|
|
Subscribe / Log in / New account

kernel: two vulnerabilities

Package(s):linux-2.6 CVE #(s):CVE-2014-8160 CVE-2015-1593
Created:February 19, 2015 Updated:March 20, 2015
Description: From the Debian LTS advisory:

CVE-2014-8160: It was found that a netfilter (iptables or ip6tables) rule accepting packets to a specific SCTP, DCCP, GRE or UDPlite port/endpoint could result in incorrect connection tracking state. If only the generic connection tracking module (nf_conntrack) was loaded, and not the protocol-specific connection tracking module, this would allow access to any port/endpoint of the specified protocol.

CVE-2015-1593: It was found that address randomisation for the initial stack in 64-bit processes was limited to 20 rather than 22 bits of entropy. A local unprivileged user could potentially use this flaw to bypass the ASLR protection mechanism.

Alerts:
Oracle ELSA-2015-2152 kernel 2015-11-25
Oracle ELSA-2015-3064 kernel 3.8.13 2015-07-31
Oracle ELSA-2015-3064 kernel 3.8.13 2015-07-31
Scientific Linux SLSA-2015:1221-1 kernel 2015-07-15
CentOS CESA-2015:1221 kernel 2015-07-15
Oracle ELSA-2015-1221 kernel 2015-07-14
Red Hat RHSA-2015:1221-01 kernel 2015-07-14
Scientific Linux SLSA-2015:1137-1 kernel 2015-06-25
Oracle ELSA-2015-3047 kernel 2015-06-25
Oracle ELSA-2015-3047 kernel 2015-06-25
Oracle ELSA-2015-3045 kernel 2015-06-24
Oracle ELSA-2015-3045 kernel 2015-06-24
Oracle ELSA-2015-3046 kernel 2015-06-24
Oracle ELSA-2015-3046 kernel 2015-06-24
Oracle ELSA-2015-1137 kernel 2015-06-23
CentOS CESA-2015:1137 kernel 2015-06-24
Red Hat RHSA-2015:1138-01 kernel-rt 2015-06-23
Red Hat RHSA-2015:1139-01 kernel-rt 2015-06-23
Red Hat RHSA-2015:1137-01 kernel 2015-06-23
Mageia MGASA-2015-0219 kernel-tmb 2015-05-13
Mageia MGASA-2015-0221 kernel-linus 2015-05-13
Mageia MGASA-2015-0210 kernel 2015-05-11
Mageia MGASA-2015-0172 kernel-linus 2015-04-30
Mageia MGASA-2015-0171 kernel 2015-04-30
SUSE SUSE-SU-2015:0736-1 Real Time Linux Kernel 2015-04-20
openSUSE openSUSE-SU-2015:0714-1 kernel 2015-04-13
openSUSE openSUSE-SU-2015:0713-1 kernel 2015-04-13
Ubuntu USN-2561-1 linux-ti-omap4 2015-04-08
Ubuntu USN-2564-1 linux-lts-utopic 2015-04-09
Ubuntu USN-2562-1 linux-lts-trusty 2015-04-08
Ubuntu USN-2565-1 kernel 2015-04-09
Ubuntu USN-2563-1 kernel 2015-04-08
Ubuntu USN-2560-1 kernel 2015-04-08
SUSE SUSE-SU-2015:0652-1 Linux kernel 2015-04-02
Scientific Linux SLSA-2015:0290-1 kernel 2015-03-25
SUSE SUSE-SU-2015:0581-1 kernel 2015-03-24
Oracle ELSA-2015-3012 kernel 2015-03-19
Oracle ELSA-2015-3012 kernel 2015-03-19
SUSE SUSE-SU-2015:0529-1 the Linux Kernel 2015-03-18
Mandriva MDVSA-2015:058 kernel 2015-03-13
Red Hat RHSA-2015:0674-01 kernel 2015-03-11
Ubuntu USN-2514-1 linux-ti-omap4 2015-02-26
Ubuntu USN-2517-1 linux-lts-utopic 2015-02-26
Ubuntu USN-2515-1 linux-lts-trusty 2015-02-26
Ubuntu USN-2513-1 kernel 2015-02-26
Ubuntu USN-2516-1 kernel 2015-02-26
Ubuntu USN-2518-1 kernel 2015-02-26
Debian DSA-3160-1 kernel 2015-02-23
Oracle ELSA-2015-0674 kernel 2015-03-11
Red Hat RHSA-2015:0290-01 kernel 2015-03-05
Ubuntu USN-2516-2 kernel 2015-02-28
Debian-LTS DLA-155-1 linux-2.6 2015-02-18
Mandriva MDVSA-2015:057 kernel 2015-03-10
Ubuntu USN-2515-2 linux-lts-trusty 2015-03-04
Red Hat RHSA-2015:0284-01 kernel 2015-03-03
Fedora FEDORA-2015-3594 kernel 2015-03-14
CentOS CESA-2015:0674 kernel 2015-03-12
Scientific Linux SLSA-2015:0674-1 kernel 2015-03-12
Fedora FEDORA-2015-3011 kernel 2015-03-09
Ubuntu USN-2516-3 kernel 2015-03-04

to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds