CWE
119 190
Advisory Published

USN-1814-1: Linux kernel (OMAP4) vulnerabilities

First published: Thu May 02 2013(Updated: )

Mathias Krause discovered an information leak in the Linux kernel's UDF file system implementation. A local user could exploit this flaw to examine some of the kernel's heap memory. (CVE-2012-6548) Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver. A local user could exploit this flaw to examine some of the kernel's heap memory. (CVE-2012-6549) An integer overflow was discovered in the Direct Rendering Manager (DRM) subsystem for the i915 video driver in the Linux kernel. A local user could exploit this flaw to cause a denial of service (crash) or potentially escalate privileges. (CVE-2013-0913) A format-string bug was discovered in the Linux kernel's ext3 filesystem driver. A local user could exploit this flaw to possibly escalate privileges on the system. (CVE-2013-1848) A buffer overflow was discovered in the Linux Kernel's USB subsystem for devices reporting the cdc-wdm class. A specially crafted USB device when plugged-in could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2013-1860) A flaw was discovered in the SCTP (stream control transfer protocol) network protocol's handling of duplicate cookies in the Linux kernel. A remote attacker could exploit this flaw to cause a denial of service (system crash) on another remote user querying the SCTP connection. (CVE-2013-2206) An information leak in the Linux kernel's dcb netlink interface was discovered. A local user could obtain sensitive information by examining kernel stack memory. (CVE-2013-2634) A kernel stack information leak was discovered in the RTNETLINK component of the Linux kernel. A local user could read sensitive information from the kernel stack. (CVE-2013-2635)

Affected SoftwareAffected VersionHow to fix
All of
ubuntu/linux-image-3.5.0-223-omap4<3.5.0-223.34
3.5.0-223.34
Ubuntu gir1.2-packagekitglib-1.0=12.10

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

  • What is the severity of USN-1814-1?

    USN-1814-1 has a medium severity due to the potential for local users to exploit an information leak in the Linux kernel's UDF file system.

  • How do I fix USN-1814-1?

    To fix USN-1814-1, update the linux-image-3.5.0-223-omap4 package to version 3.5.0-223.34 or later on Ubuntu 12.10.

  • What vulnerability does USN-1814-1 address?

    USN-1814-1 addresses an information leak in the UDF file system implementation of the Linux kernel, allowing unauthorized access to kernel heap memory.

  • Who discovered the vulnerability in USN-1814-1?

    The vulnerability in USN-1814-1 was discovered by researcher Mathias Krause.

  • Which operating system versions are affected by USN-1814-1?

    USN-1814-1 affects Ubuntu 12.10 systems running the linux-image-3.5.0-223-omap4 package prior to version 3.5.0-223.34.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203