Key Information Announcement Number: USN-1652-1 Title: Linux kernel (Oneiric backport) vulnerabilities Release Date: 30 November 2012 Summary: Multiple security issues in the Linux kernel have been fixed. Details 1. CVE-2012-0957 - Brad Spengler discovered a vulnerability in the system call in the Linux kernel. A non-privileged user could exploit this flaw to read kernel stack memory. 2. CVE-2012-4565 - Rodrigo Freire discovered a vulnerability in the TCP Illinois congestion control algorithm in the Linux kernel. A local attacker could exploit this to cause a denial of service. 3. CVE-2012-6536 - Mathias Krause discovered a vulnerability in the XFRM netlink interface in the Linux kernel. A local user with NET_ADMIN privileges could exploit this to leak kernel memory contents. 4. CVE-2012-6557 - Mathias Krause discovered multiple flaws in the implementation in the Linux kernel. A local attacker could exploit these to inspect portions of kernel memory. Update Instructions After updating to the following package versions, a system reboot is required: - - - - - - - - Note: Due to unavoidable ABI changes, all third-party kernel modules must be recompiled and reinstalled. References CVE-2013-1928 CVE-2013-1826 CVE-2013-0309 CVE-2012-6546 CVE-2012-6545 CVE-2012-6544 CVE-2012-6542 CVE-2012-6541 CVE-2012-6540 CVE-2012-6539