| Description: | Summary:
The remote host is missing an update for the 'kernel'
package(s) announced via the referenced advisory.
Vulnerability Insight:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
* A flaw was found in the way the Linux kernel's futex subsystem handled
the requeuing of certain Priority Inheritance (PI) futexes. A local,
unprivileged user could use this flaw to escalate their privileges on the
system. (CVE-2014-3153, Important)
* A flaw was found in the way the Linux kernel's floppy driver handled user
space provided data in certain error code paths while processing FDRAWCMD
IOCTL commands. A local user with write access to /dev/fdX could use this
flaw to free (using the kfree() function) arbitrary kernel memory.
(CVE-2014-1737, Important)
* It was found that the Linux kernel's floppy driver leaked internal kernel
memory addresses to user space during the processing of the FDRAWCMD IOCTL
command. A local user with write access to /dev/fdX could use this flaw to
obtain information about the kernel heap arrangement. (CVE-2014-1738, Low)
Note: A local user with write access to /dev/fdX could use these two flaws
(CVE-2014-1737 in combination with CVE-2014-1738) to escalate their
privileges on the system.
* It was discovered that the proc_ns_follow_link() function did not
properly return the LAST_BIND value in the last pathname component as is
expected for procfs symbolic links, which could lead to excessive freeing
of memory and consequent slab corruption. A local, unprivileged user could
use this flaw to crash the system. (CVE-2014-0203, Moderate)
* A flaw was found in the way the Linux kernel handled exceptions when
user-space applications attempted to use the linkage stack. On IBM S/390
systems, a local, unprivileged user could use this flaw to crash the
system. (CVE-2014-2039, Moderate)
* An invalid pointer dereference flaw was found in the Marvell 8xxx
Libertas WLAN (libertas) driver in the Linux kernel. A local user able to
write to a file that is provided by the libertas driver and located on the
debug file system (debugfs) could use this flaw to crash the system. Note:
The debugfs file system must be mounted locally to exploit this issue.
It is not mounted by default. (CVE-2013-6378, Low)
* A denial of service flaw was discovered in the way the Linux kernel's
SELinux implementation handled files with an empty SELinux security
context. A local user who has the CAP_MAC_ADMIN capability could use this
flaw to crash the system. (CVE-2014-1874, Low)
Red Hat would like to thank Kees Cook of Google for reporting
CVE-2014-3153, Matthew Daley for reporting CVE-2014-173 ...
Description truncated, please see the referenced URL(s) for more information.
Affected Software/OS:
kernel on Red Hat Enterprise Linux Desktop (v. 6),
Red Hat Enterprise Linux Server (v. 6),
Red Hat Enterprise Linux Workstation (v. 6)
Solution:
Please Install the Updated Packages.
CVSS Score:
7.2
CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
