Executive Summary
Summary | |
---|---|
Title | Linux kernel vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-1448-1 | First vendor Publication | 2012-05-21 |
Vendor | Ubuntu | Last vendor Modification | 2012-05-21 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 LTS Summary: Several security issues were fixed in the kernel. Software Description: - linux: Linux kernel Details: A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. (CVE-2012-1601) Steve Grubb reported a flaw with Linux fscaps (file system base capabilities) when used to increase the permissions of a process. For application on which fscaps are in use a local attacker can disable address space randomization to make attacking the process with raised privileges easier. (CVE-2012-2123) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well. References: Package Information: |
Original Source
Url : http://www.ubuntu.com/usn/USN-1448-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-399 | Resource Management Errors |
50 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:17509 | |||
Oval ID: | oval:org.mitre.oval:def:17509 | ||
Title: | USN-1453-1 -- linux-ec2 vulnerabilities | ||
Description: | Several security issues were fixed in the kernel. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1453-1 CVE-2011-4086 CVE-2012-1601 CVE-2012-2123 | Version: | 7 |
Platform(s): | Ubuntu 10.04 | Product(s): | linux-ec2 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27561 | |||
Oval ID: | oval:org.mitre.oval:def:27561 | ||
Title: | DEPRECATED: ELSA-2012-0571 -- kernel security and bug fix update (moderate) | ||
Description: | [2.6.32-220.17.1.el6] - [scsi] fcoe: Do not switch context in vport_delete callback (Neil Horman) [809388 806119] [2.6.32-220.16.1.el6] - Revert: [x86] Ivy Bridge kernel rdrand support (Jay Fenlason) [800268 696442] [2.6.32-220.15.1.el6] - [net] SUNRPC: We must not use list_for_each_entry_safe() in rpc_wake_up() (Steve Dickson) [811299 809928] - [char] ipmi: Increase KCS timeouts (Matthew Garrett) [806906 803378] - [kernel] sched: Fix ancient race in do_exit() (Frantisek Hrbata) [805457 784758] - [scsi] sd: Unmap discard alignment needs to be converted to bytes (Mike Snitzer) [810322 805519] - [scsi] sd: Fix VPD buffer allocations (Mike Snitzer) [810322 805519] - [x86] Ivy Bridge kernel rdrand support (Jay Fenlason) [800268 696442] - [scsi] fix system lock up from scsi error flood (Frantisek Hrbata) [809378 800555] - [sound] ALSA: pcm midlevel code - add time check for (Jaroslav Kysela) [801329 798984] - [pci] Add pcie_hp=nomsi to disable MSI/MSI-X for pciehp driver (hiro muneda) [807426 728852] - [sound] ALSA: enable OSS emulation layer for PCM and mixer (Jaroslav Kysela) [812960 657291] - [scsi] qla4xxx: Fixed BFS with sendtargets as boot index (Chad Dupuis) [803881 722297] - [fs] nfs: Additional readdir cookie loop information (Steve Dickson) [811135 770250] - [fs] NFS: Fix spurious readdir cookie loop messages (Steve Dickson) [811135 770250] - [x86] powernow-k8: Fix indexing issue (Frank Arnold) [809391 781566] - [x86] powernow-k8: Avoid Pstate MSR accesses on systems supporting CPB (Frank Arnold) [809391 781566] - [redhat] spec: Add python-perf-debuginfo subpackage (Josh Boyer) [806859 806859] [2.6.32-220.14.1.el6] - [net] fix vlan gro path (Jiri Pirko) [810454 720611] - [virt] VMX: vmx_set_cr0 expects kvm->srcu locked (Marcelo Tosatti) [808206 807507] {CVE-2012-1601} - [virt] KVM: Ensure all vcpus are consistent with in-kernel irqchip settings (Marcelo Tosatti) [808206 807507] {CVE-2012-1601} - [scsi] fcoe: Move destroy_work to a private work queue (Neil Horman) [809388 806119] - [fs] jbd2: clear BH_Delay & BH_Unwritten in journal_unmap_buffer (Eric Sandeen) [749727 748713] {CVE-2011-4086} - [net] af_iucv: