USN-1202-1: Linux kernel (OMAP4) vulnerabilities

13 September 2011

Multiple kernel flaws have been fixed.

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Learn more about Ubuntu Pro

Releases

Ubuntu 10.10

Packages

linux-ti-omap4 - Linux kernel for OMAP4

Details

Dan Rosenberg discovered that several network ioctls did not clear kernel
memory correctly. A local user could exploit this to read kernel stack
memory, leading to a loss of privacy. (CVE-2010-3296, CVE-2010-3297)

Brad Spengler discovered that stack memory for new a process was not
correctly calculated. A local attacker could exploit this to crash the
system, leading to a denial of service. (CVE-2010-3858)

Dan Rosenberg discovered that the Linux kernel TIPC implementation
contained multiple integer signedness errors. A local attacker could
exploit this to gain root privileges. (CVE-2010-3859)

Dan Rosenberg discovered that the CAN protocol on 64bit systems did not
correctly calculate the size of certain buffers. A local attacker could
exploit this to crash the system or possibly execute arbitrary code as the
root user. (CVE-2010-3874)

Nelson Elhage discovered that the Linux kernel IPv4 implementation did not
properly audit certain bytecodes in netlink messages. A local attacker
could exploit this to cause the kernel to hang, leading to a denial of
service. (CVE-2010-3880)

Dan Rosenberg discovered that IPC structures were not correctly initialized
on 64bit systems. A local attacker could exploit this to read kernel stack
memory, leading to a loss of privacy. (CVE-2010-4073)

Dan Rosenberg discovered that multiple terminal ioctls did not correctly
initialize structure memory. A local attacker could exploit this to read
portions of kernel stack memory, leading to a loss of privacy.
(CVE-2010-4075, CVE-2010-4076, CVE-2010-4077)

Dan Rosenberg discovered that the RME Hammerfall DSP audio interface driver
did not correctly clear kernel memory. A local attacker could exploit this
to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080,
CVE-2010-4081)

Dan Rosenberg discovered that the VIA video driver did not correctly clear
kernel memory. A local attacker could exploit this to read kernel stack
memory, leading to a loss of privacy. (CVE-2010-4082)

Dan Rosenberg discovered that the semctl syscall did not correctly clear
kernel memory. A local attacker could exploit this to read kernel stack
memory, leading to a loss of privacy. (CVE-2010-4083)

James Bottomley discovered that the ICP vortex storage array controller
driver did not validate certain sizes. A local attacker on a 64bit system
could exploit this to crash the kernel, leading to a denial of service.
(CVE-2010-4157)

Dan Rosenberg discovered that the Linux kernel L2TP implementation
contained multiple integer signedness errors. A local attacker could
exploit this to to crash the kernel, or possibly gain root privileges.
(CVE-2010-4160)

Dan Rosenberg discovered that certain iovec operations did not calculate
page counts correctly. A local attacker could exploit this to crash the
system, leading to a denial of service. (CVE-2010-4162)

Dan Rosenberg discovered that the SCSI subsystem did not correctly validate
iov segments. A local attacker with access to a SCSI device could send
specially crafted requests to crash the system, leading to a denial of
service. (CVE-2010-4163, CVE-2010-4668)

Dave Jones discovered that the mprotect system call did not correctly
handle merged VMAs. A local attacker could exploit this to crash the
system, leading to a denial of service. (CVE-2010-4169)

Dan Rosenberg discovered that the RDS protocol did not correctly check
ioctl arguments. A local attacker could exploit this to crash the system,
leading to a denial of service. (CVE-2010-4175)

Alan Cox discovered that the HCI UART driver did not correctly check if a
write operation was available. If the mmap_min-addr sysctl was changed from
the Ubuntu default to a value of 0, a local attacker could exploit this
flaw to gain root privileges. (CVE-2010-4242)

Brad Spengler discovered that the kernel did not correctly account for
userspace memory allocations during exec() calls. A local attacker could
exploit this to consume all system memory, leading to a denial of service.
(CVE-2010-4243)

It was discovered that multithreaded exec did not handle CPU timers
correctly. A local attacker could exploit this to crash the system, leading
to a denial of service. (CVE-2010-4248)

It was discovered that named pipes did not correctly handle certain fcntl
calls. A local attacker could exploit this to crash the system, leading to
a denial of service. (CVE-2010-4256)

Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses
into the /proc filesystem. A local attacker could use this to increase the
chances of a successful memory corruption exploit. (CVE-2010-4565)

Dan Carpenter discovered that the Infiniband driver did not correctly
handle certain requests. A local user could exploit this to crash the
system or potentially gain root privileges. (CVE-2010-4649, CVE-2011-1044)

Kees Cook discovered that some ethtool functions did not correctly clear
heap memory. A local attacker with CAP_NET_ADMIN privileges could exploit
this to read portions of kernel heap memory, leading to a loss of privacy.
(CVE-2010-4655)

Kees Cook discovered that the IOWarrior USB device driver did not correctly
check certain size fields. A local attacker with physical access could plug
in a specially crafted USB device to crash the system or potentially gain
root privileges. (CVE-2010-4656)

Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly
clear memory when writing certain file holes. A local attacker could
exploit this to read uninitialized data from the disk, leading to a loss of
privacy. (CVE-2011-0463)

Dan Carpenter discovered that the TTPCI DVB driver did not check certain
values during an ioctl. If the dvb-ttpci module was loaded, a local
attacker could exploit this to crash the system, leading to a denial of
service, or possibly gain root privileges. (CVE-2011-0521)

Jens Kuehnel discovered that the InfiniBand driver contained a race
condition. On systems using InfiniBand, a local attacker could send
specially crafted requests to crash the system, leading to a denial of
service. (CVE-2011-0695)

