Ubuntu Security Notice 3084-2 – USN-3084-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. Various other issues were also addressed.

Ubuntu Security Notice 3084-3 – Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. It was discovered that the powerpc and powerpc64 hypervisor-mode KVM implementation in the Linux kernel for did not properly maintain state about transactional memory. An unprivileged attacker in a guest could cause a denial of service in the host OS. Various other issues were also addressed.

Ubuntu Security Notice 3082-2 – Chiachih Wu, Yuan-Tsung Lo, and Xuxian Jiang discovered that the legacy ABI for ARM had incomplete access checks for epoll_wait and semtimedop. A local attacker could use this to possibly execute arbitrary code.

Ubuntu Security Notice 3083-2 – USN-3083-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Dmitry Vyukov discovered that the IPv6 implementation in the Linux kernel did not properly handle options data, including a use-after-free. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

Ubuntu Security Notice 3082-1 – Chiachih Wu, Yuan-Tsung Lo, and Xuxian Jiang discovered that the legacy ABI for ARM had incomplete access checks for epoll_wait and semtimedop. A local attacker could use this to possibly execute arbitrary code.

Ubuntu Security Notice 3081-1 – Dawid Golunski discovered that the Tomcat init script incorrectly handled creating log files. A remote attacker could possibly use this issue to obtain root privileges. This update also reverts a change in behavior introduced in USN-3024-1 by setting mapperContextRootRedirectEnabled to True by default.

WordPress Neosense theme version 1.7 suffers from a remote shell upload vulnerability.

EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 7.3 contain fixes for multiple vulnerabilities. These vulnerabilities may expose the Avamar clients and servers to potentially be compromised by malicious users. They include improper authentication, improper encryption, privilege escalation, and command injection vulnerabilities.