usn-2965-2
Vulnerability from osv_ubuntu
Published
2016-05-06 20:21
Modified
2026-02-10 04:40
Summary
linux-lts-xenial vulnerabilities
Details

USN-2965-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS.

Jann Horn discovered that the extended Berkeley Packet Filter (eBPF) implementation in the Linux kernel did not properly reference count file descriptors, leading to a use-after-free. A local unprivileged attacker could use this to gain administrative privileges. (CVE-2016-4557)

Ralf Spenneberg discovered that the USB sound subsystem in the Linux kernel did not properly validate USB device descriptors. An attacker with physical access could use this to cause a denial of service (system crash). (CVE-2016-2184)

Ralf Spenneberg discovered that the ATI Wonder Remote II USB driver in the Linux kernel did not properly validate USB device descriptors. An attacker with physical access could use this to cause a denial of service (system crash). (CVE-2016-2185)

Ralf Spenneberg discovered that the PowerMate USB driver in the Linux kernel did not properly validate USB device descriptors. An attacker with physical access could use this to cause a denial of service (system crash). (CVE-2016-2186)

Ralf Spenneberg discovered that the I/O-Warrior USB device driver in the Linux kernel did not properly validate USB device descriptors. An attacker with physical access could use this to cause a denial of service (system crash). (CVE-2016-2188)

It was discovered that the Linux kernel did not enforce limits on the amount of data allocated to buffer pipes. A local attacker could use this to cause a denial of service (resource exhaustion). (CVE-2016-2847)

Sergej Schumilo, Hendrik Schwartke, and Ralf Spenneberg discovered that the MCT USB RS232 Converter device driver in the Linux kernel did not properly validate USB device descriptors. An attacker with physical access could use this to cause a denial of service (system crash). (CVE-2016-3136)

Sergej Schumilo, Hendrik Schwartke, and Ralf Spenneberg discovered that the Cypress M8 USB device driver in the Linux kernel did not properly validate USB device descriptors. An attacker with physical access could use this to cause a denial of service (system crash). (CVE-2016-3137)

Sergej Schumilo, Hendrik Schwartke, and Ralf Spenneberg discovered that the USB abstract device control driver for modems and ISDN adapters did not validate endpoint descriptors. An attacker with physical access could use this to cause a denial of service (system crash). (CVE-2016-3138)

Sergej Schumilo, Hendrik Schwartke, and Ralf Spenneberg discovered that the Linux kernel's USB driver for Digi AccelePort serial converters did not properly validate USB device descriptors. An attacker with physical access could use this to cause a denial of service (system crash). (CVE-2016-3140)

It was discovered that the IPv4 implementation in the Linux kernel did not perform the destruction of inet device objects properly. An attacker in a guest OS could use this to cause a denial of service (networking outage) in the host OS. (CVE-2016-3156)

Andy Lutomirski discovered that the Linux kernel did not properly context- switch IOPL on 64-bit PV Xen guests. An attacker in a guest OS could use this to cause a denial of service (guest OS crash), gain privileges, or obtain sensitive information. (CVE-2016-3157)

Hector Marco and Ismael Ripoll discovered that the Linux kernel would improperly disable Address Space Layout Randomization (ASLR) for x86 processes running in 32 bit mode if stack-consumption resource limits were disabled. A local attacker could use this to make it easier to exploit an existing vulnerability in a setuid/setgid program. (CVE-2016-3672)

It was discovered that the Linux kernel's USB driver for IMS Passenger Control Unit devices did not properly validate the device's interfaces. An attacker with physical access could use this to cause a denial of service (system crash). (CVE-2016-3689)

Andrey Konovalov discovered that the CDC Network Control Model USB driver in the Linux kernel did not cancel work events queued if a later error occurred, resulting in a use-after-free. An attacker with physical access could use this to cause a denial of service (system crash). (CVE-2016-3951)

It was discovered that an out-of-bounds write could occur when handling incoming packets in the USB/IP implementation in the Linux kernel. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-3955)