offer new getsockopt SO_MSGSIZE (Hendrik Brueckner) [804547 786997] - [net] af_iucv: performance improvements for new HS transport (Hendrik Brueckner) [804548 786996] - [s390x] af_iucv: remove IUCV-pathes completely (Hendrik Brueckner) [807158 786960] - [x86] iommu/amd: Fix wrong shift direction (Don Dutile) [809376 781531] - [x86] iommu/amd: Don't use MSI address range for DMA addresses (Don Dutile) [809374 781524] - [fs] NFSv4: Further reduce the footprint of the idmapper (Steve Dickson) [802852 730045] - [fs] NFSv4: Reduce the footprint of the idmapper (Steve Dickson) [802852 730045] - [scsi] fcoe: Make fcoe_transport_destroy a synchronous operation (Neil Horman) [809372 771251] - [net] ipv4: Constrain UFO fragment sizes to multiples of 8 bytes (Jiri Benc) [809104 797731] - [net] ipv4: Don't use ufo handling on later transformed packets (Jiri Benc) [809104 797731] - [net] udp: Add UFO to NETIF_F_GSO_SOFTWARE (Jiri Benc) [809104 797731] - [fs] nfs: Try using machine credentials for RENEW calls (Sachin Prabhu) [806205 795441] | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0571 CVE-2011-4086 CVE-2012-1601 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | kernel |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2013-09-18 | Name : Debian Security Advisory DSA 2469-1 (linux-2.6 - privilege escalation/denial ... File : nvt/deb_2469_1.nasl |
2012-12-18 | Name : Fedora Update for kernel FEDORA-2012-20240 File : nvt/gb_fedora_2012_20240_kernel_fc16.nasl |
2012-11-29 | Name : Fedora Update for kernel FEDORA-2012-18691 File : nvt/gb_fedora_2012_18691_kernel_fc16.nasl |
2012-11-06 | Name : Fedora Update for kernel FEDORA-2012-17479 File : nvt/gb_fedora_2012_17479_kernel_fc16.nasl |
2012-09-04 | Name : Fedora Update for kernel FEDORA-2012-12684 File : nvt/gb_fedora_2012_12684_kernel_fc16.nasl |
2012-08-30 | Name : Fedora Update for kernel FEDORA-2012-6344 File : nvt/gb_fedora_2012_6344_kernel_fc17.nasl |
2012-08-14 | Name : Ubuntu Update for linux-ti-omap4 USN-1530-1 File : nvt/gb_ubuntu_USN_1530_1.nasl |
2012-08-06 | Name : Fedora Update for kernel FEDORA-2012-11348 File : nvt/gb_fedora_2012_11348_kernel_fc16.nasl |
2012-07-30 | Name : CentOS Update for kmod-kvm CESA-2012:0676 centos5 File : nvt/gb_CESA-2012_0676_kmod-kvm_centos5.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2012:0571 centos6 File : nvt/gb_CESA-2012_0571_kernel_centos6.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2012:0743 centos6 File : nvt/gb_CESA-2012_0743_kernel_centos6.nasl |
2012-07-19 | Name : Ubuntu Update for linux USN-1507-1 File : nvt/gb_ubuntu_USN_1507_1.nasl |
2012-07-09 | Name : RedHat Update for kernel RHSA-2012:0571-01 File : nvt/gb_RHSA-2012_0571-01_kernel.nasl |
2012-06-25 | Name : Fedora Update for kernel FEDORA-2012-8931 File : nvt/gb_fedora_2012_8931_kernel_fc15.nasl |
2012-06-19 | Name : RedHat Update for kernel RHSA-2012:0743-01 File : nvt/gb_RHSA-2012_0743-01_kernel.nasl |
2012-06-15 | Name : Fedora Update for kernel FEDORA-2012-8890 File : nvt/gb_fedora_2012_8890_kernel_fc16.nasl |
2012-06-15 | Name : Ubuntu Update for linux-lts-backport-natty USN-1470-1 File : nvt/gb_ubuntu_USN_1470_1.nasl |
2012-06-01 | Name : Ubuntu Update for linux-lts-backport-oneiric USN-1455-1 File : nvt/gb_ubuntu_USN_1455_1.nasl |
2012-06-01 | Name : Ubuntu Update for linux USN-1457-1 File : nvt/gb_ubuntu_USN_1457_1.nasl |
2012-06-01 | Name : Ubuntu Update for linux-ti-omap4 USN-1459-1 File : nvt/gb_ubuntu_USN_1459_1.nasl |
2012-06-01 | Name : Ubuntu Update for linux-ti-omap4 USN-1460-1 File : nvt/gb_ubuntu_USN_1460_1.nasl |
2012-05-28 | Name : Ubuntu Update for linux USN-1452-1 File : nvt/gb_ubuntu_USN_1452_1.nasl |
2012-05-28 | Name : Ubuntu Update for linux-ec2 USN-1453-1 File : nvt/gb_ubuntu_USN_1453_1.nasl |
