Ubuntu Security Notice USN-1430-3

4th May, 2012

thunderbird vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 12.04 LTS



• Ubuntu 11.10



• Ubuntu 11.04



• Ubuntu 10.04 LTS

Summary

Several security issues were fixed in Thunderbird.

Software description

• thunderbird
  - Mozilla Open Source mail and newsgroup client
  
  

Details

USN-1430-1 fixed vulnerabilities in Firefox. This update provides the
corresponding fixes for Thunderbird.

Original advisory details:

Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong,
Hilary Hall, Honza Bambas, Jesse Ruderman, Julian Seward, and Olli Pettay
discovered memory safety issues affecting Firefox. If the user were tricked
into opening a specially crafted page, an attacker could exploit these to
cause a denial of service via application crash, or potentially execute
code with the privileges of the user invoking Firefox. (CVE-2012-0467,
CVE-2012-0468)

Aki Helin discovered a use-after-free vulnerability in XPConnect. An
attacker could potentially exploit this to execute arbitrary code with the
privileges of the user invoking Firefox. (CVE-2012-0469)

Atte Kettunen discovered that invalid frees cause heap corruption in
gfxImageSurface. If a user were tricked into opening a malicious Scalable
Vector Graphics (SVG) image file, an attacker could exploit these to cause
a denial of service via application crash, or potentially execute code with
the privileges of the user invoking Firefox. (CVE-2012-0470)

Anne van Kesteren discovered a potential cross-site scripting (XSS)
vulnerability via multibyte content processing errors. With cross-site
scripting vulnerabilities, if a user were tricked into viewing a specially
crafted page, a remote attacker could exploit this to modify the contents,
or steal confidential data, within the same domain. (CVE-2012-0471)

Matias Juntunen discovered a vulnerability in Firefox's WebGL
implementation that potentially allows the reading of illegal video memory.
An attacker could possibly exploit this to cause a denial of service via
application crash. (CVE-2012-0473)

Jordi Chancel, Eddy Bordi, and Chris McGowen discovered that Firefox
allowed the address bar to display a different website than the one the
user was visiting. This could potentially leave the user vulnerable to
cross-site scripting (XSS) attacks. With cross-site scripting
vulnerabilities, if a user were tricked into viewing a specially crafted
page, a remote attacker could exploit this to modify the contents, or steal
confidential data, within the same domain. (CVE-2012-0474)

Simone Fabiano discovered that Firefox did not always send correct origin
headers when connecting to an IPv6 websites. An attacker could potentially
use this to bypass intended access controls. (CVE-2012-0475)

Masato Kinugawa discovered that cross-site scripting (XSS) injection is
possible during the decoding of ISO-2022-KR and ISO-2022-CN character sets.
With cross-site scripting vulnerabilities, if a user were tricked into
viewing a specially crafted page, a remote attacker could exploit this to
modify the contents, or steal confidential data, within the same domain.
(CVE-2012-0477)

It was discovered that certain images rendered using WebGL could cause
Firefox to crash. If the user were tricked into opening a specially crafted
page, an attacker could exploit this to cause a denial of service via
application crash, or potentially execute code with the privileges of the
user invoking Firefox. (CVE-2012-0478)

Mateusz Jurczyk discovered an off-by-one error in the OpenType Sanitizer.
If the user were tricked into opening a specially crafted page, an attacker
could exploit this to cause a denial of service via application crash, or
potentially execute code with the privileges of the user invoking Firefox.
(CVE-2011-3062)

Daniel Divricean discovered a defect in the error handling of JavaScript
errors can potentially leak the file names and location of JavaScript files
on a server. This could potentially lead to inadvertent information
disclosure and a vector for further attacks. (CVE-2011-1187)

Jeroen van der Gun discovered a vulnerability in the way Firefox handled
RSS and Atom feeds. Invalid RSS or ATOM content loaded over HTTPS caused
the location bar to be updated with the address of this content, while the
main window still displays the previously loaded content. An attacker could
potentially exploit this vulnerability to conduct phishing attacks.
(CVE-2012-0479)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:

thunderbird

12.0.1+build1-0ubuntu0.12.04.1

Ubuntu 11.10:

thunderbird

12.0.1+build1-0ubuntu0.11.10.1

Ubuntu 11.04:

thunderbird

12.0.1+build1-0ubuntu0.11.04.1

Ubuntu 10.04 LTS:

thunderbird

12.0.1+build1-0ubuntu0.10.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart Thunderbird to make
all the necessary changes.

