Ubuntu: Security Advisory (USN-470-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for linux-source-2.6.15/17/20 vulnerabilities USN-518-1

Ubuntu Update for Linux kernel vulnerabilities USN-518-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5181.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for linux-source-2.6.15/17/20 vulnerabilities USN-518-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH...

Ubuntu Update for linux-source-2.6.15/2.6.17 vulnerabilities USN-451-1

Ubuntu Update for Linux kernel vulnerabilities USN-451-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4511.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for linux-source-2.6.15/2.6.17 vulnerabilities USN-451-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks Gmb...

Ubuntu: Security Advisory (USN-574-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 5.04 / 5.10 : linux-source-2.6.10, linux-source-2.6.12 vulnerability (USN-319-2)

USN-319-1 fixed a Linux kernel vulnerability in Ubuntu 6.06 LTS. This followup advisory provides the corresponding updates for Ubuntu 5.04 and 5.10. For reference, these are the details of the original USN : A race condition has been discovered in the file permission handling of the /proc file...

Ubuntu 5.10 / 6.06 LTS / 6.10 : linux-source-2.6.12/2.6.15/2.6.17 vulnerabilities (USN-416-1)

Mark Dowd discovered that the netfilter iptables module did not correcly handle fragmented IPv6 packets. By sending specially crafted packets, a remote attacker could exploit this to bypass firewall rules. This has has already been fixed for Ubuntu 6.10 in USN-395-1; this is the corresponding fix...

Ubuntu 6.10 : linux-source-2.6.17 vulnerabilities (USN-486-1)

The compatsysmount function allowed local users to cause a denial of service when mounting a smbfs filesystem in compatibility mode. CVE-2006-7203 The Omnikey CardMan 4040 driver cm4040cs did not limit the size of buffers passed to read and write. A local attacker could exploit this to execute...

Ubuntu 6.06 LTS : linux-source-2.6.15 vulnerability (USN-319-1)

A race condition has been discovered in the file permission handling of the /proc file system. A local attacker could exploit this to execute arbitrary code with full root privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu securit...

Ubuntu 7.04 : linux-source-2.6.20 vulnerabilities (USN-470-1)

USN-464-1 fixed several vulnerabilities in the Linux kernel. Some additional code changes were accidentally included in the Feisty update which caused trouble for some people who were not using UUID-based filesystem mounts. These changes have been reverted. We apologize for the inconvenience. For...

Ubuntu 6.06 LTS : linux-source-2.6.15 vulnerability (USN-489-1)

A flaw was discovered in dvb ULE decapsulation. A remote attacker could send a specially crafted message and cause a denial of service. CVE-2006-4623 The compatsysmount function allowed local users to cause a denial of service when mounting a smbfs filesystem in compatibility mode. CVE-2006-7203...

Ubuntu 6.06 LTS : linux-source-2.6.15 vulnerabilities (USN-508-1)

A buffer overflow was discovered in the Moxa serial driver. Local attackers could execute arbitrary code and gain root privileges. CVE-2005-0504 A flaw was discovered in the IPv6 stack's handling of type 0 route headers. By sending a specially crafted IPv6 packet, a remote attacker could cause a...

Ubuntu 5.10 : linux-source-2.6.12 vulnerability (USN-250-1)

Herbert Xu discovered a remote Denial of Service vulnerability in the ICMP packet handler. In some situations a memory allocation was released twice, which led to memory corruption. A remote attacker could exploit this to crash the machine. Note that Tenable Network Security has extracted the...

Ubuntu 4.10 : linux-source-2.6.8.1 vulnerabilities (USN-95-1)

A remote Denial of Service vulnerability was discovered in the Netfilter IP packet handler. This allowed a remote attacker to crash the machine by sending specially crafted IP packet fragments. CAN-2005-0209 The Netfilter code also contained a memory leak. Certain locally generated packet fragmen...

Ubuntu 4.10 : linux-source-2.6.8.1 vulnerabilities (USN-47-1)

Georgi Guninski discovered two Denial of Service vulnerabilities in the Linux kernel. An integer overflow in the vcresize function caused the memory allocation for the new screen being too short, thus causing a buffer overflow and a kernel crash. There was also a memory leak in the ipoptionsget...

Ubuntu 4.10 / 5.04 : linux-source-2.6.10, linux-source-2.6.8.1 vulnerabilities (USN-137-1)

Alexander Nyberg discovered that ptrace insufficiently validated addresses on the amd64 platform so that it was possible to set an invalid segment base. A local attacker could exploit this to crash the kernel. This does not affect the i386 and powerpc platforms in any way. CAN-2005-0756 Chris...

Ubuntu 4.10 : linux-source-2.6.8.1 vulnerabilities (USN-60-0)

CAN-2005-0001 : Paul Starzetz discovered a race condition in the Linux page fault handler code. This allowed an unprivileged user to gain root privileges on multiprocessor machines under some circumstances. This also affects the Hyper-Threading mode on Pentium 4 processors...

Ubuntu 4.10 : linux-source-2.6.8.1 vulnerabilities (USN-57-1)

Paul Starzetz discovered a race condition in the ELF library and a.out binary format loaders, which can be locally exploited in several different ways to gain root privileges. CAN-2004-1235 Liang Bin found a design flaw in the capability module. After this module was loaded on demand in a running...

Ubuntu 4.10 : linux-source-2.6.8.1 vulnerability (USN-39-1)

USN-30-1 fixed several flaws in the Linux ELF binary loader's handling of setuid binaries. Unfortunately it was found that these patches were not sufficient to prevent all possible attacks on 64-bit platforms, so previous amd64 kernel images were still vulnerable to root privilege escalation if...

Ubuntu 4.10 / 5.04 : linux-source-2.6.10, linux-source-2.6.8.1 vulnerabilities (USN-187-1)

A Denial of Service vulnerability was detected in the stack segment fault handler. A local attacker could exploit this by causing stack fault exceptions under special circumstances scheduling, which lead to a kernel crash. CAN-2005-1767 Vasiliy Averin discovered a Denial of Service vulnerability ...

[Full-disclosure] [USN-110-1] Linux kernel vulnerabilities

=========================================================== Ubuntu Security Notice USN-110-1 April 11, 2005 linux-source-2.6.8.1 vulnerabilities CAN-2005-0867, CAN-2005-0937 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu...