==========================================================================
Ubuntu Security Notice USN-3384-1
August 11, 2017

linux, linux-raspi2 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 17.04

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
– linux: Linux kernel
– linux-raspi2: Linux kernel for Raspberry Pi 2

Details:

Andrey Konovalov discovered a race condition in the UDP Fragmentation
Offload (UFO) code in the Linux kernel. A local attacker could use this to
cause a denial of service or execute arbitrary code. (CVE-2017-1000112)

Andrey Konovalov discovered a race condition in AF_PACKET socket option
handling code in the Linux kernel. A local unprivileged attacker could use
this to cause a denial of service or possibly execute arbitrary code.
(CVE-2017-1000111)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 17.04:
linux-image-4.10.0-1015-raspi2 4.10.0-1015.18
linux-image-4.10.0-32-generic 4.10.0-32.36
linux-image-4.10.0-32-generic-lpae 4.10.0-32.36
linux-image-4.10.0-32-lowlatency 4.10.0-32.36
linux-image-generic 4.10.0.32.32
linux-image-generic-lpae 4.10.0.32.32
linux-image-lowlatency 4.10.0.32.32
linux-image-raspi2 4.10.0.1015.16

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://www.ubuntu.com/usn/usn-3384-1
CVE-2017-1000111, CVE-2017-1000112

Package Information:
https://launchpad.net/ubuntu/+source/linux/4.10.0-32.36
https://launchpad.net/ubuntu/+source/linux-raspi2/4.10.0-1015.18

—–BEGIN PGP SIGNATURE—–

iQIcBAABCgAGBQJZjSoEAAoJEC8Jno0AXoH0TlsP/28HqCDszxvGg2xwbK+aTSrG
gfuTMky2OMib1YClxT2uyJ0MtAzd3v+9GdHImCame5cvgaHaExVrhDv8+anCWn9v
pj7YAxnO4Bwxgq2eigKYwJ+HT8FmeWOkQSBgacsmtLJI/OVLDEqtvl2HZePbHun4
b0Qb+bLgoKaOzKE1ksoN2Qc7TnhNStrDSJlPfwI/k9Zb3fnVlcB4RLoYk05oY+Eq
8RCX/dZyzuPWtyiYBtZdB+qb1AKxh4EajMb9Ic2Ylndd4HvplRS9rdAnmmWIGBMw
a634LfTmWDhriNWjc1AhDkKNcfIR0BUAqHT1gYJEf/eDUiFht5N4YWBUlNIVaSDQ
U4slFl3FTevNCdpLJoRjxFdYE6PvSewTu/1GW8zQ10AxOKsXAhrmwjwuMxBhIjqx
aabrEL6jCF7Nx3rojgnQanbRtsdDvSC0MSaK+gcgmezNWTkkH1iHqN5OAFtJWVz2
6rHc73MTUWlHTIDtGzSsgSFhw0vPw+qNw5WPQAqFZKgYVX3rL0V/PzmqJfFABYI0
ItqfYFTSyJuerLqNWO3uRbEzSqCR5nfSs4hB/6c4xmAVbM0H++57k9FPEH9GYA7B
IdPSOwpiMK8CXYOWzE73bFOsGC4MF91R9Usa5krsJuBw+mrCt4T5GHyt5eHw6dvp
tQDJDZnNYt75HHaxIWCh
=hE8O
—–END PGP SIGNATURE—–
—
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

==========================================================================
Ubuntu Security Notice USN-3384-2
August 11, 2017

linux-hwe vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
– linux-hwe: Linux hardware enablement (HWE) kernel

Details:

USN-3384-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04.
This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 17.04 for Ubuntu
16.04 LTS.

Andrey Konovalov discovered a race condition in the UDP Fragmentation
Offload (UFO) code in the Linux kernel. A local attacker could use this to
cause a denial of service or execute arbitrary code. (CVE-2017-1000112)

Andrey Konovalov discovered a race condition in AF_PACKET socket option
handling code in the Linux kernel. A local unprivileged attacker could use
this to cause a denial of service or possibly execute arbitrary code.
(CVE-2017-1000111)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
linux-image-4.10.0-32-generic 4.10.0-32.36~16.04.1
linux-image-4.10.0-32-generic-lpae 4.10.0-32.36~16.04.1
linux-image-4.10.0-32-lowlatency 4.10.0-32.36~16.04.1
linux-image-generic-hwe-16.04 4.10.0.32.34
linux-image-generic-lpae-hwe-16.04 4.10.0.32.34
linux-image-lowlatency-hwe-16.04 4.10.0.32.34

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://www.ubuntu.com/usn/usn-3384-2
https://www.ubuntu.com/usn/usn-3384-1
CVE-2017-1000111, CVE-2017-1000112

Package Information:
https://launchpad.net/ubuntu/+source/linux-hwe/4.10.0-32.36~16.04.1

