USN-1824-1: Linux kernel vulnerabilities
First published: Wed May 15 2013(Updated: )
Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver. A local user could exploit this flaw to examine some of the kernel's heap memory. (CVE-2012-6549) Mathias Krause discovered a flaw in xfrm_user in the Linux kernel. A local attacker with NET_ADMIN capability could potentially exploit this flaw to escalate privileges. (CVE-2013-1826) A buffer overflow was discovered in the Linux Kernel's USB subsystem for devices reporting the cdc-wdm class. A specially crafted USB device when plugged-in could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2013-1860) An information leak was discovered in the Linux kernel's /dev/dvb device. A local user could exploit this flaw to obtain sensitive information from the kernel's stack memory. (CVE-2013-1928) An information leak in the Linux kernel's dcb netlink interface was discovered. A local user could obtain sensitive information by examining kernel stack memory. (CVE-2013-2634)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/linux-image-2.6.32-47-386 | <2.6.32-47.109 | 2.6.32-47.109 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-47-lpia | <2.6.32-47.109 | 2.6.32-47.109 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-47-ia64 | <2.6.32-47.109 | 2.6.32-47.109 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-47-generic | <2.6.32-47.109 | 2.6.32-47.109 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-47-versatile | <2.6.32-47.109 | 2.6.32-47.109 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-47-server | <2.6.32-47.109 | 2.6.32-47.109 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-47-powerpc64-smp | <2.6.32-47.109 | 2.6.32-47.109 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-47-generic-pae | <2.6.32-47.109 | 2.6.32-47.109 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-47-powerpc-smp | <2.6.32-47.109 | 2.6.32-47.109 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-47-virtual | <2.6.32-47.109 | 2.6.32-47.109 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-47-sparc64-smp | <2.6.32-47.109 | 2.6.32-47.109 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-47-powerpc | <2.6.32-47.109 | 2.6.32-47.109 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-47-preempt | <2.6.32-47.109 | 2.6.32-47.109 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-47-sparc64 | <2.6.32-47.109 | 2.6.32-47.109 |
| Ubuntu 22.04 LTS | =10.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2012-6549
- https://ubuntu.com/security/CVE-2013-1826
- https://ubuntu.com/security/CVE-2013-1860
- https://ubuntu.com/security/CVE-2013-1928
- https://ubuntu.com/security/CVE-2013-2634
- https://ubuntu.com/security/notices/USN-1812-1
- https://ubuntu.com/security/notices/USN-1809-1
- https://ubuntu.com/security/notices/USN-1813-1
- https://ubuntu.com/security/notices/USN-1814-1
- https://ubuntu.com/security/notices/USN-1829-1
- https://ubuntu.com/security/notices/USN-1811-1
- https://ubuntu.com/security/notices/USN-1648-1
- https://ubuntu.com/security/notices/USN-1644-1
- https://ubuntu.com/security/notices/USN-1649-1
- https://ubuntu.com/security/notices/USN-1645-1
- https://ubuntu.com/security/notices/USN-1646-1
- https://ubuntu.com/security/notices/USN-1647-1
- https://ubuntu.com/security/notices/USN-1652-1
- https://ubuntu.com/security/notices/USN-1704-1
- https://ubuntu.com/security/notices/USN-1673-1
- https://ubuntu.com/security/notices/USN-1671-1
- https://launchpad.net/ubuntu/+source/linux/2.6.32-47.109
- https://ubuntu.com/security/notices/USN-1824-1 (Advisory)
Child vulnerabilities
(Contains the following vulnerabilities)
Frequently Asked Questions
What is the severity of USN-1824-1?
The vulnerability identified in USN-1824-1 is rated as high severity due to the potential information leak in the Linux kernel's ISO 9660 CDROM file system.
How do I fix USN-1824-1?
To resolve the issue in USN-1824-1, you should upgrade to the corrected package version linux-image-2.6.32-47.109 on Ubuntu 10.04.
What vulnerabilities are addressed in USN-1824-1?
USN-1824-1 addresses CVE-2012-6549, CVE-2013-1826, and CVE-2013-1860, which include information leak and xfrm_user flaws.
Who is affected by USN-1824-1?
Local users of Ubuntu 10.04 systems running the Linux kernel version prior to 2.6.32-47.109 are affected by USN-1824-1.
Is there a workaround for USN-1824-1?
There is no known workaround for USN-1824-1; updating to the patched versions is essential to mitigate the vulnerabilities.
- agent/severity
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/title
- agent/weakness
- agent/references
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu 22.04 lts
- version/ubuntu 22.04 lts/10.04