Ubuntu 14.04 LTS, Ubuntu 16.10 and Ubuntu 17.04 are affected

Jul 21, 2017 17:01 GMT  ·  By

On July 20, 2017, Canonical released new kernel updates for all supported Ubuntu Linux releases, including Ubuntu 14.04 LTS, Ubuntu 16.10, and Ubuntu 17.04, fixing up to fifteen security vulnerabilities.

According to the new security advisories published by Canonical, it would appear that the Linux 3.13 kernel packages of the Ubuntu 14.04 LTS (Trusty Tahr) operating system are the most affected, as the kernel update patches a total of fifteen security vulnerabilities discovered and patched upstream by various developers.

These include the inability of the Linux kernel to correctly initialize a Wake-on-Lan (WoL) data structure (CVE-2014-9900 - also affects Ubuntu 17.04) or to restrict access to /proc/iomem (CVE-2015-8944), both of them allowing a local attacker to expose sensitive information from kernel memory.

A use-after-free vulnerability (CVE-2015-8955) discovered in the counters subsystem and performance events of the Linux kernel for ARM64 architectures, which could allow a local attacker to crash the affected system by causing a denial of service, or execute malicious code, was patched as well.

A double-free vulnerability (CVE-2015-8962) affected Linux kernel's SCSI generic (sg) driver, allowing a local attacker to crash the vulnerable machine via DoS (denial of service) attack, and a use-after-free condition (CVE-2015-8964) affected Linux kernel's TTY implementation, allowing local attackers to expose sensitive information from kernel memory.

Furthermore, the update addresses a race condition (CVE-2015-8963) in Linux kernel's counters subsystem and performance events when handling CPU unplug events, which could allow a local attacker to either run arbitrary code or crash the system by causing a denial of service.

It also looks like Linux kernel's fcntl64() system call was unable to correctly set memory limits when returning on a 32-bit ARM processor, allowing a local attacker to gain root access (CVE-2015-8966), and Linux kernel's system call table for ARM 64-bit processors was not write-protected, which could allow an attacker to execute arbitrary code (CVE-2015-8967).

Users are urged to update their systems immediately

There's also a more critical vulnerability (CVE-2017-7895) patched in the kernel update for Ubuntu 14.04 LTS, discovered by Tuomas Haanpää and Ari Kauppi in Linux kernel's NFSv2 and NFSv3 server implementations, which incorrectly checked for the end of buffer, allowing a remote attacker to either run malicious code or crash the affected system via a denial of service (DoS attack).

Among other security issues patched in this latest kernel update, there's a problem (CVE-2016-10088) with Linux kernel's generic SCSI block layer as it incorrectly restricted write operations under certain conditions, allowing a local attacker to crash the system by causing a denial of service or gaining administrative privileges.

Affecting both Ubuntu 14.04 LTS and Ubuntu 17.04, a race condition (CVE-2017-1000380) was discovered by Alexander Potapenko in Linux kernel's ALSA (Advanced Linux Sound Architecture) subsystem, which could allow a local attacker to expose sensitive information from kernel memory.

Again affecting both Ubuntu 14.04 LTS and Ubuntu 17.04, there was an issue (CVE-2017-7346) discovered by Li Qiang in Linux kernel's DRM driver for VMWare Virtual GPUs, which could allow a local attacker to crash the affected system via denial of service attack because it incorrectly validated some ioctl arguments.

Moreover, the kernel update patches an integer underflow (CVE-2017-8924) in Linux kernel's Edgeport USB Serial Converter device driver, which could allow an attacker that had physical access to the computer to expose sensitive information from kernel memory, and an issue (CVE-2017-8925) with Linux kernel's USB ZyXEL omni.net LCD PLUS driver, which incorrectly performed reference counting, allowing a local attacker to cause a denial of service (tty exhaustion).

And finally, the last security issue (CVE-2017-9605) patched was discovered by Murray McAllister in Linux kernel's DRM driver for VMware Virtual GPUs, which incorrectly initialized memory, allowing a local attacker to expose sensitive information from kernel memory. Affects both Ubuntu 14.04 LTS and Ubuntu 17.04.

All users running Ubuntu 14.04 LTS (Trusty Tahr) or Ubuntu 17.04 (Zesty Zapus) are urged to update their systems immediately to fix all these problems using the instructions provided by Canonical at https://wiki.ubuntu.com/Security/Upgrades. Some of these issues also affect Ubuntu 16.10 (Yakkety Yak), but it reached end of life on July 20, 2017, so you are better off by upgrading to Ubuntu 17.04 directly.