Test ID:	1.3.6.1.4.1.25623.1.0.71013
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-1281-1 (linux-image-2.6.38-1209-omap4)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to linux-image-2.6.38-1209-omap4 announced via advisory USN-1281-1. Details: Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-2183) It was discovered that an mmap() call with the MAP_PRIVATE flag on /dev/zero was incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-2479) Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. (CVE-2011-2491) Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. (CVE-2011-2494) Vasiliy Kulikov discovered that /proc/PID/io did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. (CVE-2011-2495) Robert Swiecki discovered that mapping extensions were incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-2496) It was discovered that the wireless stack incorrectly verified SSID lengths. A local attacker could exploit this to cause a denial of service or gain root privileges. (CVE-2011-2517) Christian Ohm discovered that the perf command looks for configuration files in the current directory. If a privileged user were tricked into running perf in a directory containing a malicious configuration file, an attacker could run arbitrary commands and possibly gain privileges. (CVE-2011-2905) Vasiliy Kulikov discovered that the Comedi driver did not correctly clear memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2011-2909) Yogesh Sharma discovered that CIFS did not correctly handle UNCs that had no prefixpaths. A local attacker with access to a CIFS partition could exploit this to crash the system, leading to a denial of service. (CVE-2011-3363) Solution: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.04: linux-image-2.6.38-1209-omap4 2.6.38-1209.17 http://www.securityspace.com/smysecure/catid.html?in=USN-1281-1
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-2183 [oss-security] 20110606 Re: CVE request: kernel: ksm: race between ksmd and exiting task http://www.openwall.com/lists/oss-security/2011/06/06/1 http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.3 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2b472611a32a72f4a118c069c2d62a1a3f087afd https://bugzilla.redhat.com/show_bug.cgi?id=710338 https://github.com/torvalds/linux/commit/2b472611a32a72f4a118c069c2d62a1a3f087afd Common Vulnerability Exposure (CVE) ID: CVE-2011-2479 [oss-security] 20110620 Re: CVE request: kernel: thp: madvise on top of /dev/zero private mapping can lead to panic http://www.openwall.com/lists/oss-security/2011/06/20/14 http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=78f11a255749d09025f54d4e2df4fbcb031530e2 https://bugzilla.redhat.com/show_bug.cgi?id=714761 https://github.com/torvalds/linux/commit/78f11a255749d09025f54d4e2df4fbcb031530e2 Common Vulnerability Exposure (CVE) ID: CVE-2011-2491 RHSA-2011:1212 http://rhn.redhat.com/errata/RHSA-2011-1212.html [oss-security] 20110623 Re: CVE request: kernel: NLM: Don't hang forever on NLM unlock requests http://www.openwall.com/lists/oss-security/2011/06/23/6 http://ftp.osuosl.org/pub/linux/kernel/v3.0/ChangeLog-3.0 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0b760113a3a155269a3fba93a409c640031dd68f https://bugzilla.redhat.com/show_bug.cgi?id=709393 https://github.com/torvalds/linux/commit/0b760113a3a155269a3fba93a409c640031dd68f Common Vulnerability Exposure (CVE) ID: CVE-2011-2494 48898 http://secunia.com/advisories/48898 SUSE-SU-2012:0554 http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html [oss-security] 20110627 Re: CVE request: kernel: taskstats/procfs io infoleak http://www.openwall.com/lists/oss-security/2011/06/27/1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1a51410abe7d0ee4b1d112780f46df87d3621043 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1 https://bugzilla.redhat.com/show_bug.cgi?id=716842 https://github.com/torvalds/linux/commit/1a51410abe7d0ee4b1d112780f46df87d3621043 Common Vulnerability Exposure (CVE) ID: CVE-2011-2495 http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1d1221f375c94ef961ba8574ac4f85c8870ddd51 https://bugzilla.redhat.com/show_bug.cgi?id=716825 https://github.com/torvalds/linux/commit/1d1221f375c94ef961ba8574ac4f85c8870ddd51 Common Vulnerability Exposure (CVE) ID: CVE-2011-2496 [oss-security] 20110627 Re: CVE request: kernel: mm: avoid wrapping vm_pgoff in mremap() and stack expansions http://www.openwall.com/lists/oss-security/2011/06/27/2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=982134ba62618c2d69fbbbd166d0a11ee3b7e3d8 https://bugzilla.redhat.com/show_bug.cgi?id=716538 https://github.com/torvalds/linux/commit/982134ba62618c2d69fbbbd166d0a11ee3b7e3d8 Common Vulnerability Exposure (CVE) ID: CVE-2011-2517 [oss-security] 20110701 Re: CVE request: kernel: nl80211: missing check for valid SSID size in scan operations http://www.openwall.com/lists/oss-security/2011/07/01/4 http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=208c72f4fe44fe09577e7975ba0e7fa0278f3d03 https://bugzilla.redhat.com/show_bug.cgi?id=718152 https://github.com/torvalds/linux/commit/208c72f4fe44fe09577e7975ba0e7fa0278f3d03 Common Vulnerability Exposure (CVE) ID: CVE-2011-2905 [oss-security] 20110809 Re: CVE request: perf: may parse user-controlled config file http://www.openwall.com/lists/oss-security/2011/08/09/6 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=aba8d056078e47350d85b06a9cabd5afcc4b72ea https://bugzilla.redhat.com/show_bug.cgi?id=729808 https://github.com/torvalds/linux/commit/aba8d056078e47350d85b06a9cabd5afcc4b72ea Common Vulnerability Exposure (CVE) ID: CVE-2011-2909 [oss-security] 20110812 Re: CVE requests: Two kernel issues http://www.openwall.com/lists/oss-security/2011/08/12/1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=819cbb120eaec7e014e5abd029260db1ca8c5735 https://github.com/torvalds/linux/commit/819cbb120eaec7e014e5abd029260db1ca8c5735 https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.1.bz2 Common Vulnerability Exposure (CVE) ID: CVE-2011-3363 [oss-security] 20110914 Re: CVE request -- kernel: cifs: always do is_path_accessible check in cifs_mount http://www.openwall.com/lists/oss-security/2011/09/14/12 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=70945643722ffeac779d2529a348f99567fa5c33 https://bugzilla.redhat.com/show_bug.cgi?id=738291 https://github.com/torvalds/linux/commit/70945643722ffeac779d2529a348f99567fa5c33
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.