Ubuntu 1170-1: Linux kernel vulnerabilities

    Date15 Jul 2011
    CategoryUbuntu
    48
    Posted ByLinuxSecurity Advisories
    Multiple kernel flaws have been fixed.
    ==========================================================================
    Ubuntu Security Notice USN-1170-1
    July 15, 2011
    
    linux vulnerabilities
    ==========================================================================
    
    A security issue affects these releases of Ubuntu and its derivatives:
    
    - Ubuntu 8.04 LTS
    
    Summary:
    
    Multiple kernel flaws have been fixed.
    
    Software Description:
    - linux: Linux kernel
    
    Details:
    
    Dan Rosenberg discovered that multiple terminal ioctls did not correctly
    initialize structure memory. A local attacker could exploit this to read
    portions of kernel stack memory, leading to a loss of privacy.
    (CVE-2010-4076, CVE-2010-4077)
    
    It was discovered that Xen did not correctly handle certain block requests.
    A local attacker in a Xen guest could cause the Xen host to use all
    available CPU resources, leading to a denial of service. (CVE-2010-4247)
    
    It was discovered that the ICMP stack did not correctly handle certain
    unreachable messages. If a remote attacker were able to acquire a socket
    lock, they could send specially crafted traffic that would crash the
    system, leading to a denial of service. (CVE-2010-4526)
    
    Kees Cook reported that /proc/pid/stat did not correctly filter certain
    memory locations. A local attacker could determine the memory layout of
    processes in an attempt to increase the chances of a successful memory
    corruption exploit. (CVE-2011-0726)
    
    Timo Warns discovered that OSF partition parsing routines did not correctly
    clear memory. A local attacker with physical access could plug in a
    specially crafted block device to read kernel memory, leading to a loss of
    privacy. (CVE-2011-1163)
    
    Timo Warns discovered that the GUID partition parsing routines did not
    correctly validate certain structures. A local attacker with physical
    access could plug in a specially crafted block device to crash the system,
    leading to a denial of service. (CVE-2011-1577)
    
    Vasiliy Kulikov discovered that the AGP driver did not check certain ioctl
    values. A local attacker with access to the video subsystem could exploit
    this to crash the system, leading to a denial of service, or possibly gain
    root privileges. (CVE-2011-1745, CVE-2011-2022)
    
    Vasiliy Kulikov discovered that the AGP driver did not check the size of
    certain memory allocations. A local attacker with access to the video
    subsystem could exploit this to run the system out of memory, leading to a
    denial of service. (CVE-2011-1746, CVE-2011-1747)
    
    Update instructions:
    
    The problem can be corrected by updating your system to the following
    package versions:
    
    Ubuntu 8.04 LTS:
      linux-image-2.6.24-29-386       2.6.24-29.91
      linux-image-2.6.24-29-generic   2.6.24-29.91
      linux-image-2.6.24-29-hppa32    2.6.24-29.91
      linux-image-2.6.24-29-hppa64    2.6.24-29.91
      linux-image-2.6.24-29-itanium   2.6.24-29.91
      linux-image-2.6.24-29-lpia      2.6.24-29.91
      linux-image-2.6.24-29-lpiacompat  2.6.24-29.91
      linux-image-2.6.24-29-mckinley  2.6.24-29.91
      linux-image-2.6.24-29-openvz    2.6.24-29.91
      linux-image-2.6.24-29-powerpc   2.6.24-29.91
      linux-image-2.6.24-29-powerpc-smp  2.6.24-29.91
      linux-image-2.6.24-29-powerpc64-smp  2.6.24-29.91
      linux-image-2.6.24-29-rt        2.6.24-29.91
      linux-image-2.6.24-29-server    2.6.24-29.91
      linux-image-2.6.24-29-sparc64   2.6.24-29.91
      linux-image-2.6.24-29-sparc64-smp  2.6.24-29.91
      linux-image-2.6.24-29-virtual   2.6.24-29.91
      linux-image-2.6.24-29-xen       2.6.24-29.91
    
    After a standard system update you need to reboot your computer to make
    all the necessary changes.
    
    References:
      http://www.ubuntu.com/usn/usn-1170-1
      CVE-2010-4076, CVE-2010-4077, CVE-2010-4247, CVE-2010-4526,
      CVE-2011-0726, CVE-2011-1163, CVE-2011-1577, CVE-2011-1745,
      CVE-2011-1746, CVE-2011-1747, CVE-2011-2022
    
    Package Information:
      https://launchpad.net/ubuntu/+source/linux/2.6.24-29.91
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"37","type":"x","order":"1","pct":51.39,"resources":[]},{"id":"88","title":"Should be more technical","votes":"10","type":"x","order":"2","pct":13.89,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"25","type":"x","order":"3","pct":34.72,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.