Ubuntu 1146-1: Linux kernel vulnerabilities

    Date09 Jun 2011
    CategoryUbuntu
    46
    Posted ByLinuxSecurity Advisories
    Multiple flaws fixed in the Linux kernel.
    ==========================================================================
    Ubuntu Security Notice USN-1146-1
    June 09, 2011
    
    linux vulnerabilities
    ==========================================================================
    
    A security issue affects these releases of Ubuntu and its derivatives:
    
    - Ubuntu 8.04 LTS
    
    Summary:
    
    Multiple flaws fixed in the Linux kernel.
    
    Software Description:
    - linux: Linux kernel
    
    Details:
    
    Kees Cook discovered that some ethtool functions did not correctly clear
    heap memory. A local attacker with CAP_NET_ADMIN privileges could exploit
    this to read portions of kernel heap memory, leading to a loss of privacy.
    (CVE-2010-4655)
    
    Kees Cook discovered that the IOWarrior USB device driver did not correctly
    check certain size fields. A local attacker with physical access could plug
    in a specially crafted USB device to crash the system or potentially gain
    root privileges. (CVE-2010-4656)
    
    Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly
    clear memory when writing certain file holes. A local attacker could
    exploit this to read uninitialized data from the disk, leading to a loss of
    privacy. (CVE-2011-0463)
    
    Jens Kuehnel discovered that the InfiniBand driver contained a race
    condition. On systems using InfiniBand, a local attacker could send
    specially crafted requests to crash the system, leading to a denial of
    service. (CVE-2011-0695)
    
    Rafael Dominguez Vega discovered that the caiaq Native Instruments USB
    driver did not correctly validate string lengths. A local attacker with
    physical access could plug in a specially crafted USB device to crash the
    system or potentially gain root privileges. (CVE-2011-0712)
    
    Timo Warns discovered that LDM partition parsing routines did not correctly
    calculate block counts. A local attacker with physical access could plug in
    a specially crafted block device to crash the system, leading to a denial
    of service. (CVE-2011-1012)
    
    Timo Warns discovered that the LDM disk partition handling code did not
    correctly handle certain values. By inserting a specially crafted disk
    device, a local attacker could exploit this to gain root privileges.
    (CVE-2011-1017)
    
    Tavis Ormandy discovered that the pidmap function did not correctly handle
    large requests. A local attacker could exploit this to crash the system,
    leading to a denial of service. (CVE-2011-1593)
    
    Update instructions:
    
    The problem can be corrected by updating your system to the following
    package versions:
    
    Ubuntu 8.04 LTS:
      linux-image-2.6.24-29-386       2.6.24-29.90
      linux-image-2.6.24-29-generic   2.6.24-29.90
      linux-image-2.6.24-29-hppa32    2.6.24-29.90
      linux-image-2.6.24-29-hppa64    2.6.24-29.90
      linux-image-2.6.24-29-itanium   2.6.24-29.90
      linux-image-2.6.24-29-lpia      2.6.24-29.90
      linux-image-2.6.24-29-lpiacompat  2.6.24-29.90
      linux-image-2.6.24-29-mckinley  2.6.24-29.90
      linux-image-2.6.24-29-openvz    2.6.24-29.90
      linux-image-2.6.24-29-powerpc   2.6.24-29.90
      linux-image-2.6.24-29-powerpc-smp  2.6.24-29.90
      linux-image-2.6.24-29-powerpc64-smp  2.6.24-29.90
      linux-image-2.6.24-29-rt        2.6.24-29.90
      linux-image-2.6.24-29-server    2.6.24-29.90
      linux-image-2.6.24-29-sparc64   2.6.24-29.90
      linux-image-2.6.24-29-sparc64-smp  2.6.24-29.90
      linux-image-2.6.24-29-virtual   2.6.24-29.90
      linux-image-2.6.24-29-xen       2.6.24-29.90
    
    After a standard system update you need to reboot your computer to make
    all the necessary changes.
    
    References:
      CVE-2010-4655, CVE-2010-4656, CVE-2011-0463, CVE-2011-0695,
      CVE-2011-0712, CVE-2011-1012, CVE-2011-1017, CVE-2011-1593
    
    Package Information:
      https://launchpad.net/ubuntu/+source/linux/2.6.24-29.90
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"23","type":"x","order":"1","pct":53.49,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":11.63,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"15","type":"x","order":"3","pct":34.88,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.