Dan Rosenberg discovered that XFS did not correctly initialize memory. A
local attacker could make crafted ioctl calls to leak portions of kernel
stack memory, leading to a loss of privacy. (CVE-2011-0711)

Rafael Dominguez Vega discovered that the caiaq Native Instruments USB
driver did not correctly validate string lengths. A local attacker with
physical access could plug in a specially crafted USB device to crash the
system or potentially gain root privileges. (CVE-2011-0712)

Kees Cook reported that /proc/pid/stat did not correctly filter certain
memory locations. A local attacker could determine the memory layout of
processes in an attempt to increase the chances of a successful memory
corruption exploit. (CVE-2011-0726)

Timo Warns discovered that MAC partition parsing routines did not correctly
calculate block counts. A local attacker with physical access could plug in
a specially crafted block device to crash the system or potentially gain
root privileges. (CVE-2011-1010)

Timo Warns discovered that LDM partition parsing routines did not correctly
calculate block counts. A local attacker with physical access could plug in
a specially crafted block device to crash the system, leading to a denial
of service. (CVE-2011-1012)

Matthiew Herrb discovered that the drm modeset interface did not correctly
handle a signed comparison. A local attacker could exploit this to crash
the system or possibly gain root privileges. (CVE-2011-1013)

Marek Olšák discovered that the Radeon GPU drivers did not correctly
validate certain registers. On systems with specific hardware, a local
attacker could exploit this to write to arbitrary video memory.
(CVE-2011-1016)

Timo Warns discovered that the LDM disk partition handling code did not
correctly handle certain values. By inserting a specially crafted disk
device, a local attacker could exploit this to gain root privileges.
(CVE-2011-1017)

Vasiliy Kulikov discovered that the CAP_SYS_MODULE capability was not
needed to load kernel modules. A local attacker with the CAP_NET_ADMIN
capability could load existing kernel modules, possibly increasing the
attack surface available on the system. (CVE-2011-1019)

It was discovered that the /proc filesystem did not correctly handle
permission changes when programs executed. A local attacker could hold open
files to examine details about programs running with higher privileges,
potentially increasing the chances of exploiting additional
vulnerabilities. (CVE-2011-1020)

Vasiliy Kulikov discovered that the Bluetooth stack did not correctly clear
memory. A local attacker could exploit this to read kernel stack memory,
leading to a loss of privacy. (CVE-2011-1078)

Vasiliy Kulikov discovered that the Bluetooth stack did not correctly check
that device name strings were NULL terminated. A local attacker could
exploit this to crash the system, leading to a denial of service, or leak
contents of kernel stack memory, leading to a loss of privacy.
(CVE-2011-1079)

Vasiliy Kulikov discovered that bridge network filtering did not check that
name fields were NULL terminated. A local attacker could exploit this to
leak contents of kernel stack memory, leading to a loss of privacy.
(CVE-2011-1080)

Nelson Elhage discovered that the epoll subsystem did not correctly handle
certain structures. A local attacker could create malicious requests that
would hang the system, leading to a denial of service. (CVE-2011-1082)

Neil Horman discovered that NFSv4 did not correctly handle certain orders
of operation with ACL data. A remote attacker with access to an NFSv4 mount
could exploit this to crash the system, leading to a denial of service.
(CVE-2011-1090)

Johan Hovold discovered that the DCCP network stack did not correctly
handle certain packet combinations. A remote attacker could send specially
crafted network traffic that would crash the system, leading to a denial of
service. (CVE-2011-1093)

Peter Huewe discovered that the TPM device did not correctly initialize
memory. A local attacker could exploit this to read kernel heap memory
contents, leading to a loss of privacy. (CVE-2011-1160)

Timo Warns discovered that OSF partition parsing routines did not correctly
clear memory. A local attacker with physical access could plug in a
specially crafted block device to read kernel memory, leading to a loss of
privacy. (CVE-2011-1163)

Dan Rosenberg discovered that some ALSA drivers did not correctly check the
adapter index during ioctl calls. If this driver was loaded, a local
attacker could make a specially crafted ioctl call to gain root privileges.
(CVE-2011-1169)

Vasiliy Kulikov discovered that the netfilter code did not check certain
strings copied from userspace. A local attacker with netfilter access could
exploit this to read kernel memory or crash the system, leading to a denial
of service. (CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-2534)

Vasiliy Kulikov discovered that the Acorn Universal Networking driver did
not correctly initialize memory. A remote attacker could send specially
crafted traffic to read kernel stack memory, leading to a loss of privacy.
(CVE-2011-1173)

Dan Rosenberg discovered that the IRDA subsystem did not correctly check
certain field sizes. If a system was using IRDA, a remote attacker could
send specially crafted traffic to crash the system or gain root privileges.
(CVE-2011-1180)

Julien Tinnes discovered that the kernel did not correctly validate the
signal structure from tkill(). A local attacker could exploit this to send
signals to arbitrary threads, possibly bypassing expected restrictions.
(CVE-2011-1182)

Ryan Sweat discovered that the GRO code did not correctly validate memory.
In some configurations on systems using VLANs, a remote attacker could send
specially crafted traffic to crash the system, leading to a denial of
service. (CVE-2011-1478)

Dan Rosenberg discovered that the X.25 Rose network stack did not correctly
handle certain fields. If a system was running with Rose enabled, a remote
attacker could send specially crafted traffic to gain root privileges.
(CVE-2011-1493)

Dan Rosenberg discovered that MPT devices did not correctly validate
certain values in ioctl calls. If these drivers were loaded, a local
attacker could exploit this to read arbitrary kernel memory, leading to a
loss of privacy. (CVE-2011-1494, CVE-2011-1495)

