Linux kernel (Azure) vulnerabilities

2017-12-08T00:00:00
ID USN-3511-1
Type ubuntu
Reporter Ubuntu
Modified 2017-12-08T00:00:00

Description

Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem (XFRM) in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-16939)

It was discovered that the Linux kernel did not properly handle copy-on- write of transparent huge pages. A local attacker could use this to cause a denial of service (application crashes) or possibly gain administrative privileges. (CVE-2017-1000405)