- Vulnerability/
- USN-1977-1
USN-1977-1: Linux kernel (EC2) vulnerabilities
First published: Mon Sep 30 2013(Updated: )
An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. (CVE-2013-0343) Kees Cook discovered flaw in the Human Interface Device (HID) subsystem of the Linux kernel. A physically proximate attacker could exploit this flaw to execute arbitrary code or cause a denial of service (heap memory corruption) via a specially crafted device that provides an invalid Report ID. (CVE-2013-2888) Kees Cook discovered a flaw in the Human Interface Device (HID) subsystem of the Linux kerenl when CONFIG_HID_PANTHERLORD is enabled. A physically proximate attacker could cause a denial of service (heap out-of-bounds write) via a specially crafted device. (CVE-2013-2892)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/linux-image-2.6.32-357-ec2 | <2.6.32-357.70 | 2.6.32-357.70 |
| Ubuntu gir1.2-packagekitglib-1.0 | =10.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2013-0343
- https://ubuntu.com/security/CVE-2013-2888
- https://ubuntu.com/security/CVE-2013-2892
- https://ubuntu.com/security/notices/USN-2019-1
- https://ubuntu.com/security/notices/USN-2038-1
- https://ubuntu.com/security/notices/USN-2023-1
- https://ubuntu.com/security/notices/USN-2020-1
- https://ubuntu.com/security/notices/USN-1976-1
- https://ubuntu.com/security/notices/USN-2021-1
- https://ubuntu.com/security/notices/USN-2022-1
- https://ubuntu.com/security/notices/USN-2039-1
- https://ubuntu.com/security/notices/USN-2050-1
- https://ubuntu.com/security/notices/USN-2024-1
- https://ubuntu.com/security/notices/USN-1998-1
- https://ubuntu.com/security/notices/USN-1995-1
- https://launchpad.net/ubuntu/+source/linux-ec2/2.6.32-357.70
- https://ubuntu.com/security/notices/USN-1977-1 (Advisory)
Child vulnerabilities
(Contains the following vulnerabilities)
Frequently Asked Questions
What is the severity of USN-1977-1?
The severity of USN-1977-1 is considered high due to the potential for a denial of service attack.
How do I fix USN-1977-1?
To fix USN-1977-1, you should upgrade to the patched version of the linux-image package for Ubuntu 10.04.
Which systems are affected by USN-1977-1?
USN-1977-1 affects Ubuntu 10.04 systems running the linux-image-2.6.32-357-ec2 package.
What kind of attack can exploit USN-1977-1?
A remote attacker can exploit USN-1977-1 to cause excessive retries and address-generation outages.
When was USN-1977-1 published?
USN-1977-1 was published as a security notice by Ubuntu on March 14, 2013.
- agent/severity
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/description
- agent/event
- agent/title
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu gir1.2-packagekitglib-1.0
- version/ubuntu gir1.2-packagekitglib-1.0/10.04