Summary
Ubuntu Update for Linux kernel vulnerabilities USN-1390-1
Solution
Please Install the Updated Packages.
Insight
Dan Rosenberg reported errors in the OSS (Open Sound System) MIDI interface. A local attacker on non-x86 systems might be able to cause a denial of service. (CVE-2011-1476)
Dan Rosenberg reported errors in the kernel's OSS (Open Sound System) driver for Yamaha FM synthesizer chips. A local user can exploit this to cause memory corruption, causing a denial of service or privilege escalation. (CVE-2011-1477)
Ben Hutchings reported a flaw in the kernel's handling of corrupt LDM partitions. A local user could exploit this to cause a denial of service or escalate privileges. (CVE-2011-2182)
A flaw was discovered in the Linux kernel's NFSv4 (Network File System version 4) file system. A local, unprivileged user could use this flaw to cause a denial of service by creating a file in a NFSv4 filesystem.
(CVE-2011-4324)
A flaw was found in how the linux kernel handles user-space held futexs. An unprivileged user could exploit this flaw to cause a denial of service or possibly elevate privileges. (CVE-2012-0028)
Affected
linux on Ubuntu 8.04 LTS
Severity
Classification
-
CVE CVE-2011-1476, CVE-2011-1477, CVE-2011-2182, CVE-2011-4324, CVE-2012-0028 -
CVSS Base Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities