Executive Summary
Summary | |
---|---|
Title | linux security update |
Informations | |||
---|---|---|---|
Name | DSA-2926 | First vendor Publication | 2014-05-12 |
Vendor | Debian | Last vendor Modification | 2014-05-12 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leaks or privilege escalation: CVE-2014-0196 Jiri Slaby discovered a race condition in the pty layer, which could lead to denial of service or privilege escalation. CVE-2014-1737 / CVE-2014-1738 Matthew Daley discovered that missing input sanitising in the FDRAWCMD ioctl and an information leak could result in privilege escalation. CVE-2014-2851 Incorrect reference counting in the ping_init_sock() function allows denial of service or privilege escalation. CVE-2014-3122 Incorrect locking of memory can result in local denial of service. For the stable distribution (wheezy), these problems have been fixed in version 3.2.57-3+deb7u1. This update also fixes a regression in the isci driver and suspend problems with certain AMD CPUs (introduced in the updated kernel from the Wheezy 7.5 point release). For the unstable distribution (sid), these problems will be fixed soon. We recommend that you upgrade your linux packages. |
Original Source
Url : http://www.debian.org/security/2014/dsa-2926 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
20 % | CWE-754 | Improper Check for Unusual or Exceptional Conditions |
20 % | CWE-416 | Use After Free |
20 % | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
20 % | CWE-362 | Race Condition |
20 % | CWE-200 | Information Exposure |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:24204 | |||
Oval ID: | oval:org.mitre.oval:def:24204 | ||
Title: | RHSA-2014:0740: kernel security and bug fix update (Important) | ||
Description: | The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important) * It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low) Note: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system. * A NULL pointer dereference flaw was found in the rds_ib_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2013-7339, Moderate) Red Hat would like to thank Matthew Daley for reporting CVE-2014-1737 and CVE-2014-1738. This update also fixes the following bugs: * A bug in the futex system call could result in an overflow when passing a very large positive timeout. As a consequence, the FUTEX_WAIT operation did not work as intended and the system call was timing out immediately. A backported patch fixes this bug by limiting very large positive timeouts to the maximal supported value. (BZ#1091832) * A new Linux Security Module (LSM) functionality related to the setrlimit hooks should produce a warning message when used by a third party module that could not cope with it. However, due to a programming error, the kernel could print this warning message when a process was setting rlimits for a different process, or if rlimits were modified by another than the main thread even though there was no incompatible third party module. This update fixes the relevant code and ensures that the kernel handles this warning message correctly. (BZ#1092869) * Previously, the kernel was unable to detect KVM on system boot if the Hyper-V emulation was enabled. A patch has been applied to ensure that both KVM and Hyper-V hypervisors are now correctly detected during system boot. (BZ#1094152) * A function in the RPC code responsible for verifying whether cached credentials match the current process did not perform the check correctly. The code checked only whether the groups in the current process credentials appear in the same order as in the cached credentials but did not ensure that no other groups are present in the cached credentials. As a consequence, when accessing files in NFS mounts, a process with the same UID and GID as the original process but with a non-matching group list could have been granted an unauthorized access to a file, or under certain circumstances, the process could have been wrongly prevented from accessing the file. The incorrect test condition has been fixed and the problem can no longer occur. (BZ#1095062) * When being under heavy load, some Fibre Channel storage devices, such as Hitachi and HP Open-V series, can send a logout (LOGO) message to the host system. However, due to a bug in the lpfc driver, this could result in a loss of active paths to the storage and the paths could not be recovered without manual intervention. This update corrects the lpfc driver to ensure automatic recovery of the lost paths to the storage in this scenario. (BZ#1096061) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:0740-00 CESA-2014:0740 CVE-2013-7339 CVE-2014-1737 CVE-2014-1738 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24338 | |||
Oval ID: | oval:org.mitre.oval:def:24338 | ||
Title: | USN-2227-1 -- linux-ti-omap4 vulnerabilities | ||
