First published: Thu Nov 05 2015(Updated: )
It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing a denial of service. (CVE-2015-0272) It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind mount containment and gain access to sensitive information. (CVE-2015-2925) Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver contained hardcoded attributes about the USB devices. An attacker could construct a fake WhiteHEAT USB device that, when inserted, causes a denial of service (system crash). (CVE-2015-5257) It was discovered that the SCTP protocol implementation in the Linux kernel performed an incorrect sequence of protocol-initialization steps. A local attacker could use this to cause a denial of service (system crash). (CVE-2015-5283)
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/linux-image-3.16.0-52-generic | <3.16.0-52.71~14.04.1 | 3.16.0-52.71~14.04.1 |
=14.04 | ||
All of | ||
ubuntu/linux-image-3.16.0-52-generic-lpae | <3.16.0-52.71~14.04.1 | 3.16.0-52.71~14.04.1 |
=14.04 | ||
All of | ||
ubuntu/linux-image-3.16.0-52-lowlatency | <3.16.0-52.71~14.04.1 | 3.16.0-52.71~14.04.1 |
=14.04 | ||
All of | ||
ubuntu/linux-image-3.16.0-52-powerpc-e500mc | <3.16.0-52.71~14.04.1 | 3.16.0-52.71~14.04.1 |
=14.04 | ||
All of | ||
ubuntu/linux-image-3.16.0-52-powerpc-smp | <3.16.0-52.71~14.04.1 | 3.16.0-52.71~14.04.1 |
=14.04 | ||
All of | ||
ubuntu/linux-image-3.16.0-52-powerpc64-emb | <3.16.0-52.71~14.04.1 | 3.16.0-52.71~14.04.1 |
=14.04 | ||
All of | ||
ubuntu/linux-image-3.16.0-52-powerpc64-smp | <3.16.0-52.71~14.04.1 | 3.16.0-52.71~14.04.1 |
=14.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Contains the following vulnerabilities)
The vulnerability is caused by the Linux kernel not checking if a new IPv6 MTU set by a user space application is valid, allowing a remote attacker to cause a denial of service.
Remote attackers can exploit this vulnerability by forging a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel.
The vulnerability can cause a denial of service.
Linux kernel versions up to and including 3.16.0-52.71~14.04.1 are affected by this vulnerability.
To fix the vulnerability, update the Linux kernel to version 3.16.0-52.71~14.04.1 or later.