Ubuntu Update For Linux USN-1787-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Emese Revfy discovered that in the Linux kernel signal handlers could leak address information across an exec, making it possible to bypass ASLR (Address Space Layout Randomization). A local user could use this flaw to by pass ASLR to reliably deliver an exploit payload that would otherwise be stopped (by ASLR). (CVE-2013-0914) A memoery use after free error was discover in the Linux kernel's tmpfs filesystem. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). (CVE-2013-1767) Mateusz Guzik discovered a race in the Linux kernel's keyring. A local user could exploit this flaw to cause a denial of service (system crash). (CVE-2013-1792)

Affected

linux on Ubuntu 11.10

Severity

Classification

CVE CVE-2013-0914, CVE-2013-1767, CVE-2013-1792
CVSS Base Score: 6.2
AV:L/AC:H/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Ubuntu Update for apt USN-2353-1
Ubuntu Update for apache2 vulnerabilities USN-908-1
Ubuntu Update for curl USN-2346-1
Ubuntu Update for apache2 vulnerabilities USN-575-1
Ubuntu Update for cpio USN-2456-1

Ubuntu Update for linux USN-1787-1

Take action and discover your vulnerabilities