What is the severity of USN-1304-1?

USN-1304-1 is classified as a critical vulnerability due to its potential to allow local attackers to crash the system or gain root privileges.

How do I fix USN-1304-1?

To address USN-1304-1, upgrade to the recommended kernel version linux-image-2.6.38-1209-omap4 version 2.6.38-1209.19 or later.

What systems are affected by USN-1304-1?

USN-1304-1 affects Ubuntu 11.04 systems running the specified version of the linux-image package.

Who discovered the vulnerability in USN-1304-1?

The vulnerability in USN-1304-1 was discovered by Nick Bowler.

What type of attack is associated with USN-1304-1?

USN-1304-1 is associated with a denial of service attack and the possibility of local privilege escalation.

Vulnerability/
USN-1304-1

13/12/2011

USN-1304-1: Linux kernel (OMAP4) vulnerabilities

First published: Tue Dec 13 2011(Updated: )

A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. (CVE-2011-4077) Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. (CVE-2011-4081) Scot Doyle discovered that the bridge networking interface incorrectly handled certain network packets. A remote attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-4087) A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. (CVE-2011-4132) A bug was found in the way headroom check was performed in udp6_ufo_fragment() function. A remote attacker could use this flaw to crash the system. (CVE-2011-4326) Clement Lecigne discovered a bug in the HFS file system bounds checking. When a malformed HFS file system is mounted a local user could crash the system or gain root privileges. (CVE-2011-4330)

Affected Software	Affected Version	How to fix
All of
ubuntu/linux-image-2.6.38-1209-omap4	<2.6.38-1209.18	2.6.38-1209.18
Ubuntu gir1.2-packagekitglib-1.0	=11.04

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

What is the severity of USN-1304-1?
USN-1304-1 is classified as a critical vulnerability due to its potential to allow local attackers to crash the system or gain root privileges.
How do I fix USN-1304-1?
To address USN-1304-1, upgrade to the recommended kernel version linux-image-2.6.38-1209-omap4 version 2.6.38-1209.19 or later.
What systems are affected by USN-1304-1?
USN-1304-1 affects Ubuntu 11.04 systems running the specified version of the linux-image package.
Who discovered the vulnerability in USN-1304-1?
The vulnerability in USN-1304-1 was discovered by Nick Bowler.
What type of attack is associated with USN-1304-1?
USN-1304-1 is associated with a denial of service attack and the possibility of local privilege escalation.

agent/severity
agent/type
agent/last-modified-date
agent/first-publish-date
agent/references
agent/description
agent/event
agent/title
agent/trending
agent/source
agent/softwarecombine
agent/tags
collector/usn
source/Ubuntu
agent/software-canonical-lookup
agent/software-canonical-lookup-request
package-manager/ubuntu
vendor/ubuntu
canonical/ubuntu gir1.2-packagekitglib-1.0
version/ubuntu gir1.2-packagekitglib-1.0/11.04