oval:org.mitre.oval:def:13805

Definition Id: oval:org.mitre.oval:def:13805
 
Oval ID: oval:org.mitre.oval:def:13805
Title: USN-1089-1 -- linux, linux-ec2 vulnerabilities
Description: Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the socket filters did not correctly initialize structure memory. A local attacker could create malicious filters to read portions of kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that certain iovec operations did not calculate page counts correctly. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the SCSI subsystem did not correctly validate iov segments. A local attacker with access to a SCSI device could send specially crafted requests to crash the system, leading to a denial of service. Dan Rosenberg discovered that the RDS protocol did not correctly check ioctl arguments. A local attacker could exploit this to crash the system, leading to a denial of service. Alan Cox discovered that the HCI UART driver did not correctly check if a write operation was available. If the mmap_min-addr sysctl was changed from the Ubuntu default to a value of 0, a local attacker could exploit this flaw to gain root privileges
Family: unix Class: patch
Reference(s): USN-1089-1
CVE-2010-4075
CVE-2010-4076
CVE-2010-4077
CVE-2010-4158
CVE-2010-4162
CVE-2010-4163
CVE-2010-4175
CVE-2010-4242
Version: 5
Platform(s): Ubuntu 9.10
Product(s): linux
linux-ec2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13079
 
Oval ID: oval:org.mitre.oval:def:13079
Title: Ubuntu 9.10 is installed
Description: Ubuntu 9.10 is installed
Family: unix Class: inventory
Reference(s): cpe:/o:canonical:ubuntu_linux:9.10
Version: 5
Platform(s): Ubuntu 9.10
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:13805