User: Password:
Subscribe / Log in / New account

kernel: three vulnerabilities

Package(s):kernel CVE #(s):CVE-2014-2580 CVE-2014-0077 CVE-2014-2568
Created:April 4, 2014 Updated:April 9, 2014
Description: From the Red Hat bugzilla entries [1, 2, 3]:

CVE-2014-2580: When Linux's netback sees a malformed packet, it tries to disable the interface which serves the misbehaving frontend. This involves taking a mutex, which might sleep. But in recent versions of Linux the guest transmit path is handled by NAPI in softirq context, where sleeping is not allowed. The end result is that the backend domain (often, Dom0) crashes with "scheduling while atomic". Malicious guest administrators can cause denial of service. If driver domains are not in use, the impact is a host crash.

CVE-2014-0077: A flaw was found in the way handle_rx() function handled big packets when mergeable buffers were disabled. A privileged user in the guest could use this flaw to crash the host, or, potentially, escalate their privileges to the ones of the hosting qemu process by corrupting qemu memory.

CVE-2014-2568: An information leak flaw was found in the way skb_zerocopy() copied skbs that are backed by userspace buffers (for example vhost-net and recent xen netback). Once the source skb is consumed, ubuf destructor is called and potentially releases the corresponding userspace buffers, which can then for example be repurposed, while the destination skb is still pointing to the them.

Oracle ELSA-2015-0290 kernel 2015-03-12
Oracle ELSA-2014-1392 kernel 2014-10-21
openSUSE openSUSE-SU-2014:1246-1 kernel 2014-09-28
Oracle ELSA-2014-0786 kernel 2014-07-23
SUSE SUSE-SU-2014:0908-1 Linux kernel 2014-07-17
SUSE SUSE-SU-2014:0909-1 Linux kernel 2014-07-17
SUSE SUSE-SU-2014:0910-1 Linux kernel 2014-07-17
SUSE SUSE-SU-2014:0911-1 Linux kernel 2014-07-17
SUSE SUSE-SU-2014:0912-1 Linux kernel 2014-07-17
openSUSE openSUSE-SU-2014:0856-1 kernel 2014-07-01
Ubuntu USN-2260-1 linux-lts-trusty 2014-06-27
openSUSE openSUSE-SU-2014:0840-1 kernel 2014-06-25
Red Hat RHSA-2014:0786-01 kernel 2014-06-24
Ubuntu USN-2239-1 linux-lts-saucy 2014-06-05
Ubuntu USN-2240-1 kernel 2014-06-05
Ubuntu USN-2241-1 kernel 2014-06-05
Red Hat RHSA-2014:0634-01 kernel 2014-06-04
Red Hat RHSA-2014:0593-01 kernel 2014-06-03
Ubuntu USN-2227-1 linux-ti-omap4 2014-05-27
Ubuntu USN-2225-1 linux-lts-saucy 2014-05-27
Ubuntu USN-2224-1 linux-lts-raring 2014-05-27
Ubuntu USN-2223-1 linux-lts-quantal 2014-05-27
Ubuntu USN-2228-1 kernel 2014-05-27
Ubuntu USN-2226-1 kernel 2014-05-27
Ubuntu USN-2221-1 kernel 2014-05-26
Mageia MGASA-2014-0238 kernel-vserver 2014-05-24
Mageia MGASA-2014-0234 kernel-tmb 2014-05-23
Mageia MGASA-2014-0236 kernel-tmb 2014-05-24
Mageia MGASA-2014-0237 kernel-rt 2014-05-24
Mageia MGASA-2014-0235 kernel-linus 2014-05-24
Mageia MGASA-2014-0229 kernel-vserver 2014-05-19
Mageia MGASA-2014-0228 kernel 2014-05-19
Scientific Linux SLSA-2014:0475-1 kernel 2014-05-08
Mageia MGASA-2014-0208 kernel-rt 2014-05-08
Mageia MGASA-2014-0207 kernel-linus 2014-05-08
Mageia MGASA-2014-0206 kernel 2014-05-08
CentOS CESA-2014:0475 kernel 2014-05-08
Oracle ELSA-2014-0475 kernel 2014-05-07
Red Hat RHSA-2014:0475-01 kernel 2014-05-07
CentOS CESA-2014:X009 kernel 2014-06-16
Mandriva MDVSA-2014:124 kernel 2014-06-13
Fedora FEDORA-2014-4849 kernel 2014-04-09
Fedora FEDORA-2014-4675 kernel 2014-04-04
openSUSE openSUSE-SU-2016:0301-1 kernel 2016-02-01

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds