USN-1236-1: Linux kernel vulnerabilities

20 October 2011

Multiple kernel flaws have been fixed.

Releases

Packages

  • linux - Linux kernel

Details

It was discovered that the Auerswald usb driver incorrectly handled lengths
of the USB string descriptors. A local attacker with physical access could
insert a specially crafted USB device and gain root privileges.
(CVE-2009-4067)

It was discovered that the Stream Control Transmission Protocol (SCTP)
implementation incorrectly calculated lengths. If the net.sctp.addip_enable
variable was turned on, a remote attacker could send specially crafted
traffic to crash the system. (CVE-2011-1573)

Vasiliy Kulikov discovered that taskstats did not enforce access
restrictions. A local attacker could exploit this to read certain
information, leading to a loss of privacy. (CVE-2011-2494)

Vasiliy Kulikov discovered that /proc/PID/io did not enforce access
restrictions. A local attacker could exploit this to read certain
information, leading to a loss of privacy. (CVE-2011-2495)

Dan Kaminsky discovered that the kernel incorrectly handled random sequence
number generation. An attacker could use this flaw to possibly predict
sequence numbers and inject packets. (CVE-2011-3188)

Related notices

  • USN-1243-1: linux-image-2.6.35-30-generic, linux-image-2.6.35-30-powerpc-smp, linux, linux-image-2.6.35-30-versatile, linux-image-2.6.35-30-server, linux-image-2.6.35-30-virtual, linux-image-2.6.35-30-powerpc, linux-image-2.6.35-30-omap, linux-image-2.6.35-30-powerpc64-smp, linux-image-2.6.35-30-generic-pae
  • USN-1241-1: linux-image-2.6.31-611-imx51, linux-fsl-imx51
  • USN-1275-1: linux, linux-image-3.0.0-13-server, linux-image-3.0.0-13-virtual, linux-image-3.0.0-13-powerpc-smp, linux-image-3.0.0-13-generic-pae, linux-image-3.0.0-13-omap, linux-image-3.0.0-13-powerpc64-smp, linux-image-3.0.0-13-powerpc, linux-image-3.0.0-13-generic
  • USN-1246-1: linux-image-2.6.38-12-powerpc, linux-image-2.6.38-12-powerpc64-smp, linux, linux-image-2.6.38-12-generic-pae, linux-image-2.6.38-12-powerpc-smp, linux-image-2.6.38-12-server, linux-image-2.6.38-12-generic, linux-image-2.6.38-12-versatile, linux-image-2.6.38-12-virtual, linux-image-2.6.38-12-omap
  • USN-1244-1: linux-ti-omap4, linux-image-2.6.35-903-omap4
  • USN-1240-1: linux-image-2.6.32-219-dove, linux-mvl-dove
  • USN-1245-1: linux-mvl-dove, linux-image-2.6.32-419-dove
  • USN-1228-1: linux-ti-omap4, linux-image-2.6.38-1209-omap4
  • USN-1220-1: linux-ti-omap4, linux-image-2.6.35-903-omap4
  • USN-1285-1: linux-image-2.6.38-13-powerpc64-smp, linux-image-2.6.38-13-server, linux-image-2.6.38-13-omap, linux, linux-image-2.6.38-13-virtual, linux-image-2.6.38-13-powerpc, linux-image-2.6.38-13-versatile, linux-image-2.6.38-13-powerpc-smp, linux-image-2.6.38-13-generic-pae, linux-image-2.6.38-13-generic
  • USN-1141-1: linux-image-2.6.32-32-powerpc-smp, linux-image-2.6.32-32-sparc64, linux-image-2.6.32-32-powerpc64-smp, linux-image-2.6.32-32-386, linux, linux-image-2.6.32-32-lpia, linux-image-2.6.32-32-preempt, linux-image-2.6.32-32-server, linux-image-2.6.32-32-versatile, linux-image-2.6.32-316-ec2, linux-image-2.6.32-32-generic, linux-image-2.6.32-32-powerpc, linux-image-2.6.32-32-generic-pae, linux-ec2, linux-image-2.6.32-32-sparc64-smp, linux-image-2.6.32-32-ia64, linux-image-2.6.32-32-virtual
  • USN-1159-1: linux-mvl-dove, linux-image-2.6.32-417-dove
  • USN-1242-1: linux-image-2.6.35-30-generic, linux-lts-backport-maverick, linux-image-2.6.35-30-server, linux-image-2.6.35-30-virtual, linux-image-2.6.35-30-generic-pae
  • USN-1260-1: linux-image-3.0.0-1206-omap4, linux-ti-omap4
  • USN-1253-1: linux, linux-image-2.6.32-35-lpia, linux-image-2.6.32-35-generic, linux-image-2.6.32-35-generic-pae, linux-image-2.6.32-35-powerpc-smp, linux-image-2.6.32-35-sparc64, linux-image-2.6.32-35-sparc64-smp, linux-image-2.6.32-35-versatile, linux-image-2.6.32-35-ia64, linux-image-2.6.32-35-386, linux-image-2.6.32-35-virtual, linux-image-2.6.32-35-powerpc, linux-image-2.6.32-35-server, linux-image-2.6.32-35-preempt, linux-image-2.6.32-35-powerpc64-smp
  • USN-1256-1: linux-image-2.6.38-12-generic-pae, linux-image-2.6.38-12-server, linux-image-2.6.38-12-generic, linux-lts-backport-natty, linux-image-2.6.38-12-virtual
  • USN-1281-1: linux-ti-omap4, linux-image-2.6.38-1209-omap4
  • USN-1294-1: linux-image-3.0.0-13-server, linux-image-3.0.0-13-virtual, linux-image-3.0.0-13-generic-pae, linux-image-3.0.0-13-generic, linux-lts-backport-oneiric
  • USN-1162-1: linux-mvl-dove, linux-image-2.6.32-217-dove
  • USN-1239-1: linux-ec2, linux-image-2.6.32-319-ec2
  • USN-1279-1: linux-image-2.6.38-13-server, linux-image-2.6.38-13-virtual, linux-lts-backport-natty, linux-image-2.6.38-13-generic-pae, linux-image-2.6.38-13-generic