Dawid Golunski discovered that the Tomcat init script incorrectly handled
creating log files. A remote attacker could possibly use this issue to
obtain root privileges. (CVE-2016-1240)

This update also reverts a change in behaviour introduced in USN-3024-1 by
setting mapperContextRootRedirectEnabled to True by default.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 16.04 LTS:: libtomcat8-java

8.0.32-1ubuntu1.2; tomcat8

8.0.32-1ubuntu1.2
Ubuntu 14.04 LTS:: tomcat7

7.0.52-1ubuntu0.7; libtomcat7-java

7.0.52-1ubuntu0.7
Ubuntu 12.04 LTS:: libtomcat6-java

6.0.35-1ubuntu3.8; tomcat6

6.0.35-1ubuntu3.8

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2016-1240,

LP: 1609819

Ubuntu

USN-3082-1: Linux kernel vulnerability

September 19, 2016 007admin Leave a comment

Ubuntu Security Notice USN-3082-1

19th September, 2016

linux vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

Ubuntu 12.04 LTS

Summary

The system could be made to run programs as an administrator.

Software description

linux
– Linux kernel

Details

Chiachih Wu, Yuan-Tsung Lo, and Xuxian Jiang discovered that the legacy ABI
for ARM (OABI) had incomplete access checks for epoll_wait(2) and
semtimedop(2). A local attacker could use this to possibly execute
arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:: linux-image-3.2.0-110-generic

3.2.0-110.151; linux-image-3.2.0-110-omap

3.2.0-110.151; linux-image-3.2.0-110-powerpc-smp

3.2.0-110.151; linux-image-3.2.0-110-highbank

3.2.0-110.151; linux-image-3.2.0-110-powerpc64-smp

3.2.0-110.151; linux-image-3.2.0-110-virtual

3.2.0-110.151; linux-image-3.2.0-110-generic-pae

3.2.0-110.151

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

CVE-2016-3857

Ubuntu

USN-3082-2: Linux kernel (OMAP4) vulnerability

September 19, 2016 007admin Leave a comment

Ubuntu Security Notice USN-3082-2

19th September, 2016

linux-ti-omap4 vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

Ubuntu 12.04 LTS

Summary

The system could be made to run programs as an administrator.

Software description

linux-ti-omap4
– Linux kernel for OMAP4

Details

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:: linux-image-3.2.0-1488-omap4

3.2.0-1488.115

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

CVE-2016-3857

Ubuntu

USN-3083-1: Linux kernel vulnerabilities

September 19, 2016 007admin Leave a comment

Ubuntu Security Notice USN-3083-1

19th September, 2016

linux vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

Ubuntu 14.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

linux
– Linux kernel

Details

Dmitry Vyukov discovered that the IPv6 implementation in the Linux kernel
did not properly handle options data, including a use-after-free. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2016-3841)

It was discovered that a race condition existed when handling heartbeat-
timeout events in the SCTP implementation of the Linux kernel. A remote
attacker could use this to cause a denial of service. (CVE-2015-8767)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:: linux-image-3.13.0-96-powerpc-smp

3.13.0-96.143; linux-image-3.13.0-96-powerpc-e500mc

3.13.0-96.143; linux-image-3.13.0-96-powerpc64-smp

3.13.0-96.143; linux-image-3.13.0-96-generic

3.13.0-96.143; linux-image-3.13.0-96-generic-lpae

3.13.0-96.143; linux-image-3.13.0-96-powerpc-e500

3.13.0-96.143; linux-image-3.13.0-96-powerpc64-emb

3.13.0-96.143; linux-image-3.13.0-96-lowlatency

3.13.0-96.143

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

CVE-2015-8767,

CVE-2016-3841

Ubuntu

USN-3083-2: Linux kernel (Trusty HWE) vulnerabilities

September 19, 2016 007admin Leave a comment

Ubuntu Security Notice USN-3083-2

19th September, 2016

linux-lts-trusty vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

Ubuntu 12.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

linux-lts-trusty
– Linux hardware enablement kernel from Trusty for Precise

Details

USN-3083-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu
12.04 LTS.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:: linux-image-3.13.0-96-generic

3.13.0-96.143~precise1; linux-image-3.13.0-96-generic-lpae

3.13.0-96.143~precise1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

CVE-2015-8767,

CVE-2016-3841

Ubuntu

USN-3084-1: Linux kernel vulnerabilities

September 19, 2016 007admin Leave a comment

Ubuntu Security Notice USN-3084-1

19th September, 2016

linux vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

Ubuntu 16.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

linux
– Linux kernel

Details

Pengfei Wang discovered a race condition in the audit subsystem in the
Linux kernel. A local attacker could use this to corrupt audit logs or
disrupt system-call auditing. (CVE-2016-6136)

