What is the severity of USN-1648-1?

USN-1648-1 has been classified with a high severity due to its potential exploitation by unprivileged users to access sensitive kernel memory.

How do I fix USN-1648-1?

To fix USN-1648-1, upgrade to the corrected packages for Ubuntu version 11.10, specifically linux-image-3.0.0-28.45.

What versions of Ubuntu are affected by USN-1648-1?

USN-1648-1 affects Ubuntu 11.10 and the corresponding linux kernel packages.

Who discovered the vulnerabilities addressed in USN-1648-1?

The vulnerabilities in USN-1648-1 were discovered by Brad Spengler and Rodrigo Freire.

What type of vulnerability is associated with USN-1648-1?

USN-1648-1 addresses vulnerabilities in the Linux kernel's uname system call and TCP illinois congestion control algorithm.

Vulnerability/
USN-1648-1

30/11/2012

USN-1648-1: Linux kernel vulnerabilities

First published: Fri Nov 30 2012(Updated: )

Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. (CVE-2012-0957) Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service. (CVE-2012-4565) Mathias Krause discovered a flaw in the Linux kernel's XFRM netlink interface. A local user with the NET_ADMIN capability could exploit this flaw to leak the contents of kernel memory. (CVE-2012-6536) Mathias Krause discovered several errors in the Linux kernel's xfrm_user implementation. A local attacker could exploit these flaws to examine parts of kernel memory. (CVE-2012-6537) Mathias Krause discovered an information leak in the Linux kernel's xfrm_user copy_to_user_auth function. A local user could exploit this flaw to examine parts of kernel heap memory. (CVE-2012-6538) Mathias Krause discovered information leak in the Linux kernel's compat ioctl interface. A local user could exploit the flaw to examine parts of kernel stack memory (CVE-2012-6539) Mathias Krause discovered an information leak in the Linux kernel's getsockopt for IP_VS_SO_GET_TIMEOUT. A local user could exploit this flaw to examine parts of kernel stack memory. (CVE-2012-6540) Mathias Krause discovered an information leak in the Linux kernel's getsockopt implementation for the Datagram Congestion Control Protocol (DCCP). A local user could exploit this flaw to examine some of the kernel's stack memory. (CVE-2012-6541) Mathias Krause discovered an information leak in the Linux kernel's getsockname implementation for Logical Link Layer (llc) sockets. A local user could exploit this flaw to examine some of the kernel's stack memory. (CVE-2012-6542) Mathias Krause discovered information leaks in the Linux kernel's Bluetooth Logical Link Control and Adaptation Protocol (L2CAP) implementation. A local user could exploit these flaws to examine some of the kernel's stack memory. (CVE-2012-6544) Mathias Krause discovered information leaks in the Linux kernel's Bluetooth RFCOMM protocol implementation. A local user could exploit these flaws to examine parts of kernel memory. (CVE-2012-6545) Mathias Krause discovered information leaks in the Linux kernel's Asynchronous Transfer Mode (ATM) networking stack. A local user could exploit these flaws to examine some parts of kernel memory. (CVE-2012-6546) A flaw was discovered in the Linux kernels handling of memory ranges with PROT_NONE when transparent hugepages are in use. An unprivileged local user could exploit this flaw to cause a denial of service (crash the system). (CVE-2013-0309) Mathias Krause discovered a flaw in xfrm_user in the Linux kernel. A local attacker with NET_ADMIN capability could potentially exploit this flaw to escalate privileges. (CVE-2013-1826) An information leak was discovered in the Linux kernel's /dev/dvb device. A local user could exploit this flaw to obtain sensitive information from the kernel's stack memory. (CVE-2013-1928)

Affected Software	Affected Version	How to fix
All of
ubuntu/linux-image-3.0.0-28-generic	<3.0.0-28.45	3.0.0-28.45
Ubuntu 22.04 LTS	=11.10
All of
ubuntu/linux-image-3.0.0-28-powerpc	<3.0.0-28.45	3.0.0-28.45
Ubuntu 22.04 LTS	=11.10
All of
ubuntu/linux-image-3.0.0-28-powerpc-smp	<3.0.0-28.45	3.0.0-28.45
Ubuntu 22.04 LTS	=11.10
All of
ubuntu/linux-image-3.0.0-28-server	<3.0.0-28.45	3.0.0-28.45
Ubuntu 22.04 LTS	=11.10
All of
ubuntu/linux-image-3.0.0-28-powerpc64-smp	<3.0.0-28.45	3.0.0-28.45
Ubuntu 22.04 LTS	=11.10
All of
ubuntu/linux-image-3.0.0-28-virtual	<3.0.0-28.45	3.0.0-28.45
Ubuntu 22.04 LTS	=11.10
All of
ubuntu/linux-image-3.0.0-28-generic-pae	<3.0.0-28.45	3.0.0-28.45
Ubuntu 22.04 LTS	=11.10
All of
ubuntu/linux-image-3.0.0-28-omap	<3.0.0-28.45	3.0.0-28.45
Ubuntu 22.04 LTS	=11.10

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

What is the severity of USN-1648-1?
USN-1648-1 has been classified with a high severity due to its potential exploitation by unprivileged users to access sensitive kernel memory.
How do I fix USN-1648-1?
To fix USN-1648-1, upgrade to the corrected packages for Ubuntu version 11.10, specifically linux-image-3.0.0-28.45.
What versions of Ubuntu are affected by USN-1648-1?
USN-1648-1 affects Ubuntu 11.10 and the corresponding linux kernel packages.
Who discovered the vulnerabilities addressed in USN-1648-1?
The vulnerabilities in USN-1648-1 were discovered by Brad Spengler and Rodrigo Freire.
What type of vulnerability is associated with USN-1648-1?
USN-1648-1 addresses vulnerabilities in the Linux kernel's uname system call and TCP illinois congestion control algorithm.

agent/severity
agent/type
agent/first-publish-date
agent/last-modified-date
agent/references
agent/title
agent/description
agent/event
agent/trending
agent/source
agent/softwarecombine
agent/tags
collector/usn
source/Ubuntu
agent/software-canonical-lookup
agent/software-canonical-lookup-request
package-manager/ubuntu
vendor/ubuntu
canonical/ubuntu 22.04 lts
version/ubuntu 22.04 lts/11.10