Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.871222
Category:Red Hat Local Security Checks
Title:RedHat Update for kernel RHSA-2014:1023-01
Summary:The remote host is missing an update for the 'kernel'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'kernel'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.

* It was found that Linux kernel's ptrace subsystem did not properly
sanitize the address-space-control bits when the program-status word (PSW)
was being set. On IBM S/390 systems, a local, unprivileged user could use
this flaw to set address-space-control bits to the kernel space, and thus
gain read and write access to kernel memory. (CVE-2014-3534, Important)

* It was found that the permission checks performed by the Linux kernel
when a netlink message was received were not sufficient. A local,
unprivileged user could potentially bypass these restrictions by passing a
netlink socket as stdout or stderr to a more privileged process and
altering the output of this process. (CVE-2014-0181, Moderate)

* It was found that a remote attacker could use a race condition flaw in
the ath_tx_aggr_sleep() function to crash the system by creating large
network traffic on the system's Atheros 9k wireless network adapter.
(CVE-2014-2672, Moderate)

* A flaw was found in the way the Linux kernel performed forking inside of
a transaction. A local, unprivileged user on a PowerPC system that supports
transactional memory could use this flaw to crash the system.
(CVE-2014-2673, Moderate)

* A race condition flaw was found in the way the Linux kernel's mac80211
subsystem implementation handled synchronization between TX and STA wake-up
code paths. A remote attacker could use this flaw to crash the system.
(CVE-2014-2706, Moderate)

* An integer underflow flaw was found in the way the Linux kernel's Stream
Control Transmission Protocol (SCTP) implementation processed certain
COOKIE_ECHO packets. By sending a specially crafted SCTP packet, a remote
attacker could use this flaw to prevent legitimate connections to a
particular SCTP server socket to be made. (CVE-2014-4667, Moderate)

Red Hat would like to thank Martin Schwidefsky of IBM for reporting
CVE-2014-3534, Andy Lutomirski for reporting CVE-2014-0181, and Gopal Reddy
Kodudula of Nokia Siemens Networks for reporting CVE-2014-4667.

This update also fixes the following bugs:

* Due to a NULL pointer dereference bug in the IPIP and SIT tunneling code,
a kernel panic could be triggered when using IPIP or SIT tunnels with
IPsec. This update restructures the related code to avoid a NULL pointer
dereference and the kernel no longer panics when using IPIP or SIT tunnels
with IPsec. (BZ#1114957)

* Previously, an IBM POWER8 system could terminate unexpectedly when the
kernel received an IRQ while handling a transactional memory re-checkpoint
critical sect ...

Description truncated, please see the referenced URL(s) for more information.

Affected Software/OS:
kernel on Red Hat Enterprise Linux Server (v. 7)

Solution:
Please Install the Updated Packages.

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-0181
http://marc.info/?l=linux-netdev&m=139828832919748&w=2
http://www.openwall.com/lists/oss-security/2014/04/23/6
RedHat Security Advisories: RHSA-2014:1959
http://rhn.redhat.com/errata/RHSA-2014-1959.html
SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
SuSE Security Announcement: SUSE-SU-2015:0652 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html
SuSE Security Announcement: SUSE-SU-2015:0736 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html
SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-2672
BugTraq ID: 66492
http://www.securityfocus.com/bid/66492
http://www.openwall.com/lists/oss-security/2014/03/30/5
http://secunia.com/advisories/57468
Common Vulnerability Exposure (CVE) ID: CVE-2014-2673
BugTraq ID: 66477
http://www.securityfocus.com/bid/66477
http://secunia.com/advisories/57436
XForce ISS Database: linux-kernel-cve20142673-dos(92113)
https://exchange.xforce.ibmcloud.com/vulnerabilities/92113
Common Vulnerability Exposure (CVE) ID: CVE-2014-2706
BugTraq ID: 66591
http://www.securityfocus.com/bid/66591
http://www.openwall.com/lists/oss-security/2014/04/01/8
http://www.securitytracker.com/id/1038201
http://secunia.com/advisories/60613
SuSE Security Announcement: SUSE-SU-2014:1316 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html
SuSE Security Announcement: SUSE-SU-2014:1319 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-3534
BugTraq ID: 68940
http://www.securityfocus.com/bid/68940
Debian Security Information: DSA-2992 (Google Search)
http://www.debian.org/security/2014/dsa-2992
http://www.osvdb.org/109546
http://www.securitytracker.com/id/1030683
http://secunia.com/advisories/59790
http://secunia.com/advisories/60351
XForce ISS Database: linux-cve20143534-priv-esc(95069)
https://exchange.xforce.ibmcloud.com/vulnerabilities/95069
Common Vulnerability Exposure (CVE) ID: CVE-2014-4667
BugTraq ID: 68224
http://www.securityfocus.com/bid/68224
http://www.openwall.com/lists/oss-security/2014/06/27/11
http://secunia.com/advisories/59777
http://secunia.com/advisories/60564
http://secunia.com/advisories/60596
http://www.ubuntu.com/usn/USN-2334-1
http://www.ubuntu.com/usn/USN-2335-1
CopyrightCopyright (C) 2014 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.