Ubuntu 1792-1: Linux kernel vulnerabilities

    Date08 Apr 2013
    CategoryUbuntu
    42
    Posted ByLinuxSecurity Advisories
    Several security issues were fixed in the kernel.
    ==========================================================================
    Ubuntu Security Notice USN-1792-1
    April 08, 2013
    
    linux vulnerabilities
    ==========================================================================
    
    A security issue affects these releases of Ubuntu and its derivatives:
    
    - Ubuntu 10.04 LTS
    
    Summary:
    
    Several security issues were fixed in the kernel.
    
    Software Description:
    - linux: Linux kernel
    
    Details:
    
    Mathias Krause discovered several errors in the Linux kernel's xfrm_user
    implementation. A local attacker could exploit these flaws to examine parts
    of kernel memory. (CVE-2012-6537)
    
    Mathias Krause discovered information leak in the Linux kernel's compat
    ioctl interface. A local user could exploit the flaw to examine parts of
    kernel stack memory (CVE-2012-6539)
    
    Mathias Krause discovered an information leak in the Linux kernel's
    getsockopt for IP_VS_SO_GET_TIMEOUT. A local user could exploit this flaw
    to examine parts of kernel stack memory. (CVE-2012-6540)
    
    Emese Revfy discovered that in the Linux kernel signal handlers could leak
    address information across an exec, making it possible to by pass ASLR
    (Address Space Layout Randomization). A local user could use this flaw to
    by pass ASLR to reliably deliver an exploit payload that would otherwise be
    stopped (by ASLR). (CVE-2013-0914)
    
    A memory use after free error was discover in the Linux kernel's tmpfs
    filesystem. A local user could exploit this flaw to gain privileges or
    cause a denial of service (system crash). (CVE-2013-1767)
    
    Mateusz Guzik discovered a race in the Linux kernel's keyring. A local user
    could exploit this flaw to cause a denial of service (system crash).
    (CVE-2013-1792)
    
    Update instructions:
    
    The problem can be corrected by updating your system to the following
    package versions:
    
    Ubuntu 10.04 LTS:
      linux-image-2.6.32-46-386       2.6.32-46.107
      linux-image-2.6.32-46-generic   2.6.32-46.107
      linux-image-2.6.32-46-generic-pae  2.6.32-46.107
      linux-image-2.6.32-46-ia64      2.6.32-46.107
      linux-image-2.6.32-46-lpia      2.6.32-46.107
      linux-image-2.6.32-46-powerpc   2.6.32-46.107
      linux-image-2.6.32-46-powerpc-smp  2.6.32-46.107
      linux-image-2.6.32-46-powerpc64-smp  2.6.32-46.107
      linux-image-2.6.32-46-preempt   2.6.32-46.107
      linux-image-2.6.32-46-server    2.6.32-46.107
      linux-image-2.6.32-46-sparc64   2.6.32-46.107
      linux-image-2.6.32-46-sparc64-smp  2.6.32-46.107
      linux-image-2.6.32-46-versatile  2.6.32-46.107
      linux-image-2.6.32-46-virtual   2.6.32-46.107
    
    After a standard system update you need to reboot your computer to make
    all the necessary changes.
    
    References:
      http://www.ubuntu.com/usn/usn-1792-1
      CVE-2012-6537, CVE-2012-6539, CVE-2012-6540, CVE-2013-0914,
      CVE-2013-1767, CVE-2013-1792
    
    Package Information:
      https://launchpad.net/ubuntu/+source/linux/2.6.32-46.107
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"23","type":"x","order":"1","pct":53.49,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":11.63,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"15","type":"x","order":"3","pct":34.88,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.