USN-2620-1: Linux kernel vulnerability

Ubuntu Security Notice USN-2620-1

23rd May, 2015

linux vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

Ubuntu 14.04 LTS

Summary

The system could be made to crash under certain conditions.

Software description

linux
– Linux kernel

Details

A flaw was discovered in the Linux kernel’s IPv4 networking when using TCP
fast open to initiate a connection. An unprivileged local user could
exploit this flaw to cause a denial of service (system crash).

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:: linux-image-3.13.0-53-generic-lpae

3.13.0-53.89; linux-image-3.13.0-53-powerpc64-emb

3.13.0-53.89; linux-image-3.13.0-53-powerpc-smp

3.13.0-53.89; linux-image-3.13.0-53-lowlatency

3.13.0-53.89; linux-image-3.13.0-53-powerpc-e500

3.13.0-53.89; linux-image-3.13.0-53-generic

3.13.0-53.89; linux-image-3.13.0-53-powerpc-e500mc

3.13.0-53.89; linux-image-3.13.0-53-powerpc64-smp

3.13.0-53.89

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

CVE-2015-3332

007 Software