Ubuntu 12.10 : linux vulnerabilities (USN-1835-1)

Ubuntu Security Notice (C) 2013-2016 Canonical, Inc. / NASL script (C) 2013-2016 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing one or more security-related
patches.

Description :

A buffer overflow vulnerability was discovered in the Broadcom tg3
ethernet driver for the Linux kernel. A local user could exploit this
flaw to cause a denial of service (crash the system) or potentially
escalate privileges on the system. (CVE-2013-1929)

A flaw was discovered in the Linux kernel's ftrace subsystem
interface. A local user could exploit this flaw to cause a denial of
service (system crash). (CVE-2013-3301).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

Solution :

Update the affected linux-image-3.5.0-31-generic and / or
linux-image-3.5.0-31-highbank packages.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)

Family: Ubuntu Local Security Checks

Nessus Plugin ID: 66589 ()

Bugtraq ID:

CVE ID: CVE-2013-1929
CVE-2013-3301