Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 527
Alerts This Week
Warning Icon 1 527

Ubuntu 6.06 LTS Advisory USN-1111-1 Critical: Kernel Flaws Lead To DoS

ubuntu
Calendar Grey May 5, 2011
Scroller Ubuntu
Ubuntu 6.06 LTS encounters several vulnerabilities in the kernel; patches needed to mitigate potential denial-of-service threats and root access risks.
Multiple flaws fixed in the Linux kernel.

Summary

Multiple flaws fixed in the Linux kernel.

Software Description:

- linux-source-2.6.15: Linux kernel

Details:

Dan Rosenberg discovered multiple flaws in the X.25 facilities parsing. If

a system was using X.25, a remote attacker could exploit this to crash the

system, leading to a denial of service. (CVE-2010-4164)

Vegard Nossum discovered that memory garbage collection was not handled

correctly for active sockets. A local attacker could exploit this to

allocate all available kernel memory, leading to a denial of service.

(CVE-2010-4249)

Nelson Elhage discovered that the kernel did not correctly handle process

cleanup after triggering a recoverable kernel bug. If a local attacker were

able to trigger certain kinds of kernel bugs, they could create a specially

crafted process to gain root privileges. (CVE-2010-4258)

Nelson Elhage discovered that Econet did not correctly handle AUN packets

over UDP. A local attacker could send specially crafted traffic to crash

the system, leadin...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 6.06 LTS:
  linux-image-2.6.15-57-386       2.6.15-57.97
  linux-image-2.6.15-57-686       2.6.15-57.97
  linux-image-2.6.15-57-amd64-generic  2.6.15-57.97
  linux-image-2.6.15-57-amd64-k8  2.6.15-57.97
  linux-image-2.6.15-57-amd64-server  2.6.15-57.97
  linux-image-2.6.15-57-amd64-xeon  2.6.15-57.97
  linux-image-2.6.15-57-hppa32    2.6.15-57.97
  linux-image-2.6.15-57-hppa32-smp  2.6.15-57.97
  linux-image-2.6.15-57-hppa64    2.6.15-57.97
  linux-image-2.6.15-57-hppa64-smp  2.6.15-57.97
  linux-image-2.6.15-57-itanium   2.6.15-57.97
  linux-image-2.6.15-57-itanium-smp  2.6.15-57.97
  linux-image-2.6.15-57-k7        2.6.15-57.97
  linux-image-2.6.15-57-mckinley  2.6.15-57.97
  linux-image-2.6.15-57-mckinley-smp  2.6.15-57.97
  linux-image-2.6.15-57-powerpc   2.6.15-57.97
  linux-image-2.6.15-57-powerpc-smp  2.6.15-57.97
  linux-image-2.6.15-57-powerpc64-smp  2.6.15-57.97
  linux-image-2.6.15-57-server    2.6.15-57.97
  linux-image-2.6.15-57-server-bigiron  2.6.15-57.97
  linux-image-2.6.15-57-sparc64   2.6.15-57.97
  linux-image-2.6.15-57-sparc64-smp  2.6.15-57.97

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

CVE-2010-4164, CVE-2010-4249, CVE-2010-4258, CVE-2010-4342,

CVE-2010-4527, CVE-2010-4529, CVE-2011-0521, CVE-2011-0695,

CVE-2011-1017

Severity
critical
Lowest
Low
Medium
High
Critical

May 05, 2011

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.