Oval Definition:oval:com.ubuntu.trusty:def:20160758000
Revision Date:2016-06-27Version:1
Title:CVE-2016-0758 on Ubuntu 14.04 LTS (trusty) - high.
Description:Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data. Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2016-0758
Platform(s):Ubuntu 14.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 14.04 LTS (trusty) is installed.
  • AND Package Information
  • The 'linux' package in trusty was vulnerable but has been fixed (note: '3.13.0-86.131').
  • OR NOT While related to the CVE in some way, the 'linux-aws' package in trusty is not affected (note: '4.4.0-1002.2').
  • OR While related to the CVE in some way, a decision has been made to ignore it.
  • OR While related to the CVE in some way, a decision has been made to ignore it.
  • OR While related to the CVE in some way, a decision has been made to ignore it.
  • OR The 'linux-lts-utopic' package in trusty was vulnerable but has been fixed (note: '3.16.0-71.92~14.04.1').
  • OR The 'linux-lts-vivid' package in trusty was vulnerable but has been fixed (note: '3.19.0-59.66~14.04.1').
  • OR The 'linux-lts-wily' package in trusty was vulnerable but has been fixed (note: '4.2.0-36.42~14.04.1').
  • OR The 'linux-lts-xenial' package in trusty was vulnerable but has been fixed (note: '4.4.0-22.40~14.04.1').
  • OR While related to the CVE in some way, a decision has been made to ignore it.
  • OR While related to the CVE in some way, a decision has been made to ignore it.
  • OR While related to the CVE in some way, a decision has been made to ignore it.
    • BACK