OVAL Reference oval:com.ubuntu.trusty:def:20114594000

Oval Definition:

oval:com.ubuntu.trusty:def:20114594000

Revision Date:	2012-05-17	Version:	1
Title:	CVE-2011-4594 on Ubuntu 14.04 LTS (trusty) - medium.
Description:	The __sys_sendmsg function in net/socket.c in the Linux kernel before 3.1 allows local users to cause a denial of service (system crash) via crafted use of the sendmmsg system call, leading to an incorrect pointer dereference. Mathieu Desnoyers discovered that the kernel sockets implementation incorrectly dereferenced user pointers. A local attacker could possibly exploit this to crash the system.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2011-4594
Platform(s):	Ubuntu 14.04 LTS	Product(s):
Definition Synopsis
Ubuntu 14.04 LTS (trusty) is installed. AND Package Information NOT While related to the CVE in some way, the 'linux' package in trusty is not affected (note: '3.11.0-12.19'). OR NOT While related to the CVE in some way, the 'linux-aws' package in trusty is not affected (note: '4.4.0-1002.2'). OR NOT While related to the CVE in some way, the 'linux-flo' package in trusty is not affected (note: '3.4.0-1.3'). OR NOT While related to the CVE in some way, the 'linux-goldfish' package in trusty is not affected (note: '3.4.0-1.9'). OR NOT While related to the CVE in some way, the 'linux-grouper' package in trusty is not affected (note: '3.1.10-8.28'). OR NOT While related to the CVE in some way, the 'linux-lts-utopic' package in trusty is not affected (note: '3.16.0-25.33~14.04.2'). OR NOT While related to the CVE in some way, the 'linux-lts-vivid' package in trusty is not affected (note: '3.19.0-18.18~14.04.1'). OR NOT While related to the CVE in some way, the 'linux-lts-wily' package in trusty is not affected (note: '4.2.0-18.22~14.04.1'). OR NOT While related to the CVE in some way, the 'linux-lts-xenial' package in trusty is not affected (note: '4.4.0-13.29~14.04.1'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR NOT While related to the CVE in some way, the 'linux-mako' package in trusty is not affected (note: '3.4.0-3.21'). OR NOT While related to the CVE in some way, the 'linux-manta' package in trusty is not affected (note: '3.4.0-4.19').

BACK