漏洞类别:Ubuntu
漏洞等级: 
漏洞信息
USN-3378-1 fixed vulnerabilities in the Linux kernel. Unfortunately, a regression was introduced that prevented conntrack from working correctly in some situations. This update fixes the problem.
A race condition between inotify events and vfs rename operations in the Linux kernel.
It was discovered that the Linux kernel did not properly restrict RLIMIT_STACK size.
It was discovered that the Virtio GPU driver in the Linux kernel did not properly free memory in some situations.
It was discovered that the RxRPC Kerberos 5 ticket handling code in the Linux kernel did not properly verify metadata.
漏洞危害
An unprivileged local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2017-7533)
A local attacker could use this in conjunction with another vulnerability to possibly execute arbitrary code. (CVE-2017-1000365)
A local attacker could use this to cause a denial of service (memory consumption). (CVE-2017-10810)
A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-7482)
解决方案
Refer to Ubuntu advisory USN-3392-1 for affected packages and patching details, or update with your package manager.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
USN-3392-1: 16.04 (Xenial) on src (linux-image-snapdragon)
USN-3392-1: 16.04 (Xenial) on src (linux-image-4.4.0-92-generic-lpae)
USN-3392-1: 16.04 (Xenial) on src (linux-image-powerpc-e500mc)
USN-3392-1: 16.04 (Xenial) on src (linux-image-powerpc64-emb)
USN-3392-1: 16.04 (Xenial) on src (linux-image-4.4.0-92-generic)
USN-3392-1: 16.04 (Xenial) on src (linux-image-powerpc64-smp)
USN-3392-1: 16.04 (Xenial) on src (linux-image-4.4.0-92-powerpc64-smp)
USN-3392-1: 16.04 (Xenial) on src (linux-image-aws)
USN-3392-1: 16.04 (Xenial) on src (linux-image-raspi2)
USN-3392-1: 16.04 (Xenial) on src (linux-image-4.4.0-1070-raspi2)
USN-3392-1: 16.04 (Xenial) on src (linux-image-4.4.0-92-lowlatency)
USN-3392-1: 16.04 (Xenial) on src (linux-image-4.4.0-1031-aws)
USN-3392-1: 16.04 (Xenial) on src (linux-image-4.4.0-1027-gke)
USN-3392-1: 16.04 (Xenial) on src (linux-image-generic-lpae)
USN-3392-1: 16.04 (Xenial) on src (linux-image-4.4.0-92-powerpc-smp)
USN-3392-1: 16.04 (Xenial) on src (linux-image-lowlatency)
USN-3392-1: 16.04 (Xenial) on src (linux-image-generic)
USN-3392-1: 16.04 (Xenial) on src (linux-image-4.4.0-92-powerpc-e500mc)
USN-3392-1: 16.04 (Xenial) on src (linux-image-powerpc-smp)
USN-3392-1: 16.04 (Xenial) on src (linux-image-4.4.0-1072-snapdragon)
USN-3392-1: 16.04 (Xenial) on src (linux-image-4.4.0-92-powerpc64-emb)
0daybank
文章评论