Ubuntu update for Linux Kernel



| Updated: 2018-05-22
Risk Low
Patch available YES
Number of vulnerabilities 5
CVE-ID CVE-2017-13305
CVE-2017-16538
CVE-2018-1000004
CVE-2018-5750
CVE-2018-7566
CWE-ID CWE-200
CWE-284
CWE-362
CWE-264
CWE-119
Exploitation vector Network
Public exploit N/A
Vulnerable software
 Ubuntu
Operating systems & Components / Operating system

Vendor Canonical Ltd.

Security Bulletin

This security bulletin contains information about 5 vulnerabilities.

1) Information disclosure

EUVDB-ID: #VU12848

Risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-13305

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists in the Upstream kernel encrypted-keys due to improper information control. A remote attacker can gain access to potentially sensitive information.

Mitigation

Update the affected packages.

Vulnerable software versions

Ubuntu: 12.04

CPE2.3 External links

https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-13305.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Denial of service

EUVDB-ID: #VU9164

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-16538

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to an error in the drivers/media/usb/dvb-usb-v2/lmedm04.c. A local attacker can use a specially crafted USB device and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

Mitigation

Update the affected packages.

Vulnerable software versions

Ubuntu: 12.04

CPE2.3
External links

https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-13305.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Race condition

EUVDB-ID: #VU10679

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2018-1000004

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to race condition in the sound system. A remote attacker can trigger deadlock and cause the system to crash.

Mitigation

Update the affected packages.

Vulnerable software versions

Ubuntu: 12.04

CPE2.3
External links

https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-13305.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Privilege escalation

EUVDB-ID: #VU10362

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-5750

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to a flaw in the acpi_smbus_hc_add() function in 'drivers/acpi/sbshc.c'. A local attacker can submit a specially crafted SBS HC printk system call to obtain potentially sensitive address information and potentially bypass kernel address space layout randomization (KASLR) security protection.

Mitigation

Update the affected packages.

Vulnerable software versions

Ubuntu: 12.04

CPE2.3
External links

https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-13305.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Memory corruption

EUVDB-ID: #VU11458

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-7566

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local attacker to write arbitrary files on the target system.

The weakness exists due to out-of-bounds write while ALSA sequencer core initializes the event pool on demand by invoking snd_seq_pool_init() when the first write happens and the pool is empty. A local attacker can trigger buffer overflow and use after free and reset the pool size manually via ioctl concurrently and write arbitrary files.

Mitigation

Update the affected packages.

Vulnerable software versions

Ubuntu: 12.04

CPE2.3
External links

https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-13305.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###