English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.840771
Category:Ubuntu Local Security Checks
Title:Ubuntu: Security Advisory (USN-1228-1)
Summary:The remote host is missing an update for the 'linux-ti-omap4' package(s) announced via the USN-1228-1 advisory.
Description:Summary:
The remote host is missing an update for the 'linux-ti-omap4' package(s) announced via the USN-1228-1 advisory.

Vulnerability Insight:
Timo Warns discovered that the EFI GUID partition table was not correctly
parsed. A physically local attacker that could insert mountable devices
could exploit this to crash the system or possibly gain root privileges.
(CVE-2011-1776)

Dan Rosenberg discovered that the IPv4 diagnostic routines did not
correctly validate certain requests. A local attacker could exploit this to
consume CPU resources, leading to a denial of service. (CVE-2011-2213)

Dan Rosenberg discovered that the Bluetooth stack incorrectly handled
certain L2CAP requests. If a system was using Bluetooth, a remote attacker
could send specially crafted traffic to crash the system or gain root
privileges. (CVE-2011-2497)

It was discovered that the EXT4 filesystem contained multiple off-by-one
flaws. A local attacker could exploit this to crash the system, leading to
a denial of service. (CVE-2011-2695)

Mauro Carvalho Chehab discovered that the si4713 radio driver did not
correctly check the length of memory copies. If this hardware was
available, a local attacker could exploit this to crash the system or gain
root privileges. (CVE-2011-2700)

Herbert Xu discovered that certain fields were incorrectly handled when
Generic Receive Offload (CVE-2011-2723)

Time Warns discovered that long symlinks were incorrectly handled on Be
filesystems. A local attacker could exploit this with a malformed Be
filesystem and crash the system, leading to a denial of service.
(CVE-2011-2928)

Dan Kaminsky discovered that the kernel incorrectly handled random sequence
number generation. An attacker could use this flaw to possibly predict
sequence numbers and inject packets. (CVE-2011-3188)

Darren Lavender discovered that the CIFS client incorrectly handled certain
large values. A remote attacker with a malicious server could exploit this
to crash the system or possibly execute arbitrary code as the root user.
(CVE-2011-3191)

Affected Software/OS:
'linux-ti-omap4' package(s) on Ubuntu 11.04.

Solution:
Please install the updated package(s).

