[USN-1940-1] Linux kernel (EC2) vulnerabilities
Several security issues were fixed in the kernel.
Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that
allows for privilege escalation. A local user could exploit this flaw to
run commands as root when using the perf tool. (CVE-2013-1060)
Michael S. Tsirkin discovered a flaw in how the Linux kernel's KVM
subsystem allocates memory slots for the guest's address space. A local
user could exploit this flaw to gain system privileges or obtain sensitive
information from kernel memory. (CVE-2013-1943)
A flaw was discovered in the SCTP (stream control transfer protocol)
network protocol's handling of duplicate cookies in the Linux kernel. A
remote attacker could exploit this flaw to cause a denial of service
(system crash) on another remote user querying the SCTP connection.
(CVE-2013-2206)
Hannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option in the
Linux kernel's IPv6 stack. A local user could exploit this flaw to cause a
denial of service (system crash). (CVE-2013-4162)
- ID
- USN-1940-1
- Severity
- high
- Severity from
- CVE-2013-1943
- URL
- https://ubuntu.com/security/notices/USN-1940-1
- Published
-
2013-09-06T10:14:33
(11 years ago) - Modified
-
2013-09-06T10:14:33
(11 years ago) - Other Advisories
-
- ALAS-2013-233
- DSA-2745-1
- ELSA-2013-0911
- ELSA-2013-1166
- ELSA-2013-1173
- ELSA-2013-1292
- ELSA-2013-1436
- ELSA-2013-2534
- ELSA-2013-2542
- ELSA-2013-2543
- ELSA-2013-2575
- FEDORA-2013-15151
- FEDORA-2013-16336
- FEDORA-2013-17010
- FEDORA-2013-17942
- FEDORA-2013-18364
- FEDORA-2013-18822
- FEDORA-2013-20748
- FEDORA-2013-21822
- FEDORA-2013-22695
- RHSA-2013:0911
- RHSA-2013:1173
- RHSA-2013:1436
- SUSE-SU-2015:0481-1
- SUSE-SU-2015:0581-1
- SUSE-SU-2015:0652-1
- SUSE-SU-2015:0736-1
- SUSE-SU-2015:1174-1
- SUSE-SU-2015:1376-1
- USN-1809-1
- USN-1811-1
- USN-1812-1
- USN-1813-1
- USN-1814-1
- USN-1938-1
- USN-1939-1
- USN-1941-1
- USN-1942-1
- USN-1943-1
- USN-1944-1
- USN-1945-1
- USN-1946-1
- USN-1947-1
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |