[USN-1644-1] Linux kernel vulnerabilities
Several security issues were fixed in the kernel.
Brad Spengler discovered a flaw in the Linux kernel's uname system call. An
unprivileged user could exploit this flaw to read kernel stack memory.
(CVE-2012-0957)
Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem
that can expose stale data. An unprivileged user could exploit this flaw to
cause an information leak. (CVE-2012-4508)
Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois
congestion control algorithm. A local attacker could use this to cause a
denial of service. (CVE-2012-4565)
Mathias Krause discovered a flaw in the Linux kernel's XFRM netlink
interface. A local user with the NET_ADMIN capability could exploit this
flaw to leak the contents of kernel memory. (CVE-2012-6536)
Mathias Krause discovered several errors in the Linux kernel's xfrm_user
implementation. A local attacker could exploit these flaws to examine parts
of kernel memory. (CVE-2012-6537)
Mathias Krause discovered an information leak in the Linux kernel's
xfrm_user copy_to_user_auth function. A local user could exploit this flaw
to examine parts of kernel heap memory. (CVE-2012-6538)
Dave Jones discovered that the Linux kernel's socket subsystem does not
correctly ensure the keepalive action is associated with a stream socket. A
local user could exploit this flaw to cause a denial of service (system
crash) by creating a raw socket. (CVE-2012-6657)
A flaw was discovered in the Linux kernels handling of memory ranges with
PROT_NONE when transparent hugepages are in use. An unprivileged local user
could exploit this flaw to cause a denial of service (crash the system).
(CVE-2013-0309)
Mathias Krause discovered a flaw in xfrm_user in the Linux kernel. A local
attacker with NET_ADMIN capability could potentially exploit this flaw to
escalate privileges. (CVE-2013-1826)
An information leak was discovered in the Linux kernel's /dev/dvb device. A
local user could exploit this flaw to obtain sensitive information from the
kernel's stack memory. (CVE-2013-1928)
- ID
- USN-1644-1
- Severity
- medium
- Severity from
- CVE-2013-1826
- URL
- https://ubuntu.com/security/notices/USN-1644-1
- Published
-
2012-11-30T08:03:23
(11 years ago) - Modified
-
2012-11-30T08:03:23
(11 years ago) - Other Advisories
-
-
ALAS-2012-142
-
ALAS-2013-148
-
ELSA-2012-1540
-
ELSA-2012-1580
-
ELSA-2012-2047
-
ELSA-2012-2048
-
ELSA-2013-0496
-
ELSA-2013-0744
-
ELSA-2013-0747
-
ELSA-2013-1645
-
ELSA-2013-2507
-
ELSA-2013-2520
-
ELSA-2013-2584
-
ELSA-2013-2585
-
ELSA-2014-1997
-
ELSA-2014-3108
-
FEDORA-2012-16669
-
FEDORA-2012-16787
-
FEDORA-2012-17413
-
FEDORA-2012-17462
-
FEDORA-2012-17479
-
FEDORA-2012-18684
-
FEDORA-2012-18691
-
FEDORA-2012-19337
-
FEDORA-2012-20240
-
FEDORA-2013-1025
-
FEDORA-2013-12990
-
FEDORA-2013-2597
-
FEDORA-2013-3106
-
FEDORA-2013-3909
-
FEDORA-2013-4357
-
FEDORA-2013-6999
-
FEDORA-2013-9123
-
RHSA-2012:1580
-
RHSA-2013:0496
-
RHSA-2013:0744
-
RHSA-2013:1645
-
RHSA-2014:1997
-
SUSE-SU-2015:0481-1
-
SUSE-SU-2015:0652-1
-
USN-1645-1
-
USN-1646-1
-
USN-1647-1
-
USN-1648-1
-
USN-1649-1
-
USN-1650-1
-
USN-1651-1
-
USN-1652-1
-
USN-1653-1
-
USN-1671-1
-
USN-1673-1
-
USN-1704-1
-
USN-1719-1
-
USN-1720-1
-
USN-1726-1
-
USN-1775-1
-
USN-1776-1
-
USN-1792-1
-
USN-1798-1
-
USN-1824-1
-
USN-1829-1
-
USN-1899-1
-
USN-1900-1
-
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |