Ubuntu Update For Linux Kernel Vulnerabilities USN-988-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-988-1

Solution

Please Install the Updated Packages.

Insight

Ben Hawkes discovered that the Linux kernel did not correctly validate memory ranges on 64bit kernels when allocating memory on behalf of 32bit system calls. On a 64bit system, a local attacker could perform malicious multicast getsockopt calls to gain root privileges. (CVE-2010-3081) Ben Hawkes discovered that the Linux kernel did not correctly filter registers on 64bit kernels when performing 32bit system calls. On a 64bit system, a local attacker could manipulate 32bit system calls to gain root privileges. (CVE-2010-3301)

Affected

Linux kernel vulnerabilities on Ubuntu 6.06 LTS , Ubuntu 8.04 LTS , Ubuntu 9.04 , Ubuntu 9.10 , Ubuntu 10.04 LTS

Severity

Classification

CVE CVE-2010-3081, CVE-2010-3301
CVSS Base Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Ubuntu Update for devhelp, epiphany-browser, midbrowser, yelp update USN-626-2
Ubuntu Update for erlang vulnerability USN-624-2
Ubuntu Update for apache2 USN-1199-1
Ubuntu Update for CUPS update USN-1036-1
Ubuntu Update for Firefox 3.5 and Xulrunner 1.9.1 vulnerabilities USN-896-1

Take action and discover your vulnerabilities