Executive Summary
Summary | |
---|---|
Title | Linux kernel vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-38-1 | First vendor Publication | 2004-12-14 |
Vendor | Ubuntu | Last vendor Modification | 2004-12-14 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: linux-image-2.6.8.1-4-386 linux-image-2.6.8.1-4-686 linux-image-2.6.8.1-4-686-smp linux-image-2.6.8.1-4-amd64-generic linux-image-2.6.8.1-4-amd64-k8 linux-image-2.6.8.1-4-amd64-k8-smp linux-image-2.6.8.1-4-amd64-xeon linux-image-2.6.8.1-4-k7 linux-image-2.6.8.1-4-k7-smp linux-image-2.6.8.1-4-power3 linux-image-2.6.8.1-4-power3-smp linux-image-2.6.8.1-4-power4 linux-image-2.6.8.1-4-power4-smp linux-image-2.6.8.1-4-powerpc linux-image-2.6.8.1-4-powerpc-smp The problem can be corrected by upgrading the affected package to version 2.6.8.1-16.3. You need to reboot the computer after doing a standard system upgrade to effect the necessary changes. ATTENTION: Due to an unavoidable ABI change this kernel got a new version number, which requires to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Details follow: CAN-2004-0814: Vitaly V. Bursov discovered a Denial of Service vulnerability in the "serio" Fixing this vulnerability required a change in the Application Binary CAN-2004-1016: Paul Starzetz discovered a buffer overflow vulnerability in the "__scm_send" CAN-2004-1056: Thomas Hellström discovered a Denial of Service vulnerability in the Direct CAN-2004-1058: Rob Landley discovered a race condition in the handling of /proc/.../cmdline. CAN-2004-1068: A race condition was discovered in the handling of AF_UNIX network packets. CAN-2004-1069: Ross Kendall Axe discovered a possible kernel panic (causing a Denial of CAN-2004-1137: Paul Starzetz discovered several flaws in the IGMP handling code. This CAN-2004-1151: Jeremy Fitzhardinge discovered two buffer overflows in the sys32_ni_syscall() |
Original Source
Url : http://www.ubuntu.com/usn/USN-38-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10427 | |||
Oval ID: | oval:org.mitre.oval:def:10427 | ||
Title: | Race condition in Linux kernel 2.6 allows local users to read the environment variables of another process that is still spawning via /proc/.../cmdline. | ||
Description: | Race condition in Linux kernel 2.6 allows local users to read the environment variables of another process that is still spawning via /proc/.../cmdline. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-1058 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10728 | |||
Oval ID: | oval:org.mitre.oval:def:10728 | ||
Title: | Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote attackers to cause a denial of service (panic) by switching from console to PPP line discipline, then quickly sending data that is received during the switch. | ||
Description: | Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote attackers to cause a denial of service (panic) by switching from console to PPP line discipline, then quickly sending data that is received during the switch. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0814 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11144 | |||
Oval ID: | oval:org.mitre.oval:def:11144 | ||
Title: | Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the igmp_marksources function, which does not properly validate IGMP message parameters and performs an out-of-bounds read. | ||
Description: | Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the igmp_marksources function, which does not properly validate IGMP message parameters and performs an out-of-bounds read. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-1137 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11384 | |||
Oval ID: | oval:org.mitre.oval:def:11384 | ||
Title: | A "missing serialization" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, allows local users to gain privileges via a race condition. | ||
Description: | A "missing serialization" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, allows local users to gain privileges via a race condition. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-1068 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11816 | |||
Oval ID: | oval:org.mitre.oval:def:11816 | ||
Title: | The scm_send function in the scm layer for Linux kernel 2.4.x up to 2.4.28, and 2.6.x up to 2.6.9, allows local users to cause a denial of service (system hang) via crafted auxiliary messages that are passed to the sendmsg function, which causes a deadlock condition. | ||
Description: | The scm_send function in the scm layer for Linux kernel 2.4.x up to 2.4.28, and 2.6.x up to 2.6.9, allows local users to cause a denial of service (system hang) via crafted auxiliary messages that are passed to the sendmsg function, which causes a deadlock condition. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-1016 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9795 | |||
Oval ID: | oval:org.mitre.oval:def:9795 | ||
Title: | Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not properly check the DMA lock, which could allow remote attackers or local users to cause a denial of service (X Server crash) and possibly modify the video output. | ||
