Ubuntu Security Notification for Linux Vulnerabilities (USN-3126-1)

It was discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface.

A use-after-free vulnerability during error processing in the recvmmsg(2) implementation in the Linux kernel.

A local attacker could use this to cause a denial of service (system crash). (CVE-2016-7042)

A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-7117)

Refer to Ubuntu advisory USN-3126-1 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

USN-3126-1: 12.04 (Precise) on src (linux-image-3.2.0-115-powerpc64-smp)

USN-3126-1: 12.04 (Precise) on src (linux-image-3.2.0-115-powerpc-smp)

USN-3126-1: 12.04 (Precise) on src (linux-image-omap)

USN-3126-1: 12.04 (Precise) on src (linux-image-powerpc)

USN-3126-1: 12.04 (Precise) on src (linux-image-3.2.0-115-highbank)

USN-3126-1: 12.04 (Precise) on src (linux-image-3.2.0-115-virtual)

USN-3126-1: 12.04 (Precise) on src (linux-image-3.2.0-115-generic-pae)

USN-3126-1: 12.04 (Precise) on src (linux-image-3.2.0-115-generic)

USN-3126-1: 12.04 (Precise) on src (linux-image-powerpc64-smp)

USN-3126-1: 12.04 (Precise) on src (linux-image-generic-pae)

USN-3126-1: 12.04 (Precise) on src (linux-image-powerpc-smp)

USN-3126-1: 12.04 (Precise) on src (linux-image-generic)

USN-3126-1: 12.04 (Precise) on src (linux-image-3.2.0-115-omap)

USN-3126-1: 12.04 (Precise) on src (linux-image-highbank)

USN-3126-1: 12.04 (Precise) on src (linux-image-virtual)