Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2014-0392)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2014.0392

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2014-0392)

Resumen: The remote host is missing an update for the 'kernel, kernel-userspace-headers, kmod-broadcom-wl, kmod-fglrx, kmod-nvidia173, kmod-nvidia304, kmod-nvidia-current, kmod-xtables-addons' package(s) announced via the MGASA-2014-0392 advisory.

Descripción: Summary:
The remote host is missing an update for the 'kernel, kernel-userspace-headers, kmod-broadcom-wl, kmod-fglrx, kmod-nvidia173, kmod-nvidia304, kmod-nvidia-current, kmod-xtables-addons' package(s) announced via the MGASA-2014-0392 advisory.

Vulnerability Insight:
This kernel update provides an update based on upstream
3.10.54 from the 3.10 -longterm branch. It also fixes the
following security issue:

The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux
kernel through 3.16.1 miscalculates the number of pages during the
handling of a mapping failure, which allows guest OS users to (1)
cause a denial of service (host OS memory corruption) or possibly
have unspecified other impact by triggering a large gfn value or
(2) cause a denial of service (host OS memory consumption) by
triggering a small gfn value that leads to permanently pinned
pages. (CVE-2014-3601)

For other changes, see the referenced changelogs.

Affected Software/OS:
'kernel, kernel-userspace-headers, kmod-broadcom-wl, kmod-fglrx, kmod-nvidia173, kmod-nvidia304, kmod-nvidia-current, kmod-xtables-addons' package(s) on Mageia 3.

Solution:
Please install the updated package(s).

CVSS Score:
4.3

CVSS Vector:
AV:A/AC:H/Au:S/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2014-3601
60830
http://secunia.com/advisories/60830
69489
http://www.securityfocus.com/bid/69489
SUSE-SU-2015:0481
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
SUSE-SU-2015:0736
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html
USN-2356-1
http://www.ubuntu.com/usn/USN-2356-1
USN-2357-1
http://www.ubuntu.com/usn/USN-2357-1
USN-2358-1
http://www.ubuntu.com/usn/USN-2358-1
USN-2359-1
http://www.ubuntu.com/usn/USN-2359-1
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=350b8bdd689cd2ab2c67c8a86a0be86cfa0751a7
https://bugzilla.redhat.com/show_bug.cgi?id=1131951
https://github.com/torvalds/linux/commit/350b8bdd689cd2ab2c67c8a86a0be86cfa0751a7
linux-kernel-cve20143601-dos(95689)
https://exchange.xforce.ibmcloud.com/vulnerabilities/95689
openSUSE-SU-2015:0566
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2014.0392
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2014-0392)
Resumen:	The remote host is missing an update for the 'kernel, kernel-userspace-headers, kmod-broadcom-wl, kmod-fglrx, kmod-nvidia173, kmod-nvidia304, kmod-nvidia-current, kmod-xtables-addons' package(s) announced via the MGASA-2014-0392 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel, kernel-userspace-headers, kmod-broadcom-wl, kmod-fglrx, kmod-nvidia173, kmod-nvidia304, kmod-nvidia-current, kmod-xtables-addons' package(s) announced via the MGASA-2014-0392 advisory. Vulnerability Insight: This kernel update provides an update based on upstream 3.10.54 from the 3.10 -longterm branch. It also fixes the following security issue: The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.16.1 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to (1) cause a denial of service (host OS memory corruption) or possibly have unspecified other impact by triggering a large gfn value or (2) cause a denial of service (host OS memory consumption) by triggering a small gfn value that leads to permanently pinned pages. (CVE-2014-3601) For other changes, see the referenced changelogs. Affected Software/OS: 'kernel, kernel-userspace-headers, kmod-broadcom-wl, kmod-fglrx, kmod-nvidia173, kmod-nvidia304, kmod-nvidia-current, kmod-xtables-addons' package(s) on Mageia 3. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:A/AC:H/Au:S/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-3601 60830 http://secunia.com/advisories/60830 69489 http://www.securityfocus.com/bid/69489 SUSE-SU-2015:0481 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html SUSE-SU-2015:0736 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html USN-2356-1 http://www.ubuntu.com/usn/USN-2356-1 USN-2357-1 http://www.ubuntu.com/usn/USN-2357-1 USN-2358-1 http://www.ubuntu.com/usn/USN-2358-1 USN-2359-1 http://www.ubuntu.com/usn/USN-2359-1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=350b8bdd689cd2ab2c67c8a86a0be86cfa0751a7 https://bugzilla.redhat.com/show_bug.cgi?id=1131951 https://github.com/torvalds/linux/commit/350b8bdd689cd2ab2c67c8a86a0be86cfa0751a7 linux-kernel-cve20143601-dos(95689) https://exchange.xforce.ibmcloud.com/vulnerabilities/95689 openSUSE-SU-2015:0566 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
Copyright	Copyright (C) 2022 Greenbone AG