USN-2615-1

Advisory lineage Upstream: 6 Downstream: 0

Upstream

CVE-2014-9710 CVE-2015-3331 CVE-2015-3332 UBUNTU-CVE-2014-9710 UBUNTU-CVE-2015-3331 UBUNTU-CVE-2015-3332

Published: 20 May 2015, 11:31

Last modified:04 Feb 2026, 04:36

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

20 May 2015, 11:31

Published

Vulnerability first disclosed

04 Feb 2026, 04:36

Last Modified

Vulnerability information updated

Description

linux-lts-utopic vulnerabilities Alexandre Oliva reported a race condition flaw in the btrfs file system's handling of extended attributes (xattrs). A local attacker could exploit this flaw to bypass ACLs and potentially escalate privileges. (CVE-2014-9710) A memory corruption issue was discovered in AES decryption when using the Intel AES-NI accelerated code path. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially escalate privileges on Intel base machines with AEC-GCM mode IPSec security association. (CVE-2015-3331) A flaw was discovered in the Linux kernel's IPv4 networking when using TCP fast open to initiate a connection. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2015-3332)

Affected Systems

ubuntu•linux-lts-utopic
< 3.16.0-38.52~14.04.1

USN-2615-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (4)