Back
    Linux Security
    Linux Security
    Linux Security

    Debian: DSA-3448-1: linux security update

    Date 19 Jan 2016
    Category Debian Linux Distribution - Security Advisories
    243
    Posted By LinuxSecurity Advisories
    Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial-of-service. CVE-2013-4312 
    
- -------------------------------------------------------------------------
Debian Security Advisory DSA-3448-1                   This email address is being protected from spambots. You need JavaScript enabled to view it.
https://www.debian.org/security/                     Salvatore Bonaccorso
January 19, 2016                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : linux
CVE ID         : CVE-2013-4312 CVE-2015-7566 CVE-2015-8767 CVE-2016-0723
                 CVE-2016-0728

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation or denial-of-service.

CVE-2013-4312

    Tetsuo Handa discovered that it is possible for a process to open
    far more files than the process' limit leading to denial-of-service
    conditions.

CVE-2015-7566

    Ralf Spenneberg of OpenSource Security reported that the visor
    driver crashes when a specially crafted USB device without bulk-out
    endpoint is detected.

CVE-2015-8767

    An SCTP denial-of-service was discovered which can be triggered by a
    local attacker during a heartbeat timeout event after the 4-way
    handshake.

CVE-2016-0723

    A use-after-free vulnerability was discovered in the TIOCGETD ioctl.
    A local attacker could use this flaw for denial-of-service.

CVE-2016-0728

    The Perception Point research team discovered a use-after-free
    vulnerability in the keyring facility, possibly leading to local
    privilege escalation.

For the stable distribution (jessie), these problems have been fixed in
version 3.16.7-ckt20-1+deb8u3.

We recommend that you upgrade your linux packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.

    Get the Latest News & Insights

    Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox

    Related News

    The Home Directory Will be Private in Ubuntu 21.04, What Does it Mean?
    The Home Directory Will be Private in Ubuntu 21.04, What Does it Mean?
    OpenWRT reports data breach after hacker gained access to forum admin account
    OpenWRT reports data breach after hacker gained access to forum admin account
    Flaws in widely used dnsmasq software leave millions of Linux-based devices exposed
    Flaws in widely used dnsmasq software leave millions of Linux-based devices exposed
    CloudLinux CentOS Replacement Available this Quarter, Named AlmaLinux
    CloudLinux CentOS Replacement Available this Quarter, Named AlmaLinux

    Advisories

    Fedora 33: python-pillow 2021-a8ddc1ce70
    Date 20 Jan 2021 @ 15:47
    Fedora 33: mingw-python-pillow 2021-a8ddc1ce70
    Date 20 Jan 2021 @ 15:47
    Fedora 33: libntlm 2020-8794383d6f
    Date 20 Jan 2021 @ 15:46
    Debian LTS: DLA-2529-1: mutt security update
    Date 20 Jan 2021 @ 15:46

    LinuxSecurity Poll

    'Tis the season of giving! How have you given back to the open-source community?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/49-tis-the-season-of-giving-how-have-you-given-back-to-the-open-source-community?task=poll.vote&format=json
    49
    radio
    [{"id":"171","title":"I've contributed to the development of an open-source project.","votes":"11","type":"x","order":"1","pct":34.38,"resources":[]},{"id":"172","title":"I've reviewed open-source code for security bugs.","votes":"6","type":"x","order":"2","pct":18.75,"resources":[]},{"id":"173","title":"I've made a donation to an open-source project.","votes":"15","type":"x","order":"3","pct":46.88,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200
    Phishing Is The #1 Cybersecurity Threat Businesses Face

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

    Our Cookie Policy