Ubuntu update for Linux kernel



Risk Low
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2017-1000252
CVE-2017-10663
CWE-ID CWE-617
CWE-264
Exploitation vector Local network
Public exploit N/A
Vulnerable software
 Ubuntu
Operating systems & Components / Operating system

Vendor Canonical Ltd.

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Assertion failure

EUVDB-ID: #VU8695

Risk: Low

CVSSv4.0: 4.6 [CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-1000252

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS users to cause a denial of service (assertion failure, and hypervisor hang or crash) via an out-of bounds guest_irq value, related to arch/x86/kvm/vmx.c and virt/kvm/eventfd.c.

Mitigation

Update the affected packages

Ubuntu 17.04:
linux-image-generic-lpae 4.10.0.38.38
linux-image-lowlatency 4.10.0.38.38
linux-image-4.10.0-38-generic-lpae 4.10.0-38.42
linux-image-4.10.0-1020-raspi2 4.10.0-1020.23
linux-image-4.10.0-38-lowlatency 4.10.0-38.42
linux-image-generic 4.10.0.38.38
linux-image-4.10.0-38-generic 4.10.0-38.42
linux-image-raspi2 4.10.0.1020.21

Vulnerable software versions

Ubuntu: 17.04

CPE2.3 External links

https://www.ubuntu.com/usn/usn-3468-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Privilege escalation

EUVDB-ID: #VU7761

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-10663

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to improper validation of the blkoff and segno arrays by the sanity_check_ckpt function in fs/f2fs/super.c in the Linux kernel. a local attacker can execute arbitrary code with root privileges.

Mitigation

Update the affected packages

Ubuntu 17.04:
linux-image-generic-lpae 4.10.0.38.38
linux-image-lowlatency 4.10.0.38.38
linux-image-4.10.0-38-generic-lpae 4.10.0-38.42
linux-image-4.10.0-1020-raspi2 4.10.0-1020.23
linux-image-4.10.0-38-lowlatency 4.10.0-38.42
linux-image-generic 4.10.0.38.38
linux-image-4.10.0-38-generic 4.10.0-38.42
linux-image-raspi2 4.10.0.1020.21

Vulnerable software versions

Ubuntu: 17.04

CPE2.3 External links

https://www.ubuntu.com/usn/usn-3468-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###