Ubuntu Security Notice 6444-2 - Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service or possibly execute arbitrary code.
e1d72b79310f991fbf9447b368e82c18985bd69f9a6a49de7ca3fae3cd49f9c6