Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-1281-1
HistoryNov 24, 2011 - 12:00 a.m.

Linux (OMAP4) vulnerabilities

2011-11-2400:00:00
ubuntu.com
44

6.5 Medium

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

54.8%

JSON

Releases

  • Ubuntu 11.04

Packages

  • linux-ti-omap4 - Linux kernel for OMAP4

Details

Andrea Righi discovered a race condition in the KSM memory merging support.
If KSM was being used, a local attacker could exploit this to crash the
system, leading to a denial of service. (CVE-2011-2183)

It was discovered that an mmap() call with the MAP_PRIVATE flag on
“/dev/zero” was incorrectly handled. A local attacker could exploit this to
crash the system, leading to a denial of service. (CVE-2011-2479)

Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly
handled unlock requests. A local attacker could exploit this to cause a
denial of service. (CVE-2011-2491)

Vasiliy Kulikov discovered that taskstats did not enforce access
restrictions. A local attacker could exploit this to read certain
information, leading to a loss of privacy. (CVE-2011-2494)

Vasiliy Kulikov discovered that /proc/PID/io did not enforce access
restrictions. A local attacker could exploit this to read certain
information, leading to a loss of privacy. (CVE-2011-2495)

Robert Swiecki discovered that mapping extensions were incorrectly handled.
A local attacker could exploit this to crash the system, leading to a
denial of service. (CVE-2011-2496)

It was discovered that the wireless stack incorrectly verified SSID
lengths. A local attacker could exploit this to cause a denial of service
or gain root privileges. (CVE-2011-2517)

Christian Ohm discovered that the perf command looks for configuration
files in the current directory. If a privileged user were tricked into
running perf in a directory containing a malicious configuration file, an
attacker could run arbitrary commands and possibly gain privileges.
(CVE-2011-2905)

Vasiliy Kulikov discovered that the Comedi driver did not correctly clear
memory. A local attacker could exploit this to read kernel stack memory,
leading to a loss of privacy. (CVE-2011-2909)

Yogesh Sharma discovered that CIFS did not correctly handle UNCs that had
no prefixpaths. A local attacker with access to a CIFS partition could
exploit this to crash the system, leading to a denial of service.
(CVE-2011-3363)

OSVersionArchitecturePackageVersionFilename
Ubuntu11.04noarchlinux-image-2.6.38-1209-omap4< 2.6.38-1209.17UNKNOWN
Ubuntu11.04noarchblock-modules-2.6.38-1209-omap4-di< 2.6.38-1209.17UNKNOWN
Ubuntu11.04noarchcrypto-modules-2.6.38-1209-omap4-di< 2.6.38-1209.17UNKNOWN
Ubuntu11.04noarchfat-modules-2.6.38-1209-omap4-di< 2.6.38-1209.17UNKNOWN
Ubuntu11.04noarchfs-core-modules-2.6.38-1209-omap4-di< 2.6.38-1209.17UNKNOWN
Ubuntu11.04noarchfs-secondary-modules-2.6.38-1209-omap4-di< 2.6.38-1209.17UNKNOWN
Ubuntu11.04noarchinput-modules-2.6.38-1209-omap4-di< 2.6.38-1209.17UNKNOWN
Ubuntu11.04noarchirda-modules-2.6.38-1209-omap4-di< 2.6.38-1209.17UNKNOWN
Ubuntu11.04noarchkernel-image-2.6.38-1209-omap4-di< 2.6.38-1209.17UNKNOWN
Ubuntu11.04noarchlinux-headers-2.6.38-1209< 2.6.38-1209.17UNKNOWN
Rows per page:
1-10 of 261