—–BEGIN PGP SIGNATURE—–

iQIcBAABCgAGBQJZjSoUAAoJEC8Jno0AXoH0kR4P/Rar06owaF6ow5DYDCKXMM8H
qoNQLzRVG5vvoUwesWTVBY5xC8OMuvM5qc2wMtAHS9XP2uReYQwFc0YMEJkL6jtK
LiNk9Ju/tFt4parYu9zzxt1Hz4jNE6/mCPLMtDEoJviX5435vVqbr3LskBPKSrE4
UzRU78srpjX+xyOSXeCdw+H6q/dej4qfjjBeiXxRkDVaJc9xkvRzaE3ILAOJuB+A
BRrfsTKx6BZX5CrCrWzqXCLvLRVUPfhUm9EfjctTzLQhkSkYcuhChnJvFY/V667s
Cdwcg7IUhz53zw4yXqkQeWHnjpQKUttSxh4B7OQxzDNN+VoGFFXhOHBHkaq5WGhS
1NJPRZfMF80lAo8pVj9/l/MoNK9X9fDdwAAEX16CXVqaEIE/oALTMkM45biRnQb9
NtsuFau9XNeC8p9y1bZ42OtZeaplh6kfbQ/YFLuX2JPKHuEQbvNTyO4jEVzI1mEA
3xMxTvhzWsdSW8pTn/MqX9RHxpACwoP8U0sUx4xMc54HuN3rOfyVBcygrc2vtmx3
sYqJfkORKpJaJdXSK4JZDvlNNqrniDZwirzF6szijWLsVopPna+FhwVMZ8edaGEZ
tLh9rPJnxqoRiqLVfX6IZ6s3PJqHOZ4+9ROCt8m+EnQGrPCwmNRYzlLOUR7zkjz7
Dnb0ngUeCLA921i/Pqrx
=qcrv
—–END PGP SIGNATURE—–
—
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

==========================================================================
Ubuntu Security Notice USN-3385-1
August 11, 2017

linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
– linux: Linux kernel
– linux-aws: Linux kernel for Amazon Web Services (AWS) systems
– linux-gke: Linux kernel for Google Container Engine (GKE) systems
– linux-raspi2: Linux kernel for Raspberry Pi 2
– linux-snapdragon: Linux kernel for Snapdragon processors

Details:

Andrey Konovalov discovered a race condition in the UDP Fragmentation
Offload (UFO) code in the Linux kernel. A local attacker could use this to
cause a denial of service or execute arbitrary code. (CVE-2017-1000112)

Andrey Konovalov discovered a race condition in AF_PACKET socket option
handling code in the Linux kernel. A local unprivileged attacker could use
this to cause a denial of service or possibly execute arbitrary code.
(CVE-2017-1000111)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
linux-image-4.4.0-1026-gke 4.4.0-1026.26
linux-image-4.4.0-1030-aws 4.4.0-1030.39
linux-image-4.4.0-1069-raspi2 4.4.0-1069.77
linux-image-4.4.0-1071-snapdragon 4.4.0-1071.76
linux-image-4.4.0-91-generic 4.4.0-91.114
linux-image-4.4.0-91-generic-lpae 4.4.0-91.114
linux-image-4.4.0-91-lowlatency 4.4.0-91.114
linux-image-4.4.0-91-powerpc-e500mc 4.4.0-91.114
linux-image-4.4.0-91-powerpc-smp 4.4.0-91.114
linux-image-4.4.0-91-powerpc64-emb 4.4.0-91.114
linux-image-4.4.0-91-powerpc64-smp 4.4.0-91.114
linux-image-aws 4.4.0.1030.32
linux-image-generic 4.4.0.91.96
linux-image-generic-lpae 4.4.0.91.96
linux-image-gke 4.4.0.1026.27
linux-image-lowlatency 4.4.0.91.96
linux-image-powerpc-e500mc 4.4.0.91.96
linux-image-powerpc-smp 4.4.0.91.96
linux-image-powerpc64-emb 4.4.0.91.96
linux-image-powerpc64-smp 4.4.0.91.96
linux-image-raspi2 4.4.0.1069.69
linux-image-snapdragon 4.4.0.1071.63

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://www.ubuntu.com/usn/usn-3385-1
CVE-2017-1000111, CVE-2017-1000112

Package Information:
https://launchpad.net/ubuntu/+source/linux/4.4.0-91.114
https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1030.39
https://launchpad.net/ubuntu/+source/linux-gke/4.4.0-1026.26
https://launchpad.net/ubuntu/+source/linux-raspi2/4.4.0-1069.77
https://launchpad.net/ubuntu/+source/linux-snapdragon/4.4.0-1071.76

