Ubuntu Security Notice 1208-1 - Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Alex Shi and Eric Dumazet discovered that the network stack did not correctly handle packet backlogs. A remote attacker could exploit this by sending a large amount of network traffic to cause the system to run out of memory, leading to a denial of service. Various other issues were also addressed.
c72d25c5c02bfb1b3dd8b578a0fff242bb575640e763f8cf25379ff8a0fc30ba