Ubuntu Security Advisory for linux-ti-omap4 package(s) with multiple CVE
Reporter | Title | Published | Views | Family All 199 |
---|---|---|---|---|
![]() | Linux kernel (OMAP4) vulnerabilities | 7 Mar 201400:00 | – | ubuntu |
![]() | Linux kernel (Quantal HWE) vulnerabilities | 7 Mar 201400:00 | – | ubuntu |
![]() | Linux kernel (OMAP4) vulnerabilities | 7 Mar 201400:00 | – | ubuntu |
![]() | Linux kernel vulnerabilities | 7 Mar 201400:00 | – | ubuntu |
![]() | Linux kernel vulnerabilities | 18 Feb 201400:00 | – | ubuntu |
![]() | Linux kernel (Saucy HWE) vulnerabilities | 18 Feb 201400:00 | – | ubuntu |
![]() | Linux kernel (Raring HWE) vulnerabilities | 7 Mar 201400:00 | – | ubuntu |
![]() | Linux kernel vulnerabilities | 18 Feb 201400:00 | – | ubuntu |
![]() | Linux kernel vulnerabilities | 7 Mar 201400:00 | – | ubuntu |
![]() | Linux kernel (OMAP4) vulnerabilities | 18 Feb 201400:00 | – | ubuntu |
Source | Link |
---|---|
ubuntu | www.ubuntu.com/security/notices/USN-2141-1 |
# SPDX-FileCopyrightText: 2014 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.841749");
script_cve_id("CVE-2013-4579", "CVE-2013-4587", "CVE-2013-6367", "CVE-2013-6368", "CVE-2013-6382", "CVE-2013-7263", "CVE-2013-7264", "CVE-2013-7265", "CVE-2013-7266", "CVE-2013-7267", "CVE-2013-7268", "CVE-2013-7269", "CVE-2013-7270", "CVE-2013-7271", "CVE-2013-7281", "CVE-2013-7339", "CVE-2014-1438", "CVE-2014-1446", "CVE-2014-1874");
script_tag(name:"creation_date", value:"2014-03-12 04:13:25 +0000 (Wed, 12 Mar 2014)");
script_version("2024-02-02T05:06:05+0000");
script_tag(name:"last_modification", value:"2024-02-02 05:06:05 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"7.2");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_name("Ubuntu: Security Advisory (USN-2141-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2014 Greenbone AG");
script_family("Ubuntu Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages", re:"ssh/login/release=UBUNTU13\.10");
script_xref(name:"Advisory-ID", value:"USN-2141-1");
script_xref(name:"URL", value:"https://ubuntu.com/security/notices/USN-2141-1");
script_tag(name:"summary", value:"The remote host is missing an update for the 'linux-ti-omap4' package(s) announced via the USN-2141-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"Mathy Vanhoef discovered an error in the way the ath9k driver was
handling the BSSID masking. A remote attacker could exploit this error to
discover the original MAC address after a spoofing attack. (CVE-2013-4579)
Andrew Honig reported a flaw in the Linux Kernel's kvm_vm_ioctl_create_vcpu
function of the Kernel Virtual Machine (KVM) subsystem. A local user could
exploit this flaw to gain privileges on the host machine. (CVE-2013-4587)
Andrew Honig reported a flaw in the apic_get_tmcct function of the Kernel
Virtual Machine (KVM) subsystem if the Linux kernel. A guest OS user could
exploit this flaw to cause a denial of service or host OS system crash.
(CVE-2013-6367)
Andrew Honig reported an error in the Linux Kernel's Kernel Virtual Machine
(KVM) VAPIC synchronization operation. A local user could exploit this flaw
to gain privileges or cause a denial of service (system crash).
(CVE-2013-6368)
Nico Golde and Fabian Yamaguchi reported buffer underflow errors in the
implementation of the XFS filesystem in the Linux kernel. A local user with
CAP_SYS_ADMIN could exploit this flaw to cause a denial of service (memory
corruption) or possibly other unspecified issues. (CVE-2013-6382)
mpd reported an information leak in the recvfrom, recvmmsg, and recvmsg
system calls in the Linux kernel. An unprivileged local user could exploit
this flaw to obtain sensitive information from kernel stack memory.
(CVE-2013-7263)
mpb reported an information leak in the Layer Two Tunneling Protocol (l2tp)
of the Linux kernel. A local user could exploit this flaw to obtain
sensitive information from kernel stack memory. (CVE-2013-7264)
mpb reported an information leak in the Phone Network protocol (phonet) in
the Linux kernel. A local user could exploit this flaw to obtain sensitive
information from kernel stack memory. (CVE-2013-7265)
An information leak was discovered in the recvfrom, recvmmsg, and recvmsg
systemcalls when used with ISDN sockets in the Linux kernel. A local user
could exploit this leak to obtain potentially sensitive information from
kernel memory. (CVE-2013-7266)
An information leak was discovered in the recvfrom, recvmmsg, and recvmsg
systemcalls when used with apple talk sockets in the Linux kernel. A local
user could exploit this leak to obtain potentially sensitive information
from kernel memory. (CVE-2013-7267)
An information leak was discovered in the recvfrom, recvmmsg, and recvmsg
systemcalls when used with ipx protocol sockets in the Linux kernel. A
local user could exploit this leak to obtain potentially sensitive
information from kernel memory. (CVE-2013-7268)
An information leak was discovered in the recvfrom, recvmmsg, and recvmsg
systemcalls when used with the netrom address family in the Linux kernel. A
local user could exploit this leak to obtain potentially sensitive
information from kernel memory. (CVE-2013-7269)
An information leak was ... [Please see the references for more information on the vulnerabilities]");
script_tag(name:"affected", value:"'linux-ti-omap4' package(s) on Ubuntu 13.10.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "UBUNTU13.10") {
if(!isnull(res = isdpkgvuln(pkg:"linux-image-3.5.0-239-omap4", ver:"3.5.0-239.55", rls:"UBUNTU13.10"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo