Ubuntu Security Notice USN-2616-1

Discussion in 'News Aggregator' started by Packet Storm, 20 May 2015.

  1. Packet Storm

    Packet Storm Guest

    Ubuntu Security Notice 2616-1 - Alexandre Oliva reported a race condition flaw in the btrfs file system's handling of extended attributes (xattrs). A local attacker could exploit this flaw to bypass ACLs and potentially escalate privileges. A memory corruption issue was discovered in AES decryption when using the Intel AES-NI accelerated code path. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially escalate privileges on Intel base machines with AEC-GCM mode IPSec security association. Various other issues were also addressed.

    Continue reading...
     

Share This Page

Loading...