Articles / Ubuntu: New Linux packages …

Ubuntu: New Linux packages fix security vulnerabilities

Somnath Kotur discovered an error in the Linux kernel’s VLAN (virtual lan) and be2net drivers. An attacker on the local network could exploit this flaw to cause a denial of service. Paolo Bonzini discovered a flaw in Linux’s handling of the SG_IO ioctl command. A local user, or user in a VM could exploit this flaw to bypass restrictions and gain read/write access to all data on the affected block device. Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the Linux kernel. A local user could use this flaw to crash the system causing a denial of service.

Stephan Bärwolf discovered a flaw in the KVM (kernel-based virtual machine) subsystem of the Linux kernel. A local unprivileged user can crash use this flaw to crash VMs causing a deny of service. A flaw was discovered in the Linux kernel’s cifs file system. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. H. Peter Anvin reported a flaw in the Linux kernel that could crash the system. A local user could exploit this flaw to crash the system.

A flaw was discovered in the Linux kernel’s cgroups subset. A local attacker could use this flaw to crash the system.

Updated packages are available from security.ubuntu.com.

==========================================================================
Ubuntu Security Notice USN-1405-1
March 27, 2012

linux vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 11.10

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux: Linux kernel

Details:

Somnath Kotur discovered an error in the Linux kernel's VLAN (virtual lan)
and be2net drivers. An attacker on the local network could exploit this
flaw to cause a denial of service. (CVE-2011-3347)

Paolo Bonzini discovered a flaw in Linux's handling of the SG_IO ioctl
command. A local user, or user in a VM could exploit this flaw to bypass
restrictions and gain read/write access to all data on the affected block
device. (CVE-2011-4127)

Sasha Levin discovered a flaw in the permission checking for device
assignments requested via the kvm ioctl in the Linux kernel. A local user
could use this flaw to crash the system causing a denial of service.
(CVE-2011-4347)

Stephan Bärwolf discovered a flaw in the KVM (kernel-based virtual
machine) subsystem of the Linux kernel. A local unprivileged user can crash
use this flaw to crash VMs causing a deny of service. (CVE-2012-0045)

A flaw was discovered in the Linux kernel's cifs file system. An
unprivileged local user could exploit this flaw to crash the system leading
to a denial of service. (CVE-2012-1090)

H. Peter Anvin reported a flaw in the Linux kernel that could crash the
system. A local user could exploit this flaw to crash the system.
(CVE-2012-1097)

A flaw was discovered in the Linux kernel's cgroups subset. A local
attacker could use this flaw to crash the system. (CVE-2012-1146)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 11.10:
 linux-image-3.0.0-16-generic    3.0.0-16.29
 linux-image-3.0.0-16-generic-pae  3.0.0-16.29
 linux-image-3.0.0-16-omap       3.0.0-16.29
 linux-image-3.0.0-16-powerpc    3.0.0-16.29
 linux-image-3.0.0-16-powerpc-smp  3.0.0-16.29
 linux-image-3.0.0-16-powerpc64-smp  3.0.0-16.29
 linux-image-3.0.0-16-server     3.0.0-16.29
 linux-image-3.0.0-16-virtual    3.0.0-16.29

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
 http://www.ubuntu.com/usn/usn-1405-1
 CVE-2011-3347, CVE-2011-4127, CVE-2011-4347, CVE-2012-0045,
 CVE-2012-1090, CVE-2012-1097, CVE-2012-1146

Package Information:
 https://launchpad.net/ubuntu/+source/linux/3.0.0-16.29
Screenshot

Project Spotlight

Kigo Video Converter Ultimate for Mac

A tool for converting and editing videos.

Screenshot

Project Spotlight

Kid3

An efficient tagger for MP3, Ogg/Vorbis, and FLAC files.