What is the severity of USN-1268-1?

The severity of USN-1268-1 is classified as medium due to improper authentication handling in CIFS.

How do I fix USN-1268-1?

To fix USN-1268-1, upgrade to linux-image version 2.6.24-30.96 or newer on affected Ubuntu 8.04 systems.

Which systems are affected by USN-1268-1?

USN-1268-1 affects all Ubuntu 8.04 versions with the specified linux-image packages.

What is the impact of the vulnerability in USN-1268-1?

The impact of the vulnerability in USN-1268-1 allows local users to mount CIFS shares without correct authentication, compromising data access.

Is there a workaround for USN-1268-1?

A temporary workaround for USN-1268-1 is to unmount any CIFS shares until the system can be updated to the patched version.

Vulnerability/
USN-1268-1

21/11/2011

USN-1268-1: Linux kernel vulnerabilities

First published: Mon Nov 21 2011(Updated: )

It was discovered that CIFS incorrectly handled authentication. When a user had a CIFS share mounted that required authentication, a local user could mount the same share without knowing the correct password. (CVE-2011-1585) It was discovered that the GRE protocol incorrectly handled netns initialization. A remote attacker could send a packet while the ip_gre module was loading, and crash the system, leading to a denial of service. (CVE-2011-1767) It was discovered that the IP/IP protocol incorrectly handled netns initialization. A remote attacker could send a packet while the ipip module was loading, and crash the system, leading to a denial of service. (CVE-2011-1768) Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. (CVE-2011-2491) Robert Swiecki discovered that mapping extensions were incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-2496) Ben Pfaff discovered that Classless Queuing Disciplines (qdiscs) were being incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-2525) Yasuaki Ishimatsu discovered a flaw in the kernel's clock implementation. A local unprivileged attacker could exploit this causing a denial of service. (CVE-2011-3209)

Affected Software	Affected Version	How to fix
All of
ubuntu/linux-image-2.6.24-30-virtual	<2.6.24-30.96	2.6.24-30.96
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-30-server	<2.6.24-30.96	2.6.24-30.96
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-30-mckinley	<2.6.24-30.96	2.6.24-30.96
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-30-sparc64-smp	<2.6.24-30.96	2.6.24-30.96
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-30-xen	<2.6.24-30.96	2.6.24-30.96
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-30-powerpc-smp	<2.6.24-30.96	2.6.24-30.96
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-30-lpiacompat	<2.6.24-30.96	2.6.24-30.96
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-30-sparc64	<2.6.24-30.96	2.6.24-30.96
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-30-rt	<2.6.24-30.96	2.6.24-30.96
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-30-openvz	<2.6.24-30.96	2.6.24-30.96
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-30-lpia	<2.6.24-30.96	2.6.24-30.96
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-30-hppa64	<2.6.24-30.96	2.6.24-30.96
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-30-386	<2.6.24-30.96	2.6.24-30.96
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-30-powerpc	<2.6.24-30.96	2.6.24-30.96
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-30-powerpc64-smp	<2.6.24-30.96	2.6.24-30.96
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-30-itanium	<2.6.24-30.96	2.6.24-30.96
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-30-hppa32	<2.6.24-30.96	2.6.24-30.96
Ubuntu gir1.2-packagekitglib-1.0	=8.04
All of
ubuntu/linux-image-2.6.24-30-generic	<2.6.24-30.96	2.6.24-30.96
Ubuntu gir1.2-packagekitglib-1.0	=8.04

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

What is the severity of USN-1268-1?
The severity of USN-1268-1 is classified as medium due to improper authentication handling in CIFS.
How do I fix USN-1268-1?
To fix USN-1268-1, upgrade to linux-image version 2.6.24-30.96 or newer on affected Ubuntu 8.04 systems.
Which systems are affected by USN-1268-1?
USN-1268-1 affects all Ubuntu 8.04 versions with the specified linux-image packages.
What is the impact of the vulnerability in USN-1268-1?
The impact of the vulnerability in USN-1268-1 allows local users to mount CIFS shares without correct authentication, compromising data access.
Is there a workaround for USN-1268-1?
A temporary workaround for USN-1268-1 is to unmount any CIFS shares until the system can be updated to the patched version.

agent/references
agent/severity
agent/type
agent/first-publish-date
agent/last-modified-date
agent/title
agent/description
agent/event
agent/trending
agent/source
agent/softwarecombine
agent/tags
collector/usn
source/Ubuntu
agent/software-canonical-lookup
agent/software-canonical-lookup-request
package-manager/ubuntu
vendor/ubuntu
canonical/ubuntu gir1.2-packagekitglib-1.0
version/ubuntu gir1.2-packagekitglib-1.0/8.04