Cloud Foundry Logo
blog single gear
Blog
Security Advisory

USN-3146-2: Linux kernel (Xenial HWE) vulnerabilities

by: December 27, 2016

USN-3146-2: Linux kernel (Xenial HWE) vulnerabilities<br />

Severity

Medium

Vendor

Canonical Ubuntu

Versions Affected

  • Canonical Ubuntu 14.04 LTS

Description

It was discovered that the __get_user_asm_ex implementation in the Linux kernel for x86/x86_64 contained extended asm statements that were incompatible with the exception table. A local attacker could use this to gain administrative privileges. (CVE-2016-9644)

Andreas Gruenbacher and Jan Kara discovered that the filesystem implementation in the Linux kernel did not clear the setgid bit during a setxattr call. A local attacker could use this to possibly elevate group privileges. (CVE-2016-7097)

Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A local attacker could use this to cause a denial of service (system crash) or possibly gain privileges. (CVE-2016-7425)

Daxing Guo discovered a stack-based buffer overflow in the Broadcom IEEE802.11n FullMAC driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly gain privileges. (CVE-2016-8658)

Affected Cloud Foundry Products and Versions

Severity is medium unless otherwise noted.

Cloud Foundry BOSH stemcells are vulnerable, including:

  • All versions prior to 3151.5
  • 3233.x versions prior to 3233.6
  • 3263.x versions prior to 3263.12
  • 3312.x versions prior to 3312.6

    • All other unmaintained versions are potentially vulnerable.

Mitigation

OSS users are strongly encouraged to follow one of the mitigations below:
The Cloud Foundry project recommends upgrading to the following BOSH stemcells:

  • Upgrade all older versions to 3151.5 or later
  • Upgrade 3233.x versions to 3233.6 or later
  • Upgrade 3263.x versions to 3263.12 or later
  • Upgrade 3312.x versions to 3312.6 or later
  • Upgrade all other unmaintained versions to the most recent version of a maintained version line.

Credit

Marco Grassi, Andreas Gruenbacher, Daxing Guo, and Jan Kara

References

Cloud Foundry Foundation Security Team Profile Image

Cloud Foundry Foundation Security Team, AUTHOR

SEE ALL ARTICLES

You Might Also Like

USN-5174-2: Samba regression
Security Advisory

USN-5174-2: Samba regression

by Cloud Foundry Foundation Security Team January 20, 2022
CVE-2014-3566 SSLV3 POODLE
Security Advisory

CVE-2014-3566 SSLV3 POODLE

by Cloud Foundry Foundation Security Team October 16, 2014
Samba and Windows Vulnerabilities
Security Advisory

Samba and Windows Vulnerabilities

by Cloud Foundry Foundation Security Team April 14, 2016
This website uses cookies to offer you a better browsing experience. Find out more about how we use cookies and how you can change your settings. Accept