USN-2545-1

See a problem?
Source
https://ubuntu.com/security/notices/USN-2545-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-2545-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-2545-1
Related
  • CVE-2013-7421
  • CVE-2014-9644
  • CVE-2015-1421
  • CVE-2015-1465
Published
2015-03-24T09:25:33.324194Z
Modified
2015-03-24T09:25:33.324194Z
Summary
linux-lts-utopic vulnerabilities
Details

A flaw was discovered in the automatic loading of modules in the crypto subsystem of the Linux kernel. A local user could exploit this flaw to load installed kernel modules, increasing the attack surface and potentially using this to gain administrative privileges. (CVE-2013-7421)

A flaw was discovered in the crypto subsystem when screening module names for automatic module loading if the name contained a valid crypto module name, eg. vfat(aes). A local user could exploit this flaw to load installed kernel modules, increasing the attack surface and potentially using this to gain administrative privileges. (CVE-2014-9644)

Sun Baoliang discovered a use after free flaw in the Linux kernel's SCTP (Stream Control Transmission Protocol) subsystem during INIT collisions. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges on the system. (CVE-2015-1421)

Marcelo Leitner discovered a flaw in the Linux kernel's routing of packets to too many different dsts/too fast. A remote attacker can exploit this flaw to cause a denial of service (system crash). (CVE-2015-1465)

References

Affected packages

Ubuntu:14.04:LTS / linux-lts-utopic

Package

Name
linux-lts-utopic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.16.0-33.44~14.04.1

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "linux-image-3.16.0-33-generic-lpae": "3.16.0-33.44~14.04.1",
            "linux-image-3.16.0-33-lowlatency": "3.16.0-33.44~14.04.1",
            "linux-image-3.16.0-33-powerpc64-smp": "3.16.0-33.44~14.04.1",
            "linux-image-extra-3.16.0-33-generic": "3.16.0-33.44~14.04.1",
            "linux-image-3.16.0-33-powerpc-e500mc": "3.16.0-33.44~14.04.1",
            "linux-image-3.16.0-33-generic": "3.16.0-33.44~14.04.1",
            "linux-image-3.16.0-33-powerpc64-emb": "3.16.0-33.44~14.04.1",
            "linux-image-3.16.0-33-powerpc-smp": "3.16.0-33.44~14.04.1"
        }
    ]
}