CVE-2016-6130 Ubuntu Security Notification for Linux Vulnerabilities (USN-3099-1)

An unbounded recursion in the VLAN and TEB Generic Receive Offload (GRO) processing implementations in the Linux kernel.

A use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel.

A race condition in the s390 SCLP console driver for the Linux kernel when handling ioctl()s.

A race condition in the Adaptec AAC RAID controller driver in the Linux kernel when handling ioctl()s.

A remote attacker could use this to cause a stack corruption, leading to a denial of service (system crash). (CVE-2016-7039)

A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-6828)

A local attacker could use this to obtain sensitive information from kernel memory. (CVE-2016-6130)

A local attacker could use this to cause a denial of service (system crash). (CVE-2016-6480)

Refer to Ubuntu advisory USN-3099-1 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

USN-3099-1: 16.04 (Xenial) on src (linux-image-4.4.0-42-lowlatency)

USN-3099-1: 16.04 (Xenial) on src (linux-image-4.4.0-42-powerpc64-emb)

USN-3099-1: 16.04 (Xenial) on src (linux-image-4.4.0-42-generic-lpae)

USN-3099-1: 16.04 (Xenial) on src (linux-image-4.4.0-42-generic)

USN-3099-1: 16.04 (Xenial) on src (linux-image-4.4.0-42-powerpc64-smp)

USN-3099-1: 16.04 (Xenial) on src (linux-image-4.4.0-42-powerpc-e500mc)

USN-3099-1: 16.04 (Xenial) on src (linux-image-4.4.0-42-powerpc-smp)