Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-1795-1)

Ubuntu Security Notice (C) 2013 Canonical, Inc. / NASL script (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing a security-related patch.

Description :

Andrew Jones discovered a flaw with the xen_iret function in Linux
kernel's Xen virtualizeation. In the 32-bit Xen paravirt platform an
unprivileged guest OS user could exploit this flaw to cause a denial
of service (crash the system) or gain guest OS privilege.
(CVE-2013-0228)

Emese Revfy discovered that in the Linux kernel signal handlers could
leak address information across an exec, making it possible to by pass
ASLR (Address Space Layout Randomization). A local user could use this
flaw to by pass ASLR to reliably deliver an exploit payload that would
otherwise be stopped (by ASLR). (CVE-2013-0914)

A memory use after free error was discover in the Linux kernel's tmpfs
filesystem. A local user could exploit this flaw to gain privileges or
cause a denial of service (system crash). (CVE-2013-1767)

Mateusz Guzik discovered a race in the Linux kernel's keyring. A local
user could exploit this flaw to cause a denial of service (system
crash). (CVE-2013-1792)

Mathias Krause discovered a memory leak in the Linux kernel's crypto
report API. A local user with CAP_NET_ADMIN could exploit this leak to
examine some of the kernel's stack memory. (CVE-2013-2546)

Mathias Krause discovered a memory leak in the Linux kernel's crypto
report API. A local user with CAP_NET_ADMIN could exploit this leak to
examine some of the kernel's heap memory. (CVE-2013-2547)

Mathias Krause discovered information leaks in the Linux kernel's
crypto algorithm report API. A local user could exploit these flaws to
leak kernel stack and heap memory contents. (CVE-2013-2548).

Solution :

Update the affected linux-image-3.5.0-27-generic package.

Risk factor :

Medium / CVSS Base Score : 6.2
(CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 5.4
(CVSS2#E:ND/RL:OF/RC:ND)
Public Exploit Available : false

Family: Ubuntu Local Security Checks

Nessus Plugin ID: 65870 ()

Bugtraq ID: 57940
58368

CVE ID: CVE-2013-0228
CVE-2013-0914
CVE-2013-1767
CVE-2013-1792
CVE-2013-2546
CVE-2013-2547
CVE-2013-2548