[USN-1023-1] Linux kernel vulnerabilities
The Linux kernel could be made to run unauthorized programs with administrator privileges.
Nelson Elhage discovered several problems with the Acorn Econet protocol
driver. A local user could cause a denial of service via a NULL pointer
dereference, escalate privileges by overflowing the kernel stack, and
assign Econet addresses to arbitrary interfaces. (CVE-2010-3848,
CVE-2010-3849, CVE-2010-3850)
Brad Spengler discovered that the wireless extensions did not correctly
validate certain request sizes. A local attacker could exploit this to read
portions of kernel memory, leading to a loss of privacy. (CVE-2010-2955)
Dan Rosenberg discovered that the VIA video driver did not correctly clear
kernel memory. A local attacker could exploit this to read kernel stack
memory, leading to a loss of privacy. (CVE-2010-4082)
A flaw was discovered in the Linux kernel's splice system call. A local
user could use this flaw to cause a denial of service (system crash).
(CVE-2013-2128)
- ID
- USN-1023-1
- Severity
- medium
- Severity from
- CVE-2010-3848
- URL
- https://ubuntu.com/security/notices/USN-1023-1
- Published
-
2010-11-30T02:23:58
(14 years ago) - Modified
-
2010-11-30T02:23:58
(14 years ago) - Other Advisories
-
- ALAS-2013-218
- ELSA-2010-2011
- ELSA-2011-0007
- ELSA-2013-1051
- FEDORA-2010-14235
- FEDORA-2010-14890
- FEDORA-2010-18506
- FEDORA-2010-18983
- FEDORA-2011-2134
- FEDORA-2011-6447
- RHSA-2010:0842
- RHSA-2011:0007
- RHSA-2013:1051
- SUSE-SU-2015:0652-1
- USN-1073-1
- USN-1074-1
- USN-1074-2
- USN-1083-1
- USN-1093-1
- USN-1119-1
- USN-1164-1
- USN-1202-1
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |