User: Password:
|
|
Subscribe / Log in / New account

kernel: multiple vulnerabilities

Package(s):kernel CVE #(s):CVE-2013-4512 CVE-2013-4514 CVE-2013-4515 CVE-2013-6763
Created:December 18, 2013 Updated:December 18, 2013
Description: From the Mandriva advisory:

Buffer overflow in the exitcode_proc_write function in arch/um/kernel/exitcode.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact by leveraging root privileges for a write operation (CVE-2013-4512).

Multiple buffer overflows in drivers/staging/wlags49_h2/wl_priv.c in the Linux kernel before 3.12 allow local users to cause a denial of service or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability and providing a long station-name string, related to the (1) wvlan_uil_put_info and (2) wvlan_set_station_nickname functions (CVE-2013-4514).

The bcm_char_ioctl function in drivers/staging/bcm/Bcmchar.c in the Linux kernel before 3.12 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an IOCTL_BCM_GET_DEVICE_DRIVER_INFO ioctl call (CVE-2013-4515).

The uio_mmap_physical function in drivers/uio/uio.c in the Linux kernel before 3.12 does not validate the size of a memory block, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via crafted mmap operations, a different vulnerability than CVE-2013-4511 (CVE-2013-6763).

Alerts:
Mandriva MDVSA-2014:155 kernel 2014-08-07
openSUSE openSUSE-SU-2014:0766-1 Evergreen 2014-06-06
Debian DSA-2906-1 linux-2.6 2014-04-24
Ubuntu USN-2074-1 linux-ti-omap4 2014-01-03
Ubuntu USN-2076-1 linux-ti-omap4 2014-01-03
Ubuntu USN-2072-1 linux-ti-omap4 2014-01-03
Ubuntu USN-2067-1 linux-ti-omap4 2014-01-03
Ubuntu USN-2070-1 linux-lts-saucy 2014-01-03
Ubuntu USN-2069-1 linux-lts-raring 2014-01-03
Ubuntu USN-2068-1 linux-lts-quantal 2014-01-03
Ubuntu USN-2073-1 kernel 2014-01-03
Ubuntu USN-2071-1 kernel 2014-01-03
Ubuntu USN-2075-1 kernel 2014-01-03
Ubuntu USN-2064-1 kernel 2014-01-03
Ubuntu USN-2066-1 kernel 2014-01-03
Ubuntu USN-2065-1 EC2 kernel 2014-01-03
openSUSE openSUSE-SU-2014:0247-1 kernel 2014-02-18
Mandriva MDVSA-2013:291 kernel 2013-12-18
openSUSE openSUSE-SU-2014:0204-1 kernel 2014-02-06

(Log in to post comments)


Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds