Ubuntu Security Notice (C) 2013-2014 Canonical, Inc. / NASL script (C) 2013-2014 Tenable Network Security, Inc.
The remote Ubuntu host is missing a security-related patch.
Chanam Park reported a NULL pointer flaw in the Linux kernel's Ceph
client. A remote attacker could exploit this flaw to cause a denial of
service (system crash). (CVE-2013-1059)
An information leak was discovered in the Linux kernel's fanotify
interface. A local user could exploit this flaw to obtain sensitive
information from kernel memory. (CVE-2013-2148)
Jonathan Salwan discovered an information leak in the Linux kernel's
cdrom driver. A local user can exploit this leak to obtain sensitive
information from kernel memory if the CD-ROM drive is malfunctioning.
Kees Cook discovered a format string vulnerability in the Linux
kernel's disk block layer. A local user with administrator privileges
could exploit this flaw to gain kernel privileges. (CVE-2013-2851)
Hannes Frederic Sowa discovered that the Linux kernel's IPv6 stack
does not correctly handle Router Advertisement (RA) message in some
cases. A remote attacker could exploit this flaw to cause a denial of
service (system crash). (CVE-2013-4125)
A vulnerability was discovered in the Linux kernel's vhost net driver.
A local user could cause a denial of service (system crash) by
powering on a virtual machine. (CVE-2013-4127)
Marcus Moeller and Ken Fallon discovered that the CIFS incorrectly
built certain paths. A local attacker with access to a CIFS partition
could exploit this to crash the system, leading to a denial of
Update the affected linux-image-3.8.0-29-generic package.
Risk factor :
High / CVSS Base Score : 7.8
CVSS Temporal Score : 5.8
Public Exploit Available : false