Executive Summary
Summary | |
---|---|
Title | Linux kernel vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-1422-1 | First vendor Publication | 2012-04-12 |
Vendor | Ubuntu | Last vendor Modification | 2012-04-12 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.04 Summary: Several security issues were fixed in the kernel. Software Description: - linux: Linux kernel Details: Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the Linux kernel. A local user could use this flaw to crash the system causing a denial of service. (CVE-2011-4347) Stephan Bärwolf discovered a flaw in the KVM (kernel-based virtual machine) subsystem of the Linux kernel. A local unprivileged user can crash use this flaw to crash VMs causing a deny of service. (CVE-2012-0045) H. Peter Anvin reported a flaw in the Linux kernel that could crash the system. A local user could exploit this flaw to crash the system. (CVE-2012-1097) A flaw was discovered in the Linux kernel's cgroups subset. A local attacker could use this flaw to crash the system. (CVE-2012-1146) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.04: After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well. References: Package Information: |
Original Source
Url : http://www.ubuntu.com/usn/USN-1422-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
67 % | CWE-476 | NULL Pointer Dereference |
33 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:15254 | |||
Oval ID: | oval:org.mitre.oval:def:15254 | ||
Title: | DSA-2443-1 linux-2.6 -- privilege escalation/denial of service | ||
Description: | Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-4307 Nageswara R Sastry reported an issue in the ext4 filesystem. Local users with the privileges to mount a filesystem can cause a denial of service by providing a s_log_groups_per_flex value greater than 31. CVE-2011-1833 Vasiliy Kulikov of Openwall and Dan Rosenberg discovered an information leak in the eCryptfs filesystem. Local users were able to mount arbitrary directories. CVE-2011-4347 Sasha Levin reported an issue in the device assignment functionality in KVM. Local users with permission to access /dev/kvm could assign unused pci devices to a guest and cause a denial of service. CVE-2012-0045 Stephan Barwolf reported an issue in KVM. Local users in a 32-bit guest running on a 64-bit system can crash the guest with a syscall instruction. CVE-2012-1090 CAI Qian reported an issue in the CIFS filesystem. A reference count leak can occur during the lookup of special files, resulting in a denial of service on umount. CVE-2012-1097 H. Peter Anvin reported an issue in the regset infrastructure. Local users can cause a denial of service by triggering the write methods of readonly regsets. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2443-1 CVE-2009-4307 CVE-2011-1833 CVE-2011-4347 CVE-2012-0045 CVE-2012-1090 CVE-2012-1097 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | linux-2.6 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:17570 | |||
Oval ID: | oval:org.mitre.oval:def:17570 | ||
Title: | USN-1421-1 -- linux-lts-backport-maverick vulnerabilities | ||
Description: | Several security issues were fixed in the kernel. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1421-1 CVE-2011-4347 CVE-2012-0045 CVE-2012-1097 CVE-2012-1146 | Version: | 7 |
Platform(s): | Ubuntu 10.04 | Product(s): | linux-lts-backport-maverick |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26931 | |||
Oval ID: | oval:org.mitre.oval:def:26931 | ||
Title: | DEPRECATED: ELSA-2012-0481 -- kernel security, bug fix, and enhancement update (moderate) | ||
Description: | [2.6.32-220.13.1.el6] - Revert: [fs] NFSv4: include bitmap in nfsv4 get acl data (Sachin Prabhu) [753231 753232] {CVE-2011-4131} [2.6.32-220.12.1.el6] - [net] net_sched: qdisc_alloc_handle() can be too slow (Jiri Pirko) [805458 785891] - [fs] procfs: add hidepid= and gid= mount options (Jerome Marchand) [770651 770652] - [fs] procfs: parse mount options (Jerome Marchand) [770651 770652] - [fs] fuse: add O_DIRECT support (Josef Bacik) [800552 753798] - [kernel] sysctl: restrict write access to dmesg_restrict (Phillip Lougher) [749248 749251] - [block] dm io: fix discard support (Mike Snitzer) [799943 758404] - [net] netlink: wrong size was calculated for vfinfo list blob (Andy Gospodarek) [790338 772136] - [netdrv] mlx4_en: fix endianness with blue frame support (Steve Best) [789911 750166] - [usb] Fix deadlock in hid_reset when Dell iDRAC is reset (Shyam Iyer) [797205 782374] - [virt] vmxnet3: Cap the length of the pskb_may_pull on transmit (bz 790673) (Neil Horman) [801723 790673] - [scsi] megaraid_sas: Fix instance access in megasas_reset_timer (Tomas Henzl) [790341 759318] - [netdrv] macvtap: Fix the minor device number allocation (Steve Best) [796828 786518] - [net] tcp: bind() fix autoselection to share ports (Flavio Leitner) [787764 784671] - [fs] cifs: change oplock break slow work to very slow work (Jeff Layton) [789373 772874] - [net] sunrpc: remove xpt_pool (J. Bruce Fields) [795338 753301] - [net] Potential null skb->dev dereference (Flavio Leitner) [795335 769590] - [net] pkt_sched: Fix sch_sfq vs tcf_bind_filter oops (Jiri Pirko) [786873 667925] - [net] mac80211: cancel auth retries when deauthenticating (John Linville) [797241 754356] | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0481 CVE-2012-0879 CVE-2012-1090 CVE-2012-1097 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27813 | |||