References

CVE-2011-1187,

CVE-2011-3062,

CVE-2012-0467,

CVE-2012-0468,

CVE-2012-0469,

CVE-2012-0470,

CVE-2012-0471,

CVE-2012-0473,

CVE-2012-0474,

CVE-2012-0475,

CVE-2012-0477,

CVE-2012-0478,

CVE-2012-0479,

LP: 987305

Ubuntu Security Notice USN-1432-1

8th May, 2012

linux vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 11.04

Summary

Several security issues were fixed in the kernel.

Software description

• linux
  - Linux kernel
  
  

Details

A flaw was found in the Linux's kernels ext4 file system when mounted with
a journal. A local, unprivileged user could exploit this flaw to cause a
denial of service. (CVE-2011-4086)

A flaw was discovered in the Linux kernel's cifs file system. An
unprivileged local user could exploit this flaw to crash the system leading
to a denial of service. (CVE-2012-1090)

A flaw was found in the Linux kernel's ext4 file system when mounting a
corrupt filesystem. A user-assisted remote attacker could exploit this flaw
to cause a denial of service. (CVE-2012-2100)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 11.04:

linux-image-2.6.38-15-powerpc

2.6.38-15.59

linux-image-2.6.38-15-omap

2.6.38-15.59

linux-image-2.6.38-15-generic-pae

2.6.38-15.59

linux-image-2.6.38-15-server

2.6.38-15.59

linux-image-2.6.38-15-powerpc64-smp

2.6.38-15.59

linux-image-2.6.38-15-virtual

2.6.38-15.59

linux-image-2.6.38-15-versatile

2.6.38-15.59

linux-image-2.6.38-15-generic

2.6.38-15.59

linux-image-2.6.38-15-powerpc-smp

2.6.38-15.59

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References

CVE-2011-4086,

CVE-2012-1090,

CVE-2012-2100

Ubuntu Security Notice USN-1437-1

4th May, 2012

php5 vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 12.04 LTS



• Ubuntu 11.10



• Ubuntu 11.04



• Ubuntu 10.04 LTS



• Ubuntu 8.04 LTS

Summary

Standalone PHP CGI scripts could be made to execute arbitrary code with
the privilege of the web server.

Software description

• php5
  - HTML-embedded scripting language interpreter
  
  

Details

It was discovered that PHP, when used as a stand alone CGI processor
for the Apache Web Server, did not properly parse and filter query
strings. This could allow a remote attacker to execute arbitrary code
running with the privilege of the web server. Configurations using
mod_php5 and FastCGI were not vulnerable.

This update addresses the issue when the PHP CGI interpreter
is configured using mod_cgi and mod_actions as described in
/usr/share/doc/php5-cgi/README.Debian.gz; however, if an alternate
configuration is used to enable PHP CGI processing, it should be
reviewed to ensure that command line arguments cannot be passed to
the PHP interpreter. Please see CVE-2012-2311 for more details and
potential mitigation approaches.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:

php5-cgi

5.3.10-1ubuntu3.1

Ubuntu 11.10:

php5-cgi

5.3.6-13ubuntu3.7

Ubuntu 11.04:

php5-cgi

5.3.5-1ubuntu7.8

Ubuntu 10.04 LTS:

php5-cgi

5.3.2-1ubuntu4.15

Ubuntu 8.04 LTS:

php5-cgi

5.2.4-2ubuntu5.24

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2012-1823,

CVE-2012-2311

Ubuntu Security Notice USN-1439-1

7th May, 2012

horizon vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 12.04 LTS

Summary

Horizon could be made to expose sensitive information over the network.

Software description

• horizon
  - Web interface for OpenStack cloud infrastructure
  
  

Details

Matthias Weckbecker discovered a cross-site scripting (XSS) vulnerability
in Horizon via the log viewer refrash mechanism. If a user were tricked
into viewing a specially crafted log message, a remote attacker could
exploit this to modify the contents or steal confidential data within the
same domain. (CVE-2012-2094)

Thomas Biege discovered a session fixation vulnerability in Horizon. An
attacker could exploit this to potentially allow access to unauthorized
information and capabilities. (CVE-2012-2144)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:

python-django-horizon

2012.1-0ubuntu8.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2012-2094,

CVE-2012-2144

Ubuntu Security Notice USN-1440-1

8th May, 2012

linux-lts-backport-natty vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 10.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

