Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-914-1: Linux kernel vulnerabilities

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-914-1: Linux kernel vulnerabilities
# 1  
Old 03-16-2010
USN-914-1: Linux kernel vulnerabilities
Referenced CVEs:
CVE-2010-0307, CVE-2010-0309, CVE-2010-0410, CVE-2010-0415, CVE-2010-0622, CVE-2010-0623


Description:
=========================================================== Ubuntu Security Notice USN-914-1 March 17, 2010 linux, linux-source-2.6.15 vulnerabilities CVE-2010-0307, CVE-2010-0309, CVE-2010-0410, CVE-2010-0415, CVE-2010-0622, CVE-2010-0623 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: linux-image-2.6.15-55-386 2.6.15-55.83 linux-image-2.6.15-55-686 2.6.15-55.83 linux-image-2.6.15-55-amd64-generic 2.6.15-55.83 linux-image-2.6.15-55-amd64-k8 2.6.15-55.83 linux-image-2.6.15-55-amd64-server 2.6.15-55.83 linux-image-2.6.15-55-amd64-xeon 2.6.15-55.83 linux-image-2.6.15-55-hppa32 2.6.15-55.83 linux-image-2.6.15-55-hppa32-smp 2.6.15-55.83 linux-image-2.6.15-55-hppa64 2.6.15-55.83 linux-image-2.6.15-55-hppa64-smp 2.6.15-55.83 linux-image-2.6.15-55-itanium 2.6.15-55.83 linux-image-2.6.15-55-itanium-smp 2.6.15-55.83 linux-image-2.6.15-55-k7 2.6.15-55.83 linux-image-2.6.15-55-mckinley 2.6.15-55.83 linux-image-2.6.15-55-mckinley-smp 2.6.15-55.83 linux-image-2.6.15-55-powerpc 2.6.15-55.83 linux-image-2.6.15-55-powerpc-smp 2.6.15-55.83 linux-image-2.6.15-55-powerpc64-smp 2.6.15-55.83 linux-image-2.6.15-55-server 2.6.15-55.83 linux-image-2.6.15-55-server-bigiron 2.6.15-55.83 linux-image-2.6.15-55-sparc64 2.6.15-55.83 linux-image-2.6.15-55-sparc64-smp 2.6.15-55.83 Ubuntu 8.04 LTS: linux-image-2.6.24-27-386 2.6.24-27.68 linux-image-2.6.24-27-generic 2.6.24-27.68 linux-image-2.6.24-27-hppa32 2.6.24-27.68 linux-image-2.6.24-27-hppa64 2.6.24-27.68 linux-image-2.6.24-27-itanium 2.6.24-27.68 linux-image-2.6.24-27-lpia 2.6.24-27.68 linux-image-2.6.24-27-lpiacompat 2.6.24-27.68 linux-image-2.6.24-27-mckinley 2.6.24-27.68 linux-image-2.6.24-27-openvz 2.6.24-27.68 linux-image-2.6.24-27-powerpc 2.6.24-27.68 linux-image-2.6.24-27-powerpc-smp 2.6.24-27.68 linux-image-2.6.24-27-powerpc64-smp 2.6.24-27.68 linux-image-2.6.24-27-rt 2.6.24-27.68 linux-image-2.6.24-27-server 2.6.24-27.68 linux-image-2.6.24-27-sparc64 2.6.24-27.68 linux-image-2.6.24-27-sparc64-smp 2.6.24-27.68 linux-image-2.6.24-27-virtual 2.6.24-27.68 linux-image-2.6.24-27-xen 2.6.24-27.68 Ubuntu 8.10: linux-image-2.6.27-17-generic 2.6.27-17.46 linux-image-2.6.27-17-server 2.6.27-17.46 linux-image-2.6.27-17-virtual 2.6.27-17.46 Ubuntu 9.04: linux-image-2.6.28-18-generic 2.6.28-18.60 linux-image-2.6.28-18-imx51 2.6.28-18.60 linux-image-2.6.28-18-iop32x 2.6.28-18.60 linux-image-2.6.28-18-ixp4xx 2.6.28-18.60 linux-image-2.6.28-18-lpia 2.6.28-18.60 linux-image-2.6.28-18-server 2.6.28-18.60 linux-image-2.6.28-18-versatile 2.6.28-18.60 linux-image-2.6.28-18-virtual 2.6.28-18.60 Ubuntu 9.10: linux-image-2.6.31-109-imx51 2.6.31-109.25 linux-image-2.6.31-20-386 2.6.31-20.58 linux-image-2.6.31-20-generic 2.6.31-20.58 linux-image-2.6.31-20-generic-pae 2.6.31-20.58 linux-image-2.6.31-20-ia64 2.6.31-20.58 linux-image-2.6.31-20-lpia 2.6.31-20.58 linux-image-2.6.31-20-powerpc 2.6.31-20.58 linux-image-2.6.31-20-powerpc-smp 2.6.31-20.58 linux-image-2.6.31-20-powerpc64-smp 2.6.31-20.58 linux-image-2.6.31-20-server 2.6.31-20.58 linux-image-2.6.31-20-sparc64 2.6.31-20.58 linux-image-2.6.31-20-sparc64-smp 2.6.31-20.58 linux-image-2.6.31-20-virtual 2.6.31-20.58 linux-image-2.6.31-212-dove 2.6.31-212.26 linux-image-2.6.31-212-dove-z0 2.6.31-212.26 linux-image-2.6.31-305-ec2 2.6.31-305.13 After a standard system upgrade you need to reboot your computer to effect the necessary changes. Details follow: Mathias Krause discovered that the Linux kernel did not correctly handle missing ELF interpreters. A local attacker could exploit this to cause the system to crash, leading to a denial of service. (CVE-2010-0307) Marcelo Tosatti discovered that the Linux kernel's hardware virtualization did not correctly handle reading the /dev/port special device. A local attacker in a guest operating system could issue a specific read that would cause the host system to crash, leading to a denial of service. (CVE-2010-0309) Sebastian Krahmer discovered that the Linux kernel did not correctly handle netlink connector messages. A local attacker could exploit this to consume kernel memory, leading to a denial of service. (CVE-2010-0410) Ramon de Carvalho Valle discovered that the Linux kernel did not correctly validate certain memory migration calls. A local attacker could exploit this to read arbitrary kernel memory or cause a system crash, leading to a denial of service. (CVE-2010-0415) Jermome Marchand and Mikael Pettersson discovered that the Linux kernel did not correctly handle certain futex operations. A local attacker could exploit this to cause a system crash, leading to a denial of service. (CVE-2010-0622, CVE-2010-0623)





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question