Related

securityvulns 4
nessus 47
openvas 68
ubuntu 18
redhat 5
oraclelinux 6
centos 2
fedora 2
osv 1
debian 2
veracode 8
prion 10
ubuntucve 10
cve 10
seebug 1
suse 4
amazon 1
securityvulns
securityvulns
[USN-1281-1] Linux &#40;OMAP4&#41; vulnerabilities
2011-11-27 00:00:00
Linux kernel multiple security vulnerabilities
2011-11-27 00:00:00
[SECURITY] [DSA 2303-2] New linux-2.6 packages fix regression
2011-09-13 00:00:00
nessus
nessus
USN-1281-1 : linux-ti-omap4 vulnerabilities
2011-11-26 00:00:00
Ubuntu 10.04 LTS : linux-lts-backport-natty vulnerabilities (USN-1279-1)
2011-11-26 00:00:00
Ubuntu 11.04 : linux vulnerabilities (USN-1285-1)
2011-11-30 00:00:00
openvas
openvas
Ubuntu Update for linux-ti-omap4 USN-1281-1
2011-11-25 00:00:00
Ubuntu: Security Advisory (USN-1281-1)
2011-11-25 00:00:00
Ubuntu Update for linux-lts-backport-natty USN-1279-1
2011-11-25 00:00:00
ubuntu
ubuntu
Linux (Natty backport) vulnerabilities
2011-11-24 00:00:00
Linux kernel vulnerabilities
2011-11-29 00:00:00
Linux kernel (OMAP4) vulnerabilities
2011-10-25 00:00:00
redhat
redhat
(RHSA-2011:1813) Important: kernel security and bug fix update
2011-12-13 00:00:00
(RHSA-2011:1212) Important: kernel security and bug fix update
2011-09-06 00:00:00
(RHSA-2011:1189) Important: kernel security, bug fix, and enhancement update
2011-08-23 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2011-09-07 00:00:00
Unbreakable Enterprise kernel security and bug fix update
2011-08-24 00:00:00
kernel security, bug fix, and enhancement update
2011-08-23 00:00:00
centos
centos
kernel security update
2011-09-08 23:40:55
kernel security update
2011-11-30 10:33:41
fedora
fedora
[SECURITY] Fedora 15 Update: kernel-2.6.38.8-35.fc15
2011-07-12 05:26:19
[SECURITY] Fedora 15 Update: kernel-2.6.40.3-0.fc15
2011-08-18 02:34:58
osv
osv
linux-2.6 - several issues
2011-09-10 00:00:00
debian
debian
[SECURITY] [DSA 2303-1] linux-2.6 security update
2011-09-08 21:31:02
[SECURITY] [DSA 2303-2] New linux-2.6 packages fix regression
2011-09-11 02:06:57
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:08:26
Denial Of Service (DoS)
2020-04-10 01:05:30
Privilege Escalation
2020-04-10 01:01:30
prion
prion
Design/Logic Flaw
2012-05-24 23:55:00
Buffer overflow
2012-05-24 23:55:00
Integer overflow
2012-06-13 10:24:00
ubuntucve
ubuntucve
CVE-2011-2517
2011-10-06 00:00:00
CVE-2011-2496
2011-10-06 00:00:00
CVE-2011-2909
2011-10-06 00:00:00
cve
cve
CVE-2011-2517
2012-05-24 23:55:00
CVE-2011-2496
2012-06-13 10:24:00
CVE-2011-2909
2014-02-15 14:57:00
seebug
seebug
Linux Kernel 'perf'工具本地特权提升漏洞
2011-08-15 00:00:00
suse
suse
Security update for Linux kernel (important)
2011-09-01 23:08:26
kernel update for SLE11 SP1 (important)
2011-09-02 14:08:13
kernel update for SLE11 SP1 (important)
2011-09-01 17:08:16
amazon
amazon
Medium: kernel
2011-12-02 22:23:00

6.5 Medium

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

54.8%

JSON
Related for USN-1281-1
securityvulns4nessus47openvas68ubuntu18redhat5oraclelinux6centos2fedora2osv1debian2veracode8prion10ubuntucve10cve10seebug1suse4amazon1