|
Ubuntu has issued an update for Linux and this update addresses multiple vulnerabilities. The vulnerabilities can be exploited by remote attackers to cause a denial of service condition and gain privileges on the affected systems. Some of the vulnerabilities are as follows:
- An error within the "skb_gro_header_slow()" function and it can be exploited to cause a crash.
- Boundary errors occur within the "si4713_write_econtrol_string()" function which can be exploited to cause a buffer overflow
- An error arises in the "udp6_ufo_fragment()" function (net/ipv6/udp.c) when UDP datagrams are processed. This can be exploited to cause a crash via fragmented datagrams which have a size greater than the MTU.
-
A boundary error within the "xfs_readlink()" function (fs/xfs/xfs_vnodeops.c) that can be exploited to cause a buffer overflow via a specially crafted XFS image.
Users are advised to apply the updates. More information is available on :
http://www.ubuntu.com/usn/usn-1293-1/
Source:
Secunia
http://secunia.com/advisories/47088
Ubuntu
http://www.ubuntu.com/usn/usn-1293-1/ Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
|
