Linux kernel vulnerabilities

2013-09-27T00:00:00
ID USN-1972-1
Type ubuntu
Reporter Ubuntu
Modified 2013-09-27T00:00:00

Description

Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). (CVE-2013-4254)

A failure to validate block numbers was discovered in the Linux kernel’s implementation of the XFS filesystem. A local user can cause a denial of service (system crash) if they can mount, or cause to be mounted a corrupted or special crafted XFS filesystem. (CVE-2013-1819)

An information leak was discovered in the Linux kernel when reading broadcast messages from the notify_policy interface of the IPSec key_socket. A local user could exploit this flaw to examine potentially sensitive information in kernel memory. (CVE-2013-2237)