Ubuntu Security Notice (C) 2004-2013 Canonical, Inc. / NASL script (C) 2006-2013 Tenable Network Security, Inc.
The remote Ubuntu host is missing one or more security-related patches.
Georgi Guninski discovered two Denial of Service vulnerabilities in
the Linux kernel.
An integer overflow in the vc_resize() function caused the memory
allocation for the new screen being too short, thus causing a buffer
overflow and a kernel crash.
There was also a memory leak in the ip_options_get() function. Calling
ip_cmsg_send() very often would gradually exhaust memory.
Note: The original advisory (see URL above) also mentions a
'ip_options_get integer overflow'. This was already fixed in USN-38-1
(known as CAN-2004-1016).
Update the affected packages.
Risk factor :
Low / CVSS Base Score : 2.1
Family: Ubuntu Local Security Checks
Nessus Plugin ID: 20664 ()
CVE ID: CVE-2004-1016