Oval Definition:oval:com.ubuntu.xenial:def:20114594000
Revision Date:2012-05-17Version:1
Title:CVE-2011-4594 on Ubuntu 16.04 LTS (xenial) - medium.
Description:The __sys_sendmsg function in net/socket.c in the Linux kernel before 3.1 allows local users to cause a denial of service (system crash) via crafted use of the sendmmsg system call, leading to an incorrect pointer dereference. Mathieu Desnoyers discovered that the kernel sockets implementation incorrectly dereferenced user pointers. A local attacker could possibly exploit this to crash the system.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2011-4594
Platform(s):Ubuntu 16.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 16.04 LTS (xenial) is installed.
  • AND Package Information
  • NOT While related to the CVE in some way, the 'linux' package in xenial is not affected (note: '4.2.0-16.19').
  • OR NOT While related to the CVE in some way, the 'linux-aws' package in xenial is not affected (note: '4.4.0-1001.10').
  • OR NOT While related to the CVE in some way, the 'linux-flo' package in xenial is not affected (note: '3.4.0-5.22').
  • OR NOT While related to the CVE in some way, the 'linux-gke' package in xenial is not affected (note: '4.4.0-1003.3').
  • OR NOT While related to the CVE in some way, the 'linux-goldfish' package in xenial is not affected (note: '3.4.0-4.27').
  • OR NOT While related to the CVE in some way, the 'linux-hwe' package in xenial is not affected (note: '4.8.0-36.36~16.04.1').
  • OR NOT While related to the CVE in some way, the 'linux-hwe-edge' package in xenial is not affected (note: '4.8.0-36.36~16.04.1').
  • OR NOT While related to the CVE in some way, the 'linux-mako' package in xenial is not affected (note: '3.4.0-7.40').
  • OR NOT While related to the CVE in some way, the 'linux-raspi2' package in xenial is not affected (note: '4.2.0-1013.19').
  • OR NOT While related to the CVE in some way, the 'linux-snapdragon' package in xenial is not affected (note: '4.4.0-1012.12').
    • BACK