English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.841371
Category:Ubuntu Local Security Checks
Title:Ubuntu: Security Advisory (USN-1774-1)
Summary:The remote host is missing an update for the 'linux-ti-omap4' package(s) announced via the USN-1774-1 advisory.
Description:Summary:
The remote host is missing an update for the 'linux-ti-omap4' package(s) announced via the USN-1774-1 advisory.

Vulnerability Insight:
Andrew Cooper of Citrix reported a Xen stack corruption in the Linux
kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest
kernel to crash, or operate erroneously. (CVE-2013-0190)

A failure to validate input was discovered in the Linux kernel's Xen
netback (network backend) driver. A user in a guest OS may exploit this
flaw to cause a denial of service to the guest OS and other guest domains.
(CVE-2013-0216)

A memory leak was discovered in the Linux kernel's Xen netback (network
backend) driver. A user in a guest OS could trigger this flaw to cause a
denial of service on the system. (CVE-2013-0217)

A flaw was discovered in the Linux kernel Xen PCI backend driver. If a PCI
device is assigned to the guest OS, the guest OS could exploit this flaw to
cause a denial of service on the host. (CVE-2013-0231)

A flaw was reported in the permission checks done by the Linux kernel for
/dev/cpu/*/msr. A local root user with all capabilities dropped could
exploit this flaw to execute code with full root capabilities.
(CVE-2013-0268)

Tommi Rantala discovered a flaw in the a flaw the Linux kernels handling of
datagrams packets when the MSG_PEEK flag is specified. An unprivileged
local user could exploit this flaw to cause a denial of service (system
hang). (CVE-2013-0290)

A flaw was discovered in the Linux kernel's vhost driver used to accelerate
guest networking in KVM based virtual machines. A privileged guest user
could exploit this flaw to crash the host system. (CVE-2013-0311)

A flaw was discovered in the Extended Verification Module (EVM) of the
Linux kernel. An unprivileged local user code exploit this flaw to cause a
denial of service (system crash). (CVE-2013-0313)

An information leak was discovered in the Linux kernel's Bluetooth stack
when HIDP (Human Interface Device Protocol) support is enabled. A local
unprivileged user could exploit this flaw to cause an information leak from
the kernel. (CVE-2013-0349)

Affected Software/OS:
'linux-ti-omap4' package(s) on Ubuntu 12.10.

Solution:
Please install the updated package(s).

