Executive Summary

Summary
Title kernel security update
Informations
Name RHSA-2014:0949 First vendor Publication 2014-07-28
Vendor RedHat Last vendor Modification 2014-07-28
Severity (Vendor) Important Revision 01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 6.9 Attack Range Local
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 3.4 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 6.2 Advanced Update Support.

The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AUS (v. 6.2 server) - noarch, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.2) - x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.

* It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-4699, Important)

Note: The CVE-2014-4699 issue only affected systems using an Intel CPU.

Red Hat would like to thank Andy Lutomirski for reporting this issue.

All kernel users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258

To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system.

5. Bugs fixed (https://bugzilla.redhat.com/):

1115927 - CVE-2014-4699 kernel: x86_64: ptrace: sysret to non-canonical address

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2014-0949.html

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-362 Race Condition

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:24957
 
Oval ID: oval:org.mitre.oval:def:24957
Title: USN-2268-1 -- linux vulnerability
Description: The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-2268-1
CVE-2014-4699
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25022
 
Oval ID: oval:org.mitre.oval:def:25022
Title: USN-2272-1 -- linux-lts-trusty vulnerability
Description: The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-2272-1
CVE-2014-4699
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-lts-trusty
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25029
 
Oval ID: oval:org.mitre.oval:def:25029
Title: USN-2267-1 -- linux-ec2 vulnerability
Description: The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-2267-1
CVE-2014-4699
Version: 3
Platform(s): Ubuntu 10.04
Product(s): linux-ec2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25087
 
Oval ID: oval:org.mitre.oval:def:25087
Title: DSA-2972-1 -- linux - security update
Description: Andy Lutomirski discovered that the ptrace syscall was not verifying the RIP register to be valid in the ptrace API on x86_64 processors. An unprivileged user could use this flaw to crash the kernel (resulting in denial of service) or for privilege escalation.
Family: unix Class: patch
Reference(s): DSA-2972-1
CVE-2014-4699
Version: 5
Platform(s): Debian GNU/Linux 7
Debian GNU/kFreeBSD 7
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25135
 
Oval ID: oval:org.mitre.oval:def:25135
Title: USN-2271-1 -- linux-lts-saucy vulnerability
Description: The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-2271-1
CVE-2014-4699
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-lts-saucy
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25147
 
Oval ID: oval:org.mitre.oval:def:25147
Title: USN-2270-1 -- linux-lts-raring vulnerability
Description: The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-2270-1
CVE-2014-4699
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-lts-raring
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25221
 
Oval ID: oval:org.mitre.oval:def:25221
Title: USN-2274-1 -- linux vulnerability
Description: The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-2274-1
CVE-2014-4699
Version: 3
Platform(s): Ubuntu 14.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25225
 
Oval ID: oval:org.mitre.oval:def:25225
Title: USN-2269-1 -- linux-lts-quantal vulnerability
Description: The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-2269-1
CVE-2014-4699
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-lts-quantal
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25244
 
Oval ID: oval:org.mitre.oval:def:25244
Title: USN-2266-1 -- linux vulnerability
Description: The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-2266-1
CVE-2014-4699
Version: 3
Platform(s): Ubuntu 10.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25325
 
Oval ID: oval:org.mitre.oval:def:25325
Title: SUSE-SU-2014:0912-1 -- Security update for Linux kernel
Description: The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to fix various bugs and security issues.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0912-1
CVE-2012-2372
CVE-2013-2929
CVE-2013-4299
CVE-2013-4579
CVE-2013-6382
CVE-2013-7339
CVE-2014-0055
CVE-2014-0077
CVE-2014-0101
CVE-2014-0131
CVE-2014-0155
CVE-2014-1444
CVE-2014-1445
CVE-2014-1446
CVE-2014-1874
CVE-2014-2309
CVE-2014-2523
CVE-2014-2678
CVE-2014-2851
CVE-2014-3122
CVE-2014-3144
CVE-2014-3145
CVE-2014-3917
CVE-2014-4508
CVE-2014-4652
CVE-2014-4653
CVE-2014-4654
CVE-2014-4655
CVE-2014-4656
CVE-2014-4699
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
Product(s): Linux kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25414
 
