Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-1244-1
HistoryOct 25, 2011 - 12:00 a.m.

Linux kernel (OMAP4) vulnerabilities

2011-10-2500:00:00
ubuntu.com
52

6.5 Medium

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.063 Low

EPSS

Percentile

93.5%

JSON

Releases

  • Ubuntu 10.10

Packages

  • linux-ti-omap4 - Linux kernel for OMAP4

Details

Dan Rosenberg discovered that the Linux kernel X.25 implementation
incorrectly parsed facilities. A remote attacker could exploit this to
crash the kernel, leading to a denial of service. (CVE-2010-3873)

Andrea Righi discovered a race condition in the KSM memory merging support.
If KSM was being used, a local attacker could exploit this to crash the
system, leading to a denial of service. (CVE-2011-2183)

Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly
handled unlock requests. A local attacker could exploit this to cause a
denial of service. (CVE-2011-2491)

Vasiliy Kulikov discovered that taskstats did not enforce access
restrictions. A local attacker could exploit this to read certain
information, leading to a loss of privacy. (CVE-2011-2494)

Vasiliy Kulikov discovered that /proc/PID/io did not enforce access
restrictions. A local attacker could exploit this to read certain
information, leading to a loss of privacy. (CVE-2011-2495)

It was discovered that the wireless stack incorrectly verified SSID
lengths. A local attacker could exploit this to cause a denial of service
or gain root privileges. (CVE-2011-2517)

It was discovered that the EXT4 filesystem contained multiple off-by-one
flaws. A local attacker could exploit this to crash the system, leading to
a denial of service. (CVE-2011-2695)

Christian Ohm discovered that the perf command looks for configuration
files in the current directory. If a privileged user were tricked into
running perf in a directory containing a malicious configuration file, an
attacker could run arbitrary commands and possibly gain privileges.
(CVE-2011-2905)

Vasiliy Kulikov discovered that the Comedi driver did not correctly clear
memory. A local attacker could exploit this to read kernel stack memory,
leading to a loss of privacy. (CVE-2011-2909)

Yogesh Sharma discovered that CIFS did not correctly handle UNCs that had
no prefixpaths. A local attacker with access to a CIFS partition could
exploit this to crash the system, leading to a denial of service.
(CVE-2011-3363)

OSVersionArchitecturePackageVersionFilename
Ubuntu10.10noarchlinux-image-2.6.35-903-omap4< 2.6.35-903.26UNKNOWN
Ubuntu10.10noarchblock-modules-2.6.35-903-omap4-di< 2.6.35-903.26UNKNOWN
Ubuntu10.10noarchcrypto-modules-2.6.35-903-omap4-di< 2.6.35-903.26UNKNOWN
Ubuntu10.10noarchfat-modules-2.6.35-903-omap4-di< 2.6.35-903.26UNKNOWN
Ubuntu10.10noarchfs-core-modules-2.6.35-903-omap4-di< 2.6.35-903.26UNKNOWN
Ubuntu10.10noarchfs-secondary-modules-2.6.35-903-omap4-di< 2.6.35-903.26UNKNOWN
Ubuntu10.10noarchinput-modules-2.6.35-903-omap4-di< 2.6.35-903.26UNKNOWN
Ubuntu10.10noarchirda-modules-2.6.35-903-omap4-di< 2.6.35-903.26UNKNOWN
Ubuntu10.10noarchkernel-image-2.6.35-903-omap4-di< 2.6.35-903.26UNKNOWN
Ubuntu10.10noarchlinux-headers-2.6.35-903< 2.6.35-903.26UNKNOWN
Rows per page:
1-10 of 261

