Ubuntu Security Notice (C) 2012-2013 Canonical, Inc. / NASL script (C) 2012-2013 Tenable Network Security, Inc.
The remote Ubuntu host is missing one or more security-related patches.
A bug was discovered in the Linux kernel's calculation of OOM (Out of
memory) scores, that would result in the wrong process being killed. A
user could use this to kill the process with the highest OOM score,
even if that process belongs to another user or the system.
A flaw was found in KVM's Programmable Interval Timer (PIT). When a
virtual interrupt control is not available a local user could use this
to cause a denial of service by starting a timer. (CVE-2011-4622)
A flaw was discovered in the XFS filesystem. If a local user mounts a
specially crafted XFS image it could potential execute arbitrary code
on the system. (CVE-2012-0038)
Andy Whitcroft discovered a that the Overlayfs filesystem was not
doing the extended permission checks needed by cgroups and Linux
Security Modules (LSMs). A local user could exploit this to by-pass
security policy and access files that should not be accessible.
A flaw was found in the linux kernels IPv4 IGMP query processing. A
remote attacker could exploit this to cause a denial of service.
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.1
Public Exploit Available : true
Family: Ubuntu Local Security Checks
Nessus Plugin ID: 57937 ()
Bugtraq ID: 5134351529
CVE ID: CVE-2011-4097CVE-2011-4622CVE-2012-0038CVE-2012-0055CVE-2012-0207
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.