Oval ID: | oval:org.mitre.oval:def:27813 | ||
Title: | ELSA-2012-0149 -- kvm security and bug fix update (moderate) | ||
Description: | [kvm-83-249.0.1.el5] - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch - modify kversion to fix build failure [kvm-83-249.el5] - kvm-kernel-KVM-x86-Prevent-starting-PIT-timers-in-the-absence-o.patch [bz#770101] - CVE: CVE-2011-4622 - Resolves: bz#770101 (CVE-2011-4622 kernel: kvm: pit timer with no irqchip crashes the system [rhel-5.8]) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0149 CVE-2011-4347 | Version: | 3 |
Platform(s): | Oracle Linux 5 | Product(s): | kvm |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2013-09-18 | Name : Debian Security Advisory DSA 2443-1 (linux-2.6 - privilege escalation/denial ... File : nvt/deb_2443_1.nasl |
2012-12-18 | Name : Fedora Update for kernel FEDORA-2012-20240 File : nvt/gb_fedora_2012_20240_kernel_fc16.nasl |
2012-11-29 | Name : Fedora Update for kernel FEDORA-2012-18691 File : nvt/gb_fedora_2012_18691_kernel_fc16.nasl |
2012-11-06 | Name : Fedora Update for kernel FEDORA-2012-17479 File : nvt/gb_fedora_2012_17479_kernel_fc16.nasl |
2012-09-04 | Name : Fedora Update for kernel FEDORA-2012-12684 File : nvt/gb_fedora_2012_12684_kernel_fc16.nasl |
2012-08-06 | Name : Fedora Update for kernel FEDORA-2012-11348 File : nvt/gb_fedora_2012_11348_kernel_fc16.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2012:0481 centos6 File : nvt/gb_CESA-2012_0481_kernel_centos6.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2012:0350 centos6 File : nvt/gb_CESA-2012_0350_kernel_centos6.nasl |
2012-07-09 | Name : RedHat Update for kernel RHSA-2012:0350-01 File : nvt/gb_RHSA-2012_0350-01_kernel.nasl |
2012-07-09 | Name : RedHat Update for kernel RHSA-2012:0481-01 File : nvt/gb_RHSA-2012_0481-01_kernel.nasl |
2012-06-25 | Name : Fedora Update for kernel FEDORA-2012-8931 File : nvt/gb_fedora_2012_8931_kernel_fc15.nasl |
2012-06-15 | Name : Fedora Update for kernel FEDORA-2012-8890 File : nvt/gb_fedora_2012_8890_kernel_fc16.nasl |
2012-06-01 | Name : Ubuntu Update for linux-ti-omap4 USN-1458-1 File : nvt/gb_ubuntu_USN_1458_1.nasl |
2012-05-17 | Name : Fedora Update for kernel FEDORA-2012-7594 File : nvt/gb_fedora_2012_7594_kernel_fc15.nasl |
2012-05-14 | Name : Fedora Update for kernel FEDORA-2012-7538 File : nvt/gb_fedora_2012_7538_kernel_fc16.nasl |
2012-05-11 | Name : Ubuntu Update for linux-lts-backport-natty USN-1440-1 File : nvt/gb_ubuntu_USN_1440_1.nasl |
2012-05-04 | Name : Ubuntu Update for linux USN-1431-1 File : nvt/gb_ubuntu_USN_1431_1.nasl |
2012-05-04 | Name : Ubuntu Update for linux-lts-backport-oneiric USN-1433-1 File : nvt/gb_ubuntu_USN_1433_1.nasl |
2012-04-26 | Name : Ubuntu Update for linux-ec2 USN-1426-1 File : nvt/gb_ubuntu_USN_1426_1.nasl |
2012-04-26 | Name : Ubuntu Update for linux USN-1425-1 File : nvt/gb_ubuntu_USN_1425_1.nasl |
2012-04-26 | Name : Fedora Update for kernel FEDORA-2012-6406 File : nvt/gb_fedora_2012_6406_kernel_fc15.nasl |
2012-04-13 | Name : Ubuntu Update for linux USN-1422-1 File : nvt/gb_ubuntu_USN_1422_1.nasl |
2012-04-13 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1421-1 File : nvt/gb_ubuntu_USN_1421_1.nasl |
2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-0876 File : nvt/gb_fedora_2012_0876_kernel_fc16.nasl |
2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-0363 File : nvt/gb_fedora_2012_0363_kernel_fc16.nasl |
2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-0480 File : nvt/gb_fedora_2012_0480_kernel_fc16.nasl |
2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-3712 File : nvt/gb_fedora_2012_3712_kernel_fc16.nasl |
2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-3030 File : nvt/gb_fedora_2012_3030_kernel_fc16.nasl |
2012-03-29 | Name : Fedora Update for kernel FEDORA-2012-3715 File : nvt/gb_fedora_2012_3715_kernel_fc15.nasl |
2012-03-29 | Name : Ubuntu Update for linux USN-1405-1 File : nvt/gb_ubuntu_USN_1405_1.nasl |
2012-03-29 | Name : Ubuntu Update for linux USN-1406-1 File : nvt/gb_ubuntu_USN_1406_1.nasl |
2012-03-29 | Name : Ubuntu Update for linux USN-1407-1 File : nvt/gb_ubuntu_USN_1407_1.nasl |
2012-03-29 | Name : Ubuntu Update for linux-lts-backport-oneiric USN-1409-1 File : nvt/gb_ubuntu_USN_1409_1.nasl |
2012-03-22 | Name : Fedora Update for kernel FEDORA-2012-4410 File : nvt/gb_fedora_2012_4410_kernel_fc16.nasl |
