English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.703128
Category:Debian Local Security Checks
Title:Debian: Security Advisory (DSA-3128-1)
Summary:The remote host is missing an update for the Debian 'linux' package(s) announced via the DSA-3128-1 advisory.
Description:Summary:
The remote host is missing an update for the Debian 'linux' package(s) announced via the DSA-3128-1 advisory.

Vulnerability Insight:
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or information leaks.

CVE-2013-6885

It was discovered that under specific circumstances, a combination of write operations to write-combined memory and locked CPU instructions may cause a core hang on AMD 16h 00h through 0Fh processors. A local user can use this flaw to mount a denial of service (system hang) via a crafted application.

For more information please refer to the AMD CPU erratum 793 in [link moved to references]

CVE-2014-8133

It was found that the espfix functionality can be bypassed by installing a 16-bit RW data segment into GDT instead of LDT (which espfix checks for) and using it for stack. A local unprivileged user could potentially use this flaw to leak kernel stack addresses and thus allowing to bypass the ASLR protection mechanism.

CVE-2014-9419

It was found that on Linux kernels compiled with the 32 bit interfaces (CONFIG_X86_32) a malicious user program can do a partial ASLR bypass through TLS base addresses leak when attacking other programs.

CVE-2014-9529

It was discovered that the Linux kernel is affected by a race condition flaw when doing key garbage collection, allowing local users to cause a denial of service (memory corruption or panic).

CVE-2014-9584

It was found that the Linux kernel does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel memory via a crafted iso9660 image.

For the stable distribution (wheezy), these problems have been fixed in version 3.2.65-1+deb7u1. Additionally this update fixes a suspend/resume regression introduced with 3.2.65.

For the upcoming stable distribution (jessie) and the unstable distribution (sid), these problems will be fixed soon.

We recommend that you upgrade your linux packages.

Affected Software/OS:
'linux' package(s) on Debian 7.

Solution:
Please install the updated package(s).

