USN-2614-1

Description

linux vulnerabilities Vincent Tondellier discovered an integer overflow in the Linux kernel's netfilter connection tracking accounting of loaded extensions. An attacker on the local area network (LAN) could potential exploit this flaw to cause a denial of service (system crash of targeted system). (CVE-2014-9715) Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service (host crash). (CVE-2015-2150) A privilege escalation was discovered in the fork syscall via the int80 entry on 64 bit kernels with 32 bit emulation support. An unprivileged local attacker could exploit this flaw to increase their privileges on the system. (CVE-2015-2830) A memory corruption issue was discovered in AES decryption when using the Intel AES-NI accelerated code path. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially escalate privileges on Intel base machines with AEC-GCM mode IPSec security association. (CVE-2015-3331)

Affected Systems

• ubuntu•linux

  < 3.13.0-53.88

References (5)

• https://ubuntu.com/security/notices/USN-2614-1
• https://ubuntu.com/security/CVE-2014-9715
• https://ubuntu.com/security/CVE-2015-2150
• https://ubuntu.com/security/CVE-2015-2830
• https://ubuntu.com/security/CVE-2015-3331