- Vulnerability/
- USN-2107-1
USN-2107-1: Linux kernel vulnerabilities
First published: Tue Feb 18 2014(Updated: )
A flaw was discovered in the Linux kernel's compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. (CVE-2013-6383) mpd reported an information leak in the recvfrom, recvmmsg, and recvmsg system calls in the Linux kernel. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel stack memory. (CVE-2013-7263) mpb reported an information leak in the Layer Two Tunneling Protocol (l2tp) of the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel stack memory. (CVE-2013-7264) mpb reported an information leak in the Phone Network protocol (phonet) in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel stack memory. (CVE-2013-7265) mpb reported an information leak in the Low-Rate Wireless Personal Area Networks support (IEEE 802.15.4) in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel stack memory. (CVE-2013-7281)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/linux-image-2.6.32-56-generic-pae | <2.6.32-56.118 | 2.6.32-56.118 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-56-virtual | <2.6.32-56.118 | 2.6.32-56.118 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-56-lpia | <2.6.32-56.118 | 2.6.32-56.118 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-56-sparc64 | <2.6.32-56.118 | 2.6.32-56.118 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-56-server | <2.6.32-56.118 | 2.6.32-56.118 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-56-powerpc-smp | <2.6.32-56.118 | 2.6.32-56.118 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-56-versatile | <2.6.32-56.118 | 2.6.32-56.118 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-56-powerpc64-smp | <2.6.32-56.118 | 2.6.32-56.118 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-56-386 | <2.6.32-56.118 | 2.6.32-56.118 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-56-generic | <2.6.32-56.118 | 2.6.32-56.118 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-56-powerpc | <2.6.32-56.118 | 2.6.32-56.118 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-56-sparc64-smp | <2.6.32-56.118 | 2.6.32-56.118 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-56-preempt | <2.6.32-56.118 | 2.6.32-56.118 |
| Ubuntu 22.04 LTS | =10.04 | |
| All of | ||
| ubuntu/linux-image-2.6.32-56-ia64 | <2.6.32-56.118 | 2.6.32-56.118 |
| Ubuntu 22.04 LTS | =10.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2013-6383
- https://ubuntu.com/security/CVE-2013-7263
- https://ubuntu.com/security/CVE-2013-7264
- https://ubuntu.com/security/CVE-2013-7265
- https://ubuntu.com/security/CVE-2013-7281
- https://ubuntu.com/security/notices/USN-2071-1
- https://ubuntu.com/security/notices/USN-2075-1
- https://ubuntu.com/security/notices/USN-2067-1
- https://ubuntu.com/security/notices/USN-2074-1
- https://ubuntu.com/security/notices/USN-2069-1
- https://ubuntu.com/security/notices/USN-2076-1
- https://ubuntu.com/security/notices/USN-2073-1
- https://ubuntu.com/security/notices/USN-2068-1
- https://ubuntu.com/security/notices/USN-2066-1
- https://ubuntu.com/security/notices/USN-2108-1
- https://ubuntu.com/security/notices/USN-2070-1
- https://ubuntu.com/security/notices/USN-2072-1
- https://ubuntu.com/security/notices/USN-2138-1
- https://ubuntu.com/security/notices/USN-2136-1
- https://ubuntu.com/security/notices/USN-2110-1
- https://ubuntu.com/security/notices/USN-2113-1
- https://ubuntu.com/security/notices/USN-2139-1
- https://ubuntu.com/security/notices/USN-2109-1
- https://ubuntu.com/security/notices/USN-2135-1
- https://ubuntu.com/security/notices/USN-2141-1
- https://ubuntu.com/security/notices/USN-2117-1
- https://launchpad.net/ubuntu/+source/linux/2.6.32-56.118
- https://ubuntu.com/security/notices/USN-2107-1 (Advisory)
Child vulnerabilities
(Contains the following vulnerabilities)
Frequently Asked Questions
What is the severity of USN-2107-1?
USN-2107-1 is classified as a high severity vulnerability due to the potential for unprivileged local users to execute administrative commands.
How do I fix USN-2107-1?
To fix USN-2107-1, update to the corrected packages provided by Ubuntu version 2.6.32-56.118 or higher.
What systems are affected by USN-2107-1?
USN-2107-1 affects Ubuntu 10.04 installations using specific versions of the Linux kernel, including linux-image-2.6.32-56-generic.
What type of vulnerability is USN-2107-1?
USN-2107-1 is a local privilege escalation vulnerability in the Linux kernel's compat ioctls for Adaptec AACRAID SCSI RAID devices.
How can I determine if I am vulnerable to USN-2107-1?
You can determine your vulnerability to USN-2107-1 by checking if you are running Ubuntu 10.04 with the affected Linux kernel versions prior to 2.6.32-56.118.
- agent/references
- agent/severity
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/title
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu 22.04 lts
- version/ubuntu 22.04 lts/10.04