Ubuntu 4.10 : linux-source-2.6.8.1 vulnerabilities (USN-60-0)

Ubuntu Security Notice (C) 2005-2013 Canonical, Inc. / NASL script (C) 2006-2013 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing one or more security-related patches.

Description :

CAN-2005-0001 :

Paul Starzetz discovered a race condition in the Linux page fault
handler code. This allowed an unprivileged user to gain root
privileges on multiprocessor machines under some circumstances. This
also affects the Hyper-Threading mode on Pentium 4 processors.

http://lists.netsys.com/pipermail/full-disclosure/2005-January/030660.
html :

Brad Spengler discovered that some device drivers used
copy_from_user() (a function to copy data from userspace tools into
kernel memory) with insufficient input validation. This potentially
allowed users and/or malicious hardware to overwrite kernel memory
which could result in a crash (Denial of Service) or even root
privilege escalation.

Additionally, this update corrects the SMB file system driver.
USN-30-1 fixed some vulnerabilities in this driver (see CAN-2004-0883,
CAN-2004-0949). However, it was found that these new validation checks
were too strict, which cause some valid operations to fail.

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 6.9
(CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C)

Family: Ubuntu Local Security Checks

Nessus Plugin ID: 20679 ()

Bugtraq ID:

CVE ID: CVE-2004-0883
CVE-2004-0949
CVE-2005-0001