Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2014.0455
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2014-0455)
Zusammenfassung:	The remote host is missing an update for the 'kernel-vserver, util-vserver' package(s) announced via the MGASA-2014-0455 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'kernel-vserver, util-vserver' package(s) announced via the MGASA-2014-0455 advisory. Vulnerability Insight: This kernel-vserver update provides an upgrade to the upstream 3.14 -longterm branch, currently based on 3.14.23 and fixes the following security issues: The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.16.1 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to (1) cause a denial of service (host OS memory corruption) or possibly have unspecified other impact by triggering a large gfn value or (2) cause a denial of service (host OS memory consumption) by triggering a small gfn value that leads to permanently pinned pages (CVE-2014-3601). The assoc_array_gc function in the associative-array implementation in lib/assoc_array.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via multiple 'keyctl newring' operations followed by a 'keyctl timeout' operation (CVE-2014-3631). The xfs_da3_fixhashpath function in fs/xfs/xfs_da_btree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash values, which allows local users to cause a denial of service (filesystem corruption, and OOPS or panic) via operations on directories that have hash collisions, as demonstrated by rmdir operations (CVE-2014-7283). The net_get_random_once implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended slow-path operation to initialize random seeds, which makes it easier for remote attackers to spoof or disrupt IP communication by leveraging the predictability of TCP sequence numbers, TCP and UDP port numbers, and IP ID values (CVE-2014-7284) The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via . (dot) values in both arguments to the pivot_root system call (CVE-2014-7970). The do_umount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAP_SYS_ADMIN capability for do_remount_sb calls that change the root filesystem to read-only, which allows local users to cause a denial of service (loss of writability) by making certain unshare system calls, clearing the / MNT_LOCKED flag, and making an MNT_FORCE umount system call (CVE-2014-7975). Other fixes: The X86_SYSFB config option has been disabled as it prevents proper KMS setup on some systems (mga#13098) The vserver patch has been updated to vs2.3.6.13 The util-vserver userspace tools has been updated to 0.30.216-pre3062 For other fixes included in this update, read the referenced changelogs. Affected Software/OS: 'kernel-vserver, util-vserver' package(s) on Mageia 4. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-3601 60830 http://secunia.com/advisories/60830 69489 http://www.securityfocus.com/bid/69489 SUSE-SU-2015:0481 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html SUSE-SU-2015:0736 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html USN-2356-1 http://www.ubuntu.com/usn/USN-2356-1 USN-2357-1 http://www.ubuntu.com/usn/USN-2357-1 USN-2358-1 http://www.ubuntu.com/usn/USN-2358-1 USN-2359-1 http://www.ubuntu.com/usn/USN-2359-1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=350b8bdd689cd2ab2c67c8a86a0be86cfa0751a7 https://bugzilla.redhat.com/show_bug.cgi?id=1131951 https://github.com/torvalds/linux/commit/350b8bdd689cd2ab2c67c8a86a0be86cfa0751a7 linux-kernel-cve20143601-dos(95689) https://exchange.xforce.ibmcloud.com/vulnerabilities/95689 openSUSE-SU-2015:0566 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html Common Vulnerability Exposure (CVE) ID: CVE-2014-3631 111298 http://osvdb.org/show/osvdb/111298 36268 http://www.exploit-db.com/exploits/36268 70095 http://www.securityfocus.com/bid/70095 USN-2378-1 http://www.ubuntu.com/usn/USN-2378-1 USN-2379-1 http://www.ubuntu.com/usn/USN-2379-1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=95389b08d93d5c06ec63ab49bd732b0069b7c35e http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.3 https://bugzilla.redhat.com/show_bug.cgi?id=1140325 https://github.com/torvalds/linux/commit/95389b08d93d5c06ec63ab49bd732b0069b7c35e Common Vulnerability Exposure (CVE) ID: CVE-2014-7283 BugTraq ID: 70261 http://www.securityfocus.com/bid/70261 http://www.openwall.com/lists/oss-security/2014/10/01/29 http://marc.info/?l=linux-xfs&m=139590613002926&w=2 RedHat Security Advisories: RHSA-2014:1943 http://rhn.redhat.com/errata/RHSA-2014-1943.html Common Vulnerability Exposure (CVE) ID: CVE-2014-7284 https://web.archive.org/web/20141002163852/http://secondlookforensics.com/ngro-linux-kernel-bug/ http://www.openwall.com/lists/oss-security/2014/10/01/19 Common Vulnerability Exposure (CVE) ID: CVE-2014-7970 BugTraq ID: 70319 http://www.securityfocus.com/bid/70319 http://www.spinics.net/lists/linux-fsdevel/msg79153.html http://www.openwall.com/lists/oss-security/2014/10/08/21 RedHat Security Advisories: RHSA-2017:1842 https://access.redhat.com/errata/RHSA-2017:1842 RedHat Security Advisories: RHSA-2017:2077 https://access.redhat.com/errata/RHSA-2017:2077 http://www.securitytracker.com/id/1030991 http://secunia.com/advisories/60174 http://secunia.com/advisories/61142 SuSE Security Announcement: SUSE-SU-2015:0736 (Google Search) http://www.ubuntu.com/usn/USN-2419-1 http://www.ubuntu.com/usn/USN-2420-1 http://www.ubuntu.com/usn/USN-2513-1 http://www.ubuntu.com/usn/USN-2514-1 XForce ISS Database: linux-kernel-cve20147970-dos(96921) https://exchange.xforce.ibmcloud.com/vulnerabilities/96921 Common Vulnerability Exposure (CVE) ID: CVE-2014-7975 BugTraq ID: 70314 http://www.securityfocus.com/bid/70314 http://www.openwall.com/lists/oss-security/2014/10/08/22 http://thread.gmane.org/gmane.linux.kernel.stable/109312 http://www.securitytracker.com/id/1031180 http://secunia.com/advisories/61145 http://secunia.com/advisories/62633 http://secunia.com/advisories/62634 http://www.ubuntu.com/usn/USN-2415-1 http://www.ubuntu.com/usn/USN-2416-1 http://www.ubuntu.com/usn/USN-2417-1 http://www.ubuntu.com/usn/USN-2418-1 http://www.ubuntu.com/usn/USN-2421-1 XForce ISS Database: linux-kernel-cve20147975-dos(96994) https://exchange.xforce.ibmcloud.com/vulnerabilities/96994
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.