Oval ID: oval:org.mitre.oval:def:25414
Title: SUSE-SU-2014:0911-1 -- Security update for Linux kernel
Description: The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to fix various bugs and security issues.elected taints for tracepoint modules.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0911-1
CVE-2012-2372
CVE-2013-2929
CVE-2013-4299
CVE-2013-4579
CVE-2013-6382
CVE-2013-7339
CVE-2014-0055
CVE-2014-0077
CVE-2014-0101
CVE-2014-0131
CVE-2014-0155
CVE-2014-1444
CVE-2014-1445
CVE-2014-1446
CVE-2014-1874
CVE-2014-2309
CVE-2014-2523
CVE-2014-2678
CVE-2014-2851
CVE-2014-3122
CVE-2014-3144
CVE-2014-3145
CVE-2014-3917
CVE-2014-4508
CVE-2014-4652
CVE-2014-4653
CVE-2014-4654
CVE-2014-4655
CVE-2014-4656
CVE-2014-4699
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
Product(s): Linux kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26192
 
Oval ID: oval:org.mitre.oval:def:26192
Title: SUSE-SU-2014:0910-1 -- Security update for Linux kernel
Description: The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to fix various bugs and security issues.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0910-1
CVE-2012-2372
CVE-2013-2929
CVE-2013-4299
CVE-2013-4579
CVE-2013-6382
CVE-2013-7339
CVE-2014-0055
CVE-2014-0077
CVE-2014-0101
CVE-2014-0131
CVE-2014-0155
CVE-2014-1444
CVE-2014-1445
CVE-2014-1446
CVE-2014-1874
CVE-2014-2309
CVE-2014-2523
CVE-2014-2678
CVE-2014-2851
CVE-2014-3122
CVE-2014-3144
CVE-2014-3145
CVE-2014-3917
CVE-2014-4508
CVE-2014-4652
CVE-2014-4653
CVE-2014-4654
CVE-2014-4655
CVE-2014-4656
CVE-2014-4699
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
Product(s): Linux kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26617
 
Oval ID: oval:org.mitre.oval:def:26617
Title: ELSA-2014-3047 -- unbreakable enterprise kernel security update (important)
Description: [2.6.39-400.215.4] - l2tp: fix an unprivileged user to kernel privilege escalation (Sasha Levin) [Orabug: 19229505] {CVE-2014-4943} {CVE-2014-4943} - ptrace,x86: force IRET path after a ptrace_stop() (Tejun Heo) [Orabug: 19230690] {CVE-2014-4699}
Family: unix Class: patch
Reference(s): ELSA-2014-3047
CVE-2014-4943
CVE-2014-4699
Version: 3
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27072
 
Oval ID: oval:org.mitre.oval:def:27072
Title: USN-2273-1 -- Linux kernel vulnerability
Description: Andy Lutomirski discovered a flaw with the Linux kernel's ptrace syscall on x86_64 processors. An attacker could exploit this flaw to cause a denial of service (System Crash) or potential gain administrative privileges.
Family: unix Class: patch
Reference(s): USN-2273-1
CVE-2014-4699
Version: 3
Platform(s): Ubuntu 13.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27252
 
Oval ID: oval:org.mitre.oval:def:27252
Title: ELSA-2014-0924 -- kernel security update (important)
Description: [2.6.32-431.20.5] - [netdrv] pppol2tp: fail when socket option level is not SOL_PPPOL2TP [1119461 1119462] {CVE-2014-4943} [2.6.32-431.20.4] - [kernel] utrace: force IRET path after utrace_finish_vfork() (Oleg Nesterov) [1115932 1115933] {CVE-2014-4699}
Family: unix Class: patch
Reference(s): ELSA-2014-0924
CVE-2014-4943
CVE-2014-4699
Version: 3
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27297
 
