USN-3392-2

See a problem?
Source
https://ubuntu.com/security/notices/USN-3392-2
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-3392-2.json
JSON Data
https://api.osv.dev/v1/vulns/USN-3392-2
Related
  • https://usn.ubuntu.com/usn/usn-3378-2
Published
2017-08-16T06:43:55.200345Z
Modified
2017-08-16T06:43:55.200345Z
Summary
linux-lts-xenial regression
Details

USN-3392-1 fixed a regression in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS.

USN-3378-2 fixed vulnerabilities in the Linux Hardware Enablement kernel. Unfortunately, a regression was introduced that prevented conntrack from working correctly in some situations. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2017-7533)

It was discovered that the Linux kernel did not properly restrict RLIMIT_STACK size. A local attacker could use this in conjunction with another vulnerability to possibly execute arbitrary code. (CVE-2017-1000365)

李强 discovered that the Virtio GPU driver in the Linux kernel did not properly free memory in some situations. A local attacker could use this to cause a denial of service (memory consumption). (CVE-2017-10810)

石磊 discovered that the RxRPC Kerberos 5 ticket handling code in the Linux kernel did not properly verify metadata. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-7482)

References

Affected packages

Ubuntu:14.04:LTS / linux-lts-xenial

Package

Name
linux-lts-xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.0-92.115~14.04.1

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "linux-image-extra-4.4.0-92-generic": "4.4.0-92.115~14.04.1",
            "linux-image-4.4.0-92-lowlatency": "4.4.0-92.115~14.04.1",
            "linux-image-4.4.0-92-powerpc64-smp": "4.4.0-92.115~14.04.1",
            "linux-image-4.4.0-92-generic": "4.4.0-92.115~14.04.1",
            "linux-image-4.4.0-92-powerpc-e500mc": "4.4.0-92.115~14.04.1",
            "linux-image-4.4.0-92-generic-lpae": "4.4.0-92.115~14.04.1",
            "linux-image-4.4.0-92-powerpc-smp": "4.4.0-92.115~14.04.1",
            "linux-image-4.4.0-92-powerpc64-emb": "4.4.0-92.115~14.04.1"
        }
    ]
}