Description: | Several security issues were fixed in the kernel. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2227-1 CVE-2014-0196 CVE-2014-1738 CVE-2014-1737 CVE-2013-4483 CVE-2014-0069 CVE-2014-0077 CVE-2014-0101 CVE-2014-2309 CVE-2014-2523 CVE-2014-2672 CVE-2014-2678 CVE-2014-2706 CVE-2014-2851 | Version: | 3 |
Platform(s): | Ubuntu 12.04 | Product(s): | linux-ti-omap4 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24445 | |||
Oval ID: | oval:org.mitre.oval:def:24445 | ||
Title: | USN-2200-1 -- linux-lts-raring vulnerability | ||
Description: | The system could be made to crash or run programs as an administrator. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2200-1 CVE-2014-0196 | Version: | 5 |
Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-raring |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24487 | |||
Oval ID: | oval:org.mitre.oval:def:24487 | ||
Title: | DSA-2928-1 linux-2.6 - security update | ||
Description: | Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2928-1 CVE-2014-0196 CVE-2014-1737 CVE-2014-1738 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | linux-2.6 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24543 | |||
Oval ID: | oval:org.mitre.oval:def:24543 | ||
Title: | USN-2203-1 -- linux vulnerability | ||
Description: | The system could be made to crash or run programs as an administrator. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2203-1 CVE-2014-0196 | Version: | 5 |
Platform(s): | Ubuntu 13.10 | Product(s): | linux |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24568 | |||
Oval ID: | oval:org.mitre.oval:def:24568 | ||
Title: | USN-2234-1 -- linux-ec2 vulnerabilities | ||
Description: | Several security issues were fixed in the kernel. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2234-1 CVE-2014-3153 CVE-2013-4387 CVE-2013-4470 CVE-2013-4483 CVE-2014-1438 CVE-2014-3122 | Version: | 3 |
Platform(s): | Ubuntu 10.04 | Product(s): | linux-ec2 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24658 | |||
Oval ID: | oval:org.mitre.oval:def:24658 | ||
Title: | USN-2239-1 -- linux-lts-saucy vulnerabilities | ||
Description: | Several security issues were fixed in the kernel. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2239-1 CVE-2014-3153 CVE-2014-0155 CVE-2014-2568 CVE-2014-3122 | Version: | 3 |
Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-saucy |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24668 | |||
Oval ID: | oval:org.mitre.oval:def:24668 | ||
Title: | USN-2202-1 -- linux vulnerability | ||
Description: | The system could be made to crash or run programs as an administrator. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2202-1 CVE-2014-0196 | Version: | 5 |
Platform(s): | Ubuntu 12.10 | Product(s): | linux |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24673 | |||
Oval ID: | oval:org.mitre.oval:def:24673 | ||
Title: | USN-2199-1 -- linux-lts-quantal vulnerability | ||
Description: | The system could be made to crash or run programs as an administrator. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2199-1 CVE-2014-0196 | Version: | 5 |
Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-quantal |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24706 | |||
Oval ID: | oval:org.mitre.oval:def:24706 | ||
Title: | USN-2201-1 -- linux-lts-saucy vulnerability | ||
Description: | The system could be made to crash or run programs as an administrator. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2201-1 CVE-2014-0196 | Version: | 5 |
Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-saucy |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24732 | |||
Oval ID: | oval:org.mitre.oval:def:24732 | ||
Title: | USN-2225-1 -- linux-lts-saucy vulnerabilities | ||
Description: | Several security issues were fixed in the kernel. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2225-1 CVE-2014-1738 CVE-2014-1737 CVE-2014-0055 CVE-2014-0077 CVE-2014-0100 CVE-2014-0101 CVE-2014-2309 CVE-2014-2523 CVE-2014-2672 CVE-2014-2673 CVE-2014-2678 CVE-2014-2706 CVE-2014-2851 | Version: | 3 |
Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-saucy |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24747 | |||
Oval ID: | oval:org.mitre.oval:def:24747 | ||
Title: | USN-2204-1 -- linux vulnerability | ||
Description: | The system could be made to crash or run programs as an administrator. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2204-1 CVE-2014-0196 | Version: | 4 |
Platform(s): | Ubuntu 14.04 | Product(s): | linux |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24753 | |||
Oval ID: | oval:org.mitre.oval:def:24753 | ||
Title: | USN-2240-1 -- linux vulnerabilities | ||
Description: | Several security issues were fixed in the kernel. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2240-1 CVE-2014-3153 CVE-2014-2568 CVE-2014-3122 | Version: | 3 |
Platform(s): | Ubuntu 14.04 | Product(s): | linux |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24761 | |||
Oval ID: | oval:org.mitre.oval:def:24761 | ||
Title: | USN-2224-1 -- linux-lts-raring vulnerabilities | ||
Description: | Several security issues were fixed in the kernel. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2224-1 CVE-2014-1738 CVE-2014-1737 CVE-2014-0055 CVE-2014-0077 CVE-2014-0101 CVE-2014-2309 CVE-2014-2523 CVE-2014-2672 CVE-2014-2678 CVE-2014-2706 CVE-2014-2851 CVE-2014-3122 | Version: | 3 |
Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-raring |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24818 | |||
Oval ID: | oval:org.mitre.oval:def:24818 | ||
Title: | USN-2197-1 -- linux-ec2 vulnerability | ||
Description: | The system could be made to crash or run programs as an administrator. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2197-1 CVE-2014-0196 | Version: | 5 |
Platform(s): | Ubuntu 10.04 | Product(s): | linux-ec2 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24832 | |||
Oval ID: | oval:org.mitre.oval:def:24832 | ||
Title: | USN-2235-1 -- linux vulnerabilities | ||
Description: | Several security issues were fixed in the kernel. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2235-1 CVE-2014-3153 CVE-2014-0055 CVE-2014-3122 | Version: | 3 |
Platform(s): | Ubuntu 12.04 | Product(s): | linux |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24838 | |||
Oval ID: | oval:org.mitre.oval:def:24838 | ||
Title: | USN-2198-1 -- linux vulnerability | ||
Description: | The system could be made to crash or run programs as an administrator. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2198-1 CVE-2014-0196 | Version: | 5 |
Platform(s): | Ubuntu 12.04 | Product(s): | linux |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24844 | |||
Oval ID: | oval:org.mitre.oval:def:24844 | ||
Title: | USN-2241-1 -- linux vulnerabilities | ||
Description: | Several security issues were fixed in the kernel. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2241-1 CVE-2014-3153 CVE-2014-0155 CVE-2014-2568 CVE-2014-3122 | Version: | 3 |
Platform(s): | Ubuntu 13.10 | Product(s): | linux |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24853 | |||
Oval ID: | oval:org.mitre.oval:def:24853 | ||
Title: | USN-2223-1 -- linux-lts-quantal vulnerabilities | ||
Description: | Several security issues were fixed in the kernel. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2223-1 CVE-2014-1738 CVE-2014-1737 CVE-2013-4483 CVE-2014-0055 CVE-2014-0077 CVE-2014-0101 CVE-2014-2309 CVE-2014-2523 CVE-2014-2672 CVE-2014-2678 CVE-2014-2706 CVE-2014-2851 CVE-2014-3122 | Version: | 3 |
Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-quantal |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24860 | |||
Oval ID: | oval:org.mitre.oval:def:24860 | ||
Title: | USN-2236-1 -- linux-ti-omap4 vulnerabilities | ||
Description: | Several security issues were fixed in the kernel. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2236-1 CVE-2014-3153 CVE-2014-0055 CVE-2014-3122 | Version: | 3 |
Platform(s): | Ubuntu 12.04 | Product(s): | linux-ti-omap4 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24889 | |||
Oval ID: | oval:org.mitre.oval:def:24889 | ||
Title: | USN-2228-1 -- linux vulnerabilities | ||
Description: | Several security issues were fixed in the kernel. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2228-1 CVE-2014-1738 CVE-2014-1737 CVE-2014-0055 CVE-2014-0077 CVE-2014-0100 CVE-2014-0101 CVE-2014-2309 CVE-2014-2523 CVE-2014-2672 CVE-2014-2673 CVE-2014-2678 CVE-2014-2706 CVE-2014-2851 | Version: | 3 |
Platform(s): | Ubuntu 13.10 | Product(s): | linux |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24916 | |||
Oval ID: | oval:org.mitre.oval:def:24916 | ||
Title: | ELSA-2014:0740: kernel security and bug fix update (Important) | ||
Description: | The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important) * It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low) Note: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system. * A NULL pointer dereference flaw was found in the rds_ib_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2013-7339, Moderate) Red Hat would like to thank Matthew Daley for reporting CVE-2014-1737 and CVE-2014-1738. This update also fixes the following bugs: * A bug in the futex system call could result in an overflow when passing a very large positive timeout. As a consequence, the FUTEX_WAIT operation did not work as intended and the system call was timing out immediately. A backported patch fixes this bug by limiting very large positive timeouts to the maximal supported value. (BZ#1091832) * A new Linux Security Module (LSM) functionality related to the setrlimit hooks should produce a warning message when used by a third party module that could not cope with it. However, due to a programming error, the kernel could print this warning message when a process was setting rlimits for a different process, or if rlimits were modified by another than the main thread even though there was no incompatible third party module. This update fixes the relevant code and ensures that the kernel handles this warning message correctly. (BZ#1092869) * Previously, the kernel was unable to detect KVM on system boot if the Hyper-V emulation was enabled. A patch has been applied to ensure that both KVM and Hyper-V hypervisors are now correctly detected during system boot. (BZ#1094152) * A function in the RPC code responsible for verifying whether cached credentials match the current process did not perform the check correctly. The code checked only whether the groups in the current process credentials appear in the same order as in the cached credentials but did not ensure that no other groups are present in the cached credentials. As a consequence, when accessing files in NFS mounts, a process with the same UID and GID as the original process but with a non-matching group list could have been granted an unauthorized access to a file, or under certain circumstances, the process could have been wrongly prevented from accessing the file. The incorrect test condition has been fixed and the problem can no longer occur. (BZ#1095062) * When being under heavy load, some Fibre Channel storage devices, such as Hitachi and HP Open-V series, can send a logout (LOGO) message to the host system. However, due to a bug in the lpfc driver, this could result in a loss of active paths to the storage and the paths could not be recovered without manual intervention. This update corrects the lpfc driver to ensure automatic recovery of the lost paths to the storage in this scenario. (BZ#1096061) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014:0740-00 CVE-2013-7339 CVE-2014-1737 CVE-2014-1738 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25161 | |||
Oval ID: | oval:org.mitre.oval:def:25161 | ||
Title: | USN-2260-1 -- linux-lts-trusty vulnerabilities | ||
Description: | Several security issues were fixed in the kernel. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2260-1 CVE-2014-0196 CVE-2014-3153 CVE-2014-1738 CVE-2014-1737 CVE-2014-0077 CVE-2014-2568 CVE-2014-2851 CVE-2014-3122 | Version: | 3 |
Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-trusty |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25233 | |||
Oval ID: | oval:org.mitre.oval:def:25233 | ||
Title: | SUSE-SU-2014:0667-1 -- Security update for Linux Kernel | ||
Description: | The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to fix the following severe security issues: * CVE-2014-1737: The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. (bnc#875798) * CVE-2014-1738: The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device. (bnc#875798) * CVE-2014-0196: The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings. (bnc#875690) | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:0667-1 CVE-2014-1737 CVE-2014-1738 CVE-2014-0196 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11 | Product(s): | Linux Kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25258 | |||
Oval ID: | oval:org.mitre.oval:def:25258 | ||
Title: | RHSA-2014:0678: kernel security update (Important) | ||
Description: | The kernel packages contain the Linux kernel, the core of any Linux operating system. * A race condition flaw, leading to heap-based buffer overflows, was found in the way the Linux kernel's N_TTY line discipline (LDISC) implementation handled concurrent processing of echo output and TTY write operations originating from user space when the underlying TTY driver was PTY. An unprivileged, local user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-0196, Important) All kernel users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:0678-00 CVE-2014-0196 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 7 CentOS Linux 7 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25440 | |||
Oval ID: | oval:org.mitre.oval:def:25440 | ||
Title: | SUSE-SU-2014:0773-1 -- Security update for Linux Kernel | ||
Description: | The SUSE Linux Enterprise Server 10 Service Pack 4 LTSS kernel has been updated to fix various security issues and several bugs. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:0773-1 CVE-2013-6382 CVE-2013-7263 CVE-2013-7264 CVE-2013-7265 CVE-2014-1737 CVE-2014-1738 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 10 | Product(s): | Linux Kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27323 | |||
Oval ID: | oval:org.mitre.oval:def:27323 | ||
Title: | ELSA-2014-0740-1 -- kernel security and bug fix update (important) | ||
