oval:org.mitre.oval:def:28298
Definition Id: oval:org.mitre.oval:def:28298 | |||
Oval ID: | oval:org.mitre.oval:def:28298 | ||
Title: | USN-2421-1 -- Linux kernel vulnerabilities | ||
Description: | A flaw was discovered in how the Linux kernel's KVM (Kernel Virtual Machine) subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service (kill arbitrary processes, or system disruption) by leveraging /dev/kvm access. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3690">CVE-2014-3690</a>) Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-4608">CVE-2014-4608</a>) Andy Lutomirski discovered that the Linux kernel was not checking the CAP_SYS_ADMIN when remounting filesystems to read-only. A local user could exploit this flaw to cause a denial of service (loss of writability). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7975">CVE-2014-7975</a>) | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2421-1 CVE-2014-3690 CVE-2014-4608 CVE-2014-7975 | Version: | 5 |
Platform(s): | Ubuntu 14.10 | Product(s): | linux |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27174 | |||
Oval ID: | oval:org.mitre.oval:def:27174 | ||
Title: | Ubuntu 14.10 is installed | ||
Description: | Ubuntu 14.10 is installed | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:canonical:ubuntu_linux:14.10 | Version: | 5 |
Platform(s): | Ubuntu 14.10 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:28298 |