Ubuntu Security Notice (C) 2012-2016 Canonical, Inc. / NASL script (C) 2012-2016 Tenable Network Security, Inc.
The remote Ubuntu host is missing one or more security-related
Andy Adamson discovered a flaw in the Linux kernel's NFSv4
implementation. A remote NFS server (attacker) could exploit this flaw
to cause a denial of service. (CVE-2011-4131)
A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine)
virtual cpu setup. An unprivileged local user could exploit this flaw
to crash the system leading to a denial of service. (CVE-2012-1601)
A flaw was discovered in the Linux kernel's KVM (kernel virtual
machine). An administrative user in the guest OS could leverage this
flaw to cause a denial of service in the host OS. (CVE-2012-2121)
Steve Grubb reported a flaw with Linux fscaps (file system base
capabilities) when used to increase the permissions of a process. For
application on which fscaps are in use a local attacker can disable
address space randomization to make attacking the process with raised
privileges easier. (CVE-2012-2123)
Schacher Raindel discovered a flaw in the Linux kernel's memory
handling when hugetlb is enabled. An unprivileged local attacker could
exploit this flaw to cause a denial of service and potentially gain
higher privileges. (CVE-2012-2133).
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.2
CVSS Temporal Score : 5.3
Public Exploit Available : false
Family: Ubuntu Local Security Checks
Nessus Plugin ID: 59321 ()
CVE ID: CVE-2011-4131CVE-2012-1601CVE-2012-2121CVE-2012-2123CVE-2012-2133
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.