Alerts This Week
Warning Icon 1 535
Alerts This Week
Warning Icon 1 535

Ubuntu 12.10: USN-1646-1 Critical: Kernel Memory Exploit Notice

Calendar Nov 30, 2012 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory denial of service Ubuntu kernel memory exploit CVE-2012-0957 CVE-2012-4565
Several security issues were fixed in the kernel. 
=========================================================================Ubuntu Security Notice USN-1646-1
November 30, 2012

linux vulnerabilities
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux: Linux kernel

Details:

Brad Spengler discovered a flaw in the Linux kernel's uname system call. An
unprivileged user could exploit this flaw to read kernel stack memory.
(CVE-2012-0957)

Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois
congestion control algorithm. A local attacker could use this to cause a
denial of service. (CVE-2012-4565)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
  linux-image-3.5.0-19-generic    3.5.0-19.30
  linux-image-3.5.0-19-highbank   3.5.0-19.30
  linux-image-3.5.0-19-omap       3.5.0-19.30
  linux-image-3.5.0-19-powerpc-smp  3.5.0-19.30
  linux-image-3.5.0-19-powerpc64-smp  3.5.0-19.30

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-1646-1
  CVE-2012-0957, CVE-2012-4565

Package Information:
  https://launchpad.net/ubuntu/+source/linux/3.5.0-19.30

Ubuntu 12.10: USN-1646-1 Critical: Kernel Memory Exploit Notice

ubuntu
Calendar Grey November 30, 2012
Dist Ubuntu Esm H88
Security issues addressed in Ubuntu 12.10 Linux kernel updates may allow user exploitation and denial of service.
Several security issues were fixed in the kernel.

Summary

Topics%20covered

Topics Covered

security advisory denial of service Ubuntu kernel memory exploit CVE-2012-0957 CVE-2012-4565

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 12.10: linux-image-3.5.0-19-generic 3.5.0-19.30 linux-image-3.5.0-19-highbank 3.5.0-19.30 linux-image-3.5.0-19-omap 3.5.0-19.30 linux-image-3.5.0-19-powerpc-smp 3.5.0-19.30 linux-image-3.5.0-19-powerpc64-smp 3.5.0-19.30 After a standard system update you need to reboot your computer to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-1646-1

CVE-2012-0957, CVE-2012-4565

Severity
critical
Lowest
Low
Medium
High
Critical

November 30, 2012

Topics%20covered

Topics Covered

security advisory denial of service Ubuntu kernel memory exploit CVE-2012-0957 CVE-2012-4565

Package Information

https://launchpad.net/ubuntu/+source/linux/3.5.0-19.30

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here