[USN-1998-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-1998-1 October 22, 2013 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Ubuntu 12.04 LTS : linux-lts-raring vulnerabilities (USN-1995-1)

An information leak was discovered in the Linux kernel when reading broadcast messages from the notifypolicy interface of the IPSec keysocket. A local user could exploit this flaw to examine potentially sensitive information in kernel memory. CVE-2013-2237 Kees Cook discovered flaw in the Human...

kernel: net: incorrect SCM_CREDENTIALS passing

The scmsetcred function in include/net/scm.h in the Linux kernel before 3.8.11 uses incorrect uid and gid values during credentials passing, which allows local users to gain privileges via a crafted application...

CVE-2012-3520

The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that lack SCMCREDENTIALS data, which might allow local users to spoof Netlink communication via a crafted message, as demonstrated by a message to 1 Avahi or 2 NetworkManager...