USN-3405-1

Details

It was discovered that a use-after-free vulnerability existed in the POSIX message queue implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-11176)

Huang Weller discovered that the ext4 filesystem implementation in the Linux kernel mishandled a needs-flushing-before-commit list. A local attacker could use this to expose sensitive information. (CVE-2017-7495)

It was discovered that a buffer overflow existed in the Broadcom FullMAC WLAN driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-7541)

It was discovered that the Linux kernel did not honor the UEFI secure boot mode when performing a kexec operation. A local attacker could use this to bypass secure boot restrictions. (CVE-2015-7837)

Affected Packages

Ubuntu:16.04:LTSlinux

Fixed in:

4.4.0-93.116

Ubuntu:16.04:LTSlinux-aws

Fixed in:

4.4.0-1032.41

Ubuntu:16.04:LTSlinux-gke

Fixed in:

4.4.0-1028.28

Ubuntu:16.04:LTSlinux-raspi2

Fixed in:

4.4.0-1071.79

Ubuntu:16.04:LTSlinux-snapdragon

Fixed in:

4.4.0-1073.78

References

REPORThttps://ubuntu.com/security/CVE-2015-7837 REPORThttps://ubuntu.com/security/CVE-2017-11176 REPORThttps://ubuntu.com/security/CVE-2017-7495 REPORThttps://ubuntu.com/security/CVE-2017-7541 ADVISORYhttps://ubuntu.com/security/notices/USN-3405-1

USN-3405-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline