English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 75803 CVE descriptions
and 40037 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.70856
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-1141-1 (linux-image-2.6.32-316-ec2)
Summary:Ubuntu USN-1141-1 (linux-image-2.6.32-316-ec2)
Description:The remote host is missing an update to linux-image-2.6.32-316-ec2
announced via advisory USN-1141-1.

Details:

Brad Spengler discovered that the kernel did not correctly account for
userspace memory allocations during exec() calls. A local attacker could
exploit this to consume all system memory, leading to a denial of service.
(CVE-2010-4243)

Alexander Duyck discovered that the Intel Gigabit Ethernet driver did not
correctly handle certain configurations. If such a device was configured
without VLANs, a remote attacker could crash the system, leading to a
denial of service. (CVE-2010-4263)

Nelson Elhage discovered that Econet did not correctly handle AUN packets
over UDP. A local attacker could send specially crafted traffic to crash
the system, leading to a denial of service. (CVE-2010-4342)

Dan Rosenberg discovered that IRDA did not correctly check the size of
buffers. On non-x86 systems, a local attacker could exploit this to read
kernel heap memory, leading to a loss of privacy. (CVE-2010-4529)

Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses
into the /proc filesystem. A local attacker could use this to increase
the chances of a successful memory corruption exploit. (CVE-2010-4565)

Kees Cook discovered that the IOWarrior USB device driver did not
correctly check certain size fields. A local attacker with physical
access could plug in a specially crafted USB device to crash the system
or potentially gain root privileges. (CVE-2010-4656)

Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly
clear memory when writing certain file holes. A local attacker could
exploit this to read uninitialized data from the disk, leading to a loss
of privacy. (CVE-2011-0463)

Dan Carpenter discovered that the TTPCI DVB driver did not check certain
values during an ioctl. If the dvb-ttpci module was loaded, a local
attacker could exploit this to crash the system, leading to a denial of
service, or possibly gain root privileges. (CVE-2011-0521)

Jens Kuehnel discovered that the InfiniBand driver contained a race
condition. On systems using InfiniBand, a local attacker could send
specially crafted requests to crash the system, leading to a denial of
service. (CVE-2011-0695)

Rafael Dominguez Vega discovered that the caiaq Native Instruments USB
driver did not correctly validate string lengths. A local attacker with
physical access could plug in a specially crafted USB device to crash
the system or potentially gain root privileges. (CVE-2011-0712)

Kees Cook reported that /proc/pid/stat did not correctly filter certain
memory locations. A local attacker could determine the memory layout of
processes in an attempt to increase the chances of a successful memory
corruption exploit. (CVE-2011-0726)

Timo Warns discovered that MAC partition parsing routines did not
correctly calculate block counts. A local attacker with physical access
could plug in a specially crafted block device to crash the system or
potentially gain root privileges. (CVE-2011-1010)

Timo Warns discovered that LDM partition parsing routines did not
correctly calculate block counts. A local attacker with physical access
could plug in a specially crafted block device to crash the system, leading
to a denial of service. (CVE-2011-1012)

Matthiew Herrb discovered that the drm modeset interface did not correctly
handle a signed comparison. A local attacker could exploit this to crash
the system or possibly gain root privileges. (CVE-2011-1013)

Marek Ol??k discovered that the Radeon GPU drivers did not correctly
validate certain registers. On systems with specific hardware,
a local attacker could exploit this to write to arbitrary video
memory. (CVE-2011-1016)

Vasiliy Kulikov discovered that the CAP_SYS_MODULE capability was not
needed to load kernel modules. A local attacker with the CAP_NET_ADMIN
capability could load existing kernel modules, possibly increasing the
attack surface available on the system. (CVE-2011-1019)

Nelson Elhage discovered that the epoll subsystem did not correctly handle
certain structures. A local attacker could create malicious requests that
would hang the system, leading to a denial of service. (CVE-2011-1082)

Nelson Elhage discovered that the epoll subsystem did not correctly handle
certain structures. A local attacker could create malicious requests that
would consume large amounts of CPU, leading to a denial of service.
(CVE-2011-1083)

Julien Tinnes discovered that the kernel did not correctly validate
the signal structure from tkill(). A local attacker could exploit
this to send signals to arbitrary threads, possibly bypassing expected
restrictions. (CVE-2011-1182)

Solution:
The problem can be corrected by updating your system to the following
package versions:

