Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-1940-1
HistorySep 06, 2013 - 12:00 a.m.

Linux kernel (EC2) vulnerabilities

2013-09-0600:00:00
ubuntu.com
42

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.1 High

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.741 High

EPSS

Percentile

98.1%

JSON

Releases

  • Ubuntu 10.04

Packages

  • linux-ec2 - Linux kernel for EC2

Details

Vasily Kulikov discovered a flaw in the Linux Kernel’s perf tool that
allows for privilege escalation. A local user could exploit this flaw to
run commands as root when using the perf tool. (CVE-2013-1060)

Michael S. Tsirkin discovered a flaw in how the Linux kernel’s KVM
subsystem allocates memory slots for the guest’s address space. A local
user could exploit this flaw to gain system privileges or obtain sensitive
information from kernel memory. (CVE-2013-1943)

A flaw was discovered in the SCTP (stream control transfer protocol)
network protocol’s handling of duplicate cookies in the Linux kernel. A
remote attacker could exploit this flaw to cause a denial of service
(system crash) on another remote user querying the SCTP connection.
(CVE-2013-2206)

Hannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option in the
Linux kernel’s IPv6 stack. A local user could exploit this flaw to cause a
denial of service (system crash). (CVE-2013-4162)

OSVersionArchitecturePackageVersionFilename
Ubuntu10.04noarchlinux-image-2.6.32-356-ec2< 2.6.32-356.69UNKNOWN
Ubuntu10.04noarchlinux-headers-2.6.32-356-ec2< 2.6.32-356.69UNKNOWN

Related

securityvulns 3
nessus 51
openvas 65
ubuntu 14
prion 4
suse 6
cve 4
cvelist 4
ubuntucve 4
debiancve 3
checkpoint_advisories 1
redhat 11
oraclelinux 11
centos 5
altlinux 3
amazon 1
debian 2
osv 2
vmware 1
veracode 4
securityvulns
securityvulns
[USN-1939-1] Linux kernel vulnerabilities
2013-09-09 00:00:00
[USN-1944-1] Linux kernel vulnerabilities
2013-09-09 00:00:00
Linux kernel mulriple security vulnerabilities
2013-10-28 00:00:00
nessus
nessus
Ubuntu 10.04 LTS : linux vulnerabilities (USN-1939-1)
2013-09-07 00:00:00
Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1940-1)
2013-09-07 00:00:00
SuSE 11.2 Security Update : Linux Kernel (SAT Patch Numbers 8509 / 8516 / 8518)
2013-11-22 00:00:00
openvas
openvas
Ubuntu Update for linux USN-1939-1
2013-09-12 00:00:00
Ubuntu Update for linux-ec2 USN-1940-1
2013-09-12 00:00:00
Ubuntu: Security Advisory (USN-1940-1)
2013-09-12 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2013-09-06 00:00:00
Linux kernel (Raring HWE) vulnerabilities
2013-09-06 00:00:00
Linux kernel vulnerabilities
2013-09-05 00:00:00
prion
prion
Null pointer dereference
2013-07-04 21:55:00
Design/Logic Flaw
2013-07-16 14:08:00
Information disclosure
2013-07-29 13:59:00
suse
suse
Security update for Real Time Linux Kernel (important)
2013-11-22 08:04:29
Security update for Real Time Linux Kernel (important)
2013-11-22 05:04:54
Security update for Linux Kernel (important)
2013-11-22 08:04:16
cve
cve
CVE-2013-2206
2013-07-04 21:55:00
CVE-2013-1943
2013-07-16 14:08:00
CVE-2013-4162
2013-07-29 13:59:00
cvelist
cvelist
CVE-2013-2206
2013-07-04 21:00:00
CVE-2013-1943
2013-07-16 10:00:00
CVE-2013-4162
2013-07-28 18:00:00
ubuntucve
ubuntucve
CVE-2013-2206
2013-06-21 00:00:00
CVE-2013-1943
2013-07-16 00:00:00
CVE-2013-4162
2013-07-29 00:00:00
debiancve
debiancve
CVE-2013-2206
2013-07-04 21:55:00
CVE-2013-1943
2013-07-16 14:08:00
CVE-2013-4162
2013-07-29 13:59:00
checkpoint_advisories
checkpoint_advisories
Linux Kernel SCTP Duplicate Cookie Handling Denial of Service (CVE-2013-2206)
2013-11-18 00:00:00
redhat
redhat
(RHSA-2013:1436) Moderate: kernel security and bug fix update
2013-10-16 00:00:00
(RHSA-2013:1520) Moderate: kernel security, bug fix, and enhancement update
2013-11-14 00:00:00
(RHSA-2013:1292) Moderate: kernel security and bug fix update
2013-09-26 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2013-10-16 00:00:00
unbreakable enterprise kernel security update
2013-10-18 00:00:00
kernel security and bug fix update
2013-09-27 00:00:00
centos
centos
kernel, perf, python security update
2013-10-17 16:14:23
kernel security update
2013-09-27 13:27:33
kernel, perf, python security update
2013-06-12 13:37:13
altlinux
altlinux
Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt12
2013-10-25 00:00:00
Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt7
2013-06-13 00:00:00
Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt11
2013-08-30 00:00:00
amazon
amazon
Medium: kernel
2013-10-16 20:53:00
debian
debian
[SECURITY] [DSA 2745-1] linux security update
2013-08-29 05:16:38
[SECURITY] [DSA 2766-1] linux-2.6 security update
2013-09-27 23:24:29
osv
osv
linux - several
2013-08-28 00:00:00
linux-2.6 - several
2013-09-27 00:00:00
vmware
vmware
VMware ESX updates to third party libraries
2013-12-05 00:00:00
veracode
veracode
Information Disclosure
2019-05-02 04:52:18
Denial Of Service (DoS)
2019-05-02 04:52:19
Denial Of Service (DoS)
2019-05-02 04:52:18

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.1 High

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.741 High

EPSS

Percentile

98.1%

JSON
Related for USN-1940-1
securityvulns3nessus51openvas65ubuntu14prion4suse6cve4cvelist4ubuntucve4debiancve3checkpoint_advisories1redhat11oraclelinux11centos5altlinux3amazon1debian2osv2vmware1veracode4