Description
Alexandre Oliva reported a race condition flaw in the btrfs file system's
handling of extended attributes (xattrs). A local attacker could exploit
this flaw to bypass ACLs and potentially escalate privileges.(CVE-2014-9710)
A memory corruption issue was discovered in AES decryption when using the
Intel AES-NI accelerated code path. A remote attacker could exploit this
flaw to cause a denial of service (system crash) or potentially escalate
privileges on Intel base machines with AEC-GCM mode IPSec security
association. (CVE-2015-3331)
A flaw was discovered in the Linux kernel's IPv4 networking when using TCP
fast open to initiate a connection. An unprivileged local user could
exploit this flaw to cause a denial of service (system crash).(CVE-2015-3332)