Timo Warns discovered that the GUID partition parsing routines did not
correctly validate certain structures. A local attacker with physical
access could plug in a specially crafted block device to crash the system,
leading to a denial of service. (CVE-2011-1577)

Tavis Ormandy discovered that the pidmap function did not correctly handle
large requests. A local attacker could exploit this to crash the system,
leading to a denial of service. (CVE-2011-1593)

Oliver Hartkopp and Dave Jones discovered that the CAN network driver did
not correctly validate certain socket structures. If this driver was
loaded, a local attacker could crash the system, leading to a denial of
service. (CVE-2011-1598, CVE-2011-1748)

Vasiliy Kulikov discovered that the AGP driver did not check certain ioctl
values. A local attacker with access to the video subsystem could exploit
this to crash the system, leading to a denial of service, or possibly gain
root privileges. (CVE-2011-1745, CVE-2011-2022)

Vasiliy Kulikov discovered that the AGP driver did not check the size of
certain memory allocations. A local attacker with access to the video
subsystem could exploit this to run the system out of memory, leading to a
denial of service. (CVE-2011-1746)

Dan Rosenberg discovered that the DCCP stack did not correctly handle
certain packet structures. A remote attacker could exploit this to crash
the system, leading to a denial of service. (CVE-2011-1770)

Vasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not
correctly check the origin of mount points. A local attacker could exploit
this to trick the system into unmounting arbitrary mount points, leading to
a denial of service. (CVE-2011-1833)

Vasiliy Kulikov discovered that taskstats listeners were not correctly
handled. A local attacker could expoit this to exhaust memory and CPU
resources, leading to a denial of service. (CVE-2011-2484)

It was discovered that Bluetooth l2cap and rfcomm did not correctly
initialize structures. A local attacker could exploit this to read portions
of the kernel stack, leading to a loss of privacy. (CVE-2011-2492)

Fernando Gont discovered that the IPv6 stack used predictable fragment
identification numbers. A remote attacker could exploit this to exhaust
network resources, leading to a denial of service. (CVE-2011-2699)

The performance counter subsystem did not correctly handle certain
counters. A local attacker could exploit this to crash the system, leading
to a denial of service. (CVE-2011-2918)

A flaw was found in the Linux kernel's /proc//map* interface. A local,
unprivileged user could exploit this flaw to cause a denial of service.
(CVE-2011-3637)

Dan Rosenberg discovered flaws in the linux Rose (X.25 PLP) layer used by
amateur radio. A local user or a remote user on an X.25 network could
exploit these flaws to execute arbitrary code as root. (CVE-2011-4913)

Ben Hutchings discovered several flaws in the Linux Rose (X.25 PLP) layer.
A local user or a remote user on an X.25 network could exploit these flaws
to execute arbitrary code as root. (CVE-2011-4914)

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Learn more about Ubuntu Pro

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 10.10

linux-image-2.6.35-903-omap4 - 2.6.35-903.24

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

CVE-2011-1171
CVE-2010-3297
CVE-2011-0521
CVE-2011-1163
CVE-2010-3858
CVE-2010-4163
CVE-2010-3880
CVE-2010-4073
CVE-2010-4082
CVE-2010-4162
CVE-2010-3859
CVE-2010-4075
CVE-2011-1019
CVE-2011-1170
CVE-2010-4649
CVE-2011-1090
CVE-2010-3874
CVE-2011-1082
CVE-2010-4243
CVE-2011-1012
CVE-2010-4083
CVE-2010-4655
CVE-2011-1180
CVE-2011-0695
CVE-2011-1044
CVE-2011-1173
CVE-2010-3296
CVE-2010-4169
CVE-2010-4256
CVE-2011-1172
CVE-2010-4081
CVE-2010-4242
CVE-2011-0726
CVE-2011-1080
CVE-2011-1017
CVE-2011-0463
CVE-2010-4080
CVE-2011-1079
CVE-2011-1010
CVE-2011-1013
CVE-2010-4157
CVE-2010-4565
CVE-2011-1078
CVE-2010-4077
CVE-2010-4248
CVE-2011-1169
CVE-2010-4175
CVE-2011-1020
CVE-2010-4076
CVE-2011-0712
CVE-2011-1016
CVE-2011-1160
CVE-2010-4160
CVE-2011-1093
CVE-2011-0711
CVE-2011-1577
CVE-2011-1748
CVE-2011-2492
CVE-2011-1494
CVE-2011-1478
CVE-2011-3637
CVE-2011-2918
CVE-2011-1493
CVE-2011-2022
CVE-2010-4668
CVE-2010-4656
CVE-2011-2699
CVE-2011-1746
CVE-2011-4914
CVE-2011-4913
CVE-2011-2534
CVE-2011-1745
CVE-2011-1770
CVE-2011-1833
CVE-2011-1495
CVE-2011-1598
CVE-2011-2484
CVE-2011-1593
CVE-2011-1182