2012-05-22 | Name : Ubuntu Update for linux USN-1445-1 File : nvt/gb_ubuntu_USN_1445_1.nasl |
2012-05-22 | Name : Ubuntu Update for linux USN-1448-1 File : nvt/gb_ubuntu_USN_1448_1.nasl |
2012-05-17 | Name : Fedora Update for kernel FEDORA-2012-7594 File : nvt/gb_fedora_2012_7594_kernel_fc15.nasl |
2012-05-14 | Name : Fedora Update for kernel FEDORA-2012-7538 File : nvt/gb_fedora_2012_7538_kernel_fc16.nasl |
2012-04-26 | Name : Fedora Update for kernel FEDORA-2012-6406 File : nvt/gb_fedora_2012_6406_kernel_fc15.nasl |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-0287-1.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0042.nasl - Type : ACT_GATHER_INFO |
2014-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0670.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-756.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-357.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-342.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0571.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0676.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0743.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-2013.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-2020.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-2021.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-120714.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-121203.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0676.nasl - Type : ACT_GATHER_INFO |
2012-08-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1530-1.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120515_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120521_kvm_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120618_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-07-17 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1507-1.nasl - Type : ACT_GATHER_INFO |
2012-06-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0743.nasl - Type : ACT_GATHER_INFO |
2012-06-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0743.nasl - Type : ACT_GATHER_INFO |
2012-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1470-1.nasl - Type : ACT_GATHER_INFO |
2012-06-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1457-1.nasl - Type : ACT_GATHER_INFO |
2012-06-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1460-1.nasl - Type : ACT_GATHER_INFO |
2012-06-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1459-1.nasl - Type : ACT_GATHER_INFO |
2012-05-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1455-1.nasl - Type : ACT_GATHER_INFO |
2012-05-29 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1453-1.nasl - Type : ACT_GATHER_INFO |
2012-05-29 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1452-1.nasl - Type : ACT_GATHER_INFO |
2012-05-22 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1448-1.nasl - Type : ACT_GATHER_INFO |
2012-05-22 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0676.nasl - Type : ACT_GATHER_INFO |
2012-05-18 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1445-1.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0571.nasl - Type : ACT_GATHER_INFO |
2012-05-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0571.nasl - Type : ACT_GATHER_INFO |
2012-05-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2469.nasl - Type : ACT_GATHER_INFO |
2012-04-26 | Name : The remote Fedora host is missing a security update. File : fedora_2012-6406.nasl - Type : ACT_GATHER_INFO |
2012-04-25 | Name : The remote Fedora host is missing a security update. File : fedora_2012-6386.nasl - Type : ACT_GATHER_INFO |
2012-04-24 | Name : The remote Fedora host is missing a security update. File : fedora_2012-6344.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:00:07 |
|