kernel: multiple vulnerabilities [LWN.net]

Package(s):

kernel-rt

CVE #(s):

CVE-2011-1078 CVE-2011-1170 CVE-2011-1171 CVE-2011-1172

Created:

May 11, 2011

Updated:

August 19, 2011

Description:

From the Red Hat advisory:

* A missing initialization flaw in sco_sock_getsockopt_old() could allow a local, unprivileged user to cause an information leak. (CVE-2011-1078, Low)

* Missing validations of null-terminated string data structure elements in the do_replace(), compat_do_replace(), do_ipt_get_ctl(), do_ip6t_get_ctl(), and do_arpt_get_ctl() functions could allow a local user who has the CAP_NET_ADMIN capability to cause an information leak. (CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1080, Low)

Alerts:

Ubuntu	USN-1256-1	2011-11-09
Ubuntu	USN-1212-1	2011-09-21
Ubuntu	USN-1204-1	2011-09-13
Ubuntu	USN-1202-1	2011-09-13
Ubuntu	USN-1189-1	2011-08-19
Ubuntu	USN-1187-1	2011-08-09
Ubuntu	USN-1186-1	2011-08-09
SUSE	SUSE-SU-2011:0832-1	2011-07-25
SUSE	SUSE-SA:2011:031	2011-07-25
Ubuntu	USN-1167-1	2011-07-13
Ubuntu	USN-1159-1	2011-07-13
Red Hat	RHSA-2011:0883-01	2011-06-21
Debian	DSA-2264-1	2011-06-18
Scientific Linux	SL-kern-20110519	2011-05-19
CentOS	CESA-2011:0833	2011-05-31
Red Hat	RHSA-2011:0833-01	2011-05-31
Debian	DSA-2240-1	2011-05-24
Red Hat	RHSA-2011:0542-01	2011-05-19
Red Hat	RHSA-2011:0500-01	2011-05-10
openSUSE	openSUSE-SU-2012:0236-1	2012-02-09
Red Hat	RHSA-2012:1156-01	2012-08-14
CentOS	CESA-2012:1156	2012-08-15
Scientific Linux	SL-kern-20120815	2012-08-15
Oracle	ELSA-2012-1156	2012-08-15

(Log in to post comments)