Ubuntu 10.04 LTS:
linux-image-2.6.32-316-ec2 2.6.32-316.31
linux-image-2.6.32-32-386 2.6.32-32.62
linux-image-2.6.32-32-generic 2.6.32-32.62
linux-image-2.6.32-32-generic-pae 2.6.32-32.62
linux-image-2.6.32-32-ia64 2.6.32-32.62
linux-image-2.6.32-32-lpia 2.6.32-32.62
linux-image-2.6.32-32-powerpc 2.6.32-32.62
linux-image-2.6.32-32-powerpc-smp 2.6.32-32.62
linux-image-2.6.32-32-powerpc64-smp 2.6.32-32.62
linux-image-2.6.32-32-preempt 2.6.32-32.62
linux-image-2.6.32-32-server 2.6.32-32.62
linux-image-2.6.32-32-sparc64 2.6.32-32.62
linux-image-2.6.32-32-sparc64-smp 2.6.32-32.62
linux-image-2.6.32-32-versatile 2.6.32-32.62
linux-image-2.6.32-32-virtual 2.6.32-32.62

http://www.securityspace.com/smysecure/catid.html?in=USN-1141-1
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-4243
Bugtraq: 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (Google Search)
http://www.securityfocus.com/archive/1/archive/1/520102/100/0/threaded
http://www.exploit-db.com/exploits/15619
http://lkml.org/lkml/2010/8/27/429
http://lkml.org/lkml/2010/8/29/206
http://lkml.org/lkml/2010/8/30/138
http://lkml.org/lkml/2010/8/30/378
http://linux.derkeiler.com/Mailing-Lists/Kernel/2010-11/msg13278.html
http://openwall.com/lists/oss-security/2010/11/22/6
http://openwall.com/lists/oss-security/2010/11/22/15
http://grsecurity.net/~spender/64bit_dos.c
http://www.redhat.com/support/errata/RHSA-2011-0017.html
BugTraq ID: 45004
http://www.securityfocus.com/bid/45004
http://secunia.com/advisories/42884
http://secunia.com/advisories/46397
XForce ISS Database: linux-kernel-execve-dos(64700)
http://xforce.iss.net/xforce/xfdb/64700
Common Vulnerability Exposure (CVE) ID: CVE-2010-4263
http://openwall.com/lists/oss-security/2010/12/06/3
http://openwall.com/lists/oss-security/2010/12/06/9
http://www.redhat.com/support/errata/RHSA-2011-0007.html
BugTraq ID: 45208
http://www.securityfocus.com/bid/45208
http://secunia.com/advisories/42890
Common Vulnerability Exposure (CVE) ID: CVE-2010-4342
http://marc.info/?l=linux-netdev&m=129185496013580&w=2
http://marc.info/?l=linux-netdev&m=129186011218615&w=2
http://openwall.com/lists/oss-security/2010/12/09/1
http://openwall.com/lists/oss-security/2010/12/09/2
SuSE Security Announcement: SUSE-SA:2011:008 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html
BugTraq ID: 45321
http://www.securityfocus.com/bid/45321
http://secunia.com/advisories/43291
http://www.vupen.com/english/advisories/2011/0375
Common Vulnerability Exposure (CVE) ID: CVE-2010-4529
http://www.spinics.net/lists/netdev/msg150842.html
http://openwall.com/lists/oss-security/2010/12/23/1
http://openwall.com/lists/oss-security/2011/01/03/1
BugTraq ID: 45556
http://www.securityfocus.com/bid/45556
http://secunia.com/advisories/42684
Common Vulnerability Exposure (CVE) ID: CVE-2010-4565
http://www.spinics.net/lists/netdev/msg145796.html
http://www.spinics.net/lists/netdev/msg145791.html
http://www.spinics.net/lists/netdev/msg146270.html
http://www.spinics.net/lists/netdev/msg146468.html
http://openwall.com/lists/oss-security/2010/11/03/3
http://openwall.com/lists/oss-security/2010/11/04/4
http://openwall.com/lists/oss-security/2010/12/20/2
http://openwall.com/lists/oss-security/2010/12/21/1
https://bugzilla.redhat.com/show_bug.cgi?id=664544
http://www.mandriva.com/security/advisories?name=MDVSA-2011:029
BugTraq ID: 44661
http://www.securityfocus.com/bid/44661
Common Vulnerability Exposure (CVE) ID: CVE-2010-4656
http://openwall.com/lists/oss-security/2011/01/24/9
http://openwall.com/lists/oss-security/2011/01/25/3
http://openwall.com/lists/oss-security/2011/01/25/4
http://www.ubuntu.com/usn/USN-1146-1
BugTraq ID: 46069
http://www.securityfocus.com/bid/46069
Common Vulnerability Exposure (CVE) ID: CVE-2011-0463
http://oss.oracle.com/pipermail/ocfs2-devel/2011-February/007846.html
http://secunia.com/advisories/43966
Common Vulnerability Exposure (CVE) ID: CVE-2011-0521
http://openwall.com/lists/oss-security/2011/01/24/2
http://openwall.com/lists/oss-security/2011/01/25/2
