Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Ubuntu Local Security Checks >> USN281-1 : linux-source-2.6.10, linux-source-2.6.12 vulnerabilities


Vulnerability Assessment Details

USN281-1 : linux-source-2.6.10, linux-source-2.6.12 vulnerabilities

Vulnerability Assessment Summary
linux-source-2.6.10, linux-source-2.6.12 vulnerabilities

Detailed Explanation for this Vulnerability Assessment

Summary :

These remote packages are missing security patches :
- linux-doc-2.6.10
- linux-doc-2.6.12
- linux-headers-2.6.10-6
- linux-headers-2.6.10-6-386
- linux-headers-2.6.10-6-686
- linux-headers-2.6.10-6-686-smp
- linux-headers-2.6.10-6-amd64-generic
- linux-headers-2.6.10-6-amd64-k8
- linux-headers-2.6.10-6-amd64-k8-smp
- linux-headers-2.6.10-6-amd64-xeon
- linux-headers-2.6.10-6-k7
- linux-headers-2.6.10-6-k7-smp
- linux-headers-2.6.10-6-power3
- linux-headers-2.6.10-6-power3-smp
- linux-headers
[...]

Description :

The sys_mbind() function did not properly verify the validity of the
'maxnod' argument. A local user could exploit this to trigger a buffer
overflow, which caused a kernel crash. (CVE-2006-0557)

The SELinux module did not correctly handle the tracer SID when a
process was already being traced. A local attacker could exploit this
to cause a kernel crash. (CVE-2006-1052)

Al Viro discovered a local Denial of Service in the sysfs write buffer
handling. By writing a block with a length exactly equal to the
processor's page size to any writable file in /sys, a local attacker
could cause a kernel crash. (CVE-2006-1055)

John Blackwood discovered a race condition with single-step debugging
multiple processes at the same time. A local attacker could exploit
this to crash the system. This only affects the amd64 platform.
(CVE-2006-1066)

Marco Ivaldi discovered a flaw in the handling of the ID number of IP
packets. This number was incremented after receiving unsolicited TCP
SYN-ACK packets. A remote attacker coul
[...]

Solution :

Upgrade to :
- linux-doc-2.6.10-2.6.10-34.17 (Ubuntu 5.04)
- linux-doc-2.6.12-2.6.12-10.32 (Ubuntu 5.10)
- linux-headers-2.6.10-6-2.6.10-34.17 (Ubuntu 5.04)
- linux-headers-2.6.10-6-386-2.6.10-34.17 (Ubuntu 5.04)
- linux-headers-2.6.10-6-686-2.6.10-34.17 (Ubuntu 5.04)
- linux-headers-2.6.10-6-686-smp-2.6.10-34.17 (Ubuntu 5.04)
- linux-headers-2.6.10-6-amd64-generic-2.6.10-34.17 (Ubuntu 5.04)
- linux-headers-2.6.10-6-amd64-k8-2.6.10-34.17 (Ubuntu 5.04)
- linux-headers-2.6.10-6-amd64-k8-smp-2.6.10-34.17 (Ub
[...]


Network Security Threat Level: High


Networks Security ID:

Vulnerability Assessment Copyright: Ubuntu Security Notice (C) 2005 Canonical, Inc. / NASL script (C) 2005 Michel Arboi

Cables, Connectors


SanDisk 1TB SSD Plus, Internal Solid State Drive - SDSSDA-1T00-G26 picture

SanDisk 1TB SSD Plus, Internal Solid State Drive - SDSSDA-1T00-G26

$74.99



Western Digital 1TB WD Blue PC Desktop 3.5'' Internal CMR Hard Drive - WD10EARZ picture

Western Digital 1TB WD Blue PC Desktop 3.5'' Internal CMR Hard Drive - WD10EARZ

$44.99



1TB Samsung 840 EVO Internal 2.5

1TB Samsung 840 EVO Internal 2.5" SATA III SSD MZ7TE1T0HMHP Solid State Drive

$78.91



Western Digital 1TB WD Gold Enterprise Class SATA Internal HDD - WD1005FBYZ picture

Western Digital 1TB WD Gold Enterprise Class SATA Internal HDD - WD1005FBYZ

$84.99



Netac 1TB 2TB 512GB Internal SSD 2.5'' SATA III 6Gb/s Solid State Drive lot picture

Netac 1TB 2TB 512GB Internal SSD 2.5'' SATA III 6Gb/s Solid State Drive lot

$23.99



Patriot P210 128GB 256GB 512GB 1TB 2TB 2.5

Patriot P210 128GB 256GB 512GB 1TB 2TB 2.5" SATA 3 6GB/s Internal SSD PC/MAC Lot

$14.99



Crucial - P3 Plus 1TB Internal SSD PCIe Gen 4 x4 NVMe picture

Crucial - P3 Plus 1TB Internal SSD PCIe Gen 4 x4 NVMe

$69.99



1TB HDD/SSD 2.5

1TB HDD/SSD 2.5" SATA Hard Drive for Laptop with Win 10/Win 11 Pro Pre-installed

$29.95



1TB/2TB USB 3.0 Flash Drive Thumb U Disk Memory Stick Pen PC Laptop Storage US picture

1TB/2TB USB 3.0 Flash Drive Thumb U Disk Memory Stick Pen PC Laptop Storage US

$26.29



Fanxiang 4TB 2TB 1TB SSD 550MB/s 2.5'' SATA III Internal Solid State Drive lot picture

Fanxiang 4TB 2TB 1TB SSD 550MB/s 2.5'' SATA III Internal Solid State Drive lot

$198.99



Discussions

No Discussions have been posted on this vulnerability.