Ubuntu 6.06 LTS / 7.10 / 8.04 LTS : linux, linux-source-2.6.15/22 vulnerabilities (USN-659-1)

Ubuntu Security Notice (C) 2008-2013 Canonical, Inc. / NASL script (C) 2009-2013 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing one or more security-related patches.

Description :

It was discovered that the direct-IO subsystem did not correctly
validate certain structures. A local attacker could exploit this to
cause a system crash, leading to a denial of service. (CVE-2007-6716)

It was discovered that the disabling of the ZERO_PAGE optimization
could lead to large memory consumption. A local attacker could exploit
this to allocate all available memory, leading to a denial of service.
(CVE-2008-2372)

It was discovered that the Datagram Congestion Control Protocol (DCCP)
did not correctly validate its arguments. If DCCP was in use, a remote
attacker could send specially crafted network traffic and cause a
system crash, leading to a denial of service. (CVE-2008-3276)

It was discovered that the SBNI WAN driver did not correctly check for
the NET_ADMIN capability. A malicious local root user lacking
CAP_NET_ADMIN would be able to change the WAN device configuration,
leading to a denial of service. (CVE-2008-3525)

It was discovered that the Stream Control Transmission Protocol (SCTP)
did not correctly validate the key length in the SCTP_AUTH_KEY option.
If SCTP is in use, a remote attacker could send specially crafted
network traffic that would crash the system, leading to a denial of
service. (CVE-2008-3526)

It was discovered that the tmpfs implementation did not correctly
handle certain sequences of inode operations. A local attacker could
exploit this to crash the system, leading to a denial of service.
(CVE-2008-3534)

It was discovered that the readv/writev functions did not correctly
handle certain sequences of file operations. A local attacker could
exploit this to crash the system, leading to a denial of service.
(CVE-2008-3535)

It was discovered that SCTP did not correctly validate its userspace
arguments. A local attacker could call certain sctp_* functions with
malicious options and cause a system crash, leading to a denial of
service. (CVE-2008-3792, CVE-2008-4113, CVE-2008-4445)

It was discovered the the i915 video driver did not correctly validate
memory addresses. A local attacker could exploit this to remap memory
that could cause a system crash, leading to a denial of service.
(CVE-2008-3831)

Johann Dahm and David Richter discovered that NFSv4 did not correctly
handle certain file ACLs. If NFSv4 is in use, a local attacker could
create a malicious ACL that could cause a system crash, leading to a
denial of service. (CVE-2008-3915).

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)