Summary
Ubuntu Update for Linux kernel vulnerabilities USN-909-1
Solution
Please Install the Updated Packages.
Insight
William Grant discovered that dpkg-source did not safely apply diffs when unpacking source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of service or potentially gaining access to the system.
Affected
dpkg vulnerability on Ubuntu 6.06 LTS ,
Ubuntu 8.04 LTS ,
Ubuntu 8.10 ,
Ubuntu 9.04 ,
Ubuntu 9.10
Severity
Classification
-
CVE CVE-2010-0396 -
CVSS Base Score: 5.8
AV:N/AC:M/Au:N/C:N/I:P/A:P
Related Vulnerabilities