Tuesday, February 26, 2013

[USN-1750-1] Linux kernel vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJRLPgeAAoJEAUvNnAY1cPY74EP/iF+4i1bC4ah4wq2a726qEjV
UNfne6BIiFJ13Of9PqNiqBRJO0Yl4x6zAmTal2f5ZteheXtCBbTw83At/IrMT4Gw
qgMD87s9N/gt9fvMg209T4nCLAtLCxH1HjSZRQM9QtFgQWRL97fLnG7uIWvSNei5
a++Xww7BA6tjD+Y8/h8zCQnaw9okvZI82h/Cr5NAgJnGbQVRRqbL5oHFl73l3saV
Q/AS1KgBV5iUcw2IjcOC3faHluO0wvHFs4THZxPuPoTlXv8yIv1nY6dtg7Kzmeyp
vIBw7QsZg8OTfkEfeSyP9Ty7MlKC6ZIOtVo/1xHBhGdczpmZx8JYz2HrI9QmCa+Q
LllL+o/mksPwPO3ZxLb+zlGuPNtcuYcnDzxb095ujoPIXoxRgYCWXO4iyQlvbF3v
hVyPbQ07mdm4Yq6Kcp3dMT8k7BPfKsXqYqz8A4j/wK2sjJDFInDHFEJwRSeIpgzn
b1eJwOA3r8UA4m7aGlB+WIrLWNOykiM0DjlAXOrbEZb0UrWM4cYeUledOdROjY96
CAVlqABS8Kumbxakk6ci4xSTOWwoDGStHSVXpOw4DmWbMdkJ6wTdM+J8q7g6jiWN
7zym0twiXZ/eoT7TP76cDsVUtOnBdZY9YWwPycR4R1HCHouWbUrDg7dOI1qwgnEo
UHIfDmStwCC5UCCBtVbK
=N4M7
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1750-1
February 26, 2013

linux vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10

Summary:

The system could be made to crash or run programs as an administrator.

Software Description:
- linux: Linux kernel

Details:

Brad Spengler discovered a bounds checking error for netlink messages
requesting SOCK_DIAG_BY_FAMILY. An unprivileged local user could exploit
this flaw to crash the system or run programs as an administrator.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
linux-image-3.5.0-25-generic 3.5.0-25.39
linux-image-3.5.0-25-highbank 3.5.0-25.39
linux-image-3.5.0-25-omap 3.5.0-25.39
linux-image-3.5.0-25-powerpc-smp 3.5.0-25.39
linux-image-3.5.0-25-powerpc64-smp 3.5.0-25.39

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1750-1
CVE-2013-1763

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.5.0-25.39

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)