- Vulnerability/
- USN-3338-1
USN-3338-1: Linux kernel vulnerabilities
First published: Wed Jun 21 2017(Updated: )
It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges (CVE-2017-1000364) Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. (CVE-2016-4997)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/linux-image-powerpc-smp | <3.2.0.128.142 | 3.2.0.128.142 |
| Ubuntu gir1.2-packagekitglib-1.0 | =12.04 | |
| All of | ||
| ubuntu/linux-image-3.2.0-128-virtual | <3.2.0-128.173 | 3.2.0-128.173 |
| Ubuntu gir1.2-packagekitglib-1.0 | =12.04 | |
| All of | ||
| ubuntu/linux-image-3.2.0-128-generic-pae | <3.2.0-128.173 | 3.2.0-128.173 |
| Ubuntu gir1.2-packagekitglib-1.0 | =12.04 | |
| All of | ||
| ubuntu/linux-image-generic | <3.2.0.128.142 | 3.2.0.128.142 |
| Ubuntu gir1.2-packagekitglib-1.0 | =12.04 | |
| All of | ||
| ubuntu/linux-image-generic-pae | <3.2.0.128.142 | 3.2.0.128.142 |
| Ubuntu gir1.2-packagekitglib-1.0 | =12.04 | |
| All of | ||
| ubuntu/linux-image-highbank | <3.2.0.128.142 | 3.2.0.128.142 |
| Ubuntu gir1.2-packagekitglib-1.0 | =12.04 | |
| All of | ||
| ubuntu/linux-image-3.2.0-128-generic | <3.2.0-128.173 | 3.2.0-128.173 |
| Ubuntu gir1.2-packagekitglib-1.0 | =12.04 | |
| All of | ||
| ubuntu/linux-image-3.2.0-128-powerpc-smp | <3.2.0-128.173 | 3.2.0-128.173 |
| Ubuntu gir1.2-packagekitglib-1.0 | =12.04 | |
| All of | ||
| ubuntu/linux-image-virtual | <3.2.0.128.142 | 3.2.0.128.142 |
| Ubuntu gir1.2-packagekitglib-1.0 | =12.04 | |
| All of | ||
| ubuntu/linux-image-powerpc64-smp | <3.2.0.128.142 | 3.2.0.128.142 |
| Ubuntu gir1.2-packagekitglib-1.0 | =12.04 | |
| All of | ||
| ubuntu/linux-image-3.2.0-128-omap | <3.2.0-128.173 | 3.2.0-128.173 |
| Ubuntu gir1.2-packagekitglib-1.0 | =12.04 | |
| All of | ||
| ubuntu/linux-image-3.2.0-128-powerpc64-smp | <3.2.0-128.173 | 3.2.0-128.173 |
| Ubuntu gir1.2-packagekitglib-1.0 | =12.04 | |
| All of | ||
| ubuntu/linux-image-omap | <3.2.0.128.142 | 3.2.0.128.142 |
| Ubuntu gir1.2-packagekitglib-1.0 | =12.04 | |
| All of | ||
| ubuntu/linux-image-3.2.0-128-highbank | <3.2.0-128.173 | 3.2.0-128.173 |
| Ubuntu gir1.2-packagekitglib-1.0 | =12.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2016-4997
- https://ubuntu.com/security/CVE-2017-1000364
- https://ubuntu.com/security/notices/USN-3020-1
- https://ubuntu.com/security/notices/USN-3018-2
- https://ubuntu.com/security/notices/USN-3018-1
- https://ubuntu.com/security/notices/USN-3019-1
- https://ubuntu.com/security/notices/USN-3017-3
- https://ubuntu.com/security/notices/USN-3016-1
- https://ubuntu.com/security/notices/USN-3016-3
- https://ubuntu.com/security/notices/USN-3016-4
- https://ubuntu.com/security/notices/USN-3016-2
- https://ubuntu.com/security/notices/USN-3017-1
- https://ubuntu.com/security/notices/USN-3017-2
- https://ubuntu.com/security/notices/USN-3335-2
- https://ubuntu.com/security/notices/USN-3331-1
- https://ubuntu.com/security/notices/USN-3330-1
- https://ubuntu.com/security/notices/USN-3335-1
- https://ubuntu.com/security/notices/USN-3326-1
- https://ubuntu.com/security/notices/USN-3329-1
- https://ubuntu.com/security/notices/USN-3328-1
- https://ubuntu.com/security/notices/USN-3327-1
- https://ubuntu.com/security/notices/USN-3334-1
- https://ubuntu.com/security/notices/USN-3332-1
- https://ubuntu.com/security/notices/USN-3324-1
- https://ubuntu.com/security/notices/USN-3333-1
- https://ubuntu.com/security/notices/USN-3325-1
- https://launchpad.net/ubuntu/+source/linux/3.2.0-128.173
- https://ubuntu.com/security/notices/USN-3338-1 (Advisory)
Frequently Asked Questions
What is the vulnerability ID for this advisory?
The vulnerability ID for this advisory is CVE-2017-1000364.
What is the severity of the CVE-2017-1000364 vulnerability?
The severity of the CVE-2017-1000364 vulnerability is not mentioned in the advisory.
Which versions of Ubuntu are affected by this vulnerability?
Versions 12.04 of Ubuntu are affected by this vulnerability.
How do I fix the CVE-2017-1000364 vulnerability?
To fix the CVE-2017-1000364 vulnerability, you need to update your Linux kernel to version 3.2.0.128.142 or later.
Where can I find more information about this vulnerability?
You can find more information about this vulnerability on the Ubuntu Security Notices website.
- agent/references
- agent/type
- agent/severity
- agent/first-publish-date
- agent/last-modified-date
- agent/event
- agent/description
- agent/title
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu gir1.2-packagekitglib-1.0
- version/ubuntu gir1.2-packagekitglib-1.0/12.04