| Description: | Summary:
The remote host is missing an update for the 'linux' package(s) announced via the USN-1390-1 advisory.
Vulnerability Insight:
Dan Rosenberg reported errors in the OSS (Open Sound System) MIDI
interface. A local attacker on non-x86 systems might be able to cause a
denial of service. (CVE-2011-1476)
Dan Rosenberg reported errors in the kernel's OSS (Open Sound System)
driver for Yamaha FM synthesizer chips. A local user can exploit this to
cause memory corruption, causing a denial of service or privilege
escalation. (CVE-2011-1477)
Ben Hutchings reported a flaw in the kernel's handling of corrupt LDM
partitions. A local user could exploit this to cause a denial of service or
escalate privileges. (CVE-2011-2182)
A flaw was discovered in the Linux kernel's NFSv4 (Network File System
version 4) file system. A local, unprivileged user could use this flaw to
cause a denial of service by creating a file in a NFSv4 filesystem.
(CVE-2011-4324)
A flaw was found in how the linux kernel handles user-space held futexs. An
unprivileged user could exploit this flaw to cause a denial of service or
possibly elevate privileges. (CVE-2012-0028)
Affected Software/OS:
'linux' package(s) on Ubuntu 8.04.
Solution:
Please install the updated package(s).
CVSS Score:
7.2
CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
