Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-578-1
HistoryFeb 14, 2008 - 12:00 a.m.

Linux kernel vulnerabilities

2008-02-1400:00:00
ubuntu.com
58

7 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.14 Low

EPSS

Percentile

95.6%

JSON

Releases

  • Ubuntu 6.06

Packages

  • linux-source-2.6.15 -

Details

The minix filesystem did not properly validate certain filesystem
values. If a local attacker could trick the system into attempting
to mount a corrupted minix filesystem, the kernel could be made to
hang for long periods of time, resulting in a denial of service.
(CVE-2006-6058)

Alexander Schulze discovered that the skge driver does not properly
use the spin_lock and spin_unlock functions. Remote attackers could
exploit this by sending a flood of network traffic and cause a denial
of service (crash). (CVE-2006-7229)

Hugh Dickins discovered that hugetlbfs performed certain prio_tree
calculations using HPAGE_SIZE instead of PAGE_SIZE. A local user
could exploit this and cause a denial of service via kernel panic.
(CVE-2007-4133)

Chris Evans discovered an issue with certain drivers that use the
ieee80211_rx function. Remote attackers could send a crafted 802.11
frame and cause a denial of service via crash. (CVE-2007-4997)

Alex Smith discovered an issue with the pwc driver for certain webcam
devices. A local user with physical access to the system could remove
the device while a userspace application had it open and cause the USB
subsystem to block. (CVE-2007-5093)

Scott James Remnant discovered a coding error in ptrace. Local users
could exploit this and cause the kernel to enter an infinite loop.
(CVE-2007-5500)

Venustech AD-LAB discovered a buffer overflow in the isdn net
subsystem. This issue is exploitable by local users via crafted input
to the isdn_ioctl function. (CVE-2007-6063)

It was discovered that the isdn subsystem did not properly check for
NULL termination when performing ioctl handling. A local user could
exploit this to cause a denial of service. (CVE-2007-6151)

Blake Frantz discovered that when a root process overwrote an existing
core file, the resulting core file retained the previous core file’s
ownership. Local users could exploit this to gain access to sensitive
information. (CVE-2007-6206)

Hugh Dickins discovered the when using the tmpfs filesystem, under
rare circumstances, a kernel page may be improperly cleared. A local
user may be able to exploit this and read sensitive kernel data or
cause a denial of service via crash. (CVE-2007-6417)

Bill Roman discovered that the VFS subsystem did not properly check
access modes. A local user may be able to gain removal privileges
on directories. (CVE-2008-0001)

OSVersionArchitecturePackageVersionFilename
Ubuntu6.06noarchlinux-image-2.6.15-51-amd64-k8< 2.6.15-51.66UNKNOWN
Ubuntu6.06noarchacpi-modules-2.6.15-51-amd64-generic-di< 2.6.15-51.66UNKNOWN
Ubuntu6.06noarchcdrom-core-modules-2.6.15-51-amd64-generic-di< 2.6.15-51.66UNKNOWN
Ubuntu6.06noarchcrc-modules-2.6.15-51-amd64-generic-di< 2.6.15-51.66UNKNOWN
Ubuntu6.06noarchext2-modules-2.6.15-51-amd64-generic-di< 2.6.15-51.66UNKNOWN
Ubuntu6.06noarchext3-modules-2.6.15-51-amd64-generic-di< 2.6.15-51.66UNKNOWN
Ubuntu6.06noarchfat-modules-2.6.15-51-amd64-generic-di< 2.6.15-51.66UNKNOWN
Ubuntu6.06noarchfb-modules-2.6.15-51-amd64-generic-di< 2.6.15-51.66UNKNOWN
Ubuntu6.06noarchfirewire-core-modules-2.6.15-51-amd64-generic-di< 2.6.15-51.66UNKNOWN
Ubuntu6.06noarchfloppy-modules-2.6.15-51-amd64-generic-di< 2.6.15-51.66UNKNOWN
Rows per page:
1-10 of 661