Related

nessus 45
openvas 66
ubuntu 18
securityvulns 3
oraclelinux 6
redhat 5
centos 2
fedora 2
veracode 7
ubuntucve 11
prion 11
cve 11
osv 1
seebug 1
debian 2
suse 5
redhatcve 2
amazon 1
nessus
nessus
USN-1244-1 : linux-ti-omap4 vulnerabilities
2011-10-26 00:00:00
Ubuntu 10.04 LTS : linux-lts-backport-natty vulnerabilities (USN-1279-1)
2011-11-26 00:00:00
Ubuntu 11.04 : linux vulnerabilities (USN-1285-1)
2011-11-30 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-1244-1)
2011-10-31 00:00:00
Ubuntu Update for linux-ti-omap4 USN-1244-1
2011-10-31 00:00:00
Ubuntu Update for linux-lts-backport-natty USN-1279-1
2011-11-25 00:00:00
ubuntu
ubuntu
Linux (Natty backport) vulnerabilities
2011-11-24 00:00:00
Linux kernel vulnerabilities
2011-11-29 00:00:00
Linux (OMAP4) vulnerabilities
2011-11-24 00:00:00
securityvulns
securityvulns
[USN-1281-1] Linux &#40;OMAP4&#41; vulnerabilities
2011-11-27 00:00:00
Linux kernel multiple security vulnerabilities
2011-11-27 00:00:00
[SECURITY] [DSA 2303-2] New linux-2.6 packages fix regression
2011-09-13 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security and bug fix update
2011-08-24 00:00:00
kernel security and bug fix update
2011-09-07 00:00:00
kernel security, bug fix, and enhancement update
2011-08-23 00:00:00
redhat
redhat
(RHSA-2011:1813) Important: kernel security and bug fix update
2011-12-13 00:00:00
(RHSA-2011:1212) Important: kernel security and bug fix update
2011-09-06 00:00:00
(RHSA-2011:1189) Important: kernel security, bug fix, and enhancement update
2011-08-23 00:00:00
centos
centos
kernel security update
2011-09-08 23:40:55
kernel security update
2011-11-30 10:33:41
fedora
fedora
[SECURITY] Fedora 15 Update: kernel-2.6.38.8-35.fc15
2011-07-12 05:26:19
[SECURITY] Fedora 15 Update: kernel-2.6.40.3-0.fc15
2011-08-18 02:34:58
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:08:26
Privilege Escalation
2020-04-10 01:01:30
Information Disclosure
2020-04-10 01:01:29
ubuntucve
ubuntucve
CVE-2011-2517
2011-10-06 00:00:00
CVE-2011-2909
2011-10-06 00:00:00
CVE-2011-3363
2011-10-03 00:00:00
prion
prion
Design/Logic Flaw
2012-05-24 23:55:00
Buffer overflow
2012-05-24 23:55:00
Spoofing
2014-02-15 14:57:00
cve
cve
CVE-2011-2909
2014-02-15 14:57:00
CVE-2011-3363
2012-05-24 23:55:00
CVE-2011-2517
2012-05-24 23:55:00
osv
osv
linux-2.6 - several issues
2011-09-10 00:00:00
seebug
seebug
Linux Kernel 'perf'工具本地特权提升漏洞
2011-08-15 00:00:00
debian
debian
[SECURITY] [DSA 2303-1] linux-2.6 security update
2011-09-08 21:31:02
[SECURITY] [DSA 2303-2] New linux-2.6 packages fix regression
2011-09-11 02:06:57
suse
suse
kernel update for SLE11 SP1 (important)
2011-09-01 17:08:16
kernel update for SLE11 SP1 (important)
2011-09-02 14:08:13
Security update for Linux kernel (important)
2011-09-01 23:08:26
redhatcve
redhatcve
CVE-2010-4164
2015-10-30 09:27:20
CVE-2010-3873
2015-10-30 09:50:15
amazon
amazon
Medium: kernel
2011-12-02 22:23:00

6.5 Medium

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.063 Low

EPSS

Percentile

93.5%

JSON
Related for USN-1244-1
nessus45openvas66ubuntu18securityvulns3oraclelinux6redhat5centos2fedora2veracode7ubuntucve11prion11cve11osv1seebug1debian2suse5redhatcve2amazon1