SB2017062910 - Ubuntu update for Linux kernel (Xenial HWE)

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2017062910

SB2017062910 - Ubuntu update for Linux kernel (Xenial HWE)

Published: June 29, 2017 Updated: August 29, 2017

Security Bulletin ID SB2017062910
Severity
Low
Patch available
YES
Number of vulnerabilities 8
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Medium 13% Low 88%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 8 secuirty vulnerabilities.


1) Privilege escalation (CVE-ID: CVE-2017-1000363)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to an integer overflow in the lp_setup() function. a local attacker can append lp=none arguments to the kernel command line and gain root privileges on the target system.

Successful exploitation results in privilege escalation.

2) Double free error (CVE-ID: CVE-2017-8890)

The vulnerability allows a remote attacker to perform a denial of service attack.

The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.

3) Out-of-bounds read (CVE-ID: CVE-2017-9074)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to the the failure to consider that the nexthdr field may be associated with an invalid option by the IPv6 fragmentation implementation. A local attacker can use a specially-crafted socket or system call to trigger out-of-bounds read and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

4) Denial of service (CVE-ID: CVE-2017-9075)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to an error in sctp_v6_create_accept_sk function in net/sctp/ipv6.c.A local attacker can use specially crafted system calls and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

5) Denial of service (CVE-ID: CVE-2017-9076)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to an error in the dccp_v6_request_recv_sock function in net/dccp/ipv6.c.A local attacker can use specially crafted system calls and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

6) Denial of service (CVE-ID: CVE-2017-9077)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to an error in the tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c. A local attacker can use specially crafted system calls to cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.


7) Denial of service (CVE-ID: CVE-2017-9242)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to an error in the __ip6_append_data function when checking whether an overwrite of an skb data structure may occur. A local attacker can use specially crafted system calls and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

8) Use-after-free error (CVE-ID: CVE-2017-7487)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to use-after-free error the ipxitf_ioctl function in net/ipx/af_ipx.c. A local attacker can use a failed SIOCGIFADDR ioctl call for an IPX interface to trigger memory corruption and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

Remediation

Install update from vendor's website.

References