Tuesday, December 18, 2012

[USN-1669-1] Linux kernel vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJQ0QCyAAoJEAUvNnAY1cPYvIkP/1MEOszdmCs4YO76ldCrvxKq
Tab3Kd4C9ZuXv42fywTX5dl+8uT07rJyTz482aeB6ich2GfKCLevUtf2dmyVeDbI
8rgMM+PmXqQDDoKmM6U/ONqljL/KPAhU/XyP4a+Ype8lYNINOTC8Fyv5m4gO+rDH
LvRG42EUBiJ55kaiKYbFE7mzvjZwMWHEo7WYsux0XS+MrbyrNdpsWZy4+T8Cf3L7
kVohFnmXVM2UkalWAlndcrZi6ApbFbc3NGuKnty2wdWXnSKBaZO+DPGfc5bL4ag2
DJH78qRgP2pYX0x4aamWJa7+lqT+RIJdawFD7FznSAu2mxdcdpSqivuVWclwfPGN
/9EsW9PZlWtrN7jo232CI2gK/WHzb8yF4y3hDFZxDUSuRCZNxhLxqxhsRlSPaG2x
ZCDR92tpk3FN9EwpfGMnMEV30bWpFaTdjZmpfSquvDVZGQ3PJ1TWNnBDGuLlwxtY
AYQrHwzkD6PHWbYN9gEGt42KAfrFRbB72ic71m04DujygiPHNLE67sz0GarW9pgp
hfvMtTFFzUkkQmU/3JLce97KG8BUx6Tf0Gje3Wri4GOBhIuLcK9MALwcHMJkL71f
3MH0DgShE9W0y44a6n3LWuI49el2SMljexHwD3fjv269bUQlYW6226aA5Fx+ripF
1Cq0+CjkxNmxoqtQcVf7
=Qdu2
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1669-1
December 18, 2012

linux vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

The system could be made to crash under certain conditions.

Software Description:
- linux: Linux kernel

Details:

A flaw was discovered in the Linux kernel's handling of new hot plugged
memory. An unprivileged local user could exploit this flaw to cause a
denial of service by crashing the system.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.2.0-35-generic 3.2.0-35.55
linux-image-3.2.0-35-generic-pae 3.2.0-35.55
linux-image-3.2.0-35-highbank 3.2.0-35.55
linux-image-3.2.0-35-omap 3.2.0-35.55
linux-image-3.2.0-35-powerpc-smp 3.2.0-35.55
linux-image-3.2.0-35-powerpc64-smp 3.2.0-35.55
linux-image-3.2.0-35-virtual 3.2.0-35.55

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1669-1
CVE-2012-5517

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.2.0-35.55

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)