• linux-lts-backport-natty
  - Linux kernel backport from Natty
  
  

Details

A flaw was found in the Linux's kernels ext4 file system when mounted with
a journal. A local, unprivileged user could exploit this flaw to cause a
denial of service. (CVE-2011-4086)

Sasha Levin discovered a flaw in the permission checking for device
assignments requested via the kvm ioctl in the Linux kernel. A local user
could use this flaw to crash the system causing a denial of service.
(CVE-2011-4347)

Stephan Bärwolf discovered a flaw in the KVM (kernel-based virtual
machine) subsystem of the Linux kernel. A local unprivileged user can crash
use this flaw to crash VMs causing a deny of service. (CVE-2012-0045)

A flaw was discovered in the Linux kernel's cifs file system. An
unprivileged local user could exploit this flaw to crash the system leading
to a denial of service. (CVE-2012-1090)

H. Peter Anvin reported a flaw in the Linux kernel that could crash the
system. A local user could exploit this flaw to crash the system.
(CVE-2012-1097)

A flaw was discovered in the Linux kernel's cgroups subset. A local
attacker could use this flaw to crash the system. (CVE-2012-1146)

A flaw was found in the Linux kernel's ext4 file system when mounting a
corrupt filesystem. A user-assisted remote attacker could exploit this flaw
to cause a denial of service. (CVE-2012-2100)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 10.04 LTS:

linux-image-2.6.38-15-generic

2.6.38-15.59~lucid1

linux-image-2.6.38-15-virtual

2.6.38-15.59~lucid1

linux-image-2.6.38-15-generic-pae

2.6.38-15.59~lucid1

linux-image-2.6.38-15-server

2.6.38-15.59~lucid1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References

CVE-2011-4086,

CVE-2011-4347,

CVE-2012-0045,

CVE-2012-1090,

CVE-2012-1097,

CVE-2012-1146,

CVE-2012-2100

Section "InputClass"
 Identifier "Trackpoint Wheel Emulation"
 MatchProduct "TPPS/2 IBM TrackPoint|DualPoint Stick|Synaptics Inc. Composite TouchPad / TrackPoint|ThinkPad USB Keyboard with TrackPoint|USB Trackpoint pointing device"
 MatchDevicePath "/dev/input/event*"
 Option  "EmulateWheel"  "true"
 Option  "EmulateWheelButton" "2"
 Option  "Emulate3Buttons" "false"
 Option  "XAxisMapping"  "6 7"
 Option  "YAxisMapping"  "4 5"
EndSection

Ubuntu Security Notice USN-1438-1

3rd May, 2012

nova vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 12.04 LTS



• Ubuntu 11.10

Summary

Nova could be made to crash the system under certain conditions.

Software description

• nova
  - OpenStack Compute cloud infrastructure
  
  

Details

Dan Prince discovered that Nova did not enforce quotas for security groups
and rules added to security groups. An authenticated user could exploit
this to cause a denial of service.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:

python-nova

2012.1-0ubuntu2.1

Ubuntu 11.10:

python-nova

2011.3-0ubuntu6.6

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2012-2101

1. 檢查裝置(Check Device)

jonny@linux:~$ lsusb | grep -i "Qualcomm" [Enter]
Bus 002 Device 003: ID 05c6:9204 Qualcomm, Inc.

# USB ID: 05c6:9204 (loader)
# USB ID: 05c6:9205 (modem)

2. 取得韌體(Get firmware)

jonny@linux:~$ sudo mkdir -p /lib/firmware/gobi/ [Enter]

jonny@linux:~$ cp 6/UQCN.mbn /lib/firmware/gobi/ && \
cp UMTS/*.mbn /lib/firmware/gobi/ [Enter]

jonny@linux:~$ md5sum /lib/firmware/gobi/*.mbn [Enter]
80fcfbb41a7d4331d4b7145972f5f3c4   /lib/firmware/gobi/amss.mbn
00cbd411048cdadc3e4caf0d89d14fca   /lib/firmware/gobi/apps.mbn
bdf27325ebb63251c1310cd3a8f7bab6   /lib/firmware/gobi/UQCN.mbn

3. 安裝(Install)

jonny@linux:~$ sudo add-apt-repository ppa:linrunner/thinkpad-extras \
&& sudo aptitude update [Enter]

jonny@linux:~$ sudo aptitude install gobi-loader linux-generic-tp \
linux-image-generic-tp linux-headers-generic-tp [Enter]

jonny@linux:~$ sudo aptitude install tp-wwan-hotkey [Enter]

jonny@linux:~$ sudo shutdown -r now [Enter]

4. 環境設定(Environment Configure)

jonny@linux:~$ cat /var/lib/NetworkManager/NetworkManager.state [Enter]
[main]
NetworkingEnabled=true
WirelessEnabled=true
WWANEnabled=true
#WimaxEnabled=true   # Ubuntu 12.04 才有此行。

WWAN: on.

WWAN: off.

4.3.1. 應用程式選單 → 系統 → 網路連線。

4.3.2. 行動網路 → 新增。

4.3.3. 選擇 Gobi 2000 裝置。

4.3.4. 在城市列表中選取台灣(Taiwan)。

4.3.5. 選取電信業者，以下使用威寶電信(Vibo Telecom)為例。

4.3.6. 由於未收入 375 網路吃到飽專案，故手動修改成 APN 為 internet。

4.3.7. 同意後以上的設定才算建立完成。

4.3.8. 完成後可以在網路列表看到 Vibo Telecom 的選項。

4.3.9. 連線成功！令人感動的一刻。

jonny@linux:~$ ifconfig ppp0 [Enter]

ppp0      Link encap:Point-to-Point Protocol  
          inet addr:1.200.147.149  P-t-P:10.64.64.64  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:18 errors:0 dropped:0 overruns:0 frame:0
          TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3 
          RX bytes:546 (546.0 B)  TX bytes:249 (249.0 B)

5. 除錯(Debug)

jonny@linux:~$ sudo tail -f /var/log/syslog [Enter]

May  3 22:02:14 thinkpad-t410 NetworkManager[1191]:  Activation (ttyUSB1) starting connection 'Vibo Telecom'
May  3 22:02:14 thinkpad-t410 NetworkManager[1191]:  (ttyUSB1): device state change: disconnected -> prepare (reason 'none') [30 40 0]
May  3 22:02:14 thinkpad-t410 NetworkManager[1191]:  Activation (ttyUSB1) Stage 1 of 5 (Device Prepare) scheduled...
May  3 22:02:14 thinkpad-t410 NetworkManager[1191]:  Activation (ttyUSB1) Stage 1 of 5 (Device Prepare) started...
May  3 22:02:14 thinkpad-t410 NetworkManager[1191]:  Activation (ttyUSB1) Stage 1 of 5 (Device Prepare) complete.
May  3 22:02:14 thinkpad-t410 modem-manager[17215]:   (ttyUSB1) opening serial port...
May  3 22:02:14 thinkpad-t410 modem-manager[17215]:   Modem /org/freedesktop/ModemManager/Modems/0: state changed (disabled -> enabling)
May  3 22:02:15 thinkpad-t410 modem-manager[17215]:   (ttyUSB1): using text mode for SMS
May  3 22:02:15 thinkpad-t410 modem-manager[17215]:   Modem /org/freedesktop/ModemManager/Modems/0: state changed (enabling -> enabled)
May  3 22:02:15 thinkpad-t410 NetworkManager[1191]:  WWAN now enabled by management service
May  3 22:02:15 thinkpad-t410 modem-manager[17215]:   Modem /org/freedesktop/ModemManager/Modems/0: state changed (enabled -> registered)
May  3 22:02:15 thinkpad-t410 kernel: [13718.358807] modem-manager[17215]: segfault at 7fea28778b51 ip 00007fea286ed0f8 sp 00007fff7cca5580 error 4 in libpcre.so.3.12.1[7fea286da000+3c000]
May  3 22:02:15 thinkpad-t410 kernel: [13718.458948] init: modemmanager main process (17215) killed by SEGV signal
May  3 22:02:15 thinkpad-t410 kernel: [13718.458983] init: modemmanager main process ended, respawning
May  3 22:02:15 thinkpad-t410 NetworkManager[1191]:  the modem manager disappeared
May  3 22:02:15 thinkpad-t410 NetworkManager[1191]:  (ttyUSB1): now unmanaged
May  3 22:02:15 thinkpad-t410 NetworkManager[1191]:  (ttyUSB1): device state change: prepare -> unmanaged (reason 'removed') [40 10 36]
May  3 22:02:15 thinkpad-t410 NetworkManager[1191]:  (ttyUSB1): deactivating device (reason 'removed') [36]
May  3 22:02:15 thinkpad-t410 NetworkManager[1191]: nm_system_iface_flush_routes: assertion `ifindex > 0' failed
May  3 22:02:15 thinkpad-t410 NetworkManager[1191]: nm_system_iface_flush_addresses: assertion `ifindex > 0' failed
May  3 22:02:15 thinkpad-t410 modem-manager[20121]:   ModemManager (version 0.5.2.0) starting...
May  3 22:02:15 thinkpad-t410 modem-manager[20121]:   Loaded plugin AnyData
May  3 22:02:15 thinkpad-t410 modem-manager[20121]:   Loaded plugin MotoC
May  3 22:02:15 thinkpad-t410 modem-manager[20121]:   Loaded plugin Nokia
May  3 22:02:15 thinkpad-t410 modem-manager[20121]:   Loaded plugin Linktop
May  3 22:02:15 thinkpad-t410 modem-manager[20121]:   Loaded plugin Novatel
May  3 22:02:15 thinkpad-t410 modem-manager[20121]:   Loaded plugin Sierra
May  3 22:02:15 thinkpad-t410 modem-manager[20121]:   Loaded plugin ZTE
May  3 22:02:15 thinkpad-t410 modem-manager[20121]:   Loaded plugin Generic
May  3 22:02:15 thinkpad-t410 modem-manager[20121]:   Loaded plugin Gobi
May  3 22:02:15 thinkpad-t410 modem-manager[20121]:   Loaded plugin Option High-Speed
May  3 22:02:15 thinkpad-t410 modem-manager[20121]:   Loaded plugin Wavecom
