- Vulnerability/
- USN-2220-1
USN-2220-1: Linux kernel (EC2) vulnerabilities
First published: Mon May 26 2014(Updated: )
Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. (CVE-2014-1738) Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737) A flaw was discovered in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel for systems that lack RDS transports. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2013-7339) An error was discovered in the Reliable Datagram Sockets (RDS) protocol stack in the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have unspecified other impact. (CVE-2014-2678)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/linux-image-2.6.32-364-ec2 | <2.6.32-364.77 | 2.6.32-364.77 |
| Ubuntu gir1.2-packagekitglib-1.0 | =10.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2013-7339
- https://ubuntu.com/security/CVE-2014-1737
- https://ubuntu.com/security/CVE-2014-1738
- https://ubuntu.com/security/CVE-2014-2678
- https://ubuntu.com/security/notices/USN-2136-1
- https://ubuntu.com/security/notices/USN-2219-1
- https://ubuntu.com/security/notices/USN-2113-1
- https://ubuntu.com/security/notices/USN-2134-1
- https://ubuntu.com/security/notices/USN-2135-1
- https://ubuntu.com/security/notices/USN-2133-1
- https://ubuntu.com/security/notices/USN-2141-1
- https://ubuntu.com/security/notices/USN-2117-1
- https://ubuntu.com/security/notices/USN-2226-1
- https://ubuntu.com/security/notices/USN-2223-1
- https://ubuntu.com/security/notices/USN-2260-1
- https://ubuntu.com/security/notices/USN-2224-1
- https://ubuntu.com/security/notices/USN-2225-1
- https://ubuntu.com/security/notices/USN-2221-1
- https://ubuntu.com/security/notices/USN-2228-1
- https://ubuntu.com/security/notices/USN-2227-1
- https://launchpad.net/ubuntu/+source/linux-ec2/2.6.32-364.77
- https://ubuntu.com/security/notices/USN-2220-1 (Advisory)
Child vulnerabilities
(Contains the following vulnerabilities)
Frequently Asked Questions
What is the severity of USN-2220-1?
USN-2220-1 has a moderate severity level due to the potential for an unprivileged user to access sensitive kernel memory.
How do I fix USN-2220-1?
To fix USN-2220-1, upgrade the linux-image-2.6.32-364-ec2 package to version 2.6.32-364.77 or higher.
Who reported the vulnerability USN-2220-1?
Matthew Daley reported the vulnerability USN-2220-1, which involves an information leak in the floppy disk driver of the Linux kernel.
What versions of Ubuntu are affected by USN-2220-1?
USN-2220-1 affects Ubuntu 10.04, specifically the linux-image-2.6.32-364-ec2 package.
What type of exploit is USN-2220-1 associated with?
USN-2220-1 is associated with a potential information leak exploit that allows local users to access kernel memory.
- agent/references
- agent/severity
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/title
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu gir1.2-packagekitglib-1.0
- version/ubuntu gir1.2-packagekitglib-1.0/10.04