Ubuntu Update For Linux-source-2.6.15 Vulnerabilities USN-1057-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1057-1

Solution

Please Install the Updated Packages.

Insight

Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. (CVE-2010-2943) Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3297) Kees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4072)

Affected

linux-source-2.6.15 vulnerabilities on Ubuntu 6.06 LTS

Severity

Classification

CVE CVE-2010-2943, CVE-2010-3297, CVE-2010-4072

CVSS	Base Score: 7.9 AV:N/AC:M/Au:S/C:C/I:C/A:N

Related Vulnerabilities

Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1057-1

Take action and discover your vulnerabilities