Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:26447
HistoryJun 02, 2011 - 12:00 a.m.

[USN-1141-1] Linux kernel vulnerabilities

2011-06-0200:00:00
vulners.com
27
JSON

==========================================================================
Ubuntu Security Notice USN-1141-1
May 31, 2011

linux, linux-ec2 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 10.04 LTS

Summary:

Multiple kernel vulnerabilities have been fixed.

Software Description:

  • linux: Linux kernel
  • linux-ec2: Linux kernel for EC2

Details:

Brad Spengler discovered that the kernel did not correctly account for
userspace memory allocations during exec() calls. A local attacker could
exploit this to consume all system memory, leading to a denial of service.
(CVE-2010-4243)

Alexander Duyck discovered that the Intel Gigabit Ethernet driver did not
correctly handle certain configurations. If such a device was configured
without VLANs, a remote attacker could crash the system, leading to a
denial of service. (CVE-2010-4263)

Nelson Elhage discovered that Econet did not correctly handle AUN packets
over UDP. A local attacker could send specially crafted traffic to crash
the system, leading to a denial of service. (CVE-2010-4342)

Dan Rosenberg discovered that IRDA did not correctly check the size of
buffers. On non-x86 systems, a local attacker could exploit this to read
kernel heap memory, leading to a loss of privacy. (CVE-2010-4529)

Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses
into the /proc filesystem. A local attacker could use this to increase
the chances of a successful memory corruption exploit. (CVE-2010-4565)

Kees Cook discovered that the IOWarrior USB device driver did not
correctly check certain size fields. A local attacker with physical
access could plug in a specially crafted USB device to crash the system
or potentially gain root privileges. (CVE-2010-4656)

Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly
clear memory when writing certain file holes. A local attacker could
exploit this to read uninitialized data from the disk, leading to a loss
of privacy. (CVE-2011-0463)

Dan Carpenter discovered that the TTPCI DVB driver did not check certain
values during an ioctl. If the dvb-ttpci module was loaded, a local
attacker could exploit this to crash the system, leading to a denial of
service, or possibly gain root privileges. (CVE-2011-0521)

Jens Kuehnel discovered that the InfiniBand driver contained a race
condition. On systems using InfiniBand, a local attacker could send
specially crafted requests to crash the system, leading to a denial of
service. (CVE-2011-0695)

Rafael Dominguez Vega discovered that the caiaq Native Instruments USB
driver did not correctly validate string lengths. A local attacker with
physical access could plug in a specially crafted USB device to crash
the system or potentially gain root privileges. (CVE-2011-0712)

Kees Cook reported that /proc/pid/stat did not correctly filter certain
memory locations. A local attacker could determine the memory layout of
processes in an attempt to increase the chances of a successful memory
corruption exploit. (CVE-2011-0726)

Timo Warns discovered that MAC partition parsing routines did not
correctly calculate block counts. A local attacker with physical access
could plug in a specially crafted block device to crash the system or
potentially gain root privileges. (CVE-2011-1010)

Timo Warns discovered that LDM partition parsing routines did not
correctly calculate block counts. A local attacker with physical access
could plug in a specially crafted block device to crash the system, leading
to a denial of service. (CVE-2011-1012)

Matthiew Herrb discovered that the drm modeset interface did not correctly
handle a signed comparison. A local attacker could exploit this to crash
the system or possibly gain root privileges. (CVE-2011-1013)

Marek Olsak discovered that the Radeon GPU drivers did not correctly
validate certain registers. On systems with specific hardware,
a local attacker could exploit this to write to arbitrary video
memory. (CVE-2011-1016)

Vasiliy Kulikov discovered that the CAP_SYS_MODULE capability was not
needed to load kernel modules. A local attacker with the CAP_NET_ADMIN
capability could load existing kernel modules, possibly increasing the
attack surface available on the system. (CVE-2011-1019)

Nelson Elhage discovered that the epoll subsystem did not correctly handle
certain structures. A local attacker could create malicious requests that
would hang the system, leading to a denial of service. (CVE-2011-1082)

Nelson Elhage discovered that the epoll subsystem did not correctly handle
certain structures. A local attacker could create malicious requests that
would consume large amounts of CPU, leading to a denial of service.
(CVE-2011-1083)

Julien Tinnes discovered that the kernel did not correctly validate
the signal structure from tkill(). A local attacker could exploit
this to send signals to arbitrary threads, possibly bypassing expected
restrictions. (CVE-2011-1182)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 10.04 LTS:
linux-image-2.6.32-316-ec2 2.6.32-316.31
linux-image-2.6.32-32-386 2.6.32-32.62
linux-image-2.6.32-32-generic 2.6.32-32.62
linux-image-2.6.32-32-generic-pae 2.6.32-32.62
linux-image-2.6.32-32-ia64 2.6.32-32.62
linux-image-2.6.32-32-lpia 2.6.32-32.62
linux-image-2.6.32-32-powerpc 2.6.32-32.62
linux-image-2.6.32-32-powerpc-smp 2.6.32-32.62
linux-image-2.6.32-32-powerpc64-smp 2.6.32-32.62
linux-image-2.6.32-32-preempt 2.6.32-32.62
linux-image-2.6.32-32-server 2.6.32-32.62
linux-image-2.6.32-32-sparc64 2.6.32-32.62
linux-image-2.6.32-32-sparc64-smp 2.6.32-32.62
linux-image-2.6.32-32-versatile 2.6.32-32.62
linux-image-2.6.32-32-virtual 2.6.32-32.62

