USN-3129-1: Linux kernel vulnerability
First published: Fri Nov 11 2016(Updated: )
Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service (system crash).
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/linux-image-powerpc-smp | <4.8.0.27.36 | 4.8.0.27.36 |
| =16.10 | ||
| All of | ||
| ubuntu/linux-image-powerpc-e500mc | <4.8.0.27.36 | 4.8.0.27.36 |
| =16.10 | ||
| All of | ||
| ubuntu/linux-image-4.8.0-27-lowlatency | <4.8.0-27.29 | 4.8.0-27.29 |
| =16.10 | ||
| All of | ||
| ubuntu/linux-image-generic-lpae | <4.8.0.27.36 | 4.8.0.27.36 |
| =16.10 | ||
| All of | ||
| ubuntu/linux-image-4.8.0-27-generic | <4.8.0-27.29 | 4.8.0-27.29 |
| =16.10 | ||
| All of | ||
| ubuntu/linux-image-4.8.0-27-generic-lpae | <4.8.0-27.29 | 4.8.0-27.29 |
| =16.10 | ||
| All of | ||
| ubuntu/linux-image-4.8.0-27-powerpc64-emb | <4.8.0-27.29 | 4.8.0-27.29 |
| =16.10 | ||
| All of | ||
| ubuntu/linux-image-powerpc64-smp | <4.8.0.27.36 | 4.8.0.27.36 |
| =16.10 | ||
| All of | ||
| ubuntu/linux-image-generic | <4.8.0.27.36 | 4.8.0.27.36 |
| =16.10 | ||
| All of | ||
| ubuntu/linux-image-4.8.0-27-powerpc-e500mc | <4.8.0-27.29 | 4.8.0-27.29 |
| =16.10 | ||
| All of | ||
| ubuntu/linux-image-lowlatency | <4.8.0.27.36 | 4.8.0.27.36 |
| =16.10 | ||
| All of | ||
| ubuntu/linux-image-powerpc64-emb | <4.8.0.27.36 | 4.8.0.27.36 |
| =16.10 | ||
| All of | ||
| ubuntu/linux-image-virtual | <4.8.0.27.36 | 4.8.0.27.36 |
| =16.10 | ||
| All of | ||
| ubuntu/linux-image-4.8.0-27-powerpc-smp | <4.8.0-27.29 | 4.8.0-27.29 |
| =16.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2016-7042
- https://ubuntu.com/security/notices/USN-3127-1
- https://ubuntu.com/security/notices/USN-3127-2
- https://ubuntu.com/security/notices/USN-3126-1
- https://ubuntu.com/security/notices/USN-3126-2
- https://ubuntu.com/security/notices/USN-3161-3
- https://ubuntu.com/security/notices/USN-3129-2
- https://ubuntu.com/security/notices/USN-3128-1
- https://ubuntu.com/security/notices/USN-3128-3
- https://ubuntu.com/security/notices/USN-3128-2
- https://launchpad.net/ubuntu/+source/linux/4.8.0-27.29
- https://ubuntu.com/security/notices/USN-3129-1 (Advisory)
Frequently Asked Questions
What is the vulnerability ID for this Linux kernel vulnerability?
The vulnerability ID for this Linux kernel vulnerability is USN-3129-1.
What is the severity of USN-3129-1?
The severity of USN-3129-1 is not mentioned in the provided information.
How does this vulnerability affect Ubuntu 16.10?
This vulnerability affects Ubuntu 16.10 and the affected software packages are listed in the provided information.
What is the remedy for USN-3129-1?
The remedy for USN-3129-1 is to update the affected Linux kernel packages to the specified versions.
Where can I find more information about USN-3129-1?
You can find more information about USN-3129-1 on the Ubuntu security notices page provided in the references.
- agent/severity
- agent/references
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- collector/usn
- source/Ubuntu
- anchor-related/USN-3127-1
- anchor-related/USN-3127-2
- anchor-related/USN-3126-1
- anchor-related/USN-3126-2
- anchor-related/USN-3161-3
- anchor-related/USN-3129-2
- anchor-related/USN-3128-1
- anchor-related/USN-3128-3
- anchor-related/USN-3128-2
- agent/software-canonical-lookup
- agent/event
- agent/tags
- agent/description
- agent/title
- agent/weakness
- agent/trending
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/16.10