Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

linux vulnerabilities

Related Vulnerabilities: CVE-2012-6549   CVE-2013-1826   CVE-2013-1860   CVE-2013-1928   CVE-2013-2634  

Several security issues were fixed in the kernel.

Mathias Krause discovered an information leak in the Linux kernel’s ISO 9660 CDROM file system driver. A local user could exploit this flaw to examine some of the kernel’s heap memory. (CVE-2012-6549)

Source

15 May 2013

linux vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 10.04 LTS

Summary

Several security issues were fixed in the kernel.

Software Description

  • linux - Linux kernel

Details

Mathias Krause discovered an information leak in the Linux kernel’s ISO 9660 CDROM file system driver. A local user could exploit this flaw to examine some of the kernel’s heap memory. (CVE-2012-6549)

Mathias Krause discovered a flaw in xfrm_user in the Linux kernel. A local attacker with NET_ADMIN capability could potentially exploit this flaw to escalate privileges. (CVE-2013-1826)

A buffer overflow was discovered in the Linux Kernel’s USB subsystem for devices reporting the cdc-wdm class. A specially crafted USB device when plugged-in could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2013-1860)

An information leak was discovered in the Linux kernel’s /dev/dvb device. A local user could exploit this flaw to obtain sensitive information from the kernel’s stack memory. (CVE-2013-1928)

An information leak in the Linux kernel’s dcb netlink interface was discovered. A local user could obtain sensitive information by examining kernel stack memory. (CVE-2013-2634)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 10.04 LTS
linux-image-2.6.32-47-386 - 2.6.32-47.109
linux-image-2.6.32-47-generic - 2.6.32-47.109
linux-image-2.6.32-47-generic-pae - 2.6.32-47.109
linux-image-2.6.32-47-ia64 - 2.6.32-47.109
linux-image-2.6.32-47-lpia - 2.6.32-47.109
linux-image-2.6.32-47-powerpc - 2.6.32-47.109
linux-image-2.6.32-47-powerpc-smp - 2.6.32-47.109
linux-image-2.6.32-47-powerpc64-smp - 2.6.32-47.109
linux-image-2.6.32-47-preempt - 2.6.32-47.109
linux-image-2.6.32-47-server - 2.6.32-47.109
linux-image-2.6.32-47-sparc64 - 2.6.32-47.109
linux-image-2.6.32-47-sparc64-smp - 2.6.32-47.109
linux-image-2.6.32-47-versatile - 2.6.32-47.109
linux-image-2.6.32-47-virtual - 2.6.32-47.109

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well.

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started