Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Red Hat Local Security Checks
Title:RedHat Update for kernel RHSA-2014:1023-01
Summary:The remote host is missing an update for the 'kernel'; package(s) announced via the referenced advisory.
The remote host is missing an update for the 'kernel'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.

* It was found that Linux kernel's ptrace subsystem did not properly
sanitize the address-space-control bits when the program-status word (PSW)
was being set. On IBM S/390 systems, a local, unprivileged user could use
this flaw to set address-space-control bits to the kernel space, and thus
gain read and write access to kernel memory. (CVE-2014-3534, Important)

* It was found that the permission checks performed by the Linux kernel
when a netlink message was received were not sufficient. A local,
unprivileged user could potentially bypass these restrictions by passing a
netlink socket as stdout or stderr to a more privileged process and
altering the output of this process. (CVE-2014-0181, Moderate)

* It was found that a remote attacker could use a race condition flaw in
the ath_tx_aggr_sleep() function to crash the system by creating large
network traffic on the system's Atheros 9k wireless network adapter.
(CVE-2014-2672, Moderate)

* A flaw was found in the way the Linux kernel performed forking inside of
a transaction. A local, unprivileged user on a PowerPC system that supports
transactional memory could use this flaw to crash the system.
(CVE-2014-2673, Moderate)

* A race condition flaw was found in the way the Linux kernel's mac80211
subsystem implementation handled synchronization between TX and STA wake-up
code paths. A remote attacker could use this flaw to crash the system.
(CVE-2014-2706, Moderate)

* An integer underflow flaw was found in the way the Linux kernel's Stream
Control Transmission Protocol (SCTP) implementation processed certain
COOKIE_ECHO packets. By sending a specially crafted SCTP packet, a remote
attacker could use this flaw to prevent legitimate connections to a
particular SCTP server socket to be made. (CVE-2014-4667, Moderate)

Red Hat would like to thank Martin Schwidefsky of IBM for reporting
CVE-2014-3534, Andy Lutomirski for reporting CVE-2014-0181, and Gopal Reddy
Kodudula of Nokia Siemens Networks for reporting CVE-2014-4667.

This update also fixes the following bugs:

* Due to a NULL pointer dereference bug in the IPIP and SIT tunneling code,
a kernel panic could be triggered when using IPIP or SIT tunnels with
IPsec. This update restructures the related code to avoid a NULL pointer
dereference and the kernel no longer panics when using IPIP or SIT tunnels
with IPsec. (BZ#1114957)

* Previously, an IBM POWER8 system could terminate unexpectedly when the
kernel received an IRQ while handling a transactional memory re-checkpoint
critical sect ...

Description truncated, please see the referenced URL(s) for more information.

Affected Software/OS:
kernel on Red Hat Enterprise Linux Server (v. 7)

Please Install the Updated Packages.

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-0181
RedHat Security Advisories: RHSA-2014:1959
SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:0652 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:0736 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search)
SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2014-2672
BugTraq ID: 66492
Common Vulnerability Exposure (CVE) ID: CVE-2014-2673
BugTraq ID: 66477
XForce ISS Database: linux-kernel-cve20142673-dos(92113)
Common Vulnerability Exposure (CVE) ID: CVE-2014-2706
BugTraq ID: 66591
SuSE Security Announcement: SUSE-SU-2014:1316 (Google Search)
SuSE Security Announcement: SUSE-SU-2014:1319 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2014-3534
BugTraq ID: 68940
Debian Security Information: DSA-2992 (Google Search)
XForce ISS Database: linux-cve20143534-priv-esc(95069)
Common Vulnerability Exposure (CVE) ID: CVE-2014-4667
BugTraq ID: 68224
CopyrightCopyright (C) 2014 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.