CVSS Score:
6.5

CVSS Vector:
AV:A/AC:H/Au:S/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-0190
57433
http://www.securityfocus.com/bid/57433
RHSA-2013:0496
http://rhn.redhat.com/errata/RHSA-2013-0496.html
USN-1725-1
http://www.ubuntu.com/usn/USN-1725-1
USN-1728-1
http://www.ubuntu.com/usn/USN-1728-1
[oss-security] 20130116 Xen Security Advisory 40 (CVE-2013-0190) - Linux stack corruption in xen_failsafe_callback for 32bit PVOPS guests.
http://www.openwall.com/lists/oss-security/2013/01/16/8
[oss-security] 20130116 [PATCH] xen: Fix stack corruption in xen_failsafe_callback for 32bit PVOPS guests.
http://www.openwall.com/lists/oss-security/2013/01/16/6
https://bugzilla.redhat.com/show_bug.cgi?id=896038
Common Vulnerability Exposure (CVE) ID: CVE-2013-0216
MDVSA-2013:176
http://www.mandriva.com/security/advisories?name=MDVSA-2013:176
SUSE-SU-2013:0674
http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00018.html
[oss-security] 20130205 Xen Security Advisory 39 (CVE-2013-0216,CVE-2013-0217) - Linux netback DoS via malicious guest ring.
http://www.openwall.com/lists/oss-security/2013/02/05/12
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=48856286b64e4b66ec62b94e504d0b29c1ade664
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.8
https://bugzilla.redhat.com/show_bug.cgi?id=910883
https://github.com/torvalds/linux/commit/48856286b64e4b66ec62b94e504d0b29c1ade664
openSUSE-SU-2013:0395
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00004.html
openSUSE-SU-2013:0925
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-0217
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7d5145d8eb2b9791533ffe4dc003b129b9696c48
https://github.com/torvalds/linux/commit/7d5145d8eb2b9791533ffe4dc003b129b9696c48
Common Vulnerability Exposure (CVE) ID: CVE-2013-0231
52059
http://secunia.com/advisories/52059
57740
http://www.securityfocus.com/bid/57740
89903
http://osvdb.org/89903
DSA-2632
http://www.debian.org/security/2013/dsa-2632
[oss-security] 20130205 Xen Security Advisory 43 (CVE-2013-0231) - Linux pciback DoS via not rate limited log messages.
http://www.openwall.com/lists/oss-security/2013/02/05/9
xen-pcibackenablemsi-dos(81923)
https://exchange.xforce.ibmcloud.com/vulnerabilities/81923
Common Vulnerability Exposure (CVE) ID: CVE-2013-0268
[oss-security] 20130207 Re: CVE request -- Linux kernel: x86/msr: /dev/cpu/*/msr local privilege escalation
http://www.openwall.com/lists/oss-security/2013/02/07/12
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c903f0456bc69176912dee6dd25c6a66ee1aed00
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.6
https://bugzilla.redhat.com/show_bug.cgi?id=908693
https://github.com/torvalds/linux/commit/c903f0456bc69176912dee6dd25c6a66ee1aed00
openSUSE-SU-2013:1187
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-0290
[oss-security] 20130214 Re: CVE Request: kernel -- local DOS (endless loop with interrupts disabled)
http://www.openwall.com/lists/oss-security/2013/02/15/2
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=77c1090f94d1b0b5186fb13a1b71b47b1343f87f
http://www.kernel.org/pub/linux/kernel/v3.x/patch-3.8.bz2
https://bugzilla.redhat.com/show_bug.cgi?id=911473
https://github.com/torvalds/linux/commit/77c1090f94d1b0b5186fb13a1b71b47b1343f87f
openSUSE-SU-2013:0951
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00009.html
openSUSE-SU-2013:1042
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-0311
RHSA-2013:0579
http://rhn.redhat.com/errata/RHSA-2013-0579.html
RHSA-2013:0882
http://rhn.redhat.com/errata/RHSA-2013-0882.html
RHSA-2013:0928
http://rhn.redhat.com/errata/RHSA-2013-0928.html
[oss-security] 20130219 Re: CVE request -- Linux kernel: vhost: fix length for cross region descriptor
http://www.openwall.com/lists/oss-security/2013/02/20/6
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bd97120fc3d1a11f3124c7c9ba1d91f51829eb85
http://www.kernel.org/pub/linux/kernel/v3.x/patch-3.7.bz2
https://bugzilla.redhat.com/show_bug.cgi?id=912905
https://github.com/torvalds/linux/commit/bd97120fc3d1a11f3124c7c9ba1d91f51829eb85
Common Vulnerability Exposure (CVE) ID: CVE-2013-0313
[oss-security] 20130220 Re: CVE request - Linux kernel: evm: NULL pointer de-reference flaw
http://www.openwall.com/lists/oss-security/2013/02/20/16
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a67adb997419fb53540d4a4f79c6471c60bc69b6
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.5
https://bugzilla.redhat.com/show_bug.cgi?id=913266
https://github.com/torvalds/linux/commit/a67adb997419fb53540d4a4f79c6471c60bc69b6
Common Vulnerability Exposure (CVE) ID: CVE-2013-0349
RHSA-2013:0744
http://rhn.redhat.com/errata/RHSA-2013-0744.html
USN-1805-1
http://www.ubuntu.com/usn/USN-1805-1
USN-1808-1
http://www.ubuntu.com/usn/USN-1808-1
[oss-security] 20130222 Re: CVE request: Linux kernel: Bluetooth HIDP information disclosure
http://www.openwall.com/lists/oss-security/2013/02/23/3
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0a9ab9bdb3e891762553f667066190c1d22ad62b
https://bugzilla.redhat.com/show_bug.cgi?id=914298
https://github.com/torvalds/linux/commit/0a9ab9bdb3e891762553f667066190c1d22ad62b
CopyrightCopyright (C) 2013 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.