Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

Ubuntu: 0028-1 Critical: Linux Kernel Denial of Service and Code Flaws

ubuntu
Calendar Grey August 17, 2017
Dist Ubuntu Esm H88
Fedora package upgrade resolves critical vulnerabilities, boosting defenses against unauthorized code execution and system instabilities.
Several security issues were fixed in the kernel.

Summary

Several security issues were fixed in the kernel.

Software Description:

- linux: Linux kernel

Details:

Andrey Konovalov discovered a race condition in the UDP Fragmentation

Offload (UFO) code in the Linux kernel. A local attacker could use this to

cause a denial of service or execute arbitrary code. (CVE-2017-1000112)

Andrey Konovalov discovered a race condition in AF_PACKET socket option

handling code in the Linux kernel. A local unprivileged attacker could use

this to cause a denial of service or possibly execute arbitrary code.

(CVE-2017-1000111)

Update Instructions

The problem can be corrected by updating your livepatches to the following
versions:

| Kernel          | Version  | flavors                  |
|-----------------+----------+--------------------------|
| 4.4.0-21.37     | 28.2     | generic, lowlatency      |
| 4.4.0-22.39     | 28.2     | generic, lowlatency      |
| 4.4.0-22.40     | 28.2     | generic, lowlatency      |
| 4.4.0-24.43     | 28.2     | generic, lowlatency      |
| 4.4.0-28.47     | 28.2     | generic, lowlatency      |
| 4.4.0-31.50     | 28.2     | generic, lowlatency      |
| 4.4.0-34.53     | 28.2     | generic, lowlatency      |
| 4.4.0-36.55     | 28.2     | generic, lowlatency      |
| 4.4.0-38.57     | 28.2     | generic, lowlatency      |
| 4.4.0-42.62     | 28.2     | generic, lowlatency      |
| 4.4.0-43.63     | 28.2     | generic, lowlatency      |
| 4.4.0-45.66     | 28.2     | generic, lowlatency      |
| 4.4.0-47.68     | 28.2     | generic, lowlatency      |
| 4.4.0-51.72     | 28.2     | generic, lowlatency      |
| 4.4.0-53.74     | 28.2     | generic, lowlatency      |
| 4.4.0-57.78     | 28.2     | generic, lowlatency      |
| 4.4.0-59.80     | 28.2     | generic, lowlatency      |
| 4.4.0-62.83     | 28.2     | generic, lowlatency      |
| 4.4.0-63.84     | 28.2     | generic, lowlatency      |
| 4.4.0-64.85     | 28.2     | generic, lowlatency      |
| 4.4.0-66.87     | 28.2     | generic, lowlatency      |
| 4.4.0-67.88     | 28.2     | generic, lowlatency      |
| 4.4.0-70.91     | 28.2     | generic, lowlatency      |
| 4.4.0-71.92     | 28.2     | generic, lowlatency      |
| 4.4.0-72.93     | 28.2     | generic, lowlatency      |
| 4.4.0-75.96     | 28.2     | generic, lowlatency      |
| 4.4.0-77.98     | 28.2     | generic, lowlatency      |
| 4.4.0-78.99     | 28.2     | generic, lowlatency      |
| 4.4.0-79.100    | 28.2     | generic, lowlatency      |
| 4.4.0-81.104    | 28.2     | generic, lowlatency      |
| 4.4.0-83.106    | 28.2     | generic, lowlatency      |
| 4.4.0-87.110    | 28.2     | generic, lowlatency      |
| 4.4.0-89.112    | 28.2     | generic, lowlatency      |
| lts-4.4.0-21.37_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |
| lts-4.4.0-22.39_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |
| lts-4.4.0-22.40_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |
| lts-4.4.0-24.43_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |
| lts-4.4.0-28.47_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |
| lts-4.4.0-31.50_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |
| lts-4.4.0-34.53_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |
| lts-4.4.0-36.55_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |
| lts-4.4.0-38.57_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |
| lts-4.4.0-42.62_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |
| lts-4.4.0-45.66_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |
| lts-4.4.0-47.68_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |
| lts-4.4.0-51.72_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |
| lts-4.4.0-53.74_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |
| lts-4.4.0-57.78_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |
| lts-4.4.0-59.80_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |
| lts-4.4.0-62.83_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |
| lts-4.4.0-63.84_14.04.2-lts-xenial | 14.04.2  | generic, lowlatency      |
| lts-4.4.0-64.85_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |
| lts-4.4.0-66.87_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |
| lts-4.4.0-70.91_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |
| lts-4.4.0-71.92_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |
| lts-4.4.0-72.93_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |
| lts-4.4.0-75.96_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |
| lts-4.4.0-78.99_14.04.2-lts-xenial | 14.04.2  | generic, lowlatency      |
| lts-4.4.0-79.100_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |
| lts-4.4.0-81.104_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |
| lts-4.4.0-87.110_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |

Additionally, you should install an updated kernel with these fixes and
reboot at your convienience.

References

CVE-2017-1000111, CVE-2017-1000112

--

ubuntu-security-announce mailing list

ubuntu-security-announce@lists.ubuntu.com

Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

Severity
critical
Lowest
Low
Medium
High
Critical

August 15, 2017

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here