Ubuntu Update For Linux-lts-backport-oneiric USN-1788-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Emese Revfy discovered that in the Linux kernel signal handlers could leak address information across an exec, making it possible to bypass ASLR (Address Space Layout Randomization). A local user could use this flaw to bypass ASLR to reliably deliver an exploit payload that would otherwise be stopped (by ASLR). (CVE-2013-0914) A memory use after free error was discovered in the Linux kernel's tmpfs filesystem. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). (CVE-2013-1767) Mateusz Guzik discovered a race in the Linux kernel's keyring. A local user could exploit this flaw to cause a denial of service (system crash). (CVE-2013-1792)

Affected

linux-lts-backport-oneiric on Ubuntu 10.04 LTS

Severity

Classification

CVE CVE-2013-0914, CVE-2013-1767, CVE-2013-1792

CVSS	Base Score: 6.2 AV:L/AC:H/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Ubuntu Update for awstats vulnerability USN-1047-1
Ubuntu Update for apt-xapian-index USN-1955-1
Ubuntu Update for dovecot USN-2213-1
Ubuntu Update for dbus USN-2352-1
Ubuntu Update for cmake vulnerabilities USN-890-6

Ubuntu Update for linux-lts-backport-oneiric USN-1788-1

Take action and discover your vulnerabilities