Ubuntu 11.10 USN-1405-1 Moderate: Kernel DoS and Local Exploits
Mar 27, 2012
•
LinuxSecurity Advisories
2 - 3 min read
Topics Covered
Several security issues were fixed in the kernel.
=========================================================================Ubuntu Security Notice USN-1405-1 March 27, 2012 linux vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.10 Summary: Several security issues were fixed in the kernel. Software Description: - linux: Linux kernel Details: Somnath Kotur discovered an error in the Linux kernel's VLAN (virtual lan) and be2net drivers. An attacker on the local network could exploit this flaw to cause a denial of service. (CVE-2011-3347) Paolo Bonzini discovered a flaw in Linux's handling of the SG_IO ioctl command. A local user, or user in a VM could exploit this flaw to bypass restrictions and gain read/write access to all data on the affected block device. (CVE-2011-4127) Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the Linux kernel. A local user could use this flaw to crash the system causing a denial of service. (CVE-2011-4347) Stephan Bärwolf discovered a flaw in the KVM (kernel-based virtual machine) subsystem of the Linux kernel. A local unprivileged user can crash use this flaw to crash VMs causing a deny of service. (CVE-2012-0045) A flaw was discovered in the Linux kernel's cifs file system. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. (CVE-2012-1090) H. Peter Anvin reported a flaw in the Linux kernel that could crash the system. A local user could exploit this flaw to crash the system. (CVE-2012-1097) A flaw was discovered in the Linux kernel's cgroups subset. A local attacker could use this flaw to crash the system. (CVE-2012-1146) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: linux-image-3.0.0-16-generic 3.0.0-16.29 linux-image-3.0.0-16-generic-pae 3.0.0-16.29 linux-image-3.0.0-16-omap 3.0.0-16.29 linux-image-3.0.0-16-powerpc 3.0.0-16.29 linux-image-3.0.0-16-powerpc-smp 3.0.0-16.29 linux-image-3.0.0-16-powerpc64-smp 3.0.0-16.29 linux-image-3.0.0-16-server 3.0.0-16.29 linux-image-3.0.0-16-virtual 3.0.0-16.29 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-1405-1 CVE-2011-3347, CVE-2011-4127, CVE-2011-4347, CVE-2012-0045, CVE-2012-1090, CVE-2012-1097, CVE-2012-1146 Package Information: https://launchpad.net/ubuntu/+source/linux/3.0.0-16.29
PREVIOUS
NEXT
Ubuntu 11.10 USN-1405-1 Moderate: Kernel DoS and Local Exploits
ubuntu
March 27, 2012
Several security issues were fixed in the kernel.
Summary
Topics Covered
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: linux-image-3.0.0-16-generic 3.0.0-16.29 linux-image-3.0.0-16-generic-pae 3.0.0-16.29 linux-image-3.0.0-16-omap 3.0.0-16.29 linux-image-3.0.0-16-powerpc 3.0.0-16.29 linux-image-3.0.0-16-powerpc-smp 3.0.0-16.29 linux-image-3.0.0-16-powerpc64-smp 3.0.0-16.29 linux-image-3.0.0-16-server 3.0.0-16.29 linux-image-3.0.0-16-virtual 3.0.0-16.29 After a standard system update you need to reboot your computer to make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-1405-1
CVE-2011-3347, CVE-2011-4127, CVE-2011-4347, CVE-2012-0045,
CVE-2012-1090, CVE-2012-1097, CVE-2012-1146
March 27, 2012
Topics Covered
Package Information
https://launchpad.net/ubuntu/+source/linux/3.0.0-16.29
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!