Ubuntu: USN-4170-1 Critical: linux kernel Privilege Escalation Risk
debian
September 22, 2011
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak
Summary
Several vulnerabilities have been discovered in the Linux kernel that may lead
to a privilege escalation, denial of service or information leak. The Common
Vulnerabilities and Exposures project identifies the following problems:
CVE-2009-4067
Rafael Dominguez Vega of MWR InfoSecurity reported an issue in the auerswald
module, a driver for Auerswald PBX/System Telephone USB devices. Attackers with physical access to a system's USB ports could obtain elevated
privileges using a specially crafted USB device.
CVE-2011-0712
Rafael Dominguez Vega of MWR InfoSecurity reported an issue in the caiaq
module, a USB driver for Native Instruments USB audio devices. Attackers with physical access to a system's USB ports could obtain elevated
privileges using a specially crafted USB device.
CVE-2011-1020
Kees Cook discovered an issue in the /proc filesystem that allows local
users to gain access to sensitive process information after execution of a
setuid binary.
CVE-2...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: linux-2.6
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!