[USN-1653-1] Linux kernel (EC2) vulnerability

Severity High

CVEs 6

The system could be made to run programs as an administrator.

Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois
congestion control algorithm. A local attacker could use this to cause a
denial of service. (CVE-2012-4565)

Mathias Krause discovered an information leak in the Linux kernel's TUN/TAP
device driver. A local user could exploit this flaw to examine part of the
kernel's stack memory. (CVE-2012-6547)

Denys Fedoryshchenko discovered a flaw in the Linux kernel's TCP receive
processing for IPv4. A remote attacker could exploit this flaw to cause a
denial of service (kernel resource consumption) via a flood of SYN+FIN TCP
packets. (CVE-2012-6638)

A flaw was discovered in the requeuing of futexes in the Linux kernel. A
local user could exploit this flaw to cause a denial of service (system
crash) or possibly have other unspecified impact. (CVE-2012-6647)

A flaw was found in Linux kernel's validation of CIPSO (Common IP Security
Option) options set from userspace. A local user that can set a socket's
CIPSO options could exploit this flaw to cause a denial of service (crash
the system). (CVE-2013-0310)

Mathias Krause discover an error in Linux kernel's Datagram Congestion
Control Protocol (DCCP) Congestion Control Identifier (CCID) use. A local
attack could exploit this flaw to cause a denial of service (crash) and
potentially escalate privileges if the user can mmap page 0.
(CVE-2013-1827)

ID

USN-1653-1

Severity

high

Severity from

CVE-2012-6638

URL

https://ubuntu.com/security/notices/USN-1653-1

Published