Linux kernel vulnerabilities

2017-01-11T00:00:00
ID USN-3167-1
Type ubuntu
Reporter Ubuntu
Modified 2017-01-11T00:00:00

Description

Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment (CS) in certain error cases. A local attacker could use this to expose sensitive information (kernel memory).

Baozeng Ding discovered a race condition that could lead to a use-after- free in the Advanced Linux Sound Architecture (ALSA) subsystem of the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-9794)