Severity
High
Vendor
Canonical Ubuntu
Versions Affected
- Ubuntu 14.04 LTS
The following Cloud Foundry BOSH stemcells are vulnerable:
- All versions prior to 3151.5
- 3233.x versions prior to 3233.6
- 3263.x versions prior to 3263.12
- 3312.x versions prior to 3312.7
- All other versions
Description
Philip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service (system crash) or run arbitrary code with administrative privileges.
Mitigation
OSS users are strongly encouraged to follow one of the mitigations below:
Upgrade BOSH stemcells in all deployments to one of the following versions:
- Upgrade all earlier versions to 3151.5
- Upgrade 3233.x versions to 3233.6 or later
- Upgrade 3263.x versions to 3263.12 or later
- Upgrade 3312.x versions to to 3312.7 or later
Credit
Philip Pettersson