{
  "affected": [
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2016-2184",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-2185",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-2186",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-2188",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-3136",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-3137",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-3138",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-3140",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-3156",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-3157",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-3672",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-3689",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-3951",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-3955",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-4557",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:14.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "block-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "block-modules-4.4.0-22-generic-lpae-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "block-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "block-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "block-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "crypto-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "crypto-modules-4.4.0-22-generic-lpae-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "crypto-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "crypto-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "crypto-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "fat-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "fat-modules-4.4.0-22-generic-lpae-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "fat-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "fat-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "fat-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "fb-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "firewire-core-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "firewire-core-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "firewire-core-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "firewire-core-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "floppy-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "floppy-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "floppy-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "floppy-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "fs-core-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "fs-core-modules-4.4.0-22-generic-lpae-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "fs-core-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "fs-core-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "fs-core-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "fs-secondary-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "fs-secondary-modules-4.4.0-22-generic-lpae-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "fs-secondary-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "fs-secondary-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "fs-secondary-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "input-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "input-modules-4.4.0-22-generic-lpae-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "input-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "input-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "input-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "ipmi-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "ipmi-modules-4.4.0-22-generic-lpae-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "ipmi-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "ipmi-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "ipmi-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "irda-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "irda-modules-4.4.0-22-generic-lpae-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "irda-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "irda-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "irda-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "kernel-image-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "kernel-image-4.4.0-22-generic-lpae-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "kernel-image-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "kernel-image-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "kernel-image-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-cloud-tools-4.4.0-22-generic",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-cloud-tools-4.4.0-22-lowlatency",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-headers-4.4.0-22",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-headers-4.4.0-22-generic",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-headers-4.4.0-22-generic-lpae",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-headers-4.4.0-22-lowlatency",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-headers-4.4.0-22-powerpc-e500mc",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-headers-4.4.0-22-powerpc-smp",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-headers-4.4.0-22-powerpc64-emb",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-headers-4.4.0-22-powerpc64-smp",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-image-4.4.0-22-generic",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-image-4.4.0-22-generic-lpae",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-image-4.4.0-22-lowlatency",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-image-4.4.0-22-powerpc-e500mc",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-image-4.4.0-22-powerpc-smp",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-image-4.4.0-22-powerpc64-emb",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-image-4.4.0-22-powerpc64-smp",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-image-extra-4.4.0-22-generic",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-lts-xenial-cloud-tools-4.4.0-22",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-lts-xenial-tools-4.4.0-22",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-lts-xenial-udebs-generic",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-lts-xenial-udebs-generic-lpae",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-lts-xenial-udebs-powerpc-e500mc",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-lts-xenial-udebs-powerpc-smp",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-lts-xenial-udebs-powerpc64-smp",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-tools-4.4.0-22-generic",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-tools-4.4.0-22-generic-lpae",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-tools-4.4.0-22-lowlatency",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-tools