Test ID:	1.3.6.1.4.1.25623.1.0.70950
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-1225-1 (linux-image-2.6.24-29-386)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to linux-image-2.6.24-29-386 announced via advisory USN-1225-1. Details: Timo Warns discovered that the EFI GUID partition table was not correctly parsed. A physically local attacker that could insert mountable devices could exploit this to crash the system or possibly gain root privileges. (CVE-2011-1776) Dan Rosenberg discovered that the IPv4 diagnostic routines did not correctly validate certain requests. A local attacker could exploit this to consume CPU resources, leading to a denial of service. (CVE-2011-2213) Dan Rosenberg discovered that the Bluetooth stack incorrectly handled certain L2CAP requests. If a system was using Bluetooth, a remote attacker could send specially crafted traffic to crash the system or gain root privileges. (CVE-2011-2497) Fernando Gont discovered that the IPv6 stack used predictable fragment identification numbers. A remote attacker could exploit this to exhaust network resources, leading to a denial of service. (CVE-2011-2699) Time Warns discovered that long symlinks were incorrectly handled on Be filesystems. A local attacker could exploit this with a malformed Be filesystem and crash the system, leading to a denial of service. (CVE-2011-2928) Darren Lavender discovered that the CIFS client incorrectly handled certain large values. A remote attacker with a malicious server could exploit this to crash the system or possibly execute arbitrary code as the root user. (CVE-2011-3191) Solution: The problem can be corrected by updating your system to the following package versions: Ubuntu 8.04 LTS: linux-image-2.6.24-29-386 2.6.24-29.94 linux-image-2.6.24-29-generic 2.6.24-29.94 linux-image-2.6.24-29-hppa32 2.6.24-29.94 linux-image-2.6.24-29-hppa64 2.6.24-29.94 linux-image-2.6.24-29-itanium 2.6.24-29.94 linux-image-2.6.24-29-lpia 2.6.24-29.94 linux-image-2.6.24-29-lpiacompat 2.6.24-29.94 linux-image-2.6.24-29-mckinley 2.6.24-29.94 linux-image-2.6.24-29-openvz 2.6.24-29.94 linux-image-2.6.24-29-powerpc 2.6.24-29.94 linux-image-2.6.24-29-powerpc-smp 2.6.24-29.94 linux-image-2.6.24-29-powerpc64-smp 2.6.24-29.94 linux-image-2.6.24-29-rt 2.6.24-29.94 linux-image-2.6.24-29-server 2.6.24-29.94 linux-image-2.6.24-29-sparc64 2.6.24-29.94 linux-image-2.6.24-29-sparc64-smp 2.6.24-29.94 linux-image-2.6.24-29-virtual 2.6.24-29.94 linux-image-2.6.24-29-xen 2.6.24-29.94 http://www.securityspace.com/smysecure/catid.html?in=USN-1225-1 CVSS Score: 8.3 CVSS Vector: AV:L/AC:L/Au:NR/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1776 47796 http://www.securityfocus.com/bid/47796 8369 http://securityreason.com/securityalert/8369 RHSA-2011:0927 http://rhn.redhat.com/errata/RHSA-2011-0927.html [oss-security] 20110510 Re: CVE request: kernel: validate size of EFI GUID partition entries http://openwall.com/lists/oss-security/2011/05/10/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fa039d5f6b126fbd65eefa05db2f67e44df8f121 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 http://www.pre-cert.de/advisories/PRE-SA-2011-04.txt https://bugzilla.redhat.com/show_bug.cgi?id=703026 Common Vulnerability Exposure (CVE) ID: CVE-2011-2213 HPSBGN02970 http://marc.info/?l=bugtraq&m=139447903326211&w=2 [netdev] 20110601 Re: inet_diag insufficient validation? http://article.gmane.org/gmane.linux.network/197208 [netdev] 20110601 inet_diag insufficient validation? http://article.gmane.org/gmane.linux.network/197206 [netdev] 20110603 Re: inet_diag insufficient