USN-1474-1 : linux-ti-omap4 vulnerabilities

High Nessus Plugin ID 59496

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 5.9

Synopsis

The remote Ubuntu host is missing one or more security-related patches.

Description

A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. (CVE-2012-2121)

Schacher Raindel discovered a flaw in the Linux kernel's memory handling when hugetlb is enabled. An unprivileged local attacker could exploit this flaw to cause a denial of service and potentially gain higher privileges. (CVE-2012-2133)

Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. (CVE-2012-2313)

Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system priviliges. (CVE-2012-2319)

Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver handling of cliprect on 32 bit systems. An unprivileged local attacker could leverage this flaw to cause a denial of service or potentially gain root privileges. (CVE-2012-2383)

Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver handling of buffer_count on 32 bit systems. An unprivileged local attacker could leverage this flaw to cause a denial of service or potentially gain root privileges. (CVE-2012-2384)

Solution

Update the affected package(s).

See Also

http://www.ubuntu.com/usn/usn-1474-1/

Plugin Details

Severity: High

ID: 59496

File Name: ubuntu_USN-1474-1.nasl

Version: Revision: 1.2

Type: local

Agent: unix

Published: 2012/06/14

Updated: 2016/12/01

Dependencies: 12634

Risk Information

Risk Factor: High

VPR Score: 5.9

CVSS v2.0

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:canonical:ubuntu_linux

Required KB Items: Host/Ubuntu, Host/Ubuntu/release, Host/Debian/dpkg-l

Patch Publication Date: 2012/06/13

Reference Information

CVE: CVE-2012-2121, CVE-2012-2133, CVE-2012-2313, CVE-2012-2319, CVE-2012-2383, CVE-2012-2384

USN: 1474-1