2012-03-19 | Name : Fedora Update for kernel FEDORA-2012-1497 File : nvt/gb_fedora_2012_1497_kernel_fc16.nasl |
2012-03-19 | Name : Fedora Update for kernel FEDORA-2012-3350 File : nvt/gb_fedora_2012_3350_kernel_fc16.nasl |
2012-03-16 | Name : Fedora Update for kernel FEDORA-2012-3356 File : nvt/gb_fedora_2012_3356_kernel_fc15.nasl |
2012-03-07 | Name : Ubuntu Update for linux USN-1389-1 File : nvt/gb_ubuntu_USN_1389_1.nasl |
2012-03-07 | Name : Fedora Update for kernel FEDORA-2012-2753 File : nvt/gb_fedora_2012_2753_kernel_fc15.nasl |
2012-02-13 | Name : Fedora Update for kernel FEDORA-2012-1503 File : nvt/gb_fedora_2012_1503_kernel_fc15.nasl |
2012-01-25 | Name : Fedora Update for kernel FEDORA-2012-0861 File : nvt/gb_fedora_2012_0861_kernel_fc15.nasl |
2012-01-16 | Name : Fedora Update for kernel FEDORA-2012-0492 File : nvt/gb_fedora_2012_0492_kernel_fc15.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
78264 | Linux Kernel KVM syscall Instruction Executable Handling Local DoS |
77626 | Linux Kernel kvm_vm_ioctl_assign_device Function /dev/kym Local DoS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0042.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0422.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0168.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0531.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-756.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-342.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-235.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-55.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0149.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0350.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0481.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-2003.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-2007.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-2008.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-120428.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0149.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1042.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120306_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120221_kvm_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-06-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1458-1.nasl - Type : ACT_GATHER_INFO |
2012-05-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1440-1.nasl - Type : ACT_GATHER_INFO |
2012-05-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1433-1.nasl - Type : ACT_GATHER_INFO |
2012-05-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1431-1.nasl - Type : ACT_GATHER_INFO |
2012-04-25 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1426-1.nasl - Type : ACT_GATHER_INFO |
2012-04-25 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1425-1.nasl - Type : ACT_GATHER_INFO |
2012-04-20 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0481.nasl - Type : ACT_GATHER_INFO |
2012-04-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0481.nasl - Type : ACT_GATHER_INFO |
2012-04-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1421-1.nasl - Type : ACT_GATHER_INFO |
2012-04-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1422-1.nasl - Type : ACT_GATHER_INFO |
2012-03-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1409-1.nasl - Type : ACT_GATHER_INFO |
2012-03-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1407-1.nasl - Type : ACT_GATHER_INFO |
2012-03-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1406-1.nasl - Type : ACT_GATHER_INFO |
2012-03-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1405-1.nasl - Type : ACT_GATHER_INFO |
2012-03-27 | Name : The remote Fedora host is missing a security update. File : fedora_2012-3715.nasl - Type : ACT_GATHER_INFO |
2012-03-27 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2443.nasl - Type : ACT_GATHER_INFO |
2012-03-19 | Name : The remote Fedora host is missing a security update. File : fedora_2012-3712.nasl - Type : ACT_GATHER_INFO |
2012-03-15 | Name : The remote Fedora host is missing a security update. File : fedora_2012-3356.nasl - Type : ACT_GATHER_INFO |
2012-03-12 | Name : The remote Fedora host is missing a security update. File : fedora_2012-3350.nasl - Type : ACT_GATHER_INFO |
2012-03-08 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0350.nasl - Type : ACT_GATHER_INFO |
2012-03-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1389-1.nasl - Type : ACT_GATHER_INFO |
2012-03-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0350.nasl - Type : ACT_GATHER_INFO |
2012-01-16 | Name : The remote Fedora host is missing a security update. File : fedora_2012-0480.nasl - Type : ACT_GATHER_INFO |
2012-01-16 | Name : The remote Fedora host is missing a security update. File : fedora_2012-0363.nasl - Type : ACT_GATHER_INFO |
2012-01-16 | Name : The remote Fedora host is missing a security update. File : fedora_2012-0492.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:59:58 |
|
2013-06-08 17:23:01 |
|