Oval ID: oval:org.mitre.oval:def:27297
Title: ELSA-2014-0923 -- kernel security update (important)
Description: [3.10.0-123.4.4] - Oracle Linux certificates (Alexey Petrenko) [3.10.0-123.4.4] - [net] l2tp_ppp: fail when socket option level is not SOL_PPPOL2TP (Petr Matousek) [1119465 1119466] {CVE-2014-4943} [3.10.0-123.4.3] - [x86] ptrace: force IRET path after a ptrace_stop() (Oleg Nesterov) [1115934 1115935] {CVE-2014-4699}
Family: unix Class: patch
Reference(s): ELSA-2014-0923
CVE-2014-4943
CVE-2014-4699
Version: 3
Platform(s): Oracle Linux 7
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27341
 
Oval ID: oval:org.mitre.oval:def:27341
Title: ELSA-2014-3048 -- unbreakable enterprise kernel security update (important)
Description: kernel-uek [2.6.32-400.36.4uek] - l2tp: fix an unprivileged user to kernel privilege escalation (Sasha Levin) [Orabug: 19229529] {CVE-2014-4943} {CVE-2014-4943} - ptrace,x86: force IRET path after a ptrace_stop() (Tejun Heo) [Orabug: 19230692] {CVE-2014-4699}
Family: unix Class: patch
Reference(s): ELSA-2014-3048
CVE-2014-4943
CVE-2014-4699
Version: 5
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
mlnx_en
ofa
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Os 4
Os 1
Os 2147

ExploitDB Exploits

id Description
2014-07-21 Linux Kernel ptrace/sysret - Local Privilege Escalation

Nessus® Vulnerability Scanner

Date Description
2017-04-03 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2017-0057.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-1138-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-1105-1.nasl - Type : ACT_GATHER_INFO
2015-03-13 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-0290.nasl - Type : ACT_GATHER_INFO
2014-11-11 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0925.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2014-0979.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0949.nasl - Type : ACT_GATHER_INFO
2014-08-23 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3070.nasl - Type : ACT_GATHER_INFO
2014-08-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-493.nasl - Type : ACT_GATHER_INFO
2014-08-08 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-155.nasl - Type : ACT_GATHER_INFO
2014-08-04 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-478.nasl - Type : ACT_GATHER_INFO
2014-07-30 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0923.nasl - Type : ACT_GATHER_INFO
2014-07-26 Name : The remote Fedora host is missing a security update.
File : fedora_2014-8487.nasl - Type : ACT_GATHER_INFO
2014-07-26 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0924.nasl - Type : ACT_GATHER_INFO
2014-07-26 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0923.nasl - Type : ACT_GATHER_INFO
2014-07-25 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140723_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-07-25 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3049.nasl - Type : ACT_GATHER_INFO
2014-07-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0924.nasl - Type : ACT_GATHER_INFO
2014-07-24 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0924.nasl - Type : ACT_GATHER_INFO
2014-07-24 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0923.nasl - Type : ACT_GATHER_INFO
2014-07-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0913.nasl - Type : ACT_GATHER_INFO
2014-07-20 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3048.nasl - Type : ACT_GATHER_INFO
2014-07-20 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3047.nasl - Type : ACT_GATHER_INFO
2014-07-20 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3046.nasl - Type : ACT_GATHER_INFO
2014-07-11 Name : The remote Fedora host is missing a security update.
File : fedora_2014-8171.nasl - Type : ACT_GATHER_INFO
2014-07-07 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2972.nasl - Type : ACT_GATHER_INFO
2014-07-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2266-1.nasl - Type : ACT_GATHER_INFO
2014-07-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2274-1.nasl - Type : ACT_GATHER_INFO
2014-07-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2273-1.nasl - Type : ACT_GATHER_INFO
2014-07-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2272-1.nasl - Type : ACT_GATHER_INFO
2014-07-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2271-1.nasl - Type : ACT_GATHER_INFO
2014-07-06 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2270-1.nasl - Type : ACT_GATHER_INFO
2014-07-06 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2269-1.nasl - Type : ACT_GATHER_INFO
2014-07-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2268-1.nasl - Type : ACT_GATHER_INFO
2014-07-06 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2267-1.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2014-11-08 13:32:09
  • Multiple Updates
2014-07-28 21:21:47
  • First insertion