[Trisquel-security] [USN-1607-1] Linux kernel vulnerabilities
John Johansen
john.johansen at canonical.com
Thu Oct 11 21:28:37 CEST 2012
==========================================================================
Ubuntu Security Notice USN-1607-1
October 11, 2012
linux vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.10
Summary:
Several security issues were fixed in the kernel.
Software Description:
- linux: Linux kernel
Details:
Vadim Ponomarev discovered a flaw in the Linux kernel causing a reference
leak when PID namespaces are used. A remote attacker could exploit this
flaw causing a denial of service. (CVE-2012-2127)
A flaw was found in how the Linux kernel's KVM (Kernel-based Virtual
Machine) subsystem handled MSI (Message Signaled Interrupts). A local
unprivileged user could exploit this flaw to cause a denial of service or
potentially elevate privileges. (CVE-2012-2137)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 11.10:
linux-image-3.0.0-26-generic 3.0.0-26.43
linux-image-3.0.0-26-generic-pae 3.0.0-26.43
linux-image-3.0.0-26-omap 3.0.0-26.43
linux-image-3.0.0-26-powerpc 3.0.0-26.43
linux-image-3.0.0-26-powerpc-smp 3.0.0-26.43
linux-image-3.0.0-26-powerpc64-smp 3.0.0-26.43
linux-image-3.0.0-26-server 3.0.0-26.43
linux-image-3.0.0-26-virtual 3.0.0-26.43
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1607-1
CVE-2012-2127, CVE-2012-2137
Package Information:
https://launchpad.net/ubuntu/+source/linux/3.0.0-26.43
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 897 bytes
Desc: OpenPGP digital signature
URL: <http://listas.trisquel.info/pipermail/trisquel-security/attachments/20121011/e4c09b8d/attachment.pgp>
-------------- next part --------------
--
ubuntu-security-announce mailing list
ubuntu-security-announce at lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
More information about the Trisquel-security
mailing list