oval:org.mitre.oval:def:28026

Definition Id: oval:org.mitre.oval:def:28026
 
Oval ID: oval:org.mitre.oval:def:28026
Title: USN-2419-1 -- Linux kernel (Trusty HWE) vulnerabilities
Description: A flaw was discovered in how the Linux kernel&#39;s KVM (Kernel Virtual Machine) subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service (kill arbitrary processes, or system disruption) by leveraging /dev/kvm access. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3690">CVE-2014-3690</a>) Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-4608">CVE-2014-4608</a>) Andy Lutomirski discovered a flaw in how the Linux kernel handles pivot_root when used with a chroot directory. A local user could exploit this flaw to cause a denial of service (mount-tree loop). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7970">CVE-2014-7970</a>) Andy Lutomirski discovered that the Linux kernel was not checking the CAP_SYS_ADMIN when remounting filesystems to read-only. A local user could exploit this flaw to cause a denial of service (loss of writability). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7975">CVE-2014-7975</a>)
Family: unix Class: patch
Reference(s): USN-2419-1
CVE-2014-3690
CVE-2014-4608
CVE-2014-7970
CVE-2014-7975
 Version: 3
Platform(s): Ubuntu 12.04
 Product(s): linux-lts-trusty
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15824
 
Oval ID: oval:org.mitre.oval:def:15824
Title: Ubuntu 12.04 is installed
Description: Ubuntu 12.04 is installed
Family: unix Class: inventory
Reference(s): cpe:/o:canonical:ubuntu_linux:12.04
 Version: 5
Platform(s): Ubuntu 12.04
 Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:28026