-4.4.0-22-powerpc-e500mc",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-tools-4.4.0-22-powerpc-smp",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-tools-4.4.0-22-powerpc64-emb",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "linux-tools-4.4.0-22-powerpc64-smp",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "md-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "md-modules-4.4.0-22-generic-lpae-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "md-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "md-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "md-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "message-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "message-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "message-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "message-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "mouse-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "mouse-modules-4.4.0-22-generic-lpae-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "mouse-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "mouse-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "mouse-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "multipath-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "multipath-modules-4.4.0-22-generic-lpae-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "multipath-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "multipath-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "multipath-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "nfs-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "nfs-modules-4.4.0-22-generic-lpae-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "nfs-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "nfs-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "nfs-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "nic-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "nic-modules-4.4.0-22-generic-lpae-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "nic-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "nic-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "nic-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "nic-pcmcia-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "nic-shared-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "nic-shared-modules-4.4.0-22-generic-lpae-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "nic-shared-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "nic-shared-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "nic-shared-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "nic-usb-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "nic-usb-modules-4.4.0-22-generic-lpae-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "nic-usb-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "nic-usb-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "nic-usb-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "parport-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "parport-modules-4.4.0-22-generic-lpae-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "parport-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "parport-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "parport-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "pata-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "pata-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "pata-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "pata-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "pcmcia-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "pcmcia-storage-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "plip-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "plip-modules-4.4.0-22-generic-lpae-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "plip-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "plip-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "plip-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "ppp-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "ppp-modules-4.4.0-22-generic-lpae-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "ppp-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "ppp-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "ppp-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "sata-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "sata-modules-4.4.0-22-generic-lpae-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "sata-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "sata-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "sata-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "scsi-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "scsi-modules-4.4.0-22-generic-lpae-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "scsi-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "scsi-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "scsi-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "serial-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "speakup-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "speakup-modules-4.4.0-22-generic-lpae-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "speakup-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "speakup-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "speakup-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "squashfs-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "squashfs-modules-4.4.0-22-generic-lpae-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "squashfs-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "squashfs-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "squashfs-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "storage-core-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "storage-core-modules-4.4.0-22-generic-lpae-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "storage-core-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "storage-core-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "storage-core-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "usb-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "usb-modules-4.4.0-22-generic-lpae-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "usb-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "usb-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "usb-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "virtio-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "virtio-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "virtio-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "virtio-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "vlan-modules-4.4.0-22-generic-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "vlan-modules-4.4.0-22-generic-lpae-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "vlan-modules-4.4.0-22-powerpc-e500mc-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "vlan-modules-4.4.0-22-powerpc-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          },
