Ubuntu Update For Linux-lts-backport-natty USN-1538-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1538-1

Solution

Please Install the Updated Packages.

Insight

An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. (CVE-2012-2136) A flaw was found in the Linux kernel's Reliable Datagram Sockets (RDS) protocol implementation. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2012-2372) An error was discovered in the Linux kernel's memory subsystem (hugetlb). An unprivileged local user could exploit this flaw to cause a denial of service (crash the system). (CVE-2012-2390)

Affected

linux-lts-backport-natty on Ubuntu 10.04 LTS

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2012-August/001791.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-2136, CVE-2012-2372, CVE-2012-2390

CVSS	Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Ubuntu Update for linux-lts-backport-natty USN-1538-1

Take action and discover your vulnerabilities