oval:org.mitre.oval:def:27018
Definition Id: oval:org.mitre.oval:def:27018 | |||
Oval ID: | oval:org.mitre.oval:def:27018 | ||
Title: | USN-1946-1 -- Linux kernel (OMAP4) vulnerabilities | ||
Description: | A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service by creating a large number of files with names that have the same CRC32 hash value. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2012-5374">CVE-2012-5374</a>) A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service (prevent file creation) for a victim, by creating a file with a specific CRC32C hash value in a directory important to the victim. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2012-5375">CVE-2012-5375</a>) Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows for privilege escalation. A local user could exploit this flaw to run commands as root when using the perf tool. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2013-1060">CVE-2013-1060</a>) A flaw was discovered in the Xen subsystem of the Linux kernel when it provides read-only access to a disk that supports TRIM or SCSI UNMAP to a guest OS. A privileged user in the guest OS could exploit this flaw to destroy data on the disk, even though the guest OS should not be able to write to the disk. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2013-2140">CVE-2013-2140</a>) A flaw was discovered in the Linux kernel when an IPv6 socket is used to connect to an IPv4 destination. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2013-2232">CVE-2013-2232</a>) An information leak was discovered in the IPSec key_socket implementation in the Linux kernel. An local user could exploit this flaw to examine potentially sensitive information in kernel memory. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2013-2234">CVE-2013-2234</a>) Hannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option in the Linux kernel's IPv6 stack. A local user could exploit this flaw to cause a denial of service (system crash). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2013-4162">CVE-2013-4162</a>) Hannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the Linux kernel when the IPV6_MTU setsockopt option has been specified in combination with the UDP_CORK option. A local user could exploit this flaw to cause a denial of service (system crash). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2013-4163">CVE-2013-4163</a>) | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1946-1 CVE-2012-5374 CVE-2012-5375 CVE-2013-1060 CVE-2013-2140 CVE-2013-2232 CVE-2013-2234 CVE-2013-4162 CVE-2013-4163 | Version: | 3 |
Platform(s): | Ubuntu 13.04 | Product(s): | linux-ti-omap4 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16014 | |||
Oval ID: | oval:org.mitre.oval:def:16014 | ||
Title: | Ubuntu 13.04 is installed | ||
Description: | Ubuntu 13.04 is installed | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:canonical:ubuntu_linux:13.04 | Version: | 5 |
Platform(s): | Ubuntu 13.04 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:27018 |