BugTraq ID: 45986
http://www.securityfocus.com/bid/45986
http://www.securitytracker.com/id?1025195
http://secunia.com/advisories/43009
XForce ISS Database: kernel-av7110ca-privilege-escalation(64988)
http://xforce.iss.net/xforce/xfdb/64988
Common Vulnerability Exposure (CVE) ID: CVE-2011-0695
http://www.spinics.net/lists/linux-rdma/msg07447.html
http://www.spinics.net/lists/linux-rdma/msg07448.html
http://www.openwall.com/lists/oss-security/2011/03/11/1
RedHat Security Advisories: RHSA-2011:0927
http://rhn.redhat.com/errata/RHSA-2011-0927.html
BugTraq ID: 46839
http://www.securityfocus.com/bid/46839
http://secunia.com/advisories/43693
XForce ISS Database: kernel-infiniband-dos(66056)
http://xforce.iss.net/xforce/xfdb/66056
Common Vulnerability Exposure (CVE) ID: CVE-2011-0712
http://www.openwall.com/lists/oss-security/2011/02/16/11
http://www.openwall.com/lists/oss-security/2011/02/16/12
http://www.openwall.com/lists/oss-security/2011/02/16/5
BugTraq ID: 46419
http://www.securityfocus.com/bid/46419
XForce ISS Database: kernel-usbdevice-bo(65461)
http://xforce.iss.net/xforce/xfdb/65461
Common Vulnerability Exposure (CVE) ID: CVE-2011-0726
https://lkml.org/lkml/2011/3/11/380
http://www.spinics.net/lists/mm-commits/msg82726.html
RedHat Security Advisories: RHSA-2011:0833
http://rhn.redhat.com/errata/RHSA-2011-0833.html
BugTraq ID: 47791
http://www.securityfocus.com/bid/47791
Common Vulnerability Exposure (CVE) ID: CVE-2011-1010
Bugtraq: 20110223 [PRE-SA-2011-01] Multiple Linux kernel vulnerabilities in partition handling code of LDM and MAC partition tables (Google Search)
http://www.securityfocus.com/archive/1/archive/1/516615/100/0/threaded
http://openwall.com/lists/oss-security/2011/02/22/3
http://openwall.com/lists/oss-security/2011/02/22/15
http://openwall.com/lists/oss-security/2011/02/22/11
http://www.pre-cert.de/advisories/PRE-SA-2011-01.txt
BugTraq ID: 46492
http://www.securityfocus.com/bid/46492
http://www.securitytracker.com/id?1025126
http://securityreason.com/securityalert/8115
XForce ISS Database: kernel-map-dos(65643)
http://xforce.iss.net/xforce/xfdb/65643
Common Vulnerability Exposure (CVE) ID: CVE-2011-1012
http://www.spinics.net/lists/mm-commits/msg82429.html
http://openwall.com/lists/oss-security/2011/02/23/4
http://openwall.com/lists/oss-security/2011/02/23/21
BugTraq ID: 46512
http://www.securityfocus.com/bid/46512
http://www.securitytracker.com/id?1025127
Common Vulnerability Exposure (CVE) ID: CVE-2011-1013
BugTraq ID: 47639
http://www.securityfocus.com/bid/47639
XForce ISS Database: kernel-drmioctl-priv-escalation(67199)
http://xforce.iss.net/xforce/xfdb/67199
Common Vulnerability Exposure (CVE) ID: CVE-2011-1016
http://openwall.com/lists/oss-security/2011/02/24/3
http://openwall.com/lists/oss-security/2011/02/24/11
http://openwall.com/lists/oss-security/2011/02/25/4
BugTraq ID: 46557
http://www.securityfocus.com/bid/46557
XForce ISS Database: kernel-atiradeon-sec-bypass(65691)
http://xforce.iss.net/xforce/xfdb/65691
Common Vulnerability Exposure (CVE) ID: CVE-2011-1019
http://www.openwall.com/lists/oss-security/2011/02/25/1
Common Vulnerability Exposure (CVE) ID: CVE-2011-1082
https://lkml.org/lkml/2011/2/5/220
http://openwall.com/lists/oss-security/2011/03/02/1
http://openwall.com/lists/oss-security/2011/03/02/2
Common Vulnerability Exposure (CVE) ID: CVE-2011-1083
http://article.gmane.org/gmane.linux.kernel/1105744
http://article.gmane.org/gmane.linux.kernel/1105888
http://article.gmane.org/gmane.linux.kernel/1106686
RedHat Security Advisories: RHSA-2012:0862
http://rhn.redhat.com/errata/RHSA-2012-0862.html
http://www.osvdb.org/71265
http://secunia.com/advisories/43522
http://secunia.com/advisories/48898
http://secunia.com/advisories/48964
Common Vulnerability Exposure (CVE) ID: CVE-2011-1182
http://www.openwall.com/lists/oss-security/2011/03/23/2
CopyrightCopyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 40037 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.