[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-3170-1 linux -- linux

ID: oval:org.secpod.oval:def:601968Date: (C)2015-02-25   (M)2024-02-19
Class: PATCHFamily: unix




Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leaks or privilege escalation. CVE-2013-7421 / CVE-2014-9644 It was discovered that the Crypto API allowed unprivileged users to load arbitrary kernel modules. A local user can use this flaw to exploit vulnerabilities in modules that would not normally be loaded. CVE-2014-7822 Akira Fujita found that the splice system call did not validate the given file offset and length. A local unprivileged user can use this flaw to cause filesystem corruption on ext4 filesystems, or possibly other effects. CVE-2014-8160 Florian Westphal discovered that a netfilter rule accepting packets to a specific SCTP, DCCP, GRE or UDPlite port/endpoint could result in incorrect connection tracking state. If only the generic connection tracking module was loaded, and not the protocol-specific connection tracking module, this would allow access to any port/endpoint of the specified protocol. CVE-2014-8559 It was found that kernel functions that iterate over a directory tree can dead-lock or live-lock in case some of the directory entries were recently deleted or dropped from the cache. A local unprivileged user can use this flaw for denial of service. CVE-2014-9585 Andy Lutomirski discovered that address randomisation for the vDSO in 64-bit processes is extremely biased. A local unprivileged user could potentially use this flaw to bypass the ASLR protection mechanism. CVE-2014-9683 Dmitry Chernenkov discovered that eCryptfs writes past the end of the allocated buffer during encrypted filename decoding, resulting in local denial of service. CVE-2015-0239 It was found that KVM did not correctly emulate the x86 SYSENTER instruction. An unprivileged user within a guest system that has not enabled SYSENTER, for example because the emulated CPU vendor is AMD, could potentially use this flaw to cause a denial of service or privilege escalation in that guest. CVE-2015-1420 It was discovered that the open_by_handle_at system call reads the handle size from user memory a second time after validating it. A local user with the CAP_DAC_READ_SEARCH capability could use this flaw for privilege escalation. CVE-2015-1421 It was found that the SCTP implementation could free an authentication state while it was still in use, resulting in heap corruption. This could allow remote users to cause a denial of service or privilege escalation. CVE-2015-1593 It was found that address randomisation for the initial stack in 64-bit processes was limited to 20 rather than 22 bits of entropy. A local unprivileged user could potentially use this flaw to bypass the ASLR protection mechanism.

Platform:
Debian 7.0
Product:
linux-image
Reference:
DSA-3170-1
CVE-2013-7421
CVE-2014-7822
CVE-2014-8160
CVE-2014-8559
CVE-2014-9585
CVE-2014-9644
CVE-2014-9683
CVE-2015-0239
CVE-2015-1420
CVE-2015-1421
CVE-2015-1593
CVE    11
CVE-2014-7822
CVE-2014-9644
CVE-2014-9683
CVE-2013-7421
...
CPE    2
cpe:/a:linux:linux_image
cpe:/o:debian:debian_linux:7.x

© SecPod Technologies