oval:org.mitre.oval:def:13816

Definition Id: oval:org.mitre.oval:def:13816
 
Oval ID: oval:org.mitre.oval:def:13816
Title: USN-752-1 -- linux-source-2.6.15 vulnerabilities
Description: NFS did not correctly handle races between fcntl and interrupts. A local attacker on an NFS mount could consume unlimited kernel memory, leading to a denial of service. Sparc syscalls did not correctly check mmap regions. A local attacker could cause a system panic, leading to a denial of service. In certain situations, cloned processes were able to send signals to parent processes, crossing privilege boundaries. A local attacker could send arbitrary signals to parent processes, leading to a denial of service. The 64-bit syscall interfaces did not correctly handle sign extension. A local attacker could make malicious syscalls, possibly gaining root privileges. The x86_64 architecture was not affected. The SCTP stack did not correctly validate FORWARD-TSN packets. A remote attacker could send specially crafted SCTP traffic causing a system crash, leading to a denial of service. The Dell platform device did not correctly validate user parameters. A local attacker could perform specially crafted reads to crash the system, leading to a denial of service. Network interfaces statistics for the SysKonnect FDDI driver did not check capabilities. A local user could reset statistics, potentially interfering with packet accounting systems. The getsockopt function did not correctly clear certain parameters. A local attacker could read leaked kernel memory, leading to a loss of privacy. The syscall interface did not correctly validate parameters when crossing the 64-bit/32-bit boundary. A local attacker could bypass certain syscall restricts via crafted syscalls. The shared memory subsystem did not correctly handle certain shmctl calls when CONFIG_SHMEM was disabled. Ubuntu kernels were not vulnerable, since CONFIG_SHMEM is enabled by default
Family: unix Class: patch
Reference(s): USN-752-1
CVE-2008-4307
CVE-2008-6107
CVE-2009-0028
CVE-2009-0029
CVE-2009-0065
CVE-2009-0322
CVE-2009-0675
CVE-2009-0676
CVE-2009-0834
CVE-2009-0835
CVE-2009-0859
Version: 7
Platform(s): Ubuntu 6.06
Product(s): linux-source-2.6.15
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13319
 
Oval ID: oval:org.mitre.oval:def:13319
Title: Ubuntu 6.06 is installed
Description: Ubuntu 6.06 is installed
Family: unix Class: inventory
Reference(s): cpe:/o:ubuntu:ubuntu_linux:6.06
Version: 3
Platform(s): Ubuntu 6.06
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:13816