 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.71600 |
| Category: | Ubuntu Local Security Checks |
| Title: | Ubuntu USN-1535-1 (linux-image-2.6.32-42-386) |
| Summary: | NOSUMMARY |
| Description: | Description: The remote host is missing an update to linux-image-2.6.32-42-386 announced via advisory USN-1535-1. Details: An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. (CVE-2012-2136) An error was discovered in the Linux kernel's memory subsystem (hugetlb). An unprivileged local user could exploit this flaw to cause a denial of service (crash the system). (CVE-2012-2390) Solution: The problem can be corrected by updating your system to the following package versions: Ubuntu 10.04 LTS: linux-image-2.6.32-42-386 2.6.32-42.95 linux-image-2.6.32-42-generic 2.6.32-42.95 linux-image-2.6.32-42-generic-pae 2.6.32-42.95 linux-image-2.6.32-42-ia64 2.6.32-42.95 linux-image-2.6.32-42-lpia 2.6.32-42.95 linux-image-2.6.32-42-powerpc 2.6.32-42.95 linux-image-2.6.32-42-powerpc-smp 2.6.32-42.95 linux-image-2.6.32-42-powerpc64-smp 2.6.32-42.95 linux-image-2.6.32-42-preempt 2.6.32-42.95 linux-image-2.6.32-42-server 2.6.32-42.95 linux-image-2.6.32-42-sparc64 2.6.32-42.95 linux-image-2.6.32-42-sparc64-smp 2.6.32-42.95 linux-image-2.6.32-42-versatile 2.6.32-42.95 linux-image-2.6.32-42-virtual 2.6.32-42.95 http://www.securityspace.com/smysecure/catid.html?in=USN-1535-1 CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:NR/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2012-2136 50807 http://secunia.com/advisories/50807 53721 http://www.securityfocus.com/bid/53721 RHSA-2012:0743 http://rhn.redhat.com/errata/RHSA-2012-0743.html RHSA-2012:1087 http://rhn.redhat.com/errata/RHSA-2012-1087.html USN-1529-1 http://ubuntu.com/usn/usn-1529-1 USN-1535-1 http://www.ubuntu.com/usn/USN-1535-1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5 https://bugzilla.redhat.com/show_bug.cgi?id=816289 https://github.com/torvalds/linux/commit/cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc Common Vulnerability Exposure (CVE) ID: CVE-2012-2390 USN-1515-1 http://www.ubuntu.com/usn/USN-1515-1 [oss-security] 20120523 Re: CVE Request -- kernel: huge pages: memory leak on mmap failure http://www.openwall.com/lists/oss-security/2012/05/23/14 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c50ac050811d6485616a193eb0f37bfbd191cc89 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.2 https://bugzilla.redhat.com/show_bug.cgi?id=824345 https://github.com/torvalds/linux/commit/c50ac050811d6485616a193eb0f37bfbd191cc89 |
| Copyright | Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com |
| This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |