USN-1661-1: Linux kernel vulnerability
11 December 2012
The system's firewall could be bypassed by a remote attacker.
Releases
Packages
- linux - Linux kernel
Details
Zhang Zuotao discovered a bug in the Linux kernel's handling of overlapping
fragments in ipv6. A remote attacker could exploit this flaw to bypass
firewalls and initial new network connections that should have been blocked
by the firewall.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 10.04
-
linux-image-2.6.32-45-generic
-
2.6.32-45.101
-
linux-image-2.6.32-45-powerpc-smp
-
2.6.32-45.101
-
linux-image-2.6.32-45-ia64
-
2.6.32-45.101
-
linux-image-2.6.32-45-lpia
-
2.6.32-45.101
-
linux-image-2.6.32-45-preempt
-
2.6.32-45.101
-
linux-image-2.6.32-45-sparc64-smp
-
2.6.32-45.101
-
linux-image-2.6.32-45-virtual
-
2.6.32-45.101
-
linux-image-2.6.32-45-sparc64
-
2.6.32-45.101
-
linux-image-2.6.32-45-generic-pae
-
2.6.32-45.101
-
linux-image-2.6.32-45-server
-
2.6.32-45.101
-
linux-image-2.6.32-45-powerpc
-
2.6.32-45.101
-
linux-image-2.6.32-45-386
-
2.6.32-45.101
-
linux-image-2.6.32-45-powerpc64-smp
-
2.6.32-45.101
-
linux-image-2.6.32-45-versatile
-
2.6.32-45.101
After a standard system update you need to reboot your computer to make
all the necessary changes.
References
Related notices
- USN-1664-1: linux-image-2.6.32-350-ec2, linux-ec2
- USN-1660-1: linux-image-2.6.24-32-386, linux-image-2.6.24-32-xen, linux-image-2.6.24-32-virtual, linux-image-2.6.24-32-server, linux-image-2.6.24-32-openvz, linux-image-2.6.24-32-itanium, linux-image-2.6.24-32-mckinley, linux-image-2.6.24-32-hppa32, linux-image-2.6.24-32-powerpc, linux-image-2.6.24-32-lpia, linux-image-2.6.24-32-lpiacompat, linux-image-2.6.24-32-sparc64, linux, linux-image-2.6.24-32-sparc64-smp, linux-image-2.6.24-32-powerpc64-smp, linux-image-2.6.24-32-powerpc-smp, linux-image-2.6.24-32-hppa64, linux-image-2.6.24-32-generic, linux-image-2.6.24-32-rt