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
CVE-2010-4243, CVE-2010-4263, CVE-2010-4342, CVE-2010-4529,
CVE-2010-4565, CVE-2010-4656, CVE-2011-0463, CVE-2011-0521,
CVE-2011-0695, CVE-2011-0712, CVE-2011-0726, CVE-2011-1010,
CVE-2011-1012, CVE-2011-1013, CVE-2011-1016, CVE-2011-1019,
CVE-2011-1082, CVE-2011-1083, CVE-2011-1182

Package Information:
https://launchpad.net/ubuntu/+source/linux/2.6.32-32.62
https://launchpad.net/ubuntu/+source/linux-ec2/2.6.32-316.31

Related

openvas 48
ubuntu 9
nessus 35
securityvulns 7
seebug 6
oraclelinux 6
suse 5
redhat 6
osv 1
ubuntucve 19
debian 1
cve 19
prion 20
veracode 15
centos 1
packetstorm 1
openvas
openvas
Ubuntu Update for linux USN-1141-1
2011-06-06 00:00:00
Ubuntu Update for linux USN-1141-1
2011-06-06 00:00:00
Ubuntu Update for linux USN-1160-1
2011-07-08 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2011-06-01 00:00:00
Linux kernel vulnerabilities
2011-06-09 00:00:00
Linux kernel vulnerabilities
2011-05-24 00:00:00
nessus
nessus
Ubuntu 10.04 LTS : linux, linux-ec2 vulnerabilities (USN-1141-1)
2011-06-13 00:00:00
Ubuntu 8.04 LTS : linux vulnerabilities (USN-1146-1)
2011-06-13 00:00:00
Ubuntu 8.04 LTS : linux vulnerabilities (USN-1133-1)
2011-06-13 00:00:00
securityvulns
securityvulns
Linux kernel multiple DoS conditions
2011-06-02 00:00:00
[USN-1133-1] Linux kernel vulnerabilities
2011-05-25 00:00:00
[USN-1111-1] Linux kernel vulnerabilities
2011-05-08 00:00:00
seebug
seebug
Linux Kernel epoll Subsystem “eventpoll.c”多个本地拒绝服务漏洞
2012-02-22 00:00:00
Linux Kernel '/proc/[pid]/stat'本地信息泄露漏洞
2011-05-12 00:00:00
Linux Kernel I/O-Warrior USB设备栈溢出漏洞
2011-03-14 00:00:00
oraclelinux
oraclelinux
Oracle Linux 6 Unbreakable Enterprise kernel security fix update
2011-05-11 00:00:00
Oracle Linux 6 Unbreakable Enterprise kernel security fix update
2011-04-14 00:00:00
kernel security, bug fix, and enhancement update
2011-05-10 00:00:00
suse
suse
remote denial of service in kernel
2011-04-29 16:52:44
remote denial of service, local privilege in kernel
2011-04-28 11:17:40
remote denial of service in kernel
2011-04-28 13:57:06
redhat
redhat
(RHSA-2011:0500) Important: kernel-rt security and bug fix update
2011-05-10 00:00:00
(RHSA-2011:0498) Important: kernel security, bug fix, and enhancement update
2011-05-10 00:00:00
(RHSA-2012:0150) Moderate: Red Hat Enterprise Linux 5.8 kernel update
2012-02-21 00:00:00
osv
osv
linux-2.6 - several issues
2011-01-30 00:00:00
ubuntucve
ubuntucve
CVE-2010-4656
2011-01-25 00:00:00
CVE-2010-4529
2011-01-13 00:00:00
CVE-2011-0463
2011-04-09 00:00:00
debian
debian
[SECURITY] [DSA 2153-1] linux-2.6 security update
2011-01-30 06:42:05
cve
cve
CVE-2010-4529
2011-01-13 19:00:00
CVE-2011-0463
2011-04-10 02:51:00
CVE-2010-4656
2011-07-18 19:55:00
prion
prion
Integer overflow
2011-01-13 19:00:00
Design/Logic Flaw
2011-04-10 02:51:00
Heap overflow
2011-07-18 19:55:00
veracode
veracode
Privilege Escalation
2020-04-10 01:00:00
Denial Of Service (DoS)
2020-04-10 01:00:36
Denial Of Service (DoS)
2020-04-10 00:55:50
centos
centos
kernel security update
2011-04-14 13:37:51
packetstorm
packetstorm
Ubuntu Security Notice USN-1202-1
2011-09-14 00:00:00
JSON
Related for SECURITYVULNS:DOC:26447
openvas48ubuntu9nessus35securityvulns7seebug6oraclelinux6suse5redhat6osv1ubuntucve19debian1cve19prion20veracode15centos1packetstorm1