What is the severity of USN-1363-1?

The severity of USN-1363-1 is considered to be high due to the potential to terminate critical processes on the system.

How do I fix USN-1363-1?

To fix USN-1363-1, update the affected packages to version 3.0.0-16.28 or later.

Which versions of Ubuntu are affected by USN-1363-1?

USN-1363-1 affects Ubuntu 11.10 specifically with the listed Linux kernel packages.

Is there a workaround for USN-1363-1?

There are no official workarounds for USN-1363-1; updating to the patched version is recommended.

What is CVE-2011-4097 in relation to USN-1363-1?

CVE-2011-4097 is the specific vulnerability addressed in USN-1363-1 relating to incorrect OOM score handling in the Linux kernel.

Vulnerability/
USN-1363-1

13/2/2012

USN-1363-1: Linux kernel vulnerabilities

First published: Mon Feb 13 2012(Updated: )

A bug was discovered in the Linux kernel's calculation of OOM (Out of memory) scores, that would result in the wrong process being killed. A user could use this to kill the process with the highest OOM score, even if that process belongs to another user or the system. (CVE-2011-4097) A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual interrupt control is not available a local user could use this to cause a denial of service by starting a timer. (CVE-2011-4622) A flaw was discovered in the XFS filesystem. If a local user mounts a specially crafted XFS image it could potential execute arbitrary code on the system. (CVE-2012-0038) Andy Whitcroft discovered a that the Overlayfs filesystem was not doing the extended permission checks needed by cgroups and Linux Security Modules (LSMs). A local user could exploit this to by-pass security policy and access files that should not be accessible. (CVE-2012-0055) A flaw was found in the linux kernels IPv4 IGMP query processing. A remote attacker could exploit this to cause a denial of service. (CVE-2012-0207)

Affected Software	Affected Version	How to fix
All of
ubuntu/linux-image-3.0.0-16-server	<3.0.0-16.28	3.0.0-16.28
Ubuntu 22.04 LTS	=11.10
All of
ubuntu/linux-image-3.0.0-16-powerpc-smp	<3.0.0-16.28	3.0.0-16.28
Ubuntu 22.04 LTS	=11.10
All of
ubuntu/linux-image-3.0.0-16-virtual	<3.0.0-16.28	3.0.0-16.28
Ubuntu 22.04 LTS	=11.10
All of
ubuntu/linux-image-3.0.0-16-powerpc64-smp	<3.0.0-16.28	3.0.0-16.28
Ubuntu 22.04 LTS	=11.10
All of
ubuntu/linux-image-3.0.0-16-powerpc	<3.0.0-16.28	3.0.0-16.28
Ubuntu 22.04 LTS	=11.10
All of
ubuntu/linux-image-3.0.0-16-generic-pae	<3.0.0-16.28	3.0.0-16.28
Ubuntu 22.04 LTS	=11.10
All of
ubuntu/linux-image-3.0.0-16-omap	<3.0.0-16.28	3.0.0-16.28
Ubuntu 22.04 LTS	=11.10
All of
ubuntu/linux-image-3.0.0-16-generic	<3.0.0-16.28	3.0.0-16.28
Ubuntu 22.04 LTS	=11.10

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

What is the severity of USN-1363-1?
The severity of USN-1363-1 is considered to be high due to the potential to terminate critical processes on the system.
How do I fix USN-1363-1?
To fix USN-1363-1, update the affected packages to version 3.0.0-16.28 or later.
Which versions of Ubuntu are affected by USN-1363-1?
USN-1363-1 affects Ubuntu 11.10 specifically with the listed Linux kernel packages.
Is there a workaround for USN-1363-1?
There are no official workarounds for USN-1363-1; updating to the patched version is recommended.
What is CVE-2011-4097 in relation to USN-1363-1?
CVE-2011-4097 is the specific vulnerability addressed in USN-1363-1 relating to incorrect OOM score handling in the Linux kernel.

agent/severity
agent/type
agent/first-publish-date
agent/last-modified-date
agent/title
agent/references
agent/description
agent/event
agent/trending
agent/source
agent/softwarecombine
agent/tags
collector/usn
source/Ubuntu
agent/software-canonical-lookup
agent/software-canonical-lookup-request
package-manager/ubuntu
vendor/ubuntu
canonical/ubuntu 22.04 lts
version/ubuntu 22.04 lts/11.10