[USN-1023-1] Linux kernel vulnerabilities
The Linux kernel could be made to run unauthorized programs with administrator privileges.
Nelson Elhage discovered several problems with the Acorn Econet protocol
driver. A local user could cause a denial of service via a NULL pointer
dereference, escalate privileges by overflowing the kernel stack, and
assign Econet addresses to arbitrary interfaces. (CVE-2010-3848,
CVE-2010-3849, CVE-2010-3850)
Brad Spengler discovered that the wireless extensions did not correctly
validate certain request sizes. A local attacker could exploit this to read
portions of kernel memory, leading to a loss of privacy. (CVE-2010-2955)
Dan Rosenberg discovered that the VIA video driver did not correctly clear
kernel memory. A local attacker could exploit this to read kernel stack
memory, leading to a loss of privacy. (CVE-2010-4082)
A flaw was discovered in the Linux kernel's splice system call. A local
user could use this flaw to cause a denial of service (system crash).
(CVE-2013-2128)
- ID
- USN-1023-1
- Severity
- medium
- Severity from
- CVE-2010-3848
- URL
- https://ubuntu.com/security/notices/USN-1023-1
- Published
-
2010-11-30T02:23:58
(14 years ago) - Modified
-
2010-11-30T02:23:58
(14 years ago) - Other Advisories
-
-
ALAS-2013-218
-
ELSA-2010-2011
-
ELSA-2011-0007
-
ELSA-2013-1051
-
FEDORA-2010-14235
-
FEDORA-2010-14890
-
FEDORA-2010-18506
-
FEDORA-2010-18983
-
FEDORA-2011-2134
-
FEDORA-2011-6447
-
RHSA-2010:0842
-
RHSA-2011:0007
-
RHSA-2013:1051
-
SUSE-SU-2015:0652-1
-
USN-1073-1
-
USN-1074-1
-
USN-1074-2
-
USN-1083-1
-
USN-1093-1
-
USN-1119-1
-
USN-1164-1
-
USN-1202-1
-
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |