| Description: | Summary:
The remote host is missing an update for the 'kernel-linus' package(s) announced via the MGASA-2014-0043 advisory.
Vulnerability Insight:
This kernel update provides an update to the 3.10 longterm branch,
currently 3.10.28 and fixes the following security issues:
The ath9k_htc_set_bssid_mask function in
drivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel through
3.12 uses a BSSID masking approach to determine the set of MAC addresses
on which a Wi-Fi device is listening, which allows remote attackers to
discover the original MAC address after spoofing by sending a series of
packets to MAC addresses with certain bit manipulations. (CVE-2013-4579)
Array index error in the kvm_vm_ioctl_create_vcpu function in
virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through
3.12.5 allows local users to gain privileges via a large id value
(CVE-2013-4587)
The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM subsystem
in the Linux kernel through 3.12.5 allows guest OS users to cause a denial
of service (divide-by-zero error and host OS crash) via crafted
modifications of the TMICT value. (CVE-2013-6367)
The KVM subsystem in the Linux kernel through 3.12.5 allows local users to
gain privileges or cause a denial of service (system crash) via a VAPIC
synchronization operation involving a page-end address. (CVE-2013-6368)
The recalculate_apic_map function in arch/x86/kvm/lapic.c in the KVM
subsystem in the Linux kernel through 3.12.5 allows guest OS users to
cause a denial of service (host OS crash) via a crafted ICR write
operation in x2apic mode. (CVE-2013-6376)
Multiple buffer underflows in the XFS implementation in the Linux kernel
through 3.12.1 allow local users to cause a denial of service (memory
corruption) or possibly have unspecified other impact by leveraging the
CAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2)
XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value,
related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c
and the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c.
(CVE-2013-6382)
Pageexec reported a bug in the Linux kernel's recvmmsg syscall when called
from code using the x32 ABI. An unprivileged local user could exploit this
flaw to cause a denial of service (system crash) or gain administrator
privileges (CVE-2014-0038)
Faults during task-switch due to unhandled FPU-exceptions allow to
kill processes at random on all affected kernels, resulting in local
DOS in the end. One some architectures, privilege escalation under
non-common circumstances is possible. (CVE-2014-1438)
The hamradio yam_ioctl() code fails to initialise the cmd field of the
struct yamdrv_ioctl_cfg leading to a 4-byte info leak. (CVE-2014-1446)
Linux kernel built with the NetFilter Connection Tracking(NF_CONNTRACK)
support for IRC protocol(NF_NAT_IRC), is vulnerable to an information
leakage flaw. It could occur when communicating over direct
client-to-client IRC connection(/dcc) via a NAT-ed network. Kernel
attempts to ... [Please see the references for more information on the vulnerabilities]
Affected Software/OS:
'kernel-linus' package(s) on Mageia 3.
Solution:
Please install the updated package(s).
CVSS Score:
7.2
CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
