-17 00:00:00
K80758444 : Linux kernel vulnerability CVE-2015-8812
2016-06-17 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: kernel-4.4.3-300.fc23
2016-03-02 21:23:46
[SECURITY] Fedora 22 Update: kernel-4.4.4-200.fc22
2016-03-12 00:52:19
[SECURITY] Fedora 23 Update: kernel-4.4.4-301.fc23
2016-03-11 13:31:13
cve
cve
CVE-2015-8812
2016-04-27 17:59:00
CVE-2016-2085
2016-04-27 17:59:00
CVE-2016-2847
2016-04-27 17:59:00
redhat
redhat
(RHSA-2017:0217) Important: kernel security and bug fix update
2017-01-31 12:37:28
(RHSA-2016:2584) Important: kernel-rt security, bug fix, and enhancement update
2016-11-03 06:07:15
(RHSA-2016:2574) Important: kernel security, bug fix, and enhancement update
2016-11-03 06:07:14
suse
suse
Security update for Linux Kernel Live Patch 6 (important)
2016-04-14 20:08:48
Security update for Linux Kernel Live Patch 3 for SP 1 (important)
2016-04-14 17:09:56
Security update for Linux Kernel Live Patch 0 for SP 1 (important)
2016-04-14 17:08:08
osv
osv
linux-2.6 - security update
2016-02-29 00:00:00
linux - security update
2016-03-03 00:00:00
debian
debian
[SECURITY] [DLA 439-1] linux-2.6 security update
2016-02-29 18:43:11
[SECURITY] [DSA 3503-1] linux security update
2016-03-03 20:56:20
[SECURITY] [DSA 3503-1] linux security update
2016-03-03 20:56:20
ibm
ibm
Security Bulletin: Vulnerabilities in kernel affect Power Hardware Management Console
2021-09-23 01:45:02
Security Bulletin: IBM Security Access Manager version 9.0.3.0 appliances are affected by multiple kernel vulnerabilities
2018-06-16 22:03:41
Security Bulletin: IBM QRadar Network Security is affected by multiple vulnerabilities in Linux Kernel
2018-06-16 22:00:56
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2016-05-16 00:00:00
kernel security, bug fix, and enhancement update
2016-11-09 00:00:00
Unbreakable Enterprise kernel security update
2016-08-26 00:00:00
centos
centos
kernel, perf, python security update
2016-11-25 15:59:02
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2016-06-22 22:08:04
Updated kernel-tmb packages fix security vulnerabilities
2016-06-22 22:08:04
Updated kernel packages fix security vulnerabilities
2016-06-13 18:55:41
lenovo
lenovo
AMI MegaRAC SP-X BMC Vulnerabilities - Lenovo Support US
2020-04-13 19:22:04
oracle
oracle
Oracle Critical Patch Update - January 2018
2018-01-16 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.054 Low

EPSS

Percentile

93.0%

JSON
Related for USN-2949-1
ubuntu10openvas31nessus49cloudfoundry1amazon1prion5debiancve4ubuntucve4f52fedora6cve5redhat3suse29osv2debian3ibm5oraclelinux3centos1mageia3lenovo1oracle1