Packet Storm

Ubuntu Security Notice USN-1160-1: Posted Jun 28, 2011; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 1160-1 - Dan Rosenberg discovered that IRDA did not correctly check the size of buffers. On non-x86 systems, a local attacker could exploit this to read kernel heap memory, leading to a loss of privacy. Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses into the /proc filesystem. A local attacker could use this to increase the chances of a successful memory corruption exploit. Kees Cook discovered that the IOWarrior USB device driver did not correctly check certain size fields. A local attacker with physical access could plug in a specially crafted USB device to crash the system or potentially gain root privileges. Various other issues were also addressed.; tags | advisory, x86, kernel, local, root; systems | linux, ubuntu; advisories | CVE-2010-4529, CVE-2010-4565, CVE-2010-4656, CVE-2011-0463, CVE-2011-0521, CVE-2011-0695, CVE-2011-0711, CVE-2011-0712, CVE-2011-0726, CVE-2011-1010, CVE-2011-1012, CVE-2011-1013, CVE-2011-1016, CVE-2011-1017, CVE-2011-1019, CVE-2011-1082, CVE-2011-1083, CVE-2011-1169, CVE-2011-1182, CVE-2011-1494, CVE-2011-1495, CVE-2011-1593, CVE-2011-1745, CVE-2011-1748, CVE-2011-2022; SHA-256 | 934e3131ff453ae37627f4f3e4e27245ba82027abdbac477246bd7efd898fe63; Download | Favorite | View

Related Files

No related files