May  3 22:02:15 thinkpad-t410 modem-manager[20121]:   Loaded plugin Samsung
May  3 22:02:15 thinkpad-t410 modem-manager[20121]:   Loaded plugin Ericsson MBM
May  3 22:02:15 thinkpad-t410 modem-manager[20121]:   Loaded plugin Huawei
May  3 22:02:15 thinkpad-t410 modem-manager[20121]:   Loaded plugin X22X
May  3 22:02:15 thinkpad-t410 modem-manager[20121]:   Loaded plugin SimTech
May  3 22:02:15 thinkpad-t410 modem-manager[20121]:   Loaded plugin Longcheer
May  3 22:02:15 thinkpad-t410 modem-manager[20121]:   Loaded plugin Option
May  3 22:02:15 thinkpad-t410 NetworkManager[1191]:  Policy set 'Wired connection 1' (eth0) as default for IPv4 routing and DNS.
May  3 22:02:15 thinkpad-t410 NetworkManager[1191]:  Policy set 'Wired connection 1' (eth0) as default for IPv4 routing and DNS.
May  3 22:02:15 thinkpad-t410 NetworkManager[1191]:  (ttyUSB1): cleaning up...
May  3 22:02:15 thinkpad-t410 NetworkManager[1191]:  (ttyUSB1): taking down device.
May  3 22:02:15 thinkpad-t410 modem-manager[20121]:   (ttyUSB0) opening serial port...
May  3 22:02:15 thinkpad-t410 modem-manager[20121]:   (ttyUSB1) opening serial port...
May  3 22:02:15 thinkpad-t410 modem-manager[20121]:   (ttyUSB2) opening serial port...
May  3 22:02:15 thinkpad-t410 NetworkManager[1191]:  trying to start the modem manager...
May  3 22:02:15 thinkpad-t410 NetworkManager[1191]:  modem-manager is now available
May  3 22:02:16 thinkpad-t410 modem-manager[20121]:   (ttyUSB1) closing serial port...
May  3 22:02:16 thinkpad-t410 modem-manager[20121]:   (ttyUSB1) serial port closed
May  3 22:02:16 thinkpad-t410 modem-manager[20121]:   (ttyUSB1) opening serial port...
May  3 22:02:16 thinkpad-t410 modem-manager[20121]:   (Gobi): GSM modem /sys/devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.4 claimed port ttyUSB1
May  3 22:02:16 thinkpad-t410 modem-manager[20121]:   (ttyUSB1) closing serial port...
May  3 22:02:16 thinkpad-t410 modem-manager[20121]:   (ttyUSB1) serial port closed
May  3 22:02:27 thinkpad-t410 modem-manager[20121]:   (ttyUSB0) closing serial port...
May  3 22:02:27 thinkpad-t410 modem-manager[20121]:   (ttyUSB0) serial port closed
May  3 22:02:27 thinkpad-t410 modem-manager[20121]:   (ttyUSB0) opening serial port...
May  3 22:02:27 thinkpad-t410 modem-manager[20121]:   (ttyUSB2) closing serial port...
May  3 22:02:27 thinkpad-t410 modem-manager[20121]:   (ttyUSB2) serial port closed
May  3 22:02:27 thinkpad-t410 modem-manager[20121]:   (ttyUSB2) opening serial port...
May  3 22:02:30 thinkpad-t410 modem-manager[20121]:   (ttyUSB0) closing serial port...
May  3 22:02:30 thinkpad-t410 modem-manager[20121]:   (ttyUSB0) serial port closed
May  3 22:02:33 thinkpad-t410 modem-manager[20121]:   (ttyUSB2) closing serial port...
May  3 22:02:33 thinkpad-t410 modem-manager[20121]:   (ttyUSB2) serial port closed
May  3 22:02:33 thinkpad-t410 NetworkManager[1191]:  (ttyUSB1): failed to look up interface index
May  3 22:02:33 thinkpad-t410 NetworkManager[1191]:  WWAN now disabled by management service
May  3 22:02:33 thinkpad-t410 NetworkManager[1191]:  (ttyUSB1): new GSM/UMTS device (driver: 'qcserial' ifindex: 0)
May  3 22:02:33 thinkpad-t410 NetworkManager[1191]:  (ttyUSB1): exported as /org/freedesktop/NetworkManager/Devices/4
May  3 22:02:33 thinkpad-t410 NetworkManager[1191]:  (ttyUSB1): now managed
May  3 22:02:33 thinkpad-t410 NetworkManager[1191]:  (ttyUSB1): device state change: unmanaged -> unavailable (reason 'managed') [10 20 2]
May  3 22:02:33 thinkpad-t410 NetworkManager[1191]:  (ttyUSB1): deactivating device (reason 'managed') [2]
May  3 22:02:33 thinkpad-t410 NetworkManager[1191]: nm_system_iface_flush_routes: assertion `ifindex > 0' failed
May  3 22:02:33 thinkpad-t410 NetworkManager[1191]: nm_system_iface_flush_addresses: assertion `ifindex > 0' failed
May  3 22:02:33 thinkpad-t410 NetworkManager[1191]:  (ttyUSB1): device state change: unavailable -> disconnected (reason 'none') [20 30 0]

