ALAS-2014-455 ---- kernel perfID: oval:org.secpod.oval:def:1600061 | Date: (C)2016-01-19 (M)2024-04-17 |
Class: PATCH | Family: unix |
The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service via a malformed INIT chunk. The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service via . values in both arguments to the pivot_root system call. The do_double_fault function in arch/x86/kernel/traps.c in the Linux kernel through 3.17.4 does not properly handle faults associated with the Stack Segment segment register, which allows local users to cause a denial of service via a modify_ldt system call, as demonstrated by sigreturn_32 in the linux-clock-tests test suite. A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a #SS fault on an erroneous return to user space. A local, unprivileged user could use this flaw to escalate their privileges on the system
Platform: |
Amazon Linux AMI |