USN-3128-2: Linux kernel (Xenial HWE) vulnerability
Medium
Canonical Ubuntu
Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys
interface. A local attacker could use this to cause a denial of service (system crash).
Severity is medium unless otherwise noted.
Cloud Foundry BOSH stemcells are vulnerable, including:
OSS users are strongly encouraged to follow one of the mitigations below:
The Cloud Foundry project recommends upgrading to the following BOSH stemcells:
Ondrej Kozina