| Description: | Description:
The remote host is missing an update to linux-image-2.6.32-39-386
announced via advisory USN-1389-1.
Details:
Paolo Bonzini discovered a flaw in Linux's handling of the SG_IO ioctl
command. A local user, or user in a VM could exploit this flaw to bypass
restrictions and gain read/write access to all data on the affected block
device. (CVE-2011-4127)
Sasha Levin discovered a flaw in the permission checking for device
assignments requested via the kvm ioctl in the Linux kernel. A local user
could use this flaw to crash the system causing a denial of service.
(CVE-2011-4347)
A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual
interrupt control is not available a local user could use this to cause a
denial of service by starting a timer. (CVE-2011-4622)
A flaw was discovered in the XFS filesystem. If a local user mounts a
specially crafted XFS image it could potential execute arbitrary code on
the system. (CVE-2012-0038)
Louis Rilling discovered a flaw in Linux kernel's clone command when
CLONE_IO is specified. An unprivileged local user could exploit this to
cause a denial of service. (CVE-2012-0879)
Solution:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 10.04 LTS:
linux-image-2.6.32-39-386 2.6.32-39.86
linux-image-2.6.32-39-generic 2.6.32-39.86
linux-image-2.6.32-39-generic-pae 2.6.32-39.86
linux-image-2.6.32-39-ia64 2.6.32-39.86
linux-image-2.6.32-39-lpia 2.6.32-39.86
linux-image-2.6.32-39-powerpc 2.6.32-39.86
linux-image-2.6.32-39-powerpc-smp 2.6.32-39.86
linux-image-2.6.32-39-powerpc64-smp 2.6.32-39.86
linux-image-2.6.32-39-preempt 2.6.32-39.86
linux-image-2.6.32-39-server 2.6.32-39.86
linux-image-2.6.32-39-sparc64 2.6.32-39.86
linux-image-2.6.32-39-sparc64-smp 2.6.32-39.86
linux-image-2.6.32-39-versatile 2.6.32-39.86
linux-image-2.6.32-39-virtual 2.6.32-39.86
https://secure1.securityspace.com/smysecure/catid.html?in=USN-1389-1
CVSS Score:
4.9
CVSS Vector:
AV:L/AC:L/Au:NR/C:N/I:N/A:C
|
