User: Password:
|
|
Subscribe / Log in / New account

kernel: multiple vulnerabilities

Package(s):kernel CVE #(s):CVE-2014-1438 CVE-2014-1446 CVE-2014-1690
Created:February 10, 2014 Updated:February 12, 2014
Description: From the CVE entries:

The restore_fpu_checking function in arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8 on the AMD K7 and K8 platforms does not clear pending exceptions before proceeding to an EMMS instruction, which allows local users to cause a denial of service (task kill) or possibly gain privileges via a crafted application. (CVE-2014-1438)

The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability for an SIOCYAMGCFG ioctl call. (CVE-2014-1446)

Linux kernel built with the NetFilter Connection Tracking(NF_CONNTRACK) support for IRC protocol(NF_NAT_IRC), is vulnerable to an information leakage flaw. It could occur when communicating over direct client-to-client IRC connection(/dcc) via a NAT-ed network. Kernel attempts to mangle IRC TCP packet's content, wherein an uninitialised 'buffer' object is copied to a socket buffer and sent over to the other end of a connection. (CVE-2014-1690)

Alerts:
SUSE SUSE-SU-2014:0908-1 Linux kernel 2014-07-17
SUSE SUSE-SU-2014:0909-1 Linux kernel 2014-07-17
SUSE SUSE-SU-2014:0910-1 Linux kernel 2014-07-17
SUSE SUSE-SU-2014:0911-1 Linux kernel 2014-07-17
SUSE SUSE-SU-2014:0912-1 Linux kernel 2014-07-17
Ubuntu USN-2233-1 kernel 2014-06-05
Ubuntu USN-2234-1 EC2 kernel 2014-06-05
openSUSE openSUSE-SU-2014:0766-1 Evergreen 2014-06-06
SUSE SUSE-SU-2014:0696-1 Linux kernel 2014-05-22
openSUSE openSUSE-SU-2014:0678-1 kernel 2014-05-19
openSUSE openSUSE-SU-2014:0677-1 kernel 2014-05-19
Red Hat RHSA-2014:0439-01 kernel-rt 2014-04-28
Debian DSA-2906-1 linux-2.6 2014-04-24
SUSE SUSE-SU-2014:0536-1 Linux kernel 2014-04-16
Ubuntu USN-2158-1 linux-lts-raring 2014-03-31
Ubuntu USN-2141-1 linux-ti-omap4 2014-03-07
Ubuntu USN-2134-1 linux-ti-omap4 2014-03-07
Ubuntu USN-2139-1 linux-ti-omap4 2014-03-07
Ubuntu USN-2137-1 linux-lts-saucy 2014-03-07
Ubuntu USN-2136-1 linux-lts-raring 2014-03-07
Ubuntu USN-2135-1 linux-lts-quantal 2014-03-07
Ubuntu USN-2138-1 kernel 2014-03-07
Ubuntu USN-2140-1 kernel 2014-03-07
Ubuntu USN-2133-1 kernel 2014-03-07
Ubuntu USN-2128-1 kernel 2014-03-05
Ubuntu USN-2129-1 EC2 kernel 2014-03-05
Ubuntu USN-2113-1 linux-lts-saucy 2014-02-18
Ubuntu USN-2117-1 kernel 2014-02-18
Mageia MGASA-2014-0045 kernel-tmb 2014-02-10
Mageia MGASA-2014-0038 kernel 2014-02-08
Mandriva MDVSA-2014:038 kernel 2014-02-17
Mageia MGASA-2014-0064 kernel-vserver 2014-02-12
Mageia MGASA-2014-0055 kernel-vserver 2014-02-11
Mageia MGASA-2014-0044 kernel-rt 2014-02-10
Mageia MGASA-2014-0043 kernel-linus 2014-02-10

(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds