Cloud Foundry Logo
blog single gear
Security Advisory

USN-2765-1 Linux Kernel (Vivid HWE) Vulnerability

USN-2765-1 Linux Kernel (Vivid HWE) Vulnerability

Severity

High

Vendor

Canonical Ubuntu

Versions Affected

Canonical Ubuntu 14.04 LTS

Description

It was discovered that the Linux kernel did not properly initialize IPC object state in certain situations. A local attacker could use this to escalate their privileges, expose confidential information or cause a denial of service.

Affected Products and Versions

Severity is high unless otherwise noted.

  • BOSH: All versions of Cloud Foundry BOSH stemcells prior to v3094 are vulnerable to the aforementioned CVE.

Mitigation

Users of affected versions should apply the following mitigation:

  • The Cloud Foundry project recommends that Cloud Foundry Deployments using BOSH stemcell v3093 or earlier upgrade to v3094 or later, which contain the patched versions of the Linux kernel to resolve the aforementioned CVE.

Credit

Dmitry Vyukov

References

Cloud Foundry Foundation Security Team Profile Image

Cloud Foundry Foundation Security Team, AUTHOR

SEE ALL ARTICLES