USN-1792-1: Linux kernel vulnerabilities
First published: Mon Apr 08 2013(Updated: )
Mathias Krause discovered several errors in the Linux kernel's xfrm_user implementation. A local attacker could exploit these flaws to examine parts of kernel memory. (CVE-2012-6537) Mathias Krause discovered information leak in the Linux kernel's compat ioctl interface. A local user could exploit the flaw to examine parts of kernel stack memory (CVE-2012-6539) Mathias Krause discovered an information leak in the Linux kernel's getsockopt for IP_VS_SO_GET_TIMEOUT. A local user could exploit this flaw to examine parts of kernel stack memory. (CVE-2012-6540) Emese Revfy discovered that in the Linux kernel signal handlers could leak address information across an exec, making it possible to by pass ASLR (Address Space Layout Randomization). A local user could use this flaw to by pass ASLR to reliably deliver an exploit payload that would otherwise be stopped (by ASLR). (CVE-2013-0914) A memory use after free error was discover in the Linux kernel's tmpfs filesystem. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). (CVE-2013-1767) Mateusz Guzik discovered a race in the Linux kernel's keyring. A local user could exploit this flaw to cause a denial of service (system crash). (CVE-2013-1792)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/linux-image-2.6.32-46-sparc64 | <2.6.32-46.107 | 2.6.32-46.107 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-46-generic | <2.6.32-46.107 | 2.6.32-46.107 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-46-virtual | <2.6.32-46.107 | 2.6.32-46.107 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-46-powerpc | <2.6.32-46.107 | 2.6.32-46.107 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-46-generic-pae | <2.6.32-46.107 | 2.6.32-46.107 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-46-powerpc64-smp | <2.6.32-46.107 | 2.6.32-46.107 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-46-preempt | <2.6.32-46.107 | 2.6.32-46.107 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-46-server | <2.6.32-46.107 | 2.6.32-46.107 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-46-lpia | <2.6.32-46.107 | 2.6.32-46.107 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-46-ia64 | <2.6.32-46.107 | 2.6.32-46.107 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-46-versatile | <2.6.32-46.107 | 2.6.32-46.107 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-46-powerpc-smp | <2.6.32-46.107 | 2.6.32-46.107 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-46-386 | <2.6.32-46.107 | 2.6.32-46.107 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-46-sparc64-smp | <2.6.32-46.107 | 2.6.32-46.107 |
| Ubuntu 22.04 LTS | =10.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2012-6537
- https://ubuntu.com/security/CVE-2012-6539
- https://ubuntu.com/security/CVE-2012-6540
- https://ubuntu.com/security/CVE-2013-0914
- https://ubuntu.com/security/CVE-2013-1767
- https://ubuntu.com/security/CVE-2013-1792
- https://ubuntu.com/security/notices/USN-1648-1
- https://ubuntu.com/security/notices/USN-1644-1
- https://ubuntu.com/security/notices/USN-1649-1
- https://ubuntu.com/security/notices/USN-1798-1
- https://ubuntu.com/security/notices/USN-1645-1
- https://ubuntu.com/security/notices/USN-1646-1
- https://ubuntu.com/security/notices/USN-1647-1
- https://ubuntu.com/security/notices/USN-1652-1
- https://ubuntu.com/security/notices/USN-1599-1
- https://ubuntu.com/security/notices/USN-1610-1
- https://ubuntu.com/security/notices/USN-1788-1
- https://ubuntu.com/security/notices/USN-1794-1
- https://ubuntu.com/security/notices/USN-1793-1
- https://ubuntu.com/security/notices/USN-1796-1
- https://ubuntu.com/security/notices/USN-1795-1
- https://ubuntu.com/security/notices/USN-1797-1
- https://ubuntu.com/security/notices/USN-1787-1
- https://launchpad.net/ubuntu/+source/linux/2.6.32-46.107
- https://ubuntu.com/security/notices/USN-1792-1 (Advisory)
Child vulnerabilities
(Contains the following vulnerabilities)
Frequently Asked Questions
What is the severity of USN-1792-1?
USN-1792-1 is considered a high-severity vulnerability due to its potential exploitation by local attackers to access sensitive kernel memory.
How do I fix USN-1792-1?
To address USN-1792-1, upgrade your system to the latest kernel version by installing linux-image-2.6.32-46.107 or later.
Which systems are affected by USN-1792-1?
USN-1792-1 affects Ubuntu 10.04 systems with specific kernel versions from the 2.6.32 series.
What types of attacks can exploit USN-1792-1?
Attackers can exploit USN-1792-1 to perform local information leaks, potentially revealing sensitive data from kernel memory.
Is there a workaround for USN-1792-1?
The best course of action for USN-1792-1 is to apply the security update, as no reliable workaround exists that fully mitigates the risk.
- agent/severity
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/references
- agent/weakness
- agent/title
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu 22.04 lts
- version/ubuntu 22.04 lts/10.04