Related notices

USN-1160-1: linux-image-2.6.35-30-virtual, linux-image-2.6.35-30-powerpc, linux-image-2.6.35-30-generic-pae, linux-image-2.6.35-30-powerpc64-smp, linux-image-2.6.35-30-omap, linux-image-2.6.35-30-versatile, linux-image-2.6.35-30-generic, linux-image-2.6.35-30-powerpc-smp, linux-image-2.6.35-30-server, linux
USN-1186-1: linux-image-2.6.24-29-mckinley, linux-image-2.6.24-29-openvz, linux-image-2.6.24-29-server, linux-image-2.6.24-29-xen, linux-image-2.6.24-29-generic, linux-image-2.6.24-29-lpia, linux-image-2.6.24-29-powerpc-smp, linux-image-2.6.24-29-virtual, linux-image-2.6.24-29-386, linux-image-2.6.24-29-hppa64, linux-image-2.6.24-29-powerpc64-smp, linux-image-2.6.24-29-powerpc, linux-image-2.6.24-29-sparc64, linux-image-2.6.24-29-lpiacompat, linux-image-2.6.24-29-sparc64-smp, linux-image-2.6.24-29-hppa32, linux-image-2.6.24-29-rt, linux-image-2.6.24-29-itanium, linux
USN-1141-1: linux-image-2.6.32-32-386, linux-image-2.6.32-32-generic-pae, linux-image-2.6.32-32-powerpc, linux-image-2.6.32-32-server, linux-image-2.6.32-32-versatile, linux-image-2.6.32-316-ec2, linux-image-2.6.32-32-powerpc64-smp, linux-image-2.6.32-32-powerpc-smp, linux-image-2.6.32-32-virtual, linux-ec2, linux-image-2.6.32-32-preempt, linux-image-2.6.32-32-lpia, linux-image-2.6.32-32-sparc64-smp, linux-image-2.6.32-32-ia64, linux, linux-image-2.6.32-32-generic, linux-image-2.6.32-32-sparc64
USN-1162-1: linux-mvl-dove, linux-image-2.6.32-217-dove
USN-1204-1: linux-fsl-imx51, linux-image-2.6.31-610-imx51
USN-1167-1: linux-image-2.6.38-10-versatile, linux-image-2.6.38-10-omap, linux-image-2.6.38-10-virtual, linux-image-2.6.38-10-powerpc, linux-image-2.6.38-10-generic, linux-image-2.6.38-10-powerpc-smp, linux-image-2.6.38-10-generic-pae, linux-image-2.6.38-10-server, linux, linux-image-2.6.38-10-powerpc64-smp
USN-1187-1: linux-image-2.6.35-30-virtual, linux-image-2.6.35-30-generic-pae, linux-lts-backport-maverick, linux-image-2.6.35-30-generic, linux-image-2.6.35-30-server
USN-1212-1: linux-ti-omap4, linux-image-2.6.38-1209-omap4
USN-1159-1: linux-mvl-dove, linux-image-2.6.32-417-dove
USN-1072-1: linux-image-2.6.24-28-386, linux-image-2.6.24-28-sparc64-smp, linux-image-2.6.24-28-lpia, linux-image-2.6.24-28-hppa64, linux-image-2.6.24-28-virtual, linux-image-2.6.24-28-hppa32, linux-image-2.6.24-28-powerpc-smp, linux-image-2.6.24-28-openvz, linux-image-2.6.24-28-server, linux-image-2.6.24-28-generic, linux-image-2.6.24-28-itanium, linux-image-2.6.24-28-lpiacompat, linux-image-2.6.24-28-sparc64, linux-image-2.6.24-28-powerpc64-smp, linux-image-2.6.24-28-rt, linux-image-2.6.24-28-mckinley, linux-image-2.6.24-28-powerpc, linux, linux-image-2.6.24-28-xen
USN-1057-1: linux-image-2.6.15-55-hppa32-smp, linux-image-2.6.15-55-k7, linux-image-2.6.15-55-mckinley, linux-image-2.6.15-55-amd64-generic, linux-image-2.6.15-55-686, linux-image-2.6.15-55-itanium, linux-image-2.6.15-55-amd64-xeon, linux-image-2.6.15-55-powerpc, linux-source-2.6.15, linux-image-2.6.15-55-powerpc-smp, linux-image-2.6.15-55-sparc64, linux-image-2.6.15-55-hppa64, linux-image-2.6.15-55-386, linux-image-2.6.15-55-server-bigiron, linux-image-2.6.15-55-amd64-server, linux-image-2.6.15-55-amd64-k8, linux-image-2.6.15-55-hppa64-smp, linux-image-2.6.15-55-mckinley-smp, linux-image-2.6.15-55-itanium-smp, linux-image-2.6.15-55-server, linux-image-2.6.15-55-powerpc64-smp, linux-image-2.6.15-55-sparc64-smp, linux-image-2.6.15-55-hppa32
USN-1083-1: linux-lts-backport-maverick, linux-image-2.6.35-25-server, linux-image-2.6.35-25-virtual, linux-image-2.6.35-25-generic, linux-image-2.6.35-25-generic-pae
USN-1074-1: linux-image-2.6.31-112-imx51, linux-fsl-imx51
