Ubuntu update for Linux kernel (Trusty HWE)



Risk Low
Patch available YES
Number of vulnerabilities 10
CVE-ID CVE-2017-1000363
CVE-2017-7294
CVE-2017-8890
CVE-2017-9074
CVE-2017-9075
CVE-2017-9076
CVE-2017-9077
CVE-2017-9242
CVE-2014-9940
CVE-2017-0605
CWE-ID CWE-264
CWE-119
CWE-415
CWE-125
CWE-20
CWE-416
Exploitation vector Network
Public exploit N/A
Vulnerable software
Ubuntu
Operating systems & Components / Operating system

Vendor Canonical Ltd.

Security Bulletin

This security bulletin contains information about 10 vulnerabilities.

1) Privilege escalation

EUVDB-ID: #VU7243

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-1000363

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to an integer overflow in the lp_setup() function. a local attacker can append lp=none arguments to the kernel command line and gain root privileges on the target system.

Successful exploitation results in privilege escalation.

Mitigation

Update the affected packages.

Ubuntu 12.04 LTS:
linux-image-generic-lpae-lts-trusty 3.13.0.123.114
linux-image-3.13.0-123-generic 3.13.0-123.172~precise1
linux-image-generic-lts-trusty 3.13.0.123.114
linux-image-3.13.0-123-generic-lpae 3.13.0-123.172~precise1

Vulnerable software versions

Ubuntu: 12.04

CPE2.3 External links

http://www.ubuntu.com/usn/usn-3343-2/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Memory corruption

EUVDB-ID: #VU6658

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-7294

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local attacker to cause DoS condition or gain elevated privileges on the target system.

The weakness exists in the vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c due to missing validation of addition of certain levels data. A local attacker can trigger integer overflow and out-of-bounds write, cause the service to crash or possibly gain root privileges via a crafted ioctl call for a /dev/dri/renderD* device.

Mitigation

Update the affected packages.

Ubuntu 12.04 LTS:
linux-image-generic-lpae-lts-trusty 3.13.0.123.114
linux-image-3.13.0-123-generic 3.13.0-123.172~precise1
linux-image-generic-lts-trusty 3.13.0.123.114
linux-image-3.13.0-123-generic-lpae 3.13.0-123.172~precise1

Vulnerable software versions

Ubuntu: 12.04

CPE2.3 External links

http://www.ubuntu.com/usn/usn-3343-2/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Double free error

EUVDB-ID: #VU7244

Risk: Medium

CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-8890

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service attack.

The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.

Mitigation

Update the affected packages.

Ubuntu 12.04 LTS:
linux-image-generic-lpae-lts-trusty 3.13.0.123.114
linux-image-3.13.0-123-generic 3.13.0-123.172~precise1
linux-image-generic-lts-trusty 3.13.0.123.114
linux-image-3.13.0-123-generic-lpae 3.13.0-123.172~precise1

Vulnerable software versions

Ubuntu: 12.04

CPE2.3 External links

http://www.ubuntu.com/usn/usn-3343-2/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Out-of-bounds read

EUVDB-ID: #VU7245

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-9074

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to the the failure to consider that the nexthdr field may be associated with an invalid option by the IPv6 fragmentation implementation. A local attacker can use a specially-crafted socket or system call to trigger out-of-bounds read and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

Mitigation

Update the affected packages.

Ubuntu 12.04 LTS:
linux-image-generic-lpae-lts-trusty 3.13.0.123.114
linux-image-3.13.0-123-generic 3.13.0-123.172~precise1
linux-image-generic-lts-trusty 3.13.0.123.114
linux-image-3.13.0-123-generic-lpae 3.13.0-123.172~precise1

Vulnerable software versions

Ubuntu: 12.04

CPE2.3 External links

http://www.ubuntu.com/usn/usn-3343-2/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Denial of service

EUVDB-ID: #VU7246

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-9075

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to an error in sctp_v6_create_accept_sk function in net/sctp/ipv6.c.A local attacker can use specially crafted system calls and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

Mitigation

Update the affected packages.

