Ubuntu Security Notice (C) 2012-2013 Canonical, Inc. / NASL script (C) 2012-2013 Tenable Network Security, Inc.
The remote Ubuntu host is missing one or more security-related patches.
The linux kernel did not properly account for PTE pages when deciding
which task to kill in out of memory conditions. A local, unprivileged
could exploit this flaw to cause a denial of service. (CVE-2011-2498)
A flaw was discovered in the TOMOYO LSM's handling of mount system
calls. An unprivileged user could oops the system causing a denial of
Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local
user who can mount a FUSE file system could cause a denial of service.
A bug was discovered in the Linux kernel's calculation of OOM (Out of
memory) scores, that would result in the wrong process being killed. A
user could use this to kill the process with the highest OOM score,
even if that process belongs to another user or the system.
A flaw was found in KVM's Programmable Interval Timer (PIT). When a
virtual interrupt control is not available a local user could use this
to cause a denial of service by starting a timer. (CVE-2011-4622)
A flaw was discovered in the XFS filesystem. If a local user mounts a
specially crafted XFS image it could potential execute arbitrary code
on the system. (CVE-2012-0038)
Chen Haogang discovered an integer overflow that could result in
memory corruption. A local unprivileged user could use this to crash
the system. (CVE-2012-0044)
A flaw was found in the linux kernels IPv4 IGMP query processing. A
remote attacker could exploit this to cause a denial of service.
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.1
Public Exploit Available : true