UbuntuUSN-1811-1Linux kernel (OMAP4) vulnerabilities
7.2 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.741 High
EPSS
Percentile
98.1%
Releases
- Ubuntu 12.04
Packages
- linux-ti-omap4 - Linux kernel for OMAP4
Details
Mathias Krause discovered an information leak in the Linux kernel’s UDF
file system implementation. A local user could exploit this flaw to examine
some of the kernel’s heap memory. (CVE-2012-6548)
Mathias Krause discovered an information leak in the Linux kernel’s ISO
9660 CDROM file system driver. A local user could exploit this flaw to
examine some of the kernel’s heap memory. (CVE-2012-6549)
An integer overflow was discovered in the Direct Rendering Manager (DRM)
subsystem for the i915 video driver in the Linux kernel. A local user could
exploit this flaw to cause a denial of service (crash) or potentially
escalate privileges. (CVE-2013-0913)
Andrew Honig discovered a use after free error in guest OS time updates in
the Linux kernel’s KVM (Kernel-based Virtual Machine). A privileged guest
user could exploit this flaw to escalate privilege to the host kernel
level. (CVE-2013-1797)
A format-string bug was discovered in the Linux kernel’s ext3 filesystem
driver. A local user could exploit this flaw to possibly escalate
privileges on the system. (CVE-2013-1848)
A buffer overflow was discovered in the Linux Kernel’s USB subsystem for
devices reporting the cdc-wdm class. A specially crafted USB device when
plugged-in could cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2013-1860)
A flaw was discovered in the SCTP (stream control transfer protocol)
network protocol’s handling of duplicate cookies in the Linux kernel. A
remote attacker could exploit this flaw to cause a denial of service
(system crash) on another remote user querying the SCTP connection.
(CVE-2013-2206)
An information leak in the Linux kernel’s dcb netlink interface was
discovered. A local user could obtain sensitive information by examining
kernel stack memory. (CVE-2013-2634)
A kernel stack information leak was discovered in the RTNETLINK component
of the Linux kernel. A local user could read sensitive information from the
kernel stack. (CVE-2013-2635)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 12.04 | noarch | linux-image-3.2.0-1430-omap4 | < 3.2.0-1430.39 | UNKNOWN |
| Ubuntu | 12.04 | noarch | block-modules-3.2.0-1430-omap4-di | < 3.2.0-1430.39 | UNKNOWN |
| Ubuntu | 12.04 | noarch | crypto-modules-3.2.0-1430-omap4-di | < 3.2.0-1430.39 | UNKNOWN |
| Ubuntu | 12.04 | noarch | fat-modules-3.2.0-1430-omap4-di | < 3.2.0-1430.39 | UNKNOWN |
| Ubuntu | 12.04 | noarch | fs-core-modules-3.2.0-1430-omap4-di | < 3.2.0-1430.39 | UNKNOWN |
| Ubuntu | 12.04 | noarch | fs-secondary-modules-3.2.0-1430-omap4-di | < 3.2.0-1430.39 | UNKNOWN |
| Ubuntu | 12.04 | noarch | input-modules-3.2.0-1430-omap4-di | < 3.2.0-1430.39 | UNKNOWN |
| Ubuntu | 12.04 | noarch | irda-modules-3.2.0-1430-omap4-di | < 3.2.0-1430.39 | UNKNOWN |
| Ubuntu | 12.04 | noarch | kernel-image-3.2.0-1430-omap4-di | < 3.2.0-1430.39 | UNKNOWN |
| Ubuntu | 12.04 | noarch | linux-headers-3.2.0-1430 | < 3.2.0-1430.39 | UNKNOWN |
References
Related
7.2 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.741 High
EPSS
Percentile
98.1%