validation? http://article.gmane.org/gmane.linux.network/197386 [netdev] 20110617 [PATCH] inet_diag: fix inet_diag_bc_audit() http://article.gmane.org/gmane.linux.network/198809 [oss-security] 20110620 CVE request: kernel: inet_diag: fix inet_diag_bc_audit() http://www.openwall.com/lists/oss-security/2011/06/20/1 [oss-security] 20110620 Re: CVE request: kernel: inet_diag: fix inet_diag_bc_audit() http://www.openwall.com/lists/oss-security/2011/06/20/13 http://www.openwall.com/lists/oss-security/2011/06/20/16 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=eeb1497277d6b1a0a34ed36b97e18f2bd7d6de0d http://patchwork.ozlabs.org/patch/100857/ http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.3 https://bugzilla.redhat.com/show_bug.cgi?id=714536 Common Vulnerability Exposure (CVE) ID: CVE-2011-2497 48472 http://www.securityfocus.com/bid/48472 74679 http://www.osvdb.org/74679 8359 http://securityreason.com/securityalert/8359 [linux-kernel] 20110624 [PATCH] Bluetooth: Prevent buffer overflow in l2cap config request http://marc.info/?l=linux-kernel&m=130891911909436&w=2 [oss-security] 20110624 CVE request: kernel: remote buffer overflow in bluetooth http://www.openwall.com/lists/oss-security/2011/06/24/9 [oss-security] 20110627 Re: CVE request: kernel: remote buffer overflow in bluetooth http://www.openwall.com/lists/oss-security/2011/06/27/3 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7ac28817536797fd40e9646452183606f9e17f71 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.0 https://bugzilla.redhat.com/show_bug.cgi?id=716805 Common Vulnerability Exposure (CVE) ID: CVE-2011-2699 1027274 http://www.securitytracker.com/id?1027274 MDVSA-2013:150 http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 [oss-security] 20110720 Re: CVE request: kernel: ipv6: make fragment identifications less predictable http://www.openwall.com/lists/oss-security/2011/07/20/5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=87c48fa3b4630905f98268dde838ee43626a060c http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1 https://bugzilla.redhat.com/show_bug.cgi?id=723429 https://github.com/torvalds/linux/commit/87c48fa3b4630905f98268dde838ee43626a060c Common Vulnerability Exposure (CVE) ID: CVE-2011-2928 20110819 [PRE-SA-2011-06] Linux kernel: ZERO_SIZE_PTR dereference for long symlinks in Be FS http://www.securityfocus.com/archive/1/519387/100/0/threaded 49256 http://www.securityfocus.com/bid/49256 8360 http://securityreason.com/securityalert/8360 [oss-security] 20110819 CVE request: Linux: ZERO_SIZE_PTR dereference for long symlinks in Be FS http://www.openwall.com/lists/oss-security/2011/08/19/1 [oss-security] 20110819 Re: CVE request: Linux: ZERO_SIZE_PTR dereference for long symlinks in Be FS http://www.openwall.com/lists/oss-security/2011/08/19/5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=338d0f0a6fbc82407864606f5b64b75aeb3c70f2 http://www.kernel.org/pub/linux/kernel/v3.0/testing/ChangeLog-3.1-rc3 http://www.pre-cert.de/advisories/PRE-SA-2011-06.txt linux-kernel-be-dos(69343) https://exchange.xforce.ibmcloud.com/vulnerabilities/69343 Common Vulnerability Exposure (CVE) ID: CVE-2011-3191 [oss-security] 20110824 Re: CVE request: kernel: cifs: singedness issue in CIFSFindNext() http://www.openwall.com/lists/oss-security/2011/08/24/2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9438fabb73eb48055b58b89fc51e0bc4db22fabd https://bugzilla.redhat.com/show_bug.cgi?id=732869 https://github.com/torvalds/linux/commit/9438fabb73eb48055b58b89fc51e0bc4db22fabd
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.