Download
| Alert*
oval:org.secpod.oval:def:201819
The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A buffer overflow flaw was found in the ecryptfs_uid_hash function in the Linux kernel eCryptfs implementation. On systems that have the eCryptfs netlink transport ... oval:org.secpod.oval:def:700253 Al Viro discovered a race condition in the TTY driver. A local attacker could exploit this to crash the system, leading to a denial of service. Gleb Napatov discovered that KVM did not correctly check certain privileged operations. A local attacker with access to a guest kernel could exploit this t ... oval:org.secpod.oval:def:700243 Al Viro discovered a race condition in the TTY driver. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. A local attacker could overwrite append-only files, leading ... oval:org.secpod.oval:def:700246 USN-1074-1 fixed vulnerabilities in linux-fsl-imx51 in Ubuntu 9.10. This update provides the corresponding updates for Ubuntu 10.04. Original advisory details: Al Viro discovered a race condition in the TTY driver. A local attacker could exploit this to crash the system, leading to a denial of servi ... oval:org.secpod.oval:def:700234 Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. Dan Rosenberg discovered that several ... oval:org.secpod.oval:def:201914 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A buffer overflow flaw was found in the ecryptfs_uid_hash function in the Linux kernel eCryptfs implementation. On systems that have the eCryptfs netlink transport ... oval:org.secpod.oval:def:700207 Dan Rosenberg discovered that the btrfs filesystem did not correctly validate permissions when using the clone function. A local attacker could overwrite the contents of file handles that were opened for append-only, or potentially read arbitrary contents, leading to a loss of privacy. Only Ubuntu 9 ... oval:org.secpod.oval:def:500284 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A buffer overflow flaw was found in the ecryptfs_uid_hash function in the Linux kernel eCryptfs implementation. On systems that have the eCryptfs netlink transport ... oval:org.secpod.oval:def:700270 Joel Becker discovered that OCFS2 did not correctly validate on-disk symlink structures. If an attacker were able to trick a user or automated system into mounting a specially crafted filesystem, it could crash the system or exposde kernel memory, leading to a loss of privacy. Ben Hutchings discover ... oval:org.secpod.oval:def:700242 Gleb Napatov discovered that KVM did not correctly check certain privileged operations. A local attacker with access to a guest kernel could exploit this to crash the host system, leading to a denial of service. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups w ... |