漏洞类别:Ubuntu
漏洞等级: 
漏洞信息
A use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel.
A race condition in the audit subsystem in the Linux kernel.
A race condition in the Adaptec AAC RAID controller driver in the Linux kernel when handling ioctl()s.
漏洞危害
A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-6828)
A local attacker could use this to corrupt audit logs or disrupt system-call auditing. (CVE-2016-6136)
A local attacker could use this to cause a denial of service (system crash). (CVE-2016-6480)
解决方案
Refer to Ubuntu advisory USN-3097-1 for affected packages and patching details, or update with your package manager.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
USN-3097-1: 12.04 (Precise) on src (linux-image-3.2.0-111-highbank)
USN-3097-1: 12.04 (Precise) on src (linux-image-3.2.0-111-powerpc64-smp)
USN-3097-1: 12.04 (Precise) on src (linux-image-3.2.0-111-generic-pae)
USN-3097-1: 12.04 (Precise) on src (linux-image-3.2.0-111-generic)
USN-3097-1: 12.04 (Precise) on src (linux-image-3.2.0-111-virtual)
USN-3097-1: 12.04 (Precise) on src (linux-image-3.2.0-111-omap)
USN-3097-1: 12.04 (Precise) on src (linux-image-3.2.0-111-powerpc-smp)
0day
文章评论