USN-2529-1: Linux kernel (Utopic HWE) vulnerability

12 March 2015

The system could be made to crash or run programs as an administrator.

Releases

Packages

  • linux-lts-utopic - Linux hardware enablement kernel from Utopic

Details

It was discovered that the Linux kernel's Infiniband subsystem did not
properly sanitize its input parameters while registering memory regions
from userspace. A local user could exploit this flaw to cause a denial of
service (system crash) or to potentially gain administrative privileges.

References