Description: | kernel [2.6.18-371.9.1.0.1] - i386: fix MTRR code (Zhenzhong Duan) [orabug 15862649] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203] | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-0740-1 CVE-2013-7339 CVE-2014-1737 CVE-2014-1738 | Version: | 5 |
Platform(s): | Oracle Linux 5 | Product(s): | kernel ocfs2 oracleasm kernel-PAE kernel-PAE-devel kernel-debug kernel-debug-devel kernel-devel kernel-doc kernel-headers kernel-xen kernel-xen-devel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27352 | |||
Oval ID: | oval:org.mitre.oval:def:27352 | ||
Title: | ELSA-2014-3041 -- unbreakable enterprise kernel security update (important) | ||
Description: | kernel-uek [3.8.13-35.1.2.el6uek] - floppy: don't write kernel-only members to FDRAWCMD ioctl output (Matthew Daley) [Orabug: 19028443] {CVE-2014-1738} - floppy: ignore kernel-only members in FDRAWCMD ioctl input (Matthew Daley) [Orabug: 19028436] {CVE-2014-1737} | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-3041 CVE-2014-1737 CVE-2014-1738 | Version: | 5 |
Platform(s): | Oracle Linux 6 | Product(s): | dtrace-modules kernel-uek kernel-uek-debug kernel-uek-debug-devel kernel-uek-devel kernel-uek-doc kernel-uek-firmware |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2014-05-26 | Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition... |
2014-04-18 | Linux group_info refcounter - Overflow Memory Corruption |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-04-03 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2017-0057.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-1105-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-0832-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-0773-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-0772-1.nasl - Type : ACT_GATHER_INFO |
2015-03-13 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-0290.nasl - Type : ACT_GATHER_INFO |
2014-11-20 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15852.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0801.nasl - Type : ACT_GATHER_INFO |
2014-11-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1392.nasl - Type : ACT_GATHER_INFO |
2014-11-11 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2014-0815.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2014-1168.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1101.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0900.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0800.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0772.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0520.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0512.nasl - Type : ACT_GATHER_INFO |
2014-11-04 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141014_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2014-10-22 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1392.nasl - Type : ACT_GATHER_INFO |
2014-10-22 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-201.nasl - Type : ACT_GATHER_INFO |
2014-10-20 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3082.nasl - Type : ACT_GATHER_INFO |
2014-10-20 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3083.nasl - Type : ACT_GATHER_INFO |
2014-10-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1392.nasl - Type : ACT_GATHER_INFO |
2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-392.nasl - Type : ACT_GATHER_INFO |
2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-339.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15319.nasl - Type : ACT_GATHER_INFO |
2014-08-23 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3070.nasl - Type : ACT_GATHER_INFO |
2014-08-01 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0981.nasl - Type : ACT_GATHER_INFO |
2014-07-31 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3054.nasl - Type : ACT_GATHER_INFO |
2014-07-31 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3053.nasl - Type : ACT_GATHER_INFO |
2014-07-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0786.nasl - Type : ACT_GATHER_INFO |
2014-07-30 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0981.nasl - Type : ACT_GATHER_INFO |
2014-07-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0678.nasl - Type : ACT_GATHER_INFO |
2014-07-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0981.nasl - Type : ACT_GATHER_INFO |
2014-07-24 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0786.nasl - Type : ACT_GATHER_INFO |
2014-07-24 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0678.nasl - Type : ACT_GATHER_INFO |
2014-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0557.nasl - Type : ACT_GATHER_INFO |
2014-07-17 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-140709.nasl - Type : ACT_GATHER_INFO |
2014-07-02 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-451.nasl - Type : ACT_GATHER_INFO |
2014-06-28 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2260-1.nasl - Type : ACT_GATHER_INFO |