          {
            "binary_name": "vlan-modules-4.4.0-22-powerpc64-smp-di",
            "binary_version": "4.4.0-22.39~14.04.1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:14.04:LTS",
        "name": "linux-lts-xenial",
        "purl": "pkg:deb/ubuntu/linux-lts-xenial@4.4.0-22.39~14.04.1?arch=source\u0026distro=trusty"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.4.0-22.39~14.04.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "4.4.0-13.29~14.04.1",
        "4.4.0-14.30~14.04.2",
        "4.4.0-15.31~14.04.1",
        "4.4.0-18.34~14.04.1",
        "4.4.0-21.37~14.04.1"
      ]
    }
  ],
  "aliases": [],
  "details": "USN-2965-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04\nLTS. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu\n14.04 LTS.\n\nJann Horn discovered that the extended Berkeley Packet Filter (eBPF)\nimplementation in the Linux kernel did not properly reference count file\ndescriptors, leading to a use-after-free. A local unprivileged attacker\ncould use this to gain administrative privileges. (CVE-2016-4557)\n\nRalf Spenneberg discovered that the USB sound subsystem in the Linux kernel\ndid not properly validate USB device descriptors. An attacker with physical\naccess could use this to cause a denial of service (system crash).\n(CVE-2016-2184)\n\nRalf Spenneberg discovered that the ATI Wonder Remote II USB driver in the\nLinux kernel did not properly validate USB device descriptors. An attacker\nwith physical access could use this to cause a denial of service (system\ncrash). (CVE-2016-2185)\n\nRalf Spenneberg discovered that the PowerMate USB driver in the Linux\nkernel did not properly validate USB device descriptors. An attacker with\nphysical access could use this to cause a denial of service (system crash).\n(CVE-2016-2186)\n\nRalf Spenneberg discovered that the I/O-Warrior USB device driver in the\nLinux kernel did not properly validate USB device descriptors. An attacker\nwith physical access could use this to cause a denial of service (system\ncrash). (CVE-2016-2188)\n\nIt was discovered that the Linux kernel did not enforce limits on the\namount of data allocated to buffer pipes. A local attacker could use this\nto cause a denial of service (resource exhaustion). (CVE-2016-2847)\n\nSergej Schumilo, Hendrik Schwartke, and Ralf Spenneberg discovered that the\nMCT USB RS232 Converter device driver in the Linux kernel did not properly\nvalidate USB device descriptors. An attacker with physical access could use\nthis to cause a denial of service (system crash). (CVE-2016-3136)\n\nSergej Schumilo, Hendrik Schwartke, and Ralf Spenneberg discovered that the\nCypress M8 USB device driver in the Linux kernel did not properly validate\nUSB device descriptors. An attacker with physical access could use this to\ncause a denial of service (system crash). (CVE-2016-3137)\n\nSergej Schumilo, Hendrik Schwartke, and Ralf Spenneberg discovered that the\nUSB abstract device control driver for modems and ISDN adapters did not\nvalidate endpoint descriptors. An attacker with physical access could use\nthis to cause a denial of service (system crash). (CVE-2016-3138)\n\nSergej Schumilo, Hendrik Schwartke, and Ralf Spenneberg discovered that the\nLinux kernel\u0027s USB driver for Digi AccelePort serial converters did not\nproperly validate USB device descriptors. An attacker with physical access\ncould use this to cause a denial of service (system crash). (CVE-2016-3140)\n\nIt was discovered that the IPv4 implementation in the Linux kernel did not\nperform the destruction of inet device objects properly. An attacker in a\nguest OS could use this to cause a denial of service (networking outage) in\nthe host OS. (CVE-2016-3156)\n\nAndy Lutomirski discovered that the Linux kernel did not properly context-\nswitch IOPL on 64-bit PV Xen guests. An attacker in a guest OS could use\nthis to cause a denial of service (guest OS crash), gain privileges, or\nobtain sensitive information. (CVE-2016-3157)\n\nHector Marco and Ismael Ripoll discovered that the Linux kernel would\nimproperly disable Address Space Layout Randomization (ASLR) for x86\nprocesses running in 32 bit mode if stack-consumption resource limits were\ndisabled. A local attacker could use this to make it easier to exploit an\nexisting vulnerability in a setuid/setgid program. (CVE-2016-3672)\n\nIt was discovered that the Linux kernel\u0027s USB driver for IMS Passenger\nControl Unit devices did not properly validate the device\u0027s interfaces. An\nattacker with physical access could use this to cause a denial of service\n(system crash). (CVE-2016-3689)\n\nAndrey Konovalov discovered that the CDC Network Control Model USB driver\nin the Linux kernel did not cancel work events queued if a later error\noccurred, resulting in a use-after-free. An attacker with physical access\ncould use this to cause a denial of service (system crash). (CVE-2016-3951)\n\nIt was discovered that an out-of-bounds write could occur when handling\nincoming packets in the USB/IP implementation in the Linux kernel. A remote\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2016-3955)\n",
  "id": "USN-2965-2",
  "modified": "2026-02-10T04:40:59Z",
  "published": "2016-05-06T20:21:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://ubuntu.com/security/notices/USN-2965-2"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-2184"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-2185"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-2186"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-2188"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-2847"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-3136"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-3137"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-3138"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-3140"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-3156"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-3157"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-3672"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-3689"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-3951"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-3955"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-4557"
    }
  ],
  "related": [],
  "schema_version": "1.7.0",
  "summary": "linux-lts-xenial vulnerabilities",
  "upstream": [
    "UBUNTU-CVE-2016-2184",
    "UBUNTU-CVE-2016-2185",
    "UBUNTU-CVE-2016-2186",
    "UBUNTU-CVE-2016-2188",
    "UBUNTU-CVE-2016-2847",
    "UBUNTU-CVE-2016-3136",
    "UBUNTU-CVE-2016-3137",
    "UBUNTU-CVE-2016-3138",
    "UBUNTU-CVE-2016-3140",
    "UBUNTU-CVE-2016-3156",
    "UBUNTU-CVE-2016-3157",
    "UBUNTU-CVE-2016-3672",
    "UBUNTU-CVE-2016-3689",
    "UBUNTU-CVE-2016-3951",
    "UBUNTU-CVE-2016-3955",
    "UBUNTU-CVE-2016-4557"
  ]
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…