USN-1041-1: linux-image-2.6.32-27-sparc64, linux-image-2.6.35-24-omap, linux-image-2.6.32-27-powerpc64-smp, linux-image-2.6.32-27-powerpc-smp, linux-image-2.6.32-27-sparc64-smp, linux-image-2.6.32-311-ec2, linux-image-2.6.35-24-powerpc64-smp, linux-image-2.6.31-22-virtual, linux-image-2.6.31-22-generic, linux-image-2.6.35-24-powerpc, linux-image-2.6.35-24-virtual, linux, linux-image-2.6.31-22-server, linux-image-2.6.31-22-powerpc, linux-image-2.6.32-27-virtual, linux-image-2.6.32-27-powerpc, linux-image-2.6.31-22-386, linux-image-2.6.35-24-server, linux-image-2.6.32-27-versatile, linux-image-2.6.35-24-versatile, linux-image-2.6.31-22-sparc64, linux-image-2.6.32-27-generic, linux-image-2.6.32-27-386, linux-image-2.6.31-22-generic-pae, linux-image-2.6.32-27-generic-pae, linux-image-2.6.35-24-generic-pae, linux-ec2, linux-image-2.6.32-27-ia64, linux-image-2.6.31-22-sparc64-smp, linux-image-2.6.32-27-lpia, linux-image-2.6.31-22-powerpc64-smp, linux-image-2.6.32-27-server, linux-image-2.6.32-27-preempt, linux-image-2.6.31-22-lpia, linux-image-2.6.35-24-generic, linux-image-2.6.35-24-powerpc-smp, linux-image-2.6.31-307-ec2, linux-image-2.6.31-22-powerpc-smp, linux-image-2.6.31-22-ia64
USN-1074-2: linux-fsl-imx51, linux-image-2.6.31-608-imx51
USN-1093-1: linux-image-2.6.32-216-dove, linux-mvl-dove, linux-image-2.6.32-416-dove
USN-1164-1: linux-fsl-imx51, linux-image-2.6.31-609-imx51
USN-1133-1: linux-image-2.6.24-29-mckinley, linux-image-2.6.24-29-openvz, linux-image-2.6.24-29-server, linux-image-2.6.24-29-xen, linux-image-2.6.24-29-generic, linux-image-2.6.24-29-lpia, linux-image-2.6.24-29-powerpc-smp, linux-image-2.6.24-29-virtual, linux-image-2.6.24-29-386, linux-image-2.6.24-29-hppa64, linux-image-2.6.24-29-powerpc64-smp, linux-image-2.6.24-29-powerpc, linux-image-2.6.24-29-sparc64, linux-image-2.6.24-29-lpiacompat, linux-image-2.6.24-29-sparc64-smp, linux-image-2.6.24-29-hppa32, linux-image-2.6.24-29-rt, linux-image-2.6.24-29-itanium, linux
USN-1111-1: linux-image-2.6.15-57-amd64-generic, linux-image-2.6.15-57-hppa64-smp, linux-image-2.6.15-57-hppa64, linux-image-2.6.15-57-itanium-smp, linux-image-2.6.15-57-amd64-k8, linux-image-2.6.15-57-mckinley, linux-image-2.6.15-57-hppa32, linux-source-2.6.15, linux-image-2.6.15-57-686, linux-image-2.6.15-57-itanium, linux-image-2.6.15-57-powerpc, linux-image-2.6.15-57-mckinley-smp, linux-image-2.6.15-57-server, linux-image-2.6.15-57-sparc64, linux-image-2.6.15-57-powerpc-smp, linux-image-2.6.15-57-sparc64-smp, linux-image-2.6.15-57-amd64-xeon, linux-image-2.6.15-57-386, linux-image-2.6.15-57-hppa32-smp, linux-image-2.6.15-57-k7, linux-image-2.6.15-57-amd64-server, linux-image-2.6.15-57-powerpc64-smp, linux-image-2.6.15-57-server-bigiron
USN-1183-1: linux-image-2.6.35-30-virtual, linux-image-2.6.35-30-powerpc, linux-image-2.6.35-30-generic-pae, linux-image-2.6.35-30-powerpc64-smp, linux-image-2.6.35-30-omap, linux-image-2.6.35-30-versatile, linux-image-2.6.35-30-generic, linux-image-2.6.35-30-powerpc-smp, linux-image-2.6.35-30-server, linux
USN-1170-1: linux-image-2.6.24-29-mckinley, linux-image-2.6.24-29-openvz, linux-image-2.6.24-29-server, linux-image-2.6.24-29-xen, linux-image-2.6.24-29-generic, linux-image-2.6.24-29-lpia, linux-image-2.6.24-29-powerpc-smp, linux-image-2.6.24-29-virtual, linux-image-2.6.24-29-386, linux-image-2.6.24-29-hppa64, linux-image-2.6.24-29-powerpc64-smp, linux-image-2.6.24-29-powerpc, linux-image-2.6.24-29-sparc64, linux-image-2.6.24-29-lpiacompat, linux-image-2.6.24-29-sparc64-smp, linux-image-2.6.24-29-hppa32, linux-image-2.6.24-29-rt, linux-image-2.6.24-29-itanium, linux
USN-1168-1: linux-image-2.6.32-33-server, linux-image-2.6.32-33-generic-pae, linux-image-2.6.32-33-generic, linux-image-2.6.32-33-virtual, linux-image-2.6.32-33-preempt, linux-image-2.6.32-33-ia64, linux-image-2.6.32-33-sparc64-smp, linux-image-2.6.32-33-sparc64, linux-image-2.6.32-33-386, linux-image-2.6.32-33-powerpc64-smp, linux-image-2.6.32-33-powerpc, linux-image-2.6.32-33-powerpc-smp, linux-image-2.6.32-33-lpia, linux, linux-image-2.6.32-33-versatile
USN-1161-1: linux-ec2, linux-image-2.6.32-317-ec2
USN-1092-1: linux-image-2.6.15-57-amd64-generic, linux-image-2.6.15-57-hppa64-smp, linux-image-2.6.15-57-hppa64, linux-image-2.6.15-57-itanium-smp, linux-image-2.6.15-57-amd64-k8, linux-image-2.6.15-57-mckinley, linux-image-2.6.15-57-hppa32, linux-source-2.6.15, linux-image-2.6.15-57-686, linux-image-2.6.15-57-itanium, linux-image-2.6.15-57-powerpc, linux-image-2.6.15-57-mckinley-smp, linux-image-2.6.15-57-server, linux-image-2.6.15-57-sparc64, linux-image-2.6.15-57-powerpc-smp, linux-image-2.6.15-57-sparc64-smp, linux-image-2.6.15-57-amd64-xeon, linux-image-2.6.15-57-386, linux-image-2.6.15-57-hppa32-smp, linux-image-2.6.15-57-k7, linux-image-2.6.15-57-amd64-server, linux-image-2.6.15-57-powerpc64-smp, linux-image-2.6.15-57-server-bigiron
