Ubuntu Security Notice (C) 2007-2013 Canonical, Inc. / NASL script (C) 2007-2013 Tenable Network Security, Inc.
The remote Ubuntu host is missing one or more security-related patches.
USN-464-1 fixed several vulnerabilities in the Linux kernel. Some
additional code changes were accidentally included in the Feisty
update which caused trouble for some people who were not using
UUID-based filesystem mounts. These changes have been reverted. We
apologize for the inconvenience. For more information see:
Ilja van Sprundel discovered that Bluetooth setsockopt calls could
leak kernel memory contents via an uninitialized stack buffer. A local
attacker could exploit this flaw to view sensitive kernel information.
The GEODE-AES driver did not correctly initialize its encryption key.
Any data encrypted using this type of device would be easily
The random number generator was hashing a subset of the available
entropy, leading to slightly less random numbers. Additionally,
systems without an entropy source would be seeded with the same inputs
at boot time, leading to a repeatable series of random numbers.
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 5.0