USN-2665-1

Description

linux-lts-vivid vulnerabilities A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensative memory locations. (CVE-2015-1420) A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. (CVE-2015-4001) A bounds check error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. (CVE-2015-4002) A division by zero error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2015-4003) A double free flaw was discovered in the Linux kernel's path lookup. A local user could cause a denial of service (Oops). (CVE-2015-5706)

Affected Systems

• ubuntu•linux-lts-vivid

  < 3.19.0-22.22~14.04.1

References (6)

• https://ubuntu.com/security/notices/USN-2665-1
• https://ubuntu.com/security/CVE-2015-1420
• https://ubuntu.com/security/CVE-2015-4001
• https://ubuntu.com/security/CVE-2015-4002
• https://ubuntu.com/security/CVE-2015-4003
• https://ubuntu.com/security/CVE-2015-5706