USN-1090-1: linux-image-2.6.32-30-virtual, linux-image-2.6.35-28-powerpc, linux-image-2.6.32-30-powerpc, linux-image-2.6.35-28-generic-pae, linux-image-2.6.32-30-sparc64-smp, linux-image-2.6.32-30-lpia, linux-image-2.6.32-30-powerpc64-smp, linux-image-2.6.32-30-versatile, linux-image-2.6.32-30-sparc64, linux-image-2.6.32-30-preempt, linux-image-2.6.35-28-versatile, linux-image-2.6.35-28-powerpc64-smp, linux-image-2.6.32-30-server, linux-image-2.6.35-28-server, linux-image-2.6.35-28-omap, linux-image-2.6.32-30-generic, linux-image-2.6.35-28-virtual, linux-image-2.6.35-28-powerpc-smp, linux-image-2.6.32-30-generic-pae, linux-image-2.6.35-28-generic, linux-image-2.6.32-30-386, linux-image-2.6.32-30-powerpc-smp, linux, linux-image-2.6.32-30-ia64
USN-1089-1: linux-image-2.6.31-23-sparc64-smp, linux-image-2.6.31-23-powerpc-smp, linux-image-2.6.31-23-lpia, linux-image-2.6.31-308-ec2, linux-image-2.6.31-23-powerpc64-smp, linux-image-2.6.31-23-386, linux-image-2.6.31-23-generic, linux-ec2, linux-image-2.6.31-23-ia64, linux-image-2.6.31-23-powerpc, linux-image-2.6.31-23-server, linux-image-2.6.31-23-sparc64, linux-image-2.6.31-23-generic-pae, linux-image-2.6.31-23-virtual, linux
USN-1105-1: linux-image-2.6.24-29-mckinley, linux-image-2.6.24-29-openvz, linux-image-2.6.24-29-server, linux-image-2.6.24-29-xen, linux-image-2.6.24-29-generic, linux-image-2.6.24-29-lpia, linux-image-2.6.24-29-powerpc-smp, linux-image-2.6.24-29-virtual, linux-image-2.6.24-29-386, linux-image-2.6.24-29-hppa64, linux-image-2.6.24-29-powerpc64-smp, linux-image-2.6.24-29-powerpc, linux-image-2.6.24-29-sparc64, linux-image-2.6.24-29-lpiacompat, linux-image-2.6.24-29-sparc64-smp, linux-image-2.6.24-29-hppa32, linux-image-2.6.24-29-rt, linux-image-2.6.24-29-itanium, linux
USN-1086-1: linux-ec2, linux-image-2.6.32-314-ec2
USN-1073-1: linux-image-2.6.31-22-sparc64, linux-image-2.6.31-22-generic-pae, linux-image-2.6.31-22-powerpc64-smp, linux-image-2.6.31-307-ec2, linux-image-2.6.31-22-server, linux-image-2.6.31-22-powerpc, linux-image-2.6.31-22-sparc64-smp, linux-ec2, linux-image-2.6.31-22-386, linux-image-2.6.31-22-lpia, linux-image-2.6.31-22-virtual, linux-image-2.6.31-22-generic, linux, linux-image-2.6.31-22-powerpc-smp, linux-image-2.6.31-22-ia64
USN-1080-1: linux-image-2.6.32-29-generic, linux-image-2.6.32-29-sparc64-smp, linux-image-2.6.32-29-server, linux-image-2.6.32-29-sparc64, linux-image-2.6.32-29-386, linux-image-2.6.32-29-versatile, linux-image-2.6.32-29-lpia, linux-image-2.6.32-29-powerpc64-smp, linux-image-2.6.32-29-generic-pae, linux-image-2.6.32-29-virtual, linux-image-2.6.32-29-powerpc-smp, linux-image-2.6.32-29-ia64, linux-image-2.6.32-29-preempt, linux, linux-image-2.6.32-29-powerpc
USN-1080-2: linux-ec2, linux-image-2.6.32-313-ec2
USN-1081-1: linux-image-2.6.35-27-powerpc-smp, linux-image-2.6.35-27-server, linux-image-2.6.35-27-virtual, linux-image-2.6.35-27-generic-pae, linux-image-2.6.35-27-generic, linux-image-2.6.35-27-powerpc64-smp, linux-image-2.6.35-27-powerpc, linux-image-2.6.35-27-omap, linux-image-2.6.35-27-versatile, linux
USN-1071-1: linux-image-2.6.15-55-hppa32-smp, linux-image-2.6.15-55-k7, linux-image-2.6.15-55-mckinley, linux-image-2.6.15-55-amd64-generic, linux-image-2.6.15-55-686, linux-image-2.6.15-55-itanium, linux-image-2.6.15-55-amd64-xeon, linux-image-2.6.15-55-powerpc, linux-source-2.6.15, linux-image-2.6.15-55-powerpc-smp, linux-image-2.6.15-55-sparc64, linux-image-2.6.15-55-hppa64, linux-image-2.6.15-55-386, linux-image-2.6.15-55-server-bigiron, linux-image-2.6.15-55-amd64-server, linux-image-2.6.15-55-amd64-k8, linux-image-2.6.15-55-hppa64-smp, linux-image-2.6.15-55-mckinley-smp, linux-image-2.6.15-55-itanium-smp, linux-image-2.6.15-55-server, linux-image-2.6.15-55-powerpc64-smp, linux-image-2.6.15-55-sparc64-smp, linux-image-2.6.15-55-hppa32
