USN-3364-3

Description

linux-aws, linux-gke vulnerabilities It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2014-9900) It was discovered that the Linux kernel did not properly restrict access to /proc/iomem. A local attacker could use this to expose sensitive information. (CVE-2015-8944) Alexander Potapenko discovered a race condition in the Advanced Linux Sound Architecture (ALSA) subsystem in the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2017-1000380) Li Qiang discovered that the DRM driver for VMware Virtual GPUs in the Linux kernel did not properly validate some ioctl arguments. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-7346) Jann Horn discovered that bpf in Linux kernel does not restrict the output of the print_bpf_insn function. A local attacker could use this to obtain sensitive address information. (CVE-2017-9150) Murray McAllister discovered that the DRM driver for VMware Virtual GPUs in the Linux kernel did not properly initialize memory. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2017-9605)

Affected Systems

• ubuntu•linux-aws

  < 4.4.0-1026.35

• ubuntu•linux-gke

  < 4.4.0-1022.22

References (7)

• https://ubuntu.com/security/notices/USN-3364-3
• https://ubuntu.com/security/CVE-2014-9900
• https://ubuntu.com/security/CVE-2015-8944
• https://ubuntu.com/security/CVE-2017-7346
• https://ubuntu.com/security/CVE-2017-9150
• https://ubuntu.com/security/CVE-2017-9605
• https://ubuntu.com/security/CVE-2017-1000380