USN-2665-1

Details

A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensative memory locations. (CVE-2015-1420)

A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. (CVE-2015-4001)

A bounds check error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. (CVE-2015-4002)

A division by zero error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2015-4003)

A double free flaw was discovered in the Linux kernel's path lookup. A local user could cause a denial of service (Oops). (CVE-2015-5706)

Affected Packages

linux-lts-vivid

Ubuntu 14.04 LTS

Fixed in:

3.19.0-22.22~14.04.1

References

REPORT

https://ubuntu.com/security/CVE-2015-1420

REPORT

https://ubuntu.com/security/CVE-2015-4001

REPORT

https://ubuntu.com/security/CVE-2015-4002

REPORT

https://ubuntu.com/security/CVE-2015-4003

REPORT

https://ubuntu.com/security/CVE-2015-5706

ADVISORY

https://ubuntu.com/security/notices/USN-2665-1