What is the severity of USN-1243-1?

USN-1243-1 has a severity level associated with a denial of service vulnerability, allowing a remote attacker to crash the system.

How do I fix USN-1243-1?

To fix USN-1243-1, you should upgrade to the latest kernel version provided by Ubuntu for the affected packages.

What versions of Ubuntu are affected by USN-1243-1?

USN-1243-1 affects Ubuntu 10.10 with specific kernel versions up to but not including 2.6.35-30.61.

What are the consequences of not addressing USN-1243-1?

Not addressing USN-1243-1 could lead to a potential denial of service, allowing attackers to crash the system.

Who discovered the vulnerability associated with USN-1243-1?

The vulnerability associated with USN-1243-1 was discovered by Vasiliy Kulikov.

Vulnerability/
USN-1243-1

25/10/2011

USN-1243-1: Linux kernel vulnerabilities

First published: Tue Oct 25 2011(Updated: )

It was discovered that the security fix for CVE-2010-4250 introduced a regression. A remote attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-1479) Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. (CVE-2011-2494) Vasiliy Kulikov discovered that /proc/PID/io did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. (CVE-2011-2495) It was discovered that the EXT4 filesystem contained multiple off-by-one flaws. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-2695) Christian Ohm discovered that the perf command looks for configuration files in the current directory. If a privileged user were tricked into running perf in a directory containing a malicious configuration file, an attacker could run arbitrary commands and possibly gain privileges. (CVE-2011-2905) Vasiliy Kulikov discovered that the Comedi driver did not correctly clear memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2011-2909) Dan Kaminsky discovered that the kernel incorrectly handled random sequence number generation. An attacker could use this flaw to possibly predict sequence numbers and inject packets. (CVE-2011-3188) Yogesh Sharma discovered that CIFS did not correctly handle UNCs that had no prefixpaths. A local attacker with access to a CIFS partition could exploit this to crash the system, leading to a denial of service. (CVE-2011-3363)

Affected Software	Affected Version	How to fix
All of
ubuntu/linux-image-2.6.35-30-powerpc-smp	<2.6.35-30.61	2.6.35-30.61
Ubuntu gir1.2-packagekitglib-1.0	=10.10
All of
ubuntu/linux-image-2.6.35-30-versatile	<2.6.35-30.61	2.6.35-30.61
Ubuntu gir1.2-packagekitglib-1.0	=10.10
All of
ubuntu/linux-image-2.6.35-30-server	<2.6.35-30.61	2.6.35-30.61
Ubuntu gir1.2-packagekitglib-1.0	=10.10
All of
ubuntu/linux-image-2.6.35-30-powerpc64-smp	<2.6.35-30.61	2.6.35-30.61
Ubuntu gir1.2-packagekitglib-1.0	=10.10
All of
ubuntu/linux-image-2.6.35-30-virtual	<2.6.35-30.61	2.6.35-30.61
Ubuntu gir1.2-packagekitglib-1.0	=10.10
All of
ubuntu/linux-image-2.6.35-30-generic-pae	<2.6.35-30.61	2.6.35-30.61
Ubuntu gir1.2-packagekitglib-1.0	=10.10
All of
ubuntu/linux-image-2.6.35-30-omap	<2.6.35-30.61	2.6.35-30.61
Ubuntu gir1.2-packagekitglib-1.0	=10.10
All of
ubuntu/linux-image-2.6.35-30-generic	<2.6.35-30.61	2.6.35-30.61
Ubuntu gir1.2-packagekitglib-1.0	=10.10
All of
ubuntu/linux-image-2.6.35-30-powerpc	<2.6.35-30.61	2.6.35-30.61
Ubuntu gir1.2-packagekitglib-1.0	=10.10

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

What is the severity of USN-1243-1?
USN-1243-1 has a severity level associated with a denial of service vulnerability, allowing a remote attacker to crash the system.
How do I fix USN-1243-1?
To fix USN-1243-1, you should upgrade to the latest kernel version provided by Ubuntu for the affected packages.
What versions of Ubuntu are affected by USN-1243-1?
USN-1243-1 affects Ubuntu 10.10 with specific kernel versions up to but not including 2.6.35-30.61.
What are the consequences of not addressing USN-1243-1?
Not addressing USN-1243-1 could lead to a potential denial of service, allowing attackers to crash the system.
Who discovered the vulnerability associated with USN-1243-1?
The vulnerability associated with USN-1243-1 was discovered by Vasiliy Kulikov.

agent/severity
agent/references
agent/type
agent/last-modified-date
agent/first-publish-date
agent/title
agent/description
agent/event
agent/trending
agent/source
agent/softwarecombine
agent/tags
collector/usn
source/Ubuntu
agent/software-canonical-lookup
agent/software-canonical-lookup-request
package-manager/ubuntu
vendor/ubuntu
canonical/ubuntu gir1.2-packagekitglib-1.0
version/ubuntu gir1.2-packagekitglib-1.0/10.10