Red Hat Security Advisory 2012-0010-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A malicious CIFS server could send a specially-crafted response to a directory read request that would result in a denial of service or privilege escalation on a system that has a CIFS share mounted. The way fragmented IPv6 UDP datagrams over the bridge with UDP Fragmentation Offload functionality on were handled could allow a remote attacker to cause a denial of service.
557893d6076de010f89965257f12c763df4474c60b2d096db7dea8c57ede5c1e
Ubuntu Security Notice 1294-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Qianfeng Zhang discovered that the bridge networking interface incorrectly handled certain network packets. A remote attacker could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.
acab8d51e69e89ac69916bfde79578d48d20a5c740ed8334923ba6a32afe7023
Ubuntu Security Notice 1285-1 - Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Various other issues were also addressed.
6758df4905be75681d391dbdf0a22a6c0d585b02d7ae0b95ce6c9f405177ab7d
Red Hat Security Advisory 2011-1479-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Using PCI passthrough without interrupt remapping support allowed Xen hypervisor guests to generate MSI interrupts and thus potentially inject traps. A privileged guest user could use this flaw to crash the host or possibly escalate their privileges on the host. The fix for this issue can prevent PCI passthrough working and guests starting. Various other issues were also addressed.
ed68520a6ee2920e3e52edf771936c03f68718a31b6a9055d5cb9d1c38a033e1
Ubuntu Security Notice 1281-1 - Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. It was discovered that an mmap() call with the MAP_PRIVATE flag on "/dev/zero" was incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Various other issues were also addressed.
872fb0971665c7f419fc03b97528a458416b56407dc592de5dc20aa1368746fa
Ubuntu Security Notice 1279-1 - Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Various other issues were also addressed.
a57a6a4677aad213b5b06f27421d5abb8eefa70db03930de1545039b4bd62c37
Red Hat Security Advisory 2011-1465-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. IPv6 fragment identification value generation could allow a remote attacker to disrupt a target system's networking, preventing legitimate users from accessing its services. A signedness issue was found in the Linux kernel's CIFS implementation. A malicious CIFS server could send a specially-crafted response to a directory read request that would result in a denial of service or privilege escalation on a system that has a CIFS share mounted.
3990f24ba89403137d83736fa4eb71c4dde3b75f9f53a5c4bd3900576ad8c927
Ubuntu Security Notice 1275-1 - Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy.
d80ad01354876eab576255c2bcf356baa28e1b46fd819624cd2d2de9c1971dd2
Ubuntu Security Notice 1260-1 - Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy.
40cd6d7f9146c1c43ee131b46b98a2d9c89006e4772e5e974f49db0f54f12901
Ubuntu Security Notice 1256-1 - It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities. Vasiliy Kulikov discovered that the Bluetooth stack did not correctly clear memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Various other issues were also addressed.
065ea3de04cbda6ba2f070db62f0f0ff03f73b678f1a9b1d73799d5e8bba15ab
Ubuntu Security Notice 1253-1 - Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Vasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not correctly check the origin of mount points. A local attacker could exploit this to trick the system into unmounting arbitrary mount points, leading to a denial of service. Various other issues were also addressed.
500dc3b4a945636f97bf2e47879fe76c35bb56044546ce1c830a4bcfd79e5365
Ubuntu Security Notice 1245-1 - Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Vasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not correctly check the origin of mount points. A local attacker could exploit this to trick the system into unmounting arbitrary mount points, leading to a denial of service. Various other issues were also addressed.
6c2fdc6fb88de2201319a3a2c820b9ee501477683f43a26fc633346bfd7e0794
Ubuntu Security Notice 1244-1 - Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly parsed facilities. A remote attacker could exploit this to crash the kernel, leading to a denial of service. Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Various other issues were also addressed.
e4754fa6724234d333d49b5c5ae6f7479b66f52067e7648702db16544a280bcd
Ubuntu Security Notice 1243-1 - It was discovered that the security fix for CVE-2010-4250 introduced a regression. A remote attacker could exploit this to crash the system, leading to a denial of service. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Vasiliy Kulikov discovered that /proc/PID/io did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Various other issues were also addressed.
17f248b3931a988aad14812534c1789db9fb19d3669e1520b000fb81fd5b0df9
Ubuntu Security Notice 1242-1 - It was discovered that the security fix for CVE-2010-4250 introduced a regression. A remote attacker could exploit this to crash the system, leading to a denial of service. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Vasiliy Kulikov discovered that /proc/PID/io did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Various other issues were also addressed.
544731c1bb12667fa7a9b5b5b16ac0871a169440d284556042daf2acc1e9a8f4
Ubuntu Security Notice 1241-1 - It was discovered that the Stream Control Transmission Protocol (SCTP) implementation incorrectly calculated lengths. If the net.sctp.addip_enable variable was turned on, a remote attacker could send specially crafted traffic to crash the system. Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Various other issues were also addressed.
34637add57bb1c47bb725041cb1273223d64aa46133511754d889d306943b525
Ubuntu Security Notice 1240-1 - Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Vasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not correctly check the origin of mount points. A local attacker could exploit this to trick the system into unmounting arbitrary mount points, leading to a denial of service. Various other issues were also addressed.
7bb5696fdf28788ddf1a181d26c0746a318f35d21e90975dc7a17a6248fbbf34
Ubuntu Security Notice 1239-1 - Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Vasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not correctly check the origin of mount points. A local attacker could exploit this to trick the system into unmounting arbitrary mount points, leading to a denial of service. Various other issues were also addressed.
a8d44e1d2d7d40338fc3f73c81b91d2690ae35010e30a9837bab689992f33bd1
Ubuntu Security Notice 1236-1 - It was discovered that the Auerswald usb driver incorrectly handled lengths of the USB string descriptors. A local attacker with physical access could insert a specially crafted USB device and gain root privileges. It was discovered that the Stream Control Transmission Protocol (SCTP) implementation incorrectly calculated lengths. If the net.sctp.addip_enable variable was turned on, a remote attacker could send specially crafted traffic to crash the system. Various other issues were also addressed.
b0bddf24cb995158c0eba5cfbdda2ed4a77f0705cd513bca55d2c0b412b0ac28