USN-1054-1: linux-image-2.6.32-28-generic-pae, linux-image-2.6.32-28-virtual, linux-image-2.6.32-28-preempt, linux-image-2.6.32-28-386, linux-image-2.6.32-28-ia64, linux-image-2.6.35-25-virtual, linux-image-2.6.35-25-generic-pae, linux-image-2.6.32-28-powerpc-smp, linux-image-2.6.32-28-powerpc, linux-image-2.6.32-28-powerpc64-smp, linux-image-2.6.32-28-sparc64-smp, linux-ec2, linux-image-2.6.35-25-powerpc64-smp, linux-image-2.6.35-25-versatile, linux-image-2.6.32-28-sparc64, linux-image-2.6.32-28-server, linux-image-2.6.32-28-generic, linux-image-2.6.32-28-versatile, linux-image-2.6.35-25-powerpc-smp, linux-image-2.6.35-25-omap, linux-image-2.6.35-25-powerpc, linux-image-2.6.32-28-lpia, linux-image-2.6.35-25-server, linux-image-2.6.35-25-generic, linux-image-2.6.32-312-ec2, linux
USN-1023-1: linux-image-2.6.15-55-k7, linux-image-2.6.32-310-ec2, linux-image-2.6.15-55-amd64-generic, linux-image-2.6.24-28-lpia, linux-image-2.6.31-22-virtual, linux-source-2.6.15, linux-image-2.6.15-55-powerpc-smp, linux-image-2.6.15-55-sparc64, linux-image-2.6.32-26-virtual, linux-image-2.6.31-22-386, linux-image-2.6.32-26-sparc64, linux-image-2.6.31-22-sparc64, linux-image-2.6.31-22-generic-pae, linux-image-2.6.15-55-amd64-server, linux-image-2.6.24-28-mckinley, linux-image-2.6.15-55-hppa32, linux-image-2.6.15-55-hppa32-smp, linux-image-2.6.24-28-sparc64-smp, linux-image-2.6.15-55-686, linux-image-2.6.15-55-itanium, linux-image-2.6.15-55-amd64-xeon, linux-image-2.6.24-28-powerpc-smp, linux-image-2.6.31-22-server, linux-image-2.6.31-22-powerpc, linux-image-2.6.35-23-virtual, linux-image-2.6.15-55-386, linux-image-2.6.35-23-server, linux-image-2.6.32-26-versatile, linux-image-2.6.24-28-lpiacompat, linux-image-2.6.24-28-sparc64, linux-image-2.6.35-23-powerpc64-smp, linux-image-2.6.31-22-sparc64-smp, linux-image-2.6.15-55-hppa64-smp, linux-image-2.6.32-26-generic, linux-image-2.6.15-55-mckinley-smp, linux-image-2.6.15-55-itanium-smp, linux-image-2.6.32-26-powerpc64-smp, linux-image-2.6.32-26-386, linux-image-2.6.24-28-powerpc, linux-image-2.6.31-307-ec2, linux, linux-image-2.6.24-28-xen, linux-image-2.6.15-55-mckinley, linux-image-2.6.35-23-omap, linux-image-2.6.31-22-generic, linux-image-2.6.24-28-hppa64, linux-image-2.6.35-23-powerpc-smp, linux-image-2.6.24-28-openvz, linux-image-2.6.32-26-powerpc, linux-image-2.6.35-23-generic-pae, linux-image-2.6.24-28-generic, linux-image-2.6.24-28-itanium, linux-image-2.6.15-55-server-bigiron, linux-image-2.6.32-26-preempt, linux-image-2.6.24-28-powerpc64-smp, linux-image-2.6.35-23-generic, linux-image-2.6.32-26-lpia, linux-image-2.6.32-26-powerpc-smp, linux-image-2.6.15-55-server, linux-image-2.6.24-28-rt, linux-image-2.6.31-22-powerpc64-smp, linux-image-2.6.15-55-powerpc64-smp, linux-image-2.6.31-22-powerpc-smp, linux-image-2.6.15-55-sparc64-smp, linux-image-2.6.24-28-386, linux-image-2.6.35-23-versatile, linux-image-2.6.15-55-powerpc, linux-image-2.6.24-28-virtual, linux-image-2.6.24-28-hppa32, linux-image-2.6.32-26-ia64, linux-image-2.6.15-55-hppa64, linux-image-2.6.32-26-sparc64-smp, linux-image-2.6.24-28-server, linux-image-2.6.32-26-generic-pae, linux-image-2.6.35-23-powerpc, linux-ec2, linux-image-2.6.15-55-amd64-k8, linux-image-2.6.32-26-server, linux-image-2.6.31-22-lpia, linux-image-2.6.31-22-ia64
USN-1146-1: linux-image-2.6.24-29-mckinley, linux-image-2.6.24-29-openvz, linux-image-2.6.24-29-server, linux-image-2.6.24-29-xen, linux-image-2.6.24-29-generic, linux-image-2.6.24-29-lpia, linux-image-2.6.24-29-powerpc-smp, linux-image-2.6.24-29-virtual, linux-image-2.6.24-29-386, linux-image-2.6.24-29-hppa64, linux-image-2.6.24-29-powerpc64-smp, linux-image-2.6.24-29-powerpc, linux-image-2.6.24-29-sparc64, linux-image-2.6.24-29-lpiacompat, linux-image-2.6.24-29-sparc64-smp, linux-image-2.6.24-29-hppa32, linux-image-2.6.24-29-rt, linux-image-2.6.24-29-itanium, linux
USN-1189-1: linux-image-2.6.24-29-mckinley, linux-image-2.6.24-29-openvz, linux-image-2.6.24-29-server, linux-image-2.6.24-29-xen, linux-image-2.6.24-29-generic, linux-image-2.6.24-29-lpia, linux-image-2.6.24-29-powerpc-smp, linux-image-2.6.24-29-virtual, linux-image-2.6.24-29-386, linux-image-2.6.24-29-hppa64, linux-image-2.6.24-29-powerpc64-smp, linux-image-2.6.24-29-powerpc, linux-image-2.6.24-29-sparc64, linux-image-2.6.24-29-lpiacompat, linux-image-2.6.24-29-sparc64-smp, linux-image-2.6.24-29-hppa32, linux-image-2.6.24-29-rt, linux-image-2.6.24-29-itanium, linux
