USN-1575-1: Linux kernel (Oneiric backport) vulnerabilities
Publication date
19 September 2012
Overview
Several security issues were fixed in the kernel.
Releases
Packages
- linux-lts-backport-oneiric - Linux kernel backport from Oneiric
Details
Ben Hutchings reported a flaw in the Linux kernel with some network drivers
that support TSO (TCP segment offload). A local or peer user could exploit
this flaw to to cause a denial of service. (CVE-2012-3412)
Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel
implementation of RDS sockets. A local unprivileged user could potentially
use this flaw to read privileged information from the kernel.
(CVE-2012-3430)
Ben Hutchings reported a flaw in the Linux kernel with some network drivers
that support TSO (TCP segment offload). A local or peer user could exploit
this flaw to to cause a denial of service. (CVE-2012-3412)
Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel
implementation of RDS sockets. A local unprivileged user could potentially
use this flaw to read privileged information from the kernel.
(CVE-2012-3430)
Update instructions
After a standard system update you need to reboot your computer to make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
| Ubuntu Release | Package Version | ||
|---|---|---|---|
| 10.04 lucid | linux-image-3.0.0-26-server – 3.0.0-26.42~lucid1 | ||
| linux-image-3.0.0-26-generic – 3.0.0-26.42~lucid1 | |||
| linux-image-3.0.0-26-virtual – 3.0.0-26.42~lucid1 | |||
| linux-image-3.0.0-26-generic-pae – 3.0.0-26.42~lucid1 | |||
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.
Have additional questions?