Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ALAS-2011-016

Related Vulnerabilities: CVE-2011-1833   CVE-2011-2723   CVE-2011-2918   CVE-2011-3188   CVE-2011-3191  

The skb_gro_header_slow function in include/linux/netdevice.h in the Linux kernel before 2.6.39.4, when Generic Receive Offload (GRO) is enabled, resets certain fields in incorrect situations, which allows remote attackers to cause a denial of service (system crash) via crafted network traffic. Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid. The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets. Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory. The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application.

Source

ALAS-2011-016

Amazon Linux AMI Security Advisory: ALAS-2011-16
Advisory Release Date: 2011-10-31 18:26 Pacific
Advisory Updated Date: 2014-09-14 14:40 Pacific
Severity: Medium
Issue Overview:

The skb_gro_header_slow function in include/linux/netdevice.h in the Linux kernel before 2.6.39.4, when Generic Receive Offload (GRO) is enabled, resets certain fields in incorrect situations, which allows remote attackers to cause a denial of service (system crash) via crafted network traffic.

Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid.

The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.

Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory.

The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application.


Affected Packages:

kernel


Issue Correction:
Run yum update kernel to update your system. You will need to reboot your system in order for the new kernel to be running.

New Packages:
i686:
    perf-2.6.35.14-97.44.amzn1.i686
    kernel-debuginfo-2.6.35.14-97.44.amzn1.i686
    kernel-debuginfo-common-i686-2.6.35.14-97.44.amzn1.i686
    kernel-headers-2.6.35.14-97.44.amzn1.i686
    kernel-2.6.35.14-97.44.amzn1.i686
    kernel-devel-2.6.35.14-97.44.amzn1.i686

noarch:
    kernel-doc-2.6.35.14-97.44.amzn1.noarch

src:
    kernel-2.6.35.14-97.44.amzn1.src

x86_64:
    kernel-2.6.35.14-97.44.amzn1.x86_64
    kernel-debuginfo-2.6.35.14-97.44.amzn1.x86_64
    kernel-headers-2.6.35.14-97.44.amzn1.x86_64
    kernel-debuginfo-common-x86_64-2.6.35.14-97.44.amzn1.x86_64
    perf-2.6.35.14-97.44.amzn1.x86_64
    kernel-devel-2.6.35.14-97.44.amzn1.x86_64

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started