Security Affairs
U.S. CISA adds iCagenda and Balbooa Forms flaws to its Known Exploited Vulnerabilities catalog|Critical U-Boot Bugs Undermine Secure Boot on Millions of Devices|Update Now: Critical Zimbra Classic Web Client Flaw Could Expose Mailboxes|Ransomware Never Stopped: Over 9,000 Confirmed Attacks Since 2018|222 GitHub Repositories Linked to Fake Go Package Malware Operation|Former Ransomware Negotiator Sentenced to 70 Months in Prison for Secretly Helping BlackCat Gang|GigaWiper Merges Three Malware Families Into One Destructive Backdoor|INTERPOL Operation First Light Nets 5,811 Arrests and Seizes $293 Million|GodDamn Ransomware Uses PoisonX to Blind Security Software|AssuranceAmerica Breach Exposes 7 Million Driver’s Licenses After Employee Account Hack|Microsoft fixed Defender flaw RoguePlanet (CVE-2026-50656)|Fake VPN and 7-Zip Apps Turn Victims Into Residential Proxy Nodes|U.S. CISA adds iCagenda and Balbooa Forms flaws to its Known Exploited Vulnerabilities catalog|Critical U-Boot Bugs Undermine Secure Boot on Millions of Devices|Update Now: Critical Zimbra Classic Web Client Flaw Could Expose Mailboxes|Ransomware Never Stopped: Over 9,000 Confirmed Attacks Since 2018|222 GitHub Repositories Linked to Fake Go Package Malware Operation|Former Ransomware Negotiator Sentenced to 70 Months in Prison for Secretly Helping BlackCat Gang|GigaWiper Merges Three Malware Families Into One Destructive Backdoor|INTERPOL Operation First Light Nets 5,811 Arrests and Seizes $293 Million|GodDamn Ransomware Uses PoisonX to Blind Security Software|AssuranceAmerica Breach Exposes 7 Million Driver’s Licenses After Employee Account Hack|Microsoft fixed Defender flaw RoguePlanet (CVE-2026-50656)|Fake VPN and 7-Zip Apps Turn Victims Into Residential Proxy Nodes|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Ubuntu issued a patch to fix a number of Kernel Vulnerabilities

Ubuntu has patched a number of flaws affecting the Linux kernel, it is urging users to apply the patch if they’re running 14.04 LTS or any derivative builds. Ubuntu has patched a number of vulnerabilities affecting the Linux kernel, it is urging users to apply the patch if they’re running 14.04 LTS or any derivative builds. According […]

Canonical Ubuntu account hacked

Ubuntu has patched a number of flaws affecting the Linux kernel, it is urging users to apply the patch if they’re running 14.04 LTS or any derivative builds.

Ubuntu has patched a number of vulnerabilities affecting the Linux kernel, it is urging users to apply the patch if they’re running 14.04 LTS or any derivative builds.

According to the security advisory issued by Ubuntu yesterday, the list of bugs includes a use-after-free vulnerability (CVE-2015-8812) and a timing side-channel vulnerability (CVE-2016-2085), and a couple of flaws that open the Kernen to denial of service.

The use-after-free flaw was reported by Venkatesh Pottem, an attacker can exploit it to crash the system or possibly execute arbitrary code.

The timing side-channel vulnerability in the Linux Kernel affects the Extended Verification Module (EVM), an attacker can trigger it to compromise the. The flaw was reported by Xiaofei Rex Guo.

A third vulnerability is caused by the failure in enforcing limits on data “allocated to buffer pipes” that would’ve exhausted resources.

ubuntu12

Below the description provided for the remaining flaws fixed by the patch.

“David Herrmann discovered that the Linux kernel incorrectly accounted file descriptors to the original opener for in-flight file descriptors sent over a unix domain socket. A local attacker could use this to cause a denial of service (resource exhaustion). (CVE-2016-2550)” states the advisory.  “It was discovered that the Linux kernel did not enforce limits on the amount of data allocated to buffer pipes. A local attacker could use this to cause a denial of service (resource exhaustion). (CVE-2016-2847)” 

If you are using Ubuntu 12.04 LTS you urgently need to update it to fix the above vulnerabilities with the following package version:

Ubuntu 14.04 LTS:
linux-image-3.13.0-85-powerpc-smp 3.13.0-85.129
linux-image-3.13.0-85-powerpc-e500mc 3.13.0-85.129
linux-image-3.13.0-85-powerpc64-smp 3.13.0-85.129
linux-image-3.13.0-85-generic 3.13.0-85.129
linux-image-3.13.0-85-generic-lpae 3.13.0-85.129
linux-image-3.13.0-85-powerpc64-emb 3.13.0-85.129
linux-image-3.13.0-85-powerpc-e500 3.13.0-85.129
linux-image-3.13.0-85-lowlatency 3.13.0-85.129

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Linux Kernel, Ubuntu 14.04 LTS)