—–BEGIN PGP SIGNATURE—–

iQIcBAABCgAGBQJZjSp0AAoJEC8Jno0AXoH0dEQP/jbjvaO36000IQh0s3RhZsHS
pA1RV3f4Ol+kLrlJhCNDMks0WyrnNaydce24P4P9vzxzk8oHF85K60jjzxZLNpf/
kUwAdJpN8ENQ0z3zFGX3NlKoJERtRMXreLEW+0yFkpfB08QKhx1LzBGeb17zpJcC
ji/+l4TXK8xytoVfErBO8NR8CjvBcJQ62Hw7opdufUZES/d7W+k6TriOsfHrhNK3
Nk9+hQ6oo3gvDkDNgvF8Mj+oUHsJm2oqIev1rsGfFyeCSehRoJpoQBQ5rmBd0bix
p7rK5oB1QMKOvUV+PPqqOnM8Vvb45Vz/sdQlPBfK/lv22AegYAn7bBg7tlGtsUDa
Nz4hTQETt+E994vpF8Wo/rjRxZTygry4ZPpoHU/v9eZHGOLo2s4jvwF+yeKT8D68
X5RhmOHr+AUuHqKzNhWLuN/rmKFF7AKIGBhJj7iDq0sC158e5koTx7PR7sLgEKta
y+o3wrwDq1N+6TcbGF/X8UWZqRlweNbI3yBYWi8OeIVESejW3o05fpnl49TARL6x
+dRIcW7pb4pfo5OxLDIil2uSbLMvelz7p7N5lY3078g/aZxaaD290eY2jzauM4Nw
NZIdZ2whugb2zgSdMGmvz90ZNsye/aZ0KC06uLsYAitpE4XodNVd9yxlhu84p9Jl
DM6lPIXFblHVSfeKL6Ml
=W2yr
—–END PGP SIGNATURE—–
—
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

==========================================================================
Ubuntu Security Notice USN-3385-2
August 11, 2017

linux-lts-xenial vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
– linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty

Details:

USN-3385-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu
14.04 LTS.

Andrey Konovalov discovered a race condition in the UDP Fragmentation
Offload (UFO) code in the Linux kernel. A local attacker could use this to
cause a denial of service or execute arbitrary code. (CVE-2017-1000112)

Andrey Konovalov discovered a race condition in AF_PACKET socket option
handling code in the Linux kernel. A local unprivileged attacker could use
this to cause a denial of service or possibly execute arbitrary code.
(CVE-2017-1000111)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
linux-image-4.4.0-91-generic 4.4.0-91.114~14.04.1
linux-image-4.4.0-91-generic-lpae 4.4.0-91.114~14.04.1
linux-image-4.4.0-91-lowlatency 4.4.0-91.114~14.04.1
linux-image-4.4.0-91-powerpc-e500mc 4.4.0-91.114~14.04.1
linux-image-4.4.0-91-powerpc-smp 4.4.0-91.114~14.04.1
linux-image-4.4.0-91-powerpc64-emb 4.4.0-91.114~14.04.1
linux-image-4.4.0-91-powerpc64-smp 4.4.0-91.114~14.04.1
linux-image-generic-lpae-lts-xenial 4.4.0.91.75
linux-image-generic-lts-xenial 4.4.0.91.75
linux-image-lowlatency-lts-xenial 4.4.0.91.75
linux-image-powerpc-e500mc-lts-xenial 4.4.0.91.75
linux-image-powerpc-smp-lts-xenial 4.4.0.91.75
linux-image-powerpc64-emb-lts-xenial 4.4.0.91.75
linux-image-powerpc64-smp-lts-xenial 4.4.0.91.75

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://www.ubuntu.com/usn/usn-3385-2
https://www.ubuntu.com/usn/usn-3385-1
CVE-2017-1000111, CVE-2017-1000112

Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-xenial/4.4.0-91.114~14.04.1

—–BEGIN PGP SIGNATURE—–

iQIcBAABCgAGBQJZjSqAAAoJEC8Jno0AXoH0DKkQAJB3IUbd8FSQ6bdUm+JBYe4r
/vl96R51/TJIsR7X9iAMMIOX393MWSjoZqpAIZcCcoZcPhnH21r+plIpk2PkE0TF
VqI5ywEk3E/S9VC9SBxEAZpRDIhzwHIUR6OhfM6hVoudsBiDYv97gSzxu6MKYZxM
UVF/5fIMQJZzzVkSeDQ87Mc4mfoIeFW70bA+uXuw8ACW4uWqqRIBhckUPW+xJ3xm
0kzWZewoYlWap08w33deNat86RBFQcPLb+Y2p37I83LEeUSkfEVTlutXLkoDDQuO
RgIQjfrOMZiOsEdFpgVViF5LmbWG+ZcgNyZpS2ExrlNwrPbM9mH/uAbKUmM0CPb8
/lYf5a6Hct3EAHQcgcs3JRAhWEpotKYJ0z8xrfNfcgGB4Vo7r3AebaY8j4ct2Rp8
MR/FrzodiJ9htXDoABm0w9FX6BcKLkMJvC4biWW7bClySBw8WzDl5xd5/nzcV4Ct
L6G+7zyAxLZ5Q5bx5n4HpS7k3bzG3WdUHBNlWYZE4qpJO8cmRguxUFisl5l669Wk
HpTKljczoW0o4cIShKxHh0I4Q9OWcK/vfp+6pFzJIlvcoxrdv2ETh7glXdoPHuyB
IDDZlu8DRftpauPSRFwg6NXcgL86do4inIvYGXCBeo+Ppsf7GmVaLOvfWXNUTqrB
ayH7sHewcOa7IZIWa5LG
=NLiP
—–END PGP SIGNATURE—–
—