SB2017062908 - Ubuntu update for Linux kernel (Trusty HWE)

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2017062908

SB2017062908 - Ubuntu update for Linux kernel (Trusty HWE)

Published: June 29, 2017

Security Bulletin ID SB2017062908
Severity
Low
Patch available
YES
Number of vulnerabilities 10
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Medium 10% Low 90%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 10 secuirty vulnerabilities.


1) Privilege escalation (CVE-ID: CVE-2017-1000363)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to an integer overflow in the lp_setup() function. a local attacker can append lp=none arguments to the kernel command line and gain root privileges on the target system.

Successful exploitation results in privilege escalation.

2) Memory corruption (CVE-ID: CVE-2017-7294)

The vulnerability allows a local attacker to cause DoS condition or gain elevated privileges on the target system.

The weakness exists in the vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c due to missing validation of addition of certain levels data. A local attacker can trigger integer overflow and out-of-bounds write, cause the service to crash or possibly gain root privileges via a crafted ioctl call for a /dev/dri/renderD* device.

3) Double free error (CVE-ID: CVE-2017-8890)

The vulnerability allows a remote attacker to perform a denial of service attack.

The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.

4) Out-of-bounds read (CVE-ID: CVE-2017-9074)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to the the failure to consider that the nexthdr field may be associated with an invalid option by the IPv6 fragmentation implementation. A local attacker can use a specially-crafted socket or system call to trigger out-of-bounds read and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

5) Denial of service (CVE-ID: CVE-2017-9075)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to an error in sctp_v6_create_accept_sk function in net/sctp/ipv6.c.A local attacker can use specially crafted system calls and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

6) Denial of service (CVE-ID: CVE-2017-9076)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to an error in the dccp_v6_request_recv_sock function in net/dccp/ipv6.c.A local attacker can use specially crafted system calls and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

7) Denial of service (CVE-ID: CVE-2017-9077)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to an error in the tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c. A local attacker can use specially crafted system calls to cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.


8) Denial of service (CVE-ID: CVE-2017-9242)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to an error in the __ip6_append_data function when checking whether an overwrite of an skb data structure may occur. A local attacker can use specially crafted system calls and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

9) Use-after-free error (CVE-ID: CVE-2014-9940)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to use-after-free error in the regulator_ena_gpio_free function in drivers/regulator/core.c. A local attacker can run a specially crafted application, trigger memory corruption, gain kernel privileges and cause the system to crash.

Successful exploitation of the vulnerability results may result in denial of service.


10) Privilege escalation (CVE-ID: CVE-2017-0605)

The vulnerability allows a local attacker to gain elevated privileges.

The weakness exists due to a flaw in the kernel trace subsystem. A local attacker can run a specially crafted application and execute arbitrary code with root privileges.

Successful exploitation of the vulnerability may result in system compromise.

Remediation

Install update from vendor's website.

References