USN-1256-1: linux-image-2.6.38-12-generic, linux-lts-backport-natty, linux-image-2.6.38-12-server, linux-image-2.6.38-12-virtual, linux-image-2.6.38-12-generic-pae
USN-1203-1: linux-mvl-dove, linux-image-2.6.32-218-dove
USN-1218-1: linux-image-2.6.32-34-powerpc-smp, linux-image-2.6.32-34-powerpc64-smp, linux-image-2.6.32-34-server, linux-image-2.6.32-34-sparc64, linux, linux-image-2.6.32-34-powerpc, linux-image-2.6.32-34-sparc64-smp, linux-image-2.6.32-34-preempt, linux-image-2.6.32-34-generic, linux-image-2.6.32-34-ia64, linux-image-2.6.32-34-lpia, linux-image-2.6.32-34-generic-pae, linux-image-2.6.32-34-versatile, linux-image-2.6.32-34-386, linux-image-2.6.32-34-virtual
USN-1208-1: linux-mvl-dove, linux-image-2.6.32-418-dove
USN-1216-1: linux-ec2, linux-image-2.6.32-318-ec2
USN-1205-1: linux-image-2.6.35-30-virtual, linux-image-2.6.35-30-generic-pae, linux-lts-backport-maverick, linux-image-2.6.35-30-generic, linux-image-2.6.35-30-server
USN-1211-1: linux-image-2.6.38-11-powerpc, linux-image-2.6.38-11-server, linux-image-2.6.38-11-virtual, linux-image-2.6.38-11-generic-pae, linux-image-2.6.38-11-versatile, linux-image-2.6.38-11-powerpc-smp, linux-image-2.6.38-11-generic, linux-image-2.6.38-11-omap, linux, linux-image-2.6.38-11-powerpc64-smp
USN-1201-1: linux-image-2.6.35-30-virtual, linux-image-2.6.35-30-powerpc, linux-image-2.6.35-30-generic-pae, linux-image-2.6.35-30-powerpc64-smp, linux-image-2.6.35-30-omap, linux-image-2.6.35-30-versatile, linux-image-2.6.35-30-generic, linux-image-2.6.35-30-powerpc-smp, linux-image-2.6.35-30-server, linux
USN-1193-1: linux-image-2.6.38-11-powerpc, linux-image-2.6.38-11-server, linux-image-2.6.38-11-virtual, linux-image-2.6.38-11-generic-pae, linux-image-2.6.38-11-versatile, linux-image-2.6.38-11-powerpc-smp, linux-image-2.6.38-11-generic, linux-image-2.6.38-11-omap, linux, linux-image-2.6.38-11-powerpc64-smp
USN-1219-1: linux-image-2.6.35-30-virtual, linux-image-2.6.35-30-generic-pae, linux-lts-backport-maverick, linux-image-2.6.35-30-generic, linux-image-2.6.35-30-server
USN-1227-1: linux-image-2.6.35-30-virtual, linux-image-2.6.35-30-powerpc, linux-image-2.6.35-30-generic-pae, linux-image-2.6.35-30-powerpc64-smp, linux-image-2.6.35-30-omap, linux-image-2.6.35-30-versatile, linux-image-2.6.35-30-generic, linux-image-2.6.35-30-powerpc-smp, linux-image-2.6.35-30-server, linux
USN-1253-1: linux-image-2.6.32-35-server, linux-image-2.6.32-35-386, linux-image-2.6.32-35-versatile, linux-image-2.6.32-35-virtual, linux-image-2.6.32-35-generic-pae, linux-image-2.6.32-35-powerpc64-smp, linux-image-2.6.32-35-lpia, linux-image-2.6.32-35-preempt, linux-image-2.6.32-35-sparc64, linux-image-2.6.32-35-generic, linux-image-2.6.32-35-ia64, linux-image-2.6.32-35-sparc64-smp, linux-image-2.6.32-35-powerpc-smp, linux, linux-image-2.6.32-35-powerpc
USN-1239-1: linux-ec2, linux-image-2.6.32-319-ec2
USN-1240-1: linux-mvl-dove, linux-image-2.6.32-219-dove
USN-1245-1: linux-mvl-dove, linux-image-2.6.32-419-dove
USN-1225-1: linux-image-2.6.24-29-mckinley, linux-image-2.6.24-29-openvz, linux-image-2.6.24-29-server, linux-image-2.6.24-29-xen, linux-image-2.6.24-29-generic, linux-image-2.6.24-29-lpia, linux-image-2.6.24-29-powerpc-smp, linux-image-2.6.24-29-virtual, linux-image-2.6.24-29-386, linux-image-2.6.24-29-hppa64, linux-image-2.6.24-29-powerpc64-smp, linux-image-2.6.24-29-powerpc, linux-image-2.6.24-29-sparc64, linux-image-2.6.24-29-lpiacompat, linux-image-2.6.24-29-sparc64-smp, linux-image-2.6.24-29-hppa32, linux-image-2.6.24-29-rt, linux-image-2.6.24-29-itanium, linux
USN-1188-1: ecryptfs-utils

Join the discussion

Need help with your security needs?

Ubuntu Pro provides up to ten-year security coverage for over 23,000 open-source packages within the Ubuntu Main and Universe repositories.

Talk to an expert to find out what would work best for you

USN-1202-1: Linux kernel (OMAP4) vulnerabilities

Reduce your security exposure

Releases

Packages

Details

Reduce your security exposure

Update instructions

Ubuntu 10.10

References

Related notices

Join the discussion

Need help with your security needs?

Further reading