USN-2564-1

Description

linux-lts-utopic vulnerabilities An integer overflow was discovered in the stack randomization feature of the Linux kernel on 64 bit platforms. A local attacker could exploit this flaw to bypass the Address Space Layout Randomization (ASLR) protection mechanism. (CVE-2015-1593) An information leak was discovered in the Linux Kernel's handling of userspace configuration of the link layer control (LLC). A local user could exploit this flaw to read data from other sysctl settings. (CVE-2015-2041) An information leak was discovered in how the Linux kernel handles setting the Reliable Datagram Sockets (RDS) settings. A local user could exploit this flaw to read data from other sysctl settings. (CVE-2015-2042) A memory corruption flaw was discovered in the Linux kernel's scsi subsystem. A local attacker could potentially exploit this flaw to cause a denial of service (system crash). (CVE-2015-4036)

Affected Systems

• ubuntu•linux-lts-utopic

  < 3.16.0-34.45~14.04.1

References (5)

• https://ubuntu.com/security/notices/USN-2564-1
• https://ubuntu.com/security/CVE-2015-1593
• https://ubuntu.com/security/CVE-2015-2041
• https://ubuntu.com/security/CVE-2015-2042
• https://ubuntu.com/security/CVE-2015-4036