- Vulnerability/
- USN-1647-1
USN-1647-1: Linux kernel (OMAP4) vulnerabilities
First published: Fri Nov 30 2012(Updated: )
Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. (CVE-2012-0957) Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service. (CVE-2012-4565) Mathias Krause discovered a flaw in the Linux kernel's XFRM netlink interface. A local user with the NET_ADMIN capability could exploit this flaw to leak the contents of kernel memory. (CVE-2012-6536) Mathias Krause discovered several errors in the Linux kernel's xfrm_user implementation. A local attacker could exploit these flaws to examine parts of kernel memory. (CVE-2012-6537) Mathias Krause discovered an information leak in the Linux kernel's xfrm_user copy_to_user_auth function. A local user could exploit this flaw to examine parts of kernel heap memory. (CVE-2012-6538) A flaw was discovered in the Linux kernels handling of memory ranges with PROT_NONE when transparent hugepages are in use. An unprivileged local user could exploit this flaw to cause a denial of service (crash the system). (CVE-2013-0309) Mathias Krause discovered a flaw in xfrm_user in the Linux kernel. A local attacker with NET_ADMIN capability could potentially exploit this flaw to escalate privileges. (CVE-2013-1826)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/linux-image-3.5.0-215-omap4 | <3.5.0-215.22 | 3.5.0-215.22 |
| =12.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2012-0957
- https://ubuntu.com/security/CVE-2012-4565
- https://ubuntu.com/security/CVE-2012-6536
- https://ubuntu.com/security/CVE-2012-6537
- https://ubuntu.com/security/CVE-2012-6538
- https://ubuntu.com/security/CVE-2013-0309
- https://ubuntu.com/security/CVE-2013-1826
- https://ubuntu.com/security/notices/USN-1648-1
- https://ubuntu.com/security/notices/USN-1644-1
- https://ubuntu.com/security/notices/USN-1649-1
- https://ubuntu.com/security/notices/USN-1645-1
- https://ubuntu.com/security/notices/USN-1704-1
- https://ubuntu.com/security/notices/USN-1646-1
- https://ubuntu.com/security/notices/USN-1652-1
- https://ubuntu.com/security/notices/USN-1653-1
- https://ubuntu.com/security/notices/USN-1651-1
- https://ubuntu.com/security/notices/USN-1650-1
- https://ubuntu.com/security/notices/USN-1798-1
- https://ubuntu.com/security/notices/USN-1792-1
- https://ubuntu.com/security/notices/USN-1776-1
- https://ubuntu.com/security/notices/USN-1775-1
- https://ubuntu.com/security/notices/USN-1829-1
- https://ubuntu.com/security/notices/USN-1824-1
- https://launchpad.net/ubuntu/+source/linux-ti-omap4/3.5.0-215.22
- https://ubuntu.com/security/notices/USN-1647-1 (Advisory)
Child vulnerabilities
(Contains the following vulnerabilities)
- agent/severity
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- collector/usn
- source/Ubuntu
- anchor-related/USN-1648-1
- anchor-related/USN-1644-1
- anchor-related/USN-1649-1
- anchor-related/USN-1645-1
- anchor-related/USN-1704-1
- anchor-related/USN-1646-1
- anchor-related/USN-1652-1
- anchor-related/USN-1653-1
- anchor-related/USN-1651-1
- anchor-related/USN-1650-1
- anchor-related/USN-1798-1
- anchor-related/USN-1792-1
- anchor-related/USN-1776-1
- anchor-related/USN-1775-1
- anchor-related/USN-1829-1
- anchor-related/USN-1824-1
- agent/software-canonical-lookup
- agent/references
- agent/title
- agent/tags
- agent/description
- agent/event
- agent/trending
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/12.10