USN-3207-1

Details

It was discovered that a use-after-free vulnerability existed in the block device layer of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. (CVE-2016-7910)

Dmitry Vyukov discovered a use-after-free vulnerability in the sys_ioprio_get() function in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. (CVE-2016-7911)

Andrey Konovalov discovered a use-after-free vulnerability in the DCCP implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. (CVE-2017-6074)

Affected Packages

Ubuntu:14.04:LTSlinux

Fixed in:

3.13.0-110.157

References

REPORThttps://ubuntu.com/security/CVE-2016-7910 REPORThttps://ubuntu.com/security/CVE-2016-7911 REPORThttps://ubuntu.com/security/CVE-2017-6074 ADVISORYhttps://ubuntu.com/security/notices/USN-3207-1

USN-3207-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline