Linux kernel vulnerabilities

2011-03-1800:00:00

ubuntu.com

6.9 Medium

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

14.4%

JSON

Releases

Ubuntu 9.10

Packages

linux - Linux kernel
linux-ec2 - Linux kernel for EC2

Details

Dan Rosenberg discovered that multiple terminal ioctls did not correctly
initialize structure memory. A local attacker could exploit this to read
portions of kernel stack memory, leading to a loss of privacy.
(CVE-2010-4075, CVE-2010-4076, CVE-2010-4077)

Dan Rosenberg discovered that the socket filters did not correctly
initialize structure memory. A local attacker could create malicious
filters to read portions of kernel stack memory, leading to a loss of
privacy. (CVE-2010-4158)

Dan Rosenberg discovered that certain iovec operations did not calculate
page counts correctly. A local attacker could exploit this to crash the
system, leading to a denial of service. (CVE-2010-4162)

Dan Rosenberg discovered that the SCSI subsystem did not correctly validate
iov segments. A local attacker with access to a SCSI device could send
specially crafted requests to crash the system, leading to a denial of
service. (CVE-2010-4163)

Dan Rosenberg discovered that the RDS protocol did not correctly check
ioctl arguments. A local attacker could exploit this to crash the system,
leading to a denial of service. (CVE-2010-4175)

Alan Cox discovered that the HCI UART driver did not correctly check if
a write operation was available. If the mmap_min-addr sysctl was changed
from the Ubuntu default to a value of 0, a local attacker could exploit
this flaw to gain root privileges. (CVE-2010-4242)

OSVersionArchitecturePackageVersionFilename
Ubuntu9.10noarchlinux-image-2.6.31-23-generic< 2.6.31-23.74UNKNOWN
Ubuntu9.10noarchblock-modules-2.6.31-23-generic-di< 2.6.31-23.74UNKNOWN
Ubuntu9.10noarchchar-modules-2.6.31-23-generic-di< 2.6.31-23.74UNKNOWN
Ubuntu9.10noarchcrypto-modules-2.6.31-23-generic-di< 2.6.31-23.74UNKNOWN
Ubuntu9.10noarchfat-modules-2.6.31-23-generic-di< 2.6.31-23.74UNKNOWN
Ubuntu9.10noarchfb-modules-2.6.31-23-generic-di< 2.6.31-23.74UNKNOWN
Ubuntu9.10noarchfirewire-core-modules-2.6.31-23-generic-di< 2.6.31-23.74UNKNOWN
Ubuntu9.10noarchfloppy-modules-2.6.31-23-generic-di< 2.6.31-23.74UNKNOWN
Ubuntu9.10noarchfs-core-modules-2.6.31-23-generic-di< 2.6.31-23.74UNKNOWN
Ubuntu9.10noarchfs-secondary-modules-2.6.31-23-generic-di< 2.6.31-23.74UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	9.10	noarch	linux-image-2.6.31-23-generic	< 2.6.31-23.74	UNKNOWN
Ubuntu	9.10	noarch	block-modules-2.6.31-23-generic-di	< 2.6.31-23.74	UNKNOWN
Ubuntu	9.10	noarch	char-modules-2.6.31-23-generic-di	< 2.6.31-23.74	UNKNOWN
Ubuntu	9.10	noarch	crypto-modules-2.6.31-23-generic-di	< 2.6.31-23.74	UNKNOWN
Ubuntu	9.10	noarch	fat-modules-2.6.31-23-generic-di	< 2.6.31-23.74	UNKNOWN
Ubuntu	9.10	noarch	fb-modules-2.6.31-23-generic-di	< 2.6.31-23.74	UNKNOWN
Ubuntu	9.10	noarch	firewire-core-modules-2.6.31-23-generic-di	< 2.6.31-23.74	UNKNOWN
Ubuntu	9.10	noarch	floppy-modules-2.6.31-23-generic-di	< 2.6.31-23.74	UNKNOWN
Ubuntu	9.10	noarch	fs-core-modules-2.6.31-23-generic-di	< 2.6.31-23.74	UNKNOWN
Ubuntu	9.10	noarch	fs-secondary-modules-2.6.31-23-generic-di	< 2.6.31-23.74	UNKNOWN