USN-3099-4

See a problem?
Source
https://ubuntu.com/security/notices/USN-3099-4
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-3099-4.json
JSON Data
https://api.osv.dev/v1/vulns/USN-3099-4
Related
  • CVE-2016-6480
  • CVE-2016-6828
  • CVE-2016-7039
Published
2016-10-11T07:26:06.487250Z
Modified
2016-10-11T07:26:06.487250Z
Summary
linux-snapdragon vulnerabilities
Details

Vladim√≠r BeneŇ° discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload (GRO) processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service (system crash). (CVE-2016-7039)

Marco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-6828)

Pengfei Wang discovered a race condition in the Adaptec AAC RAID controller driver in the Linux kernel when handling ioctl()s. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-6480)

References

Affected packages

Ubuntu:16.04:LTS / linux-snapdragon

Package

Name
linux-snapdragon

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.0-1030.33

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "linux-image-4.4.0-1030-snapdragon": "4.4.0-1030.33"
        }
    ]
}