Related

nessus 45
openvas 64
securityvulns 10
osv 6
ubuntu 2
debian 7
centos 4
redhat 5
oraclelinux 4
suse 6
cve 11
ubuntucve 11
prion 9
veracode 7
seebug 5
fedora 3
nessus
nessus
Ubuntu 6.06 LTS : linux-source-2.6.15 vulnerabilities (USN-578-1)
2008-02-14 00:00:00
Mandriva Linux Security Advisory : kernel (MDVSA-2008:112)
2009-04-23 00:00:00
Ubuntu 6.10 / 7.04 / 7.10 : linux-source-2.6.17/20/22 vulnerabilities (USN-574-1)
2008-02-05 00:00:00
openvas
openvas
Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-578-1
2009-03-23 00:00:00
Ubuntu: Security Advisory (USN-578-1)
2009-03-23 00:00:00
Mandriva Update for kernel MDVSA-2008:112 (kernel)
2009-04-09 00:00:00
securityvulns
securityvulns
[ MDVSA-2008:008 ] - Updated kernel packages fix multiple vulnerabilities and bugs
2008-01-13 00:00:00
[SECURITY] [DSA 1436-1] New Linux 2.6.18 packages fix several vulnerabilities
2007-12-21 00:00:00
Linux multiple security vulnerabilities
2007-12-21 00:00:00
osv
osv
linux-2.6 fai-kernels user-mode-linux - several vulnerabilities
2007-12-20 00:00:00
linux-2.6
2008-01-29 00:00:00
fai-kernels linux-2.6 user-mode-linux - several vulnerabilities
2007-12-11 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2008-02-04 00:00:00
Linux kernel vulnerabilities
2007-12-19 00:00:00
debian
debian
[SECURITY] [DSA 1436-1] New Linux 2.6.18 packages fix several vulnerabilities
2007-12-20 22:28:26
[SECURITY] [DSA 1481-1] New Linux 2.6.18 packages fix several vulnerabilities
2007-12-11 05:51:52
[SECURITY] [DSA 1381-1] New Linux 2.6.18 packages fix several vulnerabilities
2007-10-03 02:07:49
centos
centos
kernel security update
2008-02-04 17:59:19
kernel security update
2008-01-24 00:20:48
kernel security update
2009-02-02 23:36:06
redhat
redhat
(RHSA-2008:0055) Important: kernel security and bug fix update
2008-01-31 00:00:00
(RHSA-2008:0089) Important: kernel security and bug fix update
2008-01-23 00:00:00
(RHSA-2009:0001) Important: kernel security update
2009-01-08 00:00:00
oraclelinux
oraclelinux
Important: kernel security and bug fix update
2008-02-01 00:00:00
Updated kernel packages for Oracle Enterprise Linux 4.7
2008-08-01 00:00:00
Important: kernel security and bug fix update
2008-01-24 00:00:00
suse
suse
remote denial of service in kernel
2007-11-09 16:00:31
local privilege escalation in kernel
2008-02-12 13:43:48
local privilege escalation in kernel
2008-02-07 11:18:53
cve
cve
CVE-2006-7229
2007-11-15 00:46:00
CVE-2007-6063
2007-11-21 00:46:00
CVE-2006-6058
2006-11-22 01:07:00
ubuntucve
ubuntucve
CVE-2006-7229
2007-11-15 00:00:00
CVE-2006-6058
2006-11-22 00:00:00
CVE-2007-6417
2007-12-18 00:00:00
prion
prion
Buffer overflow
2007-11-21 00:46:00
Code injection
2007-12-18 00:46:00
Buffer overflow
2007-12-15 01:46:00
veracode
veracode
Information Disclosure
2020-04-10 00:25:57
Buffer Overflow
2020-04-10 00:21:38
Denial Of Service (DoS)
2020-04-10 00:21:23
seebug
seebug
Linux Kernel ISDN_Net.C本地缓冲区溢出漏洞
2007-12-04 00:00:00
Linux Kernel DO_COREDUMP函数本地信息泄露漏洞
2007-12-09 00:00:00
Linux Kernel DO_COREDUMP本地信息泄露漏洞
2007-12-10 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: kernel-2.6.23.8-34.fc7
2007-12-07 18:25:56
[SECURITY] Fedora 8 Update: kernel-2.6.23.8-63.fc8
2007-12-03 17:05:46
[SECURITY] Fedora Core 6 Update: kernel-2.6.22.14-72.fc6
2007-12-07 18:06:29

7 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.14 Low

EPSS

Percentile

95.6%

JSON
Related for USN-578-1
nessus45openvas64securityvulns10osv6ubuntu2debian7centos4redhat5oraclelinux4suse6cve11ubuntucve11prion9veracode7seebug5fedora3