It was discovered that the powerpc and powerpc64 hypervisor-mode KVM
implementation in the Linux kernel for did not properly maintain state
about transactional memory. An unprivileged attacker in a guest could cause
a denial of service (CPU lockup) in the host OS. (CVE-2016-5412)

Pengfei Wang discovered a race condition in the Chrome OS embedded
controller device driver in the Linux kernel. A local attacker could use
this to cause a denial of service (system crash). (CVE-2016-6156)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 16.04 LTS:: linux-image-4.4.0-38-powerpc64-emb

4.4.0-38.57; linux-image-4.4.0-38-powerpc64-smp

4.4.0-38.57; linux-image-4.4.0-38-generic

4.4.0-38.57; linux-image-4.4.0-38-powerpc-e500mc

4.4.0-38.57; linux-image-4.4.0-38-powerpc-smp

4.4.0-38.57; linux-image-4.4.0-38-lowlatency

4.4.0-38.57; linux-image-4.4.0-38-generic-lpae

4.4.0-38.57

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

CVE-2016-5412,

CVE-2016-6136,

CVE-2016-6156

Ubuntu

USN-3084-2: Linux kernel (Xenial HWE) vulnerabilities

September 19, 2016 007admin Leave a comment

Ubuntu Security Notice USN-3084-2

19th September, 2016

linux-lts-xenial vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

Ubuntu 14.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

linux-lts-xenial
– Linux hardware enablement kernel from Xenial for Trusty

Details

USN-3084-1 fixed vulnerabilities in the Linux kernel for Ubuntu
16.04 LTS. This update provides the corresponding updates for the
Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for
Ubuntu 14.04 LTS.

Pengfei Wang discovered a race condition in the audit subsystem in the
Linux kernel. A local attacker could use this to corrupt audit logs or
disrupt system-call auditing. (CVE-2016-6136)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:: linux-image-4.4.0-38-powerpc64-emb

4.4.0-38.57~14.04.1; linux-image-4.4.0-38-generic

4.4.0-38.57~14.04.1; linux-image-4.4.0-38-powerpc-e500mc

4.4.0-38.57~14.04.1; linux-image-4.4.0-38-powerpc-smp

4.4.0-38.57~14.04.1; linux-image-4.4.0-38-lowlatency

4.4.0-38.57~14.04.1; linux-image-4.4.0-38-generic-lpae

4.4.0-38.57~14.04.1; linux-image-4.4.0-38-powerpc64-smp

4.4.0-38.57~14.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

CVE-2016-5412,

CVE-2016-6136,

CVE-2016-6156

Ubuntu

USN-3084-3: Linux kernel (Raspberry Pi 2) vulnerabilities

September 19, 2016 007admin Leave a comment

Ubuntu Security Notice USN-3084-3

19th September, 2016

linux-raspi2 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

Ubuntu 16.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

linux-raspi2
– Linux kernel for Raspberry Pi 2

Details

Pengfei Wang discovered a race condition in the audit subsystem in the
Linux kernel. A local attacker could use this to corrupt audit logs or
disrupt system-call auditing. (CVE-2016-6136)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 16.04 LTS:: linux-image-4.4.0-1023-raspi2

4.4.0-1023.29

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

CVE-2016-5412,

CVE-2016-6136,

CVE-2016-6156

Ubuntu Security Notice USN-3081-1

tomcat6, tomcat7, tomcat8 vulnerability

Summary

Software description

Details

Update instructions

References

Ubuntu Security Notice USN-3082-1

linux vulnerability

Summary

Software description

Details

Update instructions

References

Ubuntu Security Notice USN-3082-2

linux-ti-omap4 vulnerability

Summary

Software description

Details

Update instructions

References

Ubuntu Security Notice USN-3083-1

linux vulnerabilities

Summary

Software description

Details

Update instructions

References

Ubuntu Security Notice USN-3083-2

linux-lts-trusty vulnerabilities

Summary

Software description

Details

Update instructions

References

Ubuntu Security Notice USN-3084-1

linux vulnerabilities

Summary

Software description

Details

Update instructions

References

Ubuntu Security Notice USN-3084-2

linux-lts-xenial vulnerabilities

Summary

Software description

Details

Update instructions

References

Ubuntu Security Notice USN-3084-3

linux-raspi2 vulnerabilities

Summary

Software description

Details

Update instructions

References

Software and Security Information