jonny@linux:~$ sudo pkill modem-manager; sudo rmmod qcserial; sudo modprobe qcserial [Enter]

Ubuntu Security Notice USN-1425-1

24th April, 2012

linux vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 10.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

• linux
  - Linux kernel
  
  

Details

Sasha Levin discovered a flaw in the permission checking for device
assignments requested via the kvm ioctl in the Linux kernel. A local user
could use this flaw to crash the system causing a denial of service.
(CVE-2011-4347)

Stephan Bärwolf discovered a flaw in the KVM (kernel-based virtual
machine) subsystem of the Linux kernel. A local unprivileged user can crash
use this flaw to crash VMs causing a deny of service. (CVE-2012-0045)

A flaw was discovered in the Linux kernel's cifs file system. An
unprivileged local user could exploit this flaw to crash the system leading
to a denial of service. (CVE-2012-1090)

H. Peter Anvin reported a flaw in the Linux kernel that could crash the
system. A local user could exploit this flaw to crash the system.
(CVE-2012-1097)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 10.04 LTS:

linux-image-2.6.32-41-server

2.6.32-41.88

linux-image-2.6.32-41-lpia

2.6.32-41.88

linux-image-2.6.32-41-ia64

2.6.32-41.88

linux-image-2.6.32-41-generic-pae

2.6.32-41.88

linux-image-2.6.32-41-virtual

2.6.32-41.88

linux-image-2.6.32-41-386

2.6.32-41.88

linux-image-2.6.32-41-powerpc

2.6.32-41.88

linux-image-2.6.32-41-sparc64

2.6.32-41.88

linux-image-2.6.32-41-sparc64-smp

2.6.32-41.88

linux-image-2.6.32-41-powerpc-smp

2.6.32-41.88

linux-image-2.6.32-41-preempt

2.6.32-41.88

linux-image-2.6.32-41-powerpc64-smp

2.6.32-41.88

linux-image-2.6.32-41-versatile

2.6.32-41.88

linux-image-2.6.32-41-generic

2.6.32-41.88

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References

CVE-2011-4347,

CVE-2012-0045,

CVE-2012-1090,

CVE-2012-1097