USN-1364-1 : linux-ti-omap4 vulnerabilities

High Nessus Plugin ID 57938


The remote Ubuntu host is missing one or more security-related patches.


A flaw was discovered in the XFS filesystem. If a local user mounts a specially crafted XFS image it could potential execute arbitrary code on the system. (CVE-2012-0038)

Andy Whitcroft discovered a that the Overlayfs filesystem was not doing the extended permission checks needed by cgroups and Linux Security Modules (LSMs). A local user could exploit this to by-pass security policy and access files that should not be accessible.

Juri Aedla discovered that the kernel incorrectly handled /proc/<pid>/mem permissions. A local attacker could exploit this and gain root privileges. (CVE-2012-0056)

A flaw was found in the linux kernels IPv4 IGMP query processing. A remote attacker could exploit this to cause a denial of service.


Update the affected package(s).

See Also

Plugin Details

Severity: High

ID: 57938

File Name: ubuntu_USN-1364-1.nasl

Version: $Revision: 1.7 $

Type: local

Agent: unix

Published: 2012/02/14

Modified: 2016/12/01

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/o:canonical:ubuntu_linux

Required KB Items: Host/Ubuntu, Host/Ubuntu/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2012/02/13

Exploitable With


Core Impact

Reference Information

CVE: CVE-2012-0038, CVE-2012-0055, CVE-2012-0056, CVE-2012-0207

USN: 1364-1