Summary
Ubuntu Update for Linux kernel vulnerabilities USN-1272-1
Solution
Please Install the Updated Packages.
Insight
It was discovered that CIFS incorrectly handled authentication. When a user had a CIFS share mounted that required authentication, a local user could mount the same share without knowing the correct password. (CVE-2011-1585)
Andrea Righi discovered a race condition in the KSM memory merging support.
If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-2183)
Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. (CVE-2011-2491)
Robert Swiecki discovered that mapping extensions were incorrectly handled.
A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-2496)
It was discovered that the wireless stack incorrectly verified SSID lengths. A local attacker could exploit this to cause a denial of service or gain root privileges. (CVE-2011-2517)
Affected
linux on Ubuntu 10.10
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2011-1585, CVE-2011-2183, CVE-2011-2491, CVE-2011-2496, CVE-2011-2517 -
CVSS Base Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities