Ubuntu Security Notice (C) 2013-2014 Canonical, Inc. / NASL script (C) 2013-2014 Tenable Network Security, Inc.
The remote Ubuntu host is missing a security-related patch.
Mathias Krause discovered an information leak in the Linux kernel's
ISO 9660 CDROM file system driver. A local user could exploit this
flaw to examine some of the kernel's heap memory. (CVE-2012-6549)
Mathias Krause discovered a flaw in xfrm_user in the Linux kernel. A
local attacker with NET_ADMIN capability could potentially exploit
this flaw to escalate privileges. (CVE-2013-1826)
A buffer overflow was discovered in the Linux Kernel's USB subsystem
for devices reporting the cdc-wdm class. A specially crafted USB
device when plugged-in could cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2013-1860)
An information leak was discovered in the Linux kernel's /dev/dvb
device. A local user could exploit this flaw to obtain sensitive
information from the kernel's stack memory. (CVE-2013-1928)
An information leak in the Linux kernel's dcb netlink interface was
discovered. A local user could obtain sensitive information by
examining kernel stack memory. (CVE-2013-2634).
Update the affected linux-image-2.6.32-352-ec2 package.
Risk factor :
Medium / CVSS Base Score : 6.9
CVSS Temporal Score : 6.0
Public Exploit Available : false