Tuesday, December 18, 2012

[USN-1670-1] Linux kernel (OMAP4) vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJQ0QSiAAoJEAUvNnAY1cPYN5MQAIr9t/oQAEbjknlSHBDA4Vn0
D8yOmHJHkABcgM1qwSZgrg1zdPjtt9BaAfIDkoWUNLBVzeY4D6Spy3LsDJY7sFcm
Ii4c98Sc9rEiEVRk+GnAN6QpDOn8ESLjeGt5kjQSYzIY4+vETPPX2WLOpKJyKVzx
3AISsflVHjWGHp+9xnqyHtD5ydHfn+cyHp2OEU7JAWns2qPM6WoyeAHLyVrVW4p7
0RRquFFnlEJL558WZl5xMNimJxCJ9pUfDixzrNLdBiew1yV1qUcrx5QjWyfWTX4N
g1jx1XCjdtKbSQwJwb5E1Mu+NfcqLVG/Nte90oCwJB7QerUb6Y3i/myeONv40cEV
PKA2H1Tl7/RMurGEr4j7T+Snp7LBL45/ysCsFbXZnj5S8EcU9iD9w0owz15Slaty
llP+xCIWUGAddLmAE56GVhdJ3JsQUcZ8Vd+irogO7SJXGAQekmIguSFI+96/mrIc
t7oNaeW0yfCzNyeyQG0tUt4IAxRDEscTTErgakYz24kbqWc3an3c6WsLYjd5vpyg
tVAKg/Bkj8PZnn6cTZMq+m9ovEsi8agXnrvCCq79FlBQujkVlI/6ifG8J9DZHz3f
gf9OjOrTXmLnc30ImI6L4PYz4rPhuZ5enN1hWU7fRCU4wUDLpkdhnC2AEl3DLmYT
9xYlefU1WVo7tsnmc4T/
=4j3L
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1670-1
December 19, 2012

linux-ti-omap4 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

The system could be made to crash under certain conditions.

Software Description:
- linux-ti-omap4: Linux kernel for OMAP4

Details:

A flaw was discovered in the Linux kernel's handling of new hot plugged
memory. An unprivileged local user could exploit this flaw to cause a
denial of service by crashing the system.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.2.0-1423-omap4 3.2.0-1423.30

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1670-1
CVE-2012-5517

Package Information:
https://launchpad.net/ubuntu/+source/linux-ti-omap4/3.2.0-1423.30

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)