Description: | Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not properly check the DMA lock, which could allow remote attackers or local users to cause a denial of service (X Server crash) and possibly modify the video output. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-1056 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for Linux kernel File : nvt/sles9p5011171.nasl |
2009-10-10 | Name : SLES9: Security update for Linux kernel File : nvt/sles9p5019053.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1018-1 (kernel-source-2.4.27) File : nvt/deb_1018_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1018-2 (kernel-source-2.4.27) File : nvt/deb_1018_2.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1067-1 (kernel 2.4.16) File : nvt/deb_1067_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1070-1 (kernel-source-2.4.19,kernel-image-sparc-... File : nvt/deb_1070_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1082-1 (kernel-2.4.17) File : nvt/deb_1082_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
12562 | Linux Kernel Spawning Process Environment Variable Disclosure |
12561 | Linux Kernel Direct Rendering Manager (DRM) X Server DoS |
12527 | Linux Kernel scm_send() Function Local DoS |
12388 | Linux Kernel IGMP igmp_marksources() Function Remote DoS |
12387 | Linux Kernel IGMP ip_mc_msfget / ip_mc_gsfget Function Arbitrary Memory Read |
12386 | Linux Kernel IGMP ip_mc_source() Function Arbitrary Memory Overwrite |
12284 | Linux Kernel sys32_vm86_warning Function Local Overflow A local overflow exists in the Linux kernel. The sys32_vm86_warning function of the kernel fails to perform correct bounds checking resulting in a buffer overflow. With a specially crafted request, an attacker can possibly execute arbitrary code or perform a denial of service attack resulting in a loss of integrity or availability. |
12283 | Linux Kernel sys32_ni_syscall Function Local Overflow A local overflow exists in the linux kernel. The issue is due to function "sys32_ni_syscall()" copying a 16 chars variable "task_struct.comm" to a static 8 byte buffer, resulting in a buffer overflow. With a specially crafted request, an attacker can cause a denial of service or execute arbitrary code on the system, resulting in a loss of availability or integrity. |
12271 | SELinux Kernel sock_dgram_sendmsg Function Race Condition DoS |
11996 | Linux Kernel unix_dgram_recvmsg() Local Privilege Escalation |
11045 | Linux Kernel PPP/Terminal Subsystem Denial of Service The Linux kernel's PPP subsystem contains a flaw that may allow a malicious user to crash a remote host. This is due to a race condition in the PPP system -- if an attacker connects via PPP and then issues the command to switch from console to terminal mode and then sends data at precisely the right moment so that it arrives as the line is making the disclipline switch, the condition will be triggered. It is likely that the flaw will cause an operating system lock, resulting in a loss of availability. |
11044 | Linux Kernel Terminal Subsystem TIOCSETLD Call Memory Disclosure |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1018.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1067.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1069.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1070.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1082.nasl - Type : ACT_GATHER_INFO |
2006-07-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-293.nasl - Type : ACT_GATHER_INFO |
2006-07-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-663.nasl - Type : ACT_GATHER_INFO |
2006-02-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2006-0191.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-47-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-38-1.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-663.nasl - Type : ACT_GATHER_INFO |
2005-08-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-529.nasl - Type : ACT_GATHER_INFO |
2005-07-01 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-110.nasl - Type : ACT_GATHER_INFO |
2005-04-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-293.nasl - Type : ACT_GATHER_INFO |
2005-03-25 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_018.nasl - Type : ACT_GATHER_INFO |
2005-02-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-092.nasl - Type : ACT_GATHER_INFO |
2005-02-03 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2004_044.nasl - Type : ACT_GATHER_INFO |
2005-01-26 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-022.nasl - Type : ACT_GATHER_INFO |
2005-01-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-016.nasl - Type : ACT_GATHER_INFO |
2005-01-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-043.nasl - Type : ACT_GATHER_INFO |
2005-01-04 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-582.nasl - Type : ACT_GATHER_INFO |
2005-01-04 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-581.nasl - Type : ACT_GATHER_INFO |
2004-12-27 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-689.nasl - Type : ACT_GATHER_INFO |
2004-12-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-505.nasl - Type : ACT_GATHER_INFO |
2004-12-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-549.nasl - Type : ACT_GATHER_INFO |
2004-12-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-537.nasl - Type : ACT_GATHER_INFO |
2004-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200408-24.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:03:56 |
|
2013-05-11 12:25:40 |
|