USN-3151-2: Linux kernel (Xenial HWE) vulnerability

Severity

High

Vendor

Canonical Ubuntu

Versions Affected

Ubuntu 14.04 LTS

The following Cloud Foundry BOSH stemcells are vulnerable:

All versions prior to 3151.5
3233.x versions prior to 3233.6
3263.x versions prior to 3263.12
3312.x versions prior to 3312.7
All other versions

Description

Philip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service (system crash) or run arbitrary code with administrative privileges.

Mitigation

OSS users are strongly encouraged to follow one of the mitigations below:

Upgrade BOSH stemcells in all deployments to one of the following versions:

Upgrade all earlier versions to 3151.5
Upgrade 3233.x versions to 3233.6 or later
Upgrade 3263.x versions to 3263.12 or later
Upgrade 3312.x versions to to 3312.7 or later

Credit

Philip Pettersson

References

[1] https://www.ubuntu.com/usn/usn-3151-2/
[2] bosh.io

USN-3151-2: Linux kernel (Xenial HWE) vulnerability

Severity

Vendor

Versions Affected

Description

Mitigation

Credit

References

You Might Also Like

PXC Release update for April 2020 MySQL security patches

CVE-2018-1265: Diego does not properly sanitize file paths in tar/zip files

USN-3758-1: libx11 vulnerabilities

Sign up for the Cloud Foundry Newsletter today!

Sign up for the
Cloud Foundry Newsletter today!