CVSS Score:
6.9

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-6885
1029415
http://www.securitytracker.com/id/1029415
55840
http://secunia.com/advisories/55840
63983
http://www.securityfocus.com/bid/63983
DSA-3128
http://www.debian.org/security/2015/dsa-3128
FEDORA-2013-22754
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123553.html
FEDORA-2013-22866
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124199.html
FEDORA-2013-22888
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124195.html
GLSA-201407-03
http://security.gentoo.org/glsa/glsa-201407-03.xml
RHSA-2014:0285
http://rhn.redhat.com/errata/RHSA-2014-0285.html
SUSE-SU-2014:0372
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00010.html
SUSE-SU-2014:0373
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00011.html
SUSE-SU-2014:0411
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html
SUSE-SU-2014:0446
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html
SUSE-SU-2014:0459
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html
SUSE-SU-2014:0470
http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html
[kernel] 20111225 Buildworld loop seg-fault update -- I believe it is hardware
http://lists.dragonflybsd.org/pipermail/kernel/2011-December/046594.html
[oss-security] 20131127 CVE-2013-6885 AMD Publ. 51810 Errata 793 system hang
http://openwall.com/lists/oss-security/2013/11/28/1
[oss-security] 20131202 Xen Security Advisory 82 (CVE-2013-6885) - Guest triggerable AMD CPU erratum may cause host to hang
http://www.openwall.com/lists/oss-security/2013/12/02/1
http://support.amd.com/TechDocs/51810_16h_00h-0Fh_Rev_Guide.pdf
http://www.zdnet.com/blog/hardware/amd-owns-up-to-cpu-bug/18924
https://bugzilla.redhat.com/show_bug.cgi?id=1035823
xen-cve20136885-dos(89335)
https://exchange.xforce.ibmcloud.com/vulnerabilities/89335
Common Vulnerability Exposure (CVE) ID: CVE-2014-8133
62801
http://secunia.com/advisories/62801
71684
http://www.securityfocus.com/bid/71684
MDVSA-2015:058
http://www.mandriva.com/security/advisories?name=MDVSA-2015:058
RHSA-2015:1272
http://rhn.redhat.com/errata/RHSA-2015-1272.html
SUSE-SU-2015:0736
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html
USN-2490-1
http://www.ubuntu.com/usn/USN-2490-1
USN-2491-1
http://www.ubuntu.com/usn/USN-2491-1
USN-2492-1
http://www.ubuntu.com/usn/USN-2492-1
USN-2493-1
http://www.ubuntu.com/usn/USN-2493-1
USN-2515-1
http://www.ubuntu.com/usn/USN-2515-1
USN-2516-1
http://www.ubuntu.com/usn/USN-2516-1
USN-2517-1
http://www.ubuntu.com/usn/USN-2517-1
USN-2518-1
http://www.ubuntu.com/usn/USN-2518-1
[oss-security] 20141215 Linux kernel: multiple x86_64 vulnerabilities
http://www.openwall.com/lists/oss-security/2014/12/15/6
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=41bdc78544b8a93a9c6814b8bbbfef966272abbe
https://bugzilla.redhat.com/show_bug.cgi?id=1172797
https://github.com/torvalds/linux/commit/41bdc78544b8a93a9c6814b8bbbfef966272abbe
openSUSE-SU-2015:0566
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-9419
BugTraq ID: 71794
http://www.securityfocus.com/bid/71794
Debian Security Information: DSA-3128 (Google Search)
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147973.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147864.html
http://www.openwall.com/lists/oss-security/2014/12/25/1
RedHat Security Advisories: RHSA-2015:1081
http://rhn.redhat.com/errata/RHSA-2015-1081.html
SuSE Security Announcement: SUSE-SU-2015:0529 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html
SuSE Security Announcement: SUSE-SU-2015:0736 (Google Search)
SuSE Security Announcement: openSUSE-SU-2015:0714 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html
http://www.ubuntu.com/usn/USN-2541-1
http://www.ubuntu.com/usn/USN-2542-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-9529
BugTraq ID: 71880
http://www.securityfocus.com/bid/71880
http://www.openwall.com/lists/oss-security/2015/01/06/10
RedHat Security Advisories: RHSA-2015:0864
http://rhn.redhat.com/errata/RHSA-2015-0864.html
RedHat Security Advisories: RHSA-2015:1137
http://rhn.redhat.com/errata/RHSA-2015-1137.html
RedHat Security Advisories: RHSA-2015:1138
http://rhn.redhat.com/errata/RHSA-2015-1138.html
http://www.securitytracker.com/id/1036763
http://www.ubuntu.com/usn/USN-2511-1
http://www.ubuntu.com/usn/USN-2512-1
http://www.ubuntu.com/usn/USN-2513-1
http://www.ubuntu.com/usn/USN-2514-1
XForce ISS Database: linux-kernel-cve20149529-dos(99641)
https://exchange.xforce.ibmcloud.com/vulnerabilities/99641
Common Vulnerability Exposure (CVE) ID: CVE-2014-9584
71883
http://www.securityfocus.com/bid/71883
RHSA-2015:0864
RHSA-2015:1137
RHSA-2015:1138
SUSE-SU-2015:0481
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
SUSE-SU-2015:0529
SUSE-SU-2015:0652
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html
SUSE-SU-2015:0812
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
USN-2511-1
USN-2512-1
USN-2513-1
USN-2514-1
[oss-security] 20150109 Re: CVE request Linux kernel: isofs: unchecked printing of ER records
http://www.openwall.com/lists/oss-security/2015/01/09/4
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4e2024624e678f0ebb916e6192bd23c1f9fdf696
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
https://bugzilla.redhat.com/show_bug.cgi?id=1180119
https://github.com/torvalds/linux/commit/4e2024624e678f0ebb916e6192bd23c1f9fdf696
openSUSE-SU-2015:0714
CopyrightCopyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.