2014-06-26 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-441.nasl - Type : ACT_GATHER_INFO |
2014-06-23 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3041.nasl - Type : ACT_GATHER_INFO |
2014-06-23 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3042.nasl - Type : ACT_GATHER_INFO |
2014-06-23 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3043.nasl - Type : ACT_GATHER_INFO |
2014-06-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0771.nasl - Type : ACT_GATHER_INFO |
2014-06-20 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140619_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2014-06-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0771.nasl - Type : ACT_GATHER_INFO |
2014-06-20 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0771.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0740-1.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-376.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-375.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-124.nasl - Type : ACT_GATHER_INFO |
2014-06-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0740.nasl - Type : ACT_GATHER_INFO |
2014-06-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0740.nasl - Type : ACT_GATHER_INFO |
2014-06-12 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140610_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2014-06-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0740.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2241-1.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2240-1.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2239-1.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2235-1.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2234-1.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2233-1.nasl - Type : ACT_GATHER_INFO |
2014-05-28 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2223-1.nasl - Type : ACT_GATHER_INFO |
2014-05-28 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2224-1.nasl - Type : ACT_GATHER_INFO |
2014-05-28 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2225-1.nasl - Type : ACT_GATHER_INFO |
2014-05-28 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2228-1.nasl - Type : ACT_GATHER_INFO |
2014-05-28 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2226-1.nasl - Type : ACT_GATHER_INFO |
2014-05-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2221-1.nasl - Type : ACT_GATHER_INFO |
2014-05-27 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2220-1.nasl - Type : ACT_GATHER_INFO |
2014-05-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2219-1.nasl - Type : ACT_GATHER_INFO |
2014-05-22 | Name : The remote Fedora host is missing a security update. File : fedora_2014-6354.nasl - Type : ACT_GATHER_INFO |
2014-05-20 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3034.nasl - Type : ACT_GATHER_INFO |
2014-05-19 | Name : The remote Fedora host is missing a security update. File : fedora_2014-6357.nasl - Type : ACT_GATHER_INFO |
2014-05-16 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-140513.nasl - Type : ACT_GATHER_INFO |
2014-05-16 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2928.nasl - Type : ACT_GATHER_INFO |
2014-05-13 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2926.nasl - Type : ACT_GATHER_INFO |
2014-05-12 | Name : The remote Fedora host is missing a security update. File : fedora_2014-6122.nasl - Type : ACT_GATHER_INFO |
2014-05-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2204-1.nasl - Type : ACT_GATHER_INFO |
2014-05-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2203-1.nasl - Type : ACT_GATHER_INFO |
2014-05-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2202-1.nasl - Type : ACT_GATHER_INFO |
2014-05-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2201-1.nasl - Type : ACT_GATHER_INFO |
2014-05-06 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2200-1.nasl - Type : ACT_GATHER_INFO |
2014-05-06 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2199-1.nasl - Type : ACT_GATHER_INFO |
2014-05-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2198-1.nasl - Type : ACT_GATHER_INFO |
2014-05-06 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2197-1.nasl - Type : ACT_GATHER_INFO |
2014-05-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2196-1.nasl - Type : ACT_GATHER_INFO |
2014-05-06 | Name : The remote Fedora host is missing a security update. File : fedora_2014-5609.nasl - Type : ACT_GATHER_INFO |
2014-04-21 | Name : The remote Fedora host is missing a security update. File : fedora_2014-5235.nasl - Type : ACT_GATHER_INFO |
2014-04-18 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3018.nasl - Type : ACT_GATHER_INFO |
2014-04-18 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3019.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-05-14 13:24:40 |
|
2014-05-12 21:28:49 |
|
2014-05-12 21:22:16 |
|