[USN-1644-1] Linux kernel vulnerabilities
Several security issues were fixed in the kernel.
Brad Spengler discovered a flaw in the Linux kernel's uname system call. An
unprivileged user could exploit this flaw to read kernel stack memory.
(CVE-2012-0957)
Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem
that can expose stale data. An unprivileged user could exploit this flaw to
cause an information leak. (CVE-2012-4508)
Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois
congestion control algorithm. A local attacker could use this to cause a
denial of service. (CVE-2012-4565)
Mathias Krause discovered a flaw in the Linux kernel's XFRM netlink
interface. A local user with the NET_ADMIN capability could exploit this
flaw to leak the contents of kernel memory. (CVE-2012-6536)
Mathias Krause discovered several errors in the Linux kernel's xfrm_user
implementation. A local attacker could exploit these flaws to examine parts
of kernel memory. (CVE-2012-6537)
Mathias Krause discovered an information leak in the Linux kernel's
xfrm_user copy_to_user_auth function. A local user could exploit this flaw
to examine parts of kernel heap memory. (CVE-2012-6538)
Dave Jones discovered that the Linux kernel's socket subsystem does not
correctly ensure the keepalive action is associated with a stream socket. A
local user could exploit this flaw to cause a denial of service (system
crash) by creating a raw socket. (CVE-2012-6657)
A flaw was discovered in the Linux kernels handling of memory ranges with
PROT_NONE when transparent hugepages are in use. An unprivileged local user
could exploit this flaw to cause a denial of service (crash the system).
(CVE-2013-0309)
Mathias Krause discovered a flaw in xfrm_user in the Linux kernel. A local
attacker with NET_ADMIN capability could potentially exploit this flaw to
escalate privileges. (CVE-2013-1826)
An information leak was discovered in the Linux kernel's /dev/dvb device. A
local user could exploit this flaw to obtain sensitive information from the
kernel's stack memory. (CVE-2013-1928)
- ID
- USN-1644-1
- Severity
- medium
- Severity from
- CVE-2013-1826
- URL
- https://ubuntu.com/security/notices/USN-1644-1
- Published
-
2012-11-30T08:03:23
(11 years ago) - Modified
-
2012-11-30T08:03:23
(11 years ago) - Other Advisories
-
- ALAS-2012-142
- ALAS-2013-148
- ELSA-2012-1540
- ELSA-2012-1580
- ELSA-2012-2047
- ELSA-2012-2048
- ELSA-2013-0496
- ELSA-2013-0744
- ELSA-2013-0747
- ELSA-2013-1645
- ELSA-2013-2507
- ELSA-2013-2520
- ELSA-2013-2584
- ELSA-2013-2585
- ELSA-2014-1997
- ELSA-2014-3108
- FEDORA-2012-16669
- FEDORA-2012-16787
- FEDORA-2012-17413
- FEDORA-2012-17462
- FEDORA-2012-17479
- FEDORA-2012-18684
- FEDORA-2012-18691
- FEDORA-2012-19337
- FEDORA-2012-20240
- FEDORA-2013-1025
- FEDORA-2013-12990
- FEDORA-2013-2597
- FEDORA-2013-3106
- FEDORA-2013-3909
- FEDORA-2013-4357
- FEDORA-2013-6999
- FEDORA-2013-9123
- RHSA-2012:1580
- RHSA-2013:0496
- RHSA-2013:0744
- RHSA-2013:1645
- RHSA-2014:1997
- SUSE-SU-2015:0481-1
- SUSE-SU-2015:0652-1
- USN-1645-1
- USN-1646-1
- USN-1647-1
- USN-1648-1
- USN-1649-1
- USN-1650-1
- USN-1651-1
- USN-1652-1
- USN-1653-1
- USN-1671-1
- USN-1673-1
- USN-1704-1
- USN-1719-1
- USN-1720-1
- USN-1726-1
- USN-1775-1
- USN-1776-1
- USN-1792-1
- USN-1798-1
- USN-1824-1
- USN-1829-1
- USN-1899-1
- USN-1900-1
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |