[USN-1653-1] Linux kernel (EC2) vulnerability
The system could be made to run programs as an administrator.
Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois
congestion control algorithm. A local attacker could use this to cause a
denial of service. (CVE-2012-4565)
Mathias Krause discovered an information leak in the Linux kernel's TUN/TAP
device driver. A local user could exploit this flaw to examine part of the
kernel's stack memory. (CVE-2012-6547)
Denys Fedoryshchenko discovered a flaw in the Linux kernel's TCP receive
processing for IPv4. A remote attacker could exploit this flaw to cause a
denial of service (kernel resource consumption) via a flood of SYN+FIN TCP
packets. (CVE-2012-6638)
A flaw was discovered in the requeuing of futexes in the Linux kernel. A
local user could exploit this flaw to cause a denial of service (system
crash) or possibly have other unspecified impact. (CVE-2012-6647)
A flaw was found in Linux kernel's validation of CIPSO (Common IP Security
Option) options set from userspace. A local user that can set a socket's
CIPSO options could exploit this flaw to cause a denial of service (crash
the system). (CVE-2013-0310)
Mathias Krause discover an error in Linux kernel's Datagram Congestion
Control Protocol (DCCP) Congestion Control Identifier (CCID) use. A local
attack could exploit this flaw to cause a denial of service (crash) and
potentially escalate privileges if the user can mmap page 0.
(CVE-2013-1827)
- ID
- USN-1653-1
- Severity
- high
- Severity from
- CVE-2012-6638
- URL
- https://ubuntu.com/security/notices/USN-1653-1
- Published
-
2012-12-04T21:59:15
(11 years ago) - Modified
-
2012-12-04T21:59:15
(11 years ago) - Other Advisories
-
- ALAS-2012-142
- ALAS-2013-148
- ELSA-2012-1580
- ELSA-2012-2047
- ELSA-2012-2048
- ELSA-2013-0496
- ELSA-2013-0744
- ELSA-2013-0747
- ELSA-2013-2507
- ELSA-2013-2520
- ELSA-2014-0433
- ELSA-2014-0981
- ELSA-2014-3054
- FEDORA-2012-17413
- FEDORA-2012-17462
- FEDORA-2012-17479
- FEDORA-2012-18684
- FEDORA-2012-18691
- FEDORA-2012-19337
- FEDORA-2012-20240
- FEDORA-2013-1025
- FEDORA-2013-12990
- FEDORA-2013-2597
- FEDORA-2013-3106
- FEDORA-2013-3909
- FEDORA-2013-4357
- FEDORA-2013-6999
- FEDORA-2013-9123
- RHSA-2012:1580
- RHSA-2013:0496
- RHSA-2013:0744
- RHSA-2014:0981
- SUSE-SU-2015:0481-1
- SUSE-SU-2015:0652-1
- USN-1514-1
- USN-1529-1
- USN-1554-1
- USN-1558-1
- USN-1563-1
- USN-1579-1
- USN-1580-1
- USN-1594-1
- USN-1599-1
- USN-1607-1
- USN-1609-1
- USN-1610-1
- USN-1644-1
- USN-1645-1
- USN-1646-1
- USN-1647-1
- USN-1648-1
- USN-1649-1
- USN-1650-1
- USN-1651-1
- USN-1652-1
- USN-1704-1
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |