--===============2437549131193252668==
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature";
 boundary="8P1HSweYDcXXzwPJ"
Content-Disposition: inline


--8P1HSweYDcXXzwPJ
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

===========================================================
Ubuntu Security Notice USN-1086-1            March 08, 2011
linux-ec2 vulnerabilities
CVE-2010-4076, CVE-2010-4077, CVE-2010-4158, CVE-2010-4163,
CVE-2010-4175
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 10.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 10.04 LTS:
  linux-image-2.6.32-314-ec2      2.6.32-314.27

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

Details follow:

Dan Rosenberg discovered that multiple terminal ioctls did not correctly
initialize structure memory. A local attacker could exploit this to
read portions of kernel stack memory, leading to a loss of privacy.
(CVE-2010-4076, CVE-2010-4077)

Dan Rosenberg discovered that the socket filters did not correctly
initialize structure memory. A local attacker could create malicious
filters to read portions of kernel stack memory, leading to a loss of
privacy. (CVE-2010-4158)

Dan Rosenberg discovered that the SCSI subsystem did not correctly
validate iov segments. A local attacker with access to a SCSI device
could send specially crafted requests to crash the system, leading to
a denial of service. (CVE-2010-4163)

Dan Rosenberg discovered that the RDS protocol did not correctly check
ioctl arguments. A local attacker could exploit this to crash the system,
leading to a denial of service. (CVE-2010-4175)


Updated packages for Ubuntu 10.04 LTS:

  Source archives:

    linux-ec2_2.6.32-314.27.diff.gz
      Size/MD5:  9075603 3b5ed62eef9ba6d5e63ca59a308035c8
    linux-ec2_2.6.32-314.27.dsc
      Size/MD5:     2104 71e44d7e3a2422e18abc0039f50f5002
    linux-ec2_2.6.32.orig.tar.gz
      Size/MD5: 81900940 4b1f6f6fac43a23e783079db589fc7e2

  Architecture independent packages:

    linux-ec2-doc_2.6.32-314.27_all.deb
      Size/MD5:  6434392 09281aaccdce3fe2c4d70a0913ec5e49
    linux-ec2-source-2.6.32_2.6.32-314.27_all.deb
      Size/MD5: 68171196 7048f33fb28bc4a5f7634b12499b492d
    linux-headers-2.6.32-314_2.6.32-314.27_all.deb
      Size/MD5: 10046624 a385860922eb209c56960edbd4874134

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    linux-headers-2.6.32-314-ec2_2.6.32-314.27_amd64.deb
      Size/MD5:   693912 7528587b27dbfe734761131cb0efb493
    linux-image-2.6.32-314-ec2_2.6.32-314.27_amd64.deb
      Size/MD5: 20035640 bcc35c559c339452498c0b90a5e240bc

  i386 architecture (x86 compatible Intel/AMD):

    linux-headers-2.6.32-314-ec2_2.6.32-314.27_i386.deb
      Size/MD5:   659440 a75036c9ba32e477f202074a0b02f606
    linux-image-2.6.32-314-ec2_2.6.32-314.27_i386.deb
      Size/MD5: 19234330 cd15dca40624901035313331878edf98


--8P1HSweYDcXXzwPJ
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Kees Cook <kees@outflux.net>

iQIcBAEBCgAGBQJNdsF4AAoJEIly9N/cbcAmcr4QAIRLWzhIY+ucQplWPv5Qxbzw
0akZ3FpQN+fM00QFN4iAPM+Zn0qihBUQcukn2z1hsHV/jI15i5LbtbgwR+zX6eBx
2pBmnuaH6vcuc6HlB6gxMVCUOBuDbunQUUR/kURBJZNORKFYNBco61MuPCISfEV2
Z1rj97VK8zE6NH/HLpRWm/tXME6Gytfd/tdCkLIuIBtrdfIp5Rw3WiGcVIHFbsx5
Hj94ndvRftkeTDXrxNs6qPfB/u66xPsLCR7vo31EuoCaznWZfqmZEmzRlbSL9ooj
NCljddNoZI6j4zVCPDMzJcobnry+IqMk3Pxsn0qgGsqS1Hy71QNMyCLT7QgrtjjC
DNiNTc28Gmnth8Q5AMfcTdx5elA9uBb7a5iqtvIpLjBTmJgQ/K3qryLQpvITAmlu
XkFFYFJgAXhK2Ks6p3OYqta/UKN3scMP3B13s9kRkJ6pD48NeFsSDDYxWBnhRBF3
pkFf9b3f+yfQqX4t0LIeTQznu4vOt2fAZgTEF/LDf7e59BbhB9IMzZZfgMfghI5p
L3wjq+O1+thUOSTyac4l9zg9JSPE0lCehv4b1HaSDp5faHacULREFeg6/OKGQx6q
f1uZoAhaPG8WdwRiMViBss4+ppyVf/qD/gRKxp2o2HNKlEV6/zMMK0M4C7hJfJhu
jcTM7l+GaIioX+ViZgSn
=8Cg1
-----END PGP SIGNATURE-----

--8P1HSweYDcXXzwPJ--


--===============2437549131193252668==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============2437549131193252668==--