Ubuntu Security Notice (C) 2013 Canonical, Inc. / NASL script (C) 2013 Tenable Network Security, Inc.
The remote Ubuntu host is missing a security-related patch.
Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that
allows for privilege escalation. A local user could exploit this flaw
to run commands as root when using the perf tool. (CVE-2013-1060)
Michael S. Tsirkin discovered a flaw in how the Linux kernel's KVM
subsystem allocates memory slots for the guest's address space. A
local user could exploit this flaw to gain system privileges or obtain
sensitive information from kernel memory. (CVE-2013-1943)
A flaw was discovered in the SCTP (stream control transfer protocol)
network protocol's handling of duplicate cookies in the Linux kernel.
A remote attacker could exploit this flaw to cause a denial of service
(system crash) on another remote user querying the SCTP connection.
Hannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option
in the Linux kernel's IPv6 stack. A local user could exploit this flaw
to cause a denial of service (system crash). (CVE-2013-4162).
Update the affected linux-image-2.6.32-356-ec2 package.
Risk factor :
Medium / CVSS Base Score : 6.9
CVSS Temporal Score : 6.0
Public Exploit Available : false