|
|
Subscribe / Log in / New account

kernel: two vulnerabilities

Package(s):kernel CVE #(s):CVE-2014-8559 CVE-2014-8133
Created:December 22, 2014 Updated:November 4, 2015
Description: From the CVE entry:

The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application. (CVE-2014-8559)

From the Red Hat bugzilla:

It was found that espfix functionality (when returning to userspace with a 16 bit stack, the CPU will not restore the high word(s) of stack pointer for us on executing iret and thus potentially leaks kernel addresses; espfix fixes this) can be bypassed by installing 16-bit RW data segment into GDT instead of LDT (which espfix checks for) and using it for stack.

A local unprivileged user could potentially use this flaw to leak kernel stack addresses. (CVE-2014-8133)

Alerts:
openSUSE openSUSE-SU-2016:0301-1 kernel 2016-02-01
Oracle ELSA-2015-2152 kernel 2015-11-25
Scientific Linux SLSA-2015:1978-1 kernel 2015-11-04
Oracle ELSA-2015-1978 kernel 2015-11-03
CentOS CESA-2015:1978 kernel 2015-11-04
Red Hat RHSA-2015:1976-01 kernel-rt 2015-11-03
Red Hat RHSA-2015:1977-01 kernel-rt 2015-11-03
Red Hat RHSA-2015:1978-01 kernel 2015-11-03
Scientific Linux SLSA-2015:1272-1 kernel 2015-08-03
Oracle ELSA-2015-3055 kernel 2.6.32 2015-08-01
Oracle ELSA-2015-3055 kernel 2.6.32 2015-08-01
Oracle ELSA-2015-3054 kernel 2.6.39 2015-08-01
Oracle ELSA-2015-3054 kernel 2.6.39 2015-08-01
Oracle ELSA-2015-1272 kernel 2015-07-29
Red Hat RHSA-2015:1272-01 kernel 2015-07-22
SUSE SUSE-SU-2015:0736-1 Real Time Linux Kernel 2015-04-20
openSUSE openSUSE-SU-2015:0714-1 kernel 2015-04-13
openSUSE openSUSE-SU-2015:0713-1 kernel 2015-04-13
SUSE SUSE-SU-2015:0581-1 kernel 2015-03-24
openSUSE openSUSE-SU-2015:0566-1 kernel 2015-03-21
Oracle ELSA-2015-3012 kernel 2015-03-19
Oracle ELSA-2015-3012 kernel 2015-03-19
SUSE SUSE-SU-2015:0529-1 the Linux Kernel 2015-03-18
Mandriva MDVSA-2015:058 kernel 2015-03-13
SUSE SUSE-SU-2015:0481-1 kernel 2015-03-11
Ubuntu USN-2517-1 linux-lts-utopic 2015-02-26
Ubuntu USN-2515-1 linux-lts-trusty 2015-02-26
Ubuntu USN-2516-1 kernel 2015-02-26
Ubuntu USN-2518-1 kernel 2015-02-26
Debian DSA-3160-1 kernel 2015-02-23
Ubuntu USN-2516-2 kernel 2015-02-28
Mageia MGASA-2015-0078 kernel-vserver 2015-02-19
Mageia MGASA-2015-0076 kernel-tmb 2015-02-19
Mageia MGASA-2015-0077 kernel-rt 2015-02-19
Mageia MGASA-2015-0075 kernel-linus 2015-02-19
Debian-LTS DLA-155-1 linux-2.6 2015-02-18
Ubuntu USN-2515-2 linux-lts-trusty 2015-03-04
Ubuntu USN-2493-1 linux-ti-omap4 2015-02-03
Ubuntu USN-2490-1 kernel 2015-02-03
Ubuntu USN-2492-1 kernel 2015-02-03
Ubuntu USN-2491-1 EC2 kernel 2015-02-03
SUSE SUSE-SU-2015:0178-1 kernel 2015-01-30
Mandriva MDVSA-2015:027 kernel 2015-01-16
SUSE SUSE-SU-2015:0068-1 the Linux Kernel 2015-01-16
SUSE SUSE-SU-2014:1695-2 Linux kernel 2015-01-14
Debian DSA-3128-1 kernel 2015-01-15
Ubuntu USN-2516-3 kernel 2015-03-04
Mageia MGASA-2015-0006 kernel 2015-01-07
openSUSE openSUSE-SU-2014:1735-1 kernel 2014-12-31
SUSE SUSE-SU-2014:1698-1 kernel 2014-12-24
SUSE SUSE-SU-2014:1695-1 kernel 2014-12-23
openSUSE openSUSE-SU-2014:1669-1 kernel 2014-12-19
openSUSE openSUSE-SU-2014:1677-1 kernel 2014-12-21
openSUSE openSUSE-SU-2014:1678-1 kernel 2014-12-21
Fedora FEDORA-2014-17283 kernel 2014-12-21
Fedora FEDORA-2014-17293 kernel 2014-12-22
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds