Lucene search

UbuntuUSN-1236-1

HistoryOct 20, 2011 - 12:00 a.m.

Linux kernel vulnerabilities

2011-10-2000:00:00

ubuntu.com

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

7.7 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.016 Low

EPSS

Percentile

87.1%

JSON

Releases

Ubuntu 8.04

Packages

linux - Linux kernel

Details

It was discovered that the Auerswald usb driver incorrectly handled lengths
of the USB string descriptors. A local attacker with physical access could
insert a specially crafted USB device and gain root privileges.
(CVE-2009-4067)

It was discovered that the Stream Control Transmission Protocol (SCTP)
implementation incorrectly calculated lengths. If the net.sctp.addip_enable
variable was turned on, a remote attacker could send specially crafted
traffic to crash the system. (CVE-2011-1573)

Vasiliy Kulikov discovered that taskstats did not enforce access
restrictions. A local attacker could exploit this to read certain
information, leading to a loss of privacy. (CVE-2011-2494)

Vasiliy Kulikov discovered that /proc/PID/io did not enforce access
restrictions. A local attacker could exploit this to read certain
information, leading to a loss of privacy. (CVE-2011-2495)

Dan Kaminsky discovered that the kernel incorrectly handled random sequence
number generation. An attacker could use this flaw to possibly predict
sequence numbers and inject packets. (CVE-2011-3188)

OSVersionArchitecturePackageVersionFilename
Ubuntu8.04noarchlinux-image-2.6.24-29-sparc64< 2.6.24-29.95UNKNOWN
Ubuntu8.04noarchacpi-modules-2.6.24-29-generic-di< 2.6.24-29.95UNKNOWN
Ubuntu8.04noarchblock-modules-2.6.24-29-generic-di< 2.6.24-29.95UNKNOWN
Ubuntu8.04noarchcrypto-modules-2.6.24-29-generic-di< 2.6.24-29.95UNKNOWN
Ubuntu8.04noarchfat-modules-2.6.24-29-generic-di< 2.6.24-29.95UNKNOWN
Ubuntu8.04noarchfb-modules-2.6.24-29-generic-di< 2.6.24-29.95UNKNOWN
Ubuntu8.04noarchfirewire-core-modules-2.6.24-29-generic-di< 2.6.24-29.95UNKNOWN
Ubuntu8.04noarchfloppy-modules-2.6.24-29-generic-di< 2.6.24-29.95UNKNOWN
Ubuntu8.04noarchfs-core-modules-2.6.24-29-generic-di< 2.6.24-29.95UNKNOWN
Ubuntu8.04noarchfs-secondary-modules-2.6.24-29-generic-di< 2.6.24-29.95UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	8.04	noarch	linux-image-2.6.24-29-sparc64	< 2.6.24-29.95	UNKNOWN
Ubuntu	8.04	noarch	acpi-modules-2.6.24-29-generic-di	< 2.6.24-29.95	UNKNOWN
Ubuntu	8.04	noarch	block-modules-2.6.24-29-generic-di	< 2.6.24-29.95	UNKNOWN
Ubuntu	8.04	noarch	crypto-modules-2.6.24-29-generic-di	< 2.6.24-29.95	UNKNOWN
Ubuntu	8.04	noarch	fat-modules-2.6.24-29-generic-di	< 2.6.24-29.95	UNKNOWN
Ubuntu	8.04	noarch	fb-modules-2.6.24-29-generic-di	< 2.6.24-29.95	UNKNOWN
Ubuntu	8.04	noarch	firewire-core-modules-2.6.24-29-generic-di	< 2.6.24-29.95	UNKNOWN
Ubuntu	8.04	noarch	floppy-modules-2.6.24-29-generic-di	< 2.6.24-29.95	UNKNOWN
Ubuntu	8.04	noarch	fs-core-modules-2.6.24-29-generic-di	< 2.6.24-29.95	UNKNOWN
Ubuntu	8.04	noarch	fs-secondary-modules-2.6.24-29-generic-di	< 2.6.24-29.95	UNKNOWN