What is the severity of USN-1236-1?

USN-1236-1 has a high severity rating due to the potential for local attackers with physical access to exploit the vulnerability and gain root privileges.

How do I fix USN-1236-1?

To remediate USN-1236-1, upgrade to the patched linux-image packages version 2.6.24-29.95 or later on Ubuntu 8.04.

What systems are affected by USN-1236-1?

USN-1236-1 affects various linux-image packages on Ubuntu 8.04, including generic, server, and architecture-specific images.

Can a remote attacker exploit USN-1236-1?

No, USN-1236-1 requires physical access to the affected system, thereby preventing remote exploitation.

What is CVE-2009-4067 related to USN-1236-1?

CVE-2009-4067 describes the vulnerability that allows local attackers to execute arbitrary code with root privileges via crafted USB devices.

Vulnerability/
USN-1236-1

20/10/2011

USN-1236-1: Linux kernel vulnerabilities

First published: Thu Oct 20 2011(Updated: )

It was discovered that the Auerswald usb driver incorrectly handled lengths of the USB string descriptors. A local attacker with physical access could insert a specially crafted USB device and gain root privileges. (CVE-2009-4067) It was discovered that the Stream Control Transmission Protocol (SCTP) implementation incorrectly calculated lengths. If the net.sctp.addip_enable variable was turned on, a remote attacker could send specially crafted traffic to crash the system. (CVE-2011-1573) Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. (CVE-2011-2494) Vasiliy Kulikov discovered that /proc/PID/io did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. (CVE-2011-2495) Dan Kaminsky discovered that the kernel incorrectly handled random sequence number generation. An attacker could use this flaw to possibly predict sequence numbers and inject packets. (CVE-2011-3188)

Affected Software	Affected Version	How to fix
All of
ubuntu/linux-image-2.6.24-29-sparc64	<2.6.24-29.95	2.6.24-29.95
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-29-rt	<2.6.24-29.95	2.6.24-29.95
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-29-386	<2.6.24-29.95	2.6.24-29.95
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-29-itanium	<2.6.24-29.95	2.6.24-29.95
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-29-hppa32	<2.6.24-29.95	2.6.24-29.95
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-29-openvz	<2.6.24-29.95	2.6.24-29.95
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-29-generic	<2.6.24-29.95	2.6.24-29.95
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-29-xen	<2.6.24-29.95	2.6.24-29.95
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-29-powerpc	<2.6.24-29.95	2.6.24-29.95
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-29-powerpc-smp	<2.6.24-29.95	2.6.24-29.95
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-29-hppa64	<2.6.24-29.95	2.6.24-29.95
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-29-server	<2.6.24-29.95	2.6.24-29.95
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-29-powerpc64-smp	<2.6.24-29.95	2.6.24-29.95
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-29-lpia	<2.6.24-29.95	2.6.24-29.95
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-29-virtual	<2.6.24-29.95	2.6.24-29.95
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-29-mckinley	<2.6.24-29.95	2.6.24-29.95
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-29-sparc64-smp	<2.6.24-29.95	2.6.24-29.95
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-29-lpiacompat	<2.6.24-29.95	2.6.24-29.95
Ubuntu gir1.2-packagekitglib-1.0	=8.04

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

What is the severity of USN-1236-1?
USN-1236-1 has a high severity rating due to the potential for local attackers with physical access to exploit the vulnerability and gain root privileges.
How do I fix USN-1236-1?
To remediate USN-1236-1, upgrade to the patched linux-image packages version 2.6.24-29.95 or later on Ubuntu 8.04.
What systems are affected by USN-1236-1?
USN-1236-1 affects various linux-image packages on Ubuntu 8.04, including generic, server, and architecture-specific images.
Can a remote attacker exploit USN-1236-1?
No, USN-1236-1 requires physical access to the affected system, thereby preventing remote exploitation.
What is CVE-2009-4067 related to USN-1236-1?
CVE-2009-4067 describes the vulnerability that allows local attackers to execute arbitrary code with root privileges via crafted USB devices.

agent/references
agent/severity
agent/type
agent/last-modified-date
agent/first-publish-date
agent/event
agent/title
agent/description
agent/trending
agent/source
agent/softwarecombine
agent/tags
collector/usn
source/Ubuntu
agent/software-canonical-lookup
agent/software-canonical-lookup-request
package-manager/ubuntu
vendor/ubuntu
canonical/ubuntu gir1.2-packagekitglib-1.0
version/ubuntu gir1.2-packagekitglib-1.0/8.04