Ubuntu.Security.Notification.for.Linux.Kernel.Vuln.USN-1598-1

description-logoDescription

In October 2012, Ubuntu released Security Notice USN-1598-1 regarding to a security issue of Linux kernel:
The sock_alloc_send_pskb function in net/core/sock.c in the Linux kernel before 3.4.5 does not properly validate a certain length value, which allows local users to cause a denial of service (heap-based buffer overflow and system crash) or possibly gain privileges by leveraging access to a TUN/TAP device. (CVE-2012-2136)

affected-products-logoAffected Products

Ubuntu 8.04 LTS

Impact logoImpact

The vulnerability would allow local users to cause a denial of service (heap-based buffer overflow and system crash) or possibly gain privileges by leveraging access to a TUN/TAP device.

recomended-action-logoRecommended Actions

Please download and apply patches as instructed in https://lists.ubuntu.com/archives/ubuntu-security-announce/2012-October/001857.html .

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)