what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Ubuntu Security Notice USN-2965-3

Posted May 9, 2016

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2965-3 - Jann Horn discovered that the extended Berkeley Packet Filter (eBPF) implementation in the Linux kernel did not properly reference count file descriptors, leading to a use-after-free. A local unprivileged attacker could use this to gain administrative privileges. Ralf Spenneberg discovered that the USB sound subsystem in the Linux kernel did not properly validate USB device descriptors. An attacker with physical access could use this to cause a denial of service (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local

systems | linux, ubuntu

advisories | CVE-2016-2184, CVE-2016-2185, CVE-2016-2186, CVE-2016-2188, CVE-2016-3136, CVE-2016-3137, CVE-2016-3138, CVE-2016-3140, CVE-2016-3156, CVE-2016-3157, CVE-2016-3672, CVE-2016-3689, CVE-2016-3951, CVE-2016-3955, CVE-2016-4557

SHA-256 | 4e5b67ecd64a48a40bb846ae2b44ca9d5d6f5587e29332b9503dcdb6f3cc3bce

Download | Favorite | View

Related Files

No related files