Ubuntu 12.04 LTS:
linux-image-generic-lpae-lts-trusty 3.13.0.123.114
linux-image-3.13.0-123-generic 3.13.0-123.172~precise1
linux-image-generic-lts-trusty 3.13.0.123.114
linux-image-3.13.0-123-generic-lpae 3.13.0-123.172~precise1

Vulnerable software versions

Ubuntu: 12.04

CPE2.3 External links

http://www.ubuntu.com/usn/usn-3343-2/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Denial of service

EUVDB-ID: #VU7247

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-9076

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to an error in the dccp_v6_request_recv_sock function in net/dccp/ipv6.c.A local attacker can use specially crafted system calls and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

Mitigation

Update the affected packages.

Ubuntu 12.04 LTS:
linux-image-generic-lpae-lts-trusty 3.13.0.123.114
linux-image-3.13.0-123-generic 3.13.0-123.172~precise1
linux-image-generic-lts-trusty 3.13.0.123.114
linux-image-3.13.0-123-generic-lpae 3.13.0-123.172~precise1

Vulnerable software versions

Ubuntu: 12.04

CPE2.3 External links

http://www.ubuntu.com/usn/usn-3343-2/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Denial of service

EUVDB-ID: #VU7248

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-9077

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to an error in the tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c. A local attacker can use specially crafted system calls to cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

Mitigation

Update the affected packages.

Ubuntu 12.04 LTS:
linux-image-generic-lpae-lts-trusty 3.13.0.123.114
linux-image-3.13.0-123-generic 3.13.0-123.172~precise1
linux-image-generic-lts-trusty 3.13.0.123.114
linux-image-3.13.0-123-generic-lpae 3.13.0-123.172~precise1

Vulnerable software versions

Ubuntu: 12.04

CPE2.3 External links

http://www.ubuntu.com/usn/usn-3343-2/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Denial of service

EUVDB-ID: #VU7250

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-9242

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to an error in the __ip6_append_data function when checking whether an overwrite of an skb data structure may occur. A local attacker can use specially crafted system calls and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

Mitigation

Update the affected packages.

Ubuntu 12.04 LTS:
linux-image-generic-lpae-lts-trusty 3.13.0.123.114
linux-image-3.13.0-123-generic 3.13.0-123.172~precise1
linux-image-generic-lts-trusty 3.13.0.123.114
linux-image-3.13.0-123-generic-lpae 3.13.0-123.172~precise1

Vulnerable software versions

Ubuntu: 12.04

CPE2.3 External links

http://www.ubuntu.com/usn/usn-3343-2/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Use-after-free error

EUVDB-ID: #VU7251

Risk: Low

CVSSv3.1: 6.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2014-9940

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to use-after-free error in the regulator_ena_gpio_free function in drivers/regulator/core.c. A local attacker can run a specially crafted application, trigger memory corruption, gain kernel privileges and cause the system to crash.

Successful exploitation of the vulnerability results may result in denial of service.

Mitigation

Update the affected packages.

Ubuntu 12.04 LTS:
linux-image-generic-lpae-lts-trusty 3.13.0.123.114
linux-image-3.13.0-123-generic 3.13.0-123.172~precise1
linux-image-generic-lts-trusty 3.13.0.123.114
linux-image-3.13.0-123-generic-lpae 3.13.0-123.172~precise1

Vulnerable software versions

Ubuntu: 12.04

CPE2.3 External links

http://www.ubuntu.com/usn/usn-3343-2/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Privilege escalation

EUVDB-ID: #VU7252

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-0605

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local attacker to gain elevated privileges.

The weakness exists due to a flaw in the kernel trace subsystem. A local attacker can run a specially crafted application and execute arbitrary code with root privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update the affected packages.

Ubuntu 12.04 LTS:
linux-image-generic-lpae-lts-trusty 3.13.0.123.114
linux-image-3.13.0-123-generic 3.13.0-123.172~precise1
linux-image-generic-lts-trusty 3.13.0.123.114
linux-image-3.13.0-123-generic-lpae 3.13.0-123.172~precise1

Vulnerable software versions

Ubuntu: 12.04

CPE2.3 External links

http://www.ubuntu.com/usn/usn-3343-2/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###