CVSS Score:
8.3

CVSS Vector:
AV:A/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-1776
47796
http://www.securityfocus.com/bid/47796
8369
http://securityreason.com/securityalert/8369
RHSA-2011:0927
http://rhn.redhat.com/errata/RHSA-2011-0927.html
[oss-security] 20110510 Re: CVE request: kernel: validate size of EFI GUID partition entries
http://openwall.com/lists/oss-security/2011/05/10/4
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fa039d5f6b126fbd65eefa05db2f67e44df8f121
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39
http://www.pre-cert.de/advisories/PRE-SA-2011-04.txt
https://bugzilla.redhat.com/show_bug.cgi?id=703026
Common Vulnerability Exposure (CVE) ID: CVE-2011-2213
HPSBGN02970
http://marc.info/?l=bugtraq&m=139447903326211&w=2
[netdev] 20110601 Re: inet_diag insufficient validation?
http://article.gmane.org/gmane.linux.network/197208
[netdev] 20110601 inet_diag insufficient validation?
http://article.gmane.org/gmane.linux.network/197206
[netdev] 20110603 Re: inet_diag insufficient validation?
http://article.gmane.org/gmane.linux.network/197386
[netdev] 20110617 [PATCH] inet_diag: fix inet_diag_bc_audit()
http://article.gmane.org/gmane.linux.network/198809
[oss-security] 20110620 CVE request: kernel: inet_diag: fix inet_diag_bc_audit()
http://www.openwall.com/lists/oss-security/2011/06/20/1
[oss-security] 20110620 Re: CVE request: kernel: inet_diag: fix inet_diag_bc_audit()
http://www.openwall.com/lists/oss-security/2011/06/20/13
http://www.openwall.com/lists/oss-security/2011/06/20/16
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=eeb1497277d6b1a0a34ed36b97e18f2bd7d6de0d
http://patchwork.ozlabs.org/patch/100857/
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.3
https://bugzilla.redhat.com/show_bug.cgi?id=714536
Common Vulnerability Exposure (CVE) ID: CVE-2011-2497
48472
http://www.securityfocus.com/bid/48472
74679
http://www.osvdb.org/74679
8359
http://securityreason.com/securityalert/8359
[linux-kernel] 20110624 [PATCH] Bluetooth: Prevent buffer overflow in l2cap config request
http://marc.info/?l=linux-kernel&m=130891911909436&w=2
[oss-security] 20110624 CVE request: kernel: remote buffer overflow in bluetooth
http://www.openwall.com/lists/oss-security/2011/06/24/9
[oss-security] 20110627 Re: CVE request: kernel: remote buffer overflow in bluetooth
http://www.openwall.com/lists/oss-security/2011/06/27/3
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7ac28817536797fd40e9646452183606f9e17f71
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.0
https://bugzilla.redhat.com/show_bug.cgi?id=716805
Common Vulnerability Exposure (CVE) ID: CVE-2011-2695
45193
http://secunia.com/advisories/45193
[linux-ext4] 20110603 [PATCH 1/2] ext4: Fix max file size and logical block counting of extent format file
http://www.spinics.net/lists/linux-ext4/msg25697.html
[oss-security] 20110715 CVE Request -- kernel: ext4: kernel panic when writing data to the last block of sparse file
http://www.openwall.com/lists/oss-security/2011/07/15/7
[oss-security] 20110715 Re: CVE Request -- kernel: ext4: kernel panic when writing data to the last block of sparse file
http://www.openwall.com/lists/oss-security/2011/07/15/8
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f17722f917b2f21497deb6edc62fb1683daa08e6
http://www.kernel.org/pub/linux/kernel/v3.0/testing/ChangeLog-3.0-rc5
https://bugzilla.redhat.com/show_bug.cgi?id=722557
Common Vulnerability Exposure (CVE) ID: CVE-2011-2700
48804
http://www.securityfocus.com/bid/48804
[oss-security] 20110720 CVE request: kernel: si4713-i2c: avoid potential buffer overflow on si4713
http://openwall.com/lists/oss-security/2011/07/20/4
[oss-security] 20110720 Re: CVE request: kernel: si4713-i2c: avoid potential buffer overflow on si4713
http://openwall.com/lists/oss-security/2011/07/20/6
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=dc6b845044ccb7e9e6f3b7e71bd179b3cf0223b6
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4
http://xorl.wordpress.com/2011/07/24/cve-2011-2700-linux-kernel-si4713-i2c-buffer-overflow/
Common Vulnerability Exposure (CVE) ID: CVE-2011-2723
1025876
http://securitytracker.com/id?1025876
48929
http://www.securityfocus.com/bid/48929
RHSA-2011:1321
http://www.redhat.com/support/errata/RHSA-2011-1321.html
[oss-security] 20110728 CVE request: kernel: gro: Only reset frag0 when skb can be pulled
http://openwall.com/lists/oss-security/2011/07/28/13
[oss-security] 20110729 Re: CVE request: kernel: gro: Only reset frag0 when skb can be pulled
http://openwall.com/lists/oss-security/2011/07/29/1
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=17dd759c67f21e34f2156abcf415e1f60605a188
https://bugzilla.redhat.com/show_bug.cgi?id=726552
Common Vulnerability Exposure (CVE) ID: CVE-2011-2928
20110819 [PRE-SA-2011-06] Linux kernel: ZERO_SIZE_PTR dereference for long symlinks in Be FS
http://www.securityfocus.com/archive/1/519387/100/0/threaded
49256
http://www.securityfocus.com/bid/49256
8360
http://securityreason.com/securityalert/8360
[oss-security] 20110819 CVE request: Linux: ZERO_SIZE_PTR dereference for long symlinks in Be FS
http://www.openwall.com/lists/oss-security/2011/08/19/1
[oss-security] 20110819 Re: CVE request: Linux: ZERO_SIZE_PTR dereference for long symlinks in Be FS
http://www.openwall.com/lists/oss-security/2011/08/19/5
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=338d0f0a6fbc82407864606f5b64b75aeb3c70f2
http://www.kernel.org/pub/linux/kernel/v3.0/testing/ChangeLog-3.1-rc3
http://www.pre-cert.de/advisories/PRE-SA-2011-06.txt
linux-kernel-be-dos(69343)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69343
Common Vulnerability Exposure (CVE) ID: CVE-2011-3188
[oss-security] 20110823 Re: CVE request: kernel: change in how tcp seq numbers are generated
http://www.openwall.com/lists/oss-security/2011/08/23/2
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1
https://bugzilla.redhat.com/show_bug.cgi?id=732658
https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec
https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f
https://support.f5.com/csp/article/K15301?utm_source=f5support&amp%3Butm_medium=RSS
Common Vulnerability Exposure (CVE) ID: CVE-2011-3191
[oss-security] 20110824 Re: CVE request: kernel: cifs: singedness issue in CIFSFindNext()
http://www.openwall.com/lists/oss-security/2011/08/24/2
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9438fabb73eb48055b58b89fc51e0bc4db22fabd
https://bugzilla.redhat.com/show_bug.cgi?id=732869
https://github.com/torvalds/linux/commit/9438fabb73eb48055b58b89fc51e0bc4db22fabd
CopyrightCopyright (C) 2011 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.