Ubuntu 10.04 LTS : linux-lts-backport-oneiric vulnerabilities (USN-1384-1)

Ubuntu Security Notice (C) 2012-2013 Canonical, Inc. / NASL script (C) 2012-2013 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing one or more security-related patches.

Description :

A bug was discovered in the Linux kernel's calculation of OOM (Out of
memory) scores, that would result in the wrong process being killed. A
user could use this to kill the process with the highest OOM score,
even if that process belongs to another user or the system.
(CVE-2011-4097)

Paolo Bonzini discovered a flaw in Linux's handling of the SG_IO ioctl
command. A local user, or user in a VM could exploit this flaw to
bypass restrictions and gain read/write access to all data on the
affected block device. (CVE-2011-4127)

A flaw was found in KVM's Programmable Interval Timer (PIT). When a
virtual interrupt control is not available a local user could use this
to cause a denial of service by starting a timer. (CVE-2011-4622)

A flaw was discovered in the XFS filesystem. If a local user mounts a
specially crafted XFS image it could potential execute arbitrary code
on the system. (CVE-2012-0038)

Andy Whitcroft discovered a that the Overlayfs filesystem was not
doing the extended permission checks needed by cgroups and Linux
Security Modules (LSMs). A local user could exploit this to by-pass
security policy and access files that should not be accessible.
(CVE-2012-0055)

A flaw was found in the linux kernels IPv4 IGMP query processing. A
remote attacker could exploit this to cause a denial of service.
(CVE-2012-0207)

A flaw was found in the Linux kernel's ext4 file system when mounting
a corrupt filesystem. A user-assisted remote attacker could exploit
this flaw to cause a denial of service. (CVE-2012-2100).

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 6.1
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Ubuntu Local Security Checks

Nessus Plugin ID: 58265 ()

Bugtraq ID: 50459
51343
51529

CVE ID: CVE-2011-4097
CVE-2011-4127
CVE-2011-4622
CVE-2012-0038
CVE-2012-0055
CVE-2012-0207
CVE-2012-2100