English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.12.2014.2444.1
Category:Ubuntu Local Security Checks
Title:Ubuntu: Security Advisory (USN-2444-1)
Summary:The remote host is missing an update for the 'linux-ti-omap4' package(s) announced via the USN-2444-1 advisory.
Description:Summary:
The remote host is missing an update for the 'linux-ti-omap4' package(s) announced via the USN-2444-1 advisory.

Vulnerability Insight:
Rabin Vincent, Robert Swiecki, Russell King discovered that the ftrace
subsystem of the Linux kernel does not properly handle private syscall
numbers. A local user could exploit this flaw to cause a denial of service
(OOPS). (CVE-2014-7826)

Rabin Vincent, Robert Swiecki, Russell Kinglaw discovered a flaw in how the
perf subsystem of the Linux kernel handles private systecall numbers. A
local user could exploit this to cause a denial of service (OOPS) or bypass
ASLR protections via a crafted application. (CVE-2014-7825)

A null pointer dereference flaw was discovered in the Linux kernel's
SCTP implementation when ASCONF is used. A remote attacker could exploit
this flaw to cause a denial of service (system crash) via a malformed INIT
chunk. (CVE-2014-7841)

A stack buffer overflow was discovered in the ioctl command handling for
the Technotrend/Hauppauge USB DEC devices driver. A local user could
exploit this flaw to cause a denial of service (system crash) or possibly
gain privileges. (CVE-2014-8884)

Affected Software/OS:
'linux-ti-omap4' package(s) on Ubuntu 12.04.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-7825
70972
http://www.securityfocus.com/bid/70972
RHSA-2014:1943
http://rhn.redhat.com/errata/RHSA-2014-1943.html
RHSA-2015:0290
http://rhn.redhat.com/errata/RHSA-2015-0290.html
RHSA-2015:0864
http://rhn.redhat.com/errata/RHSA-2015-0864.html
[oss-security] 20141106 Exploitable issues in Linux perf/ftrace subsystems
http://www.openwall.com/lists/oss-security/2014/11/06/11
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=086ba77a6db00ed858ff07451bedee197df868c9
https://bugzilla.redhat.com/show_bug.cgi?id=1161565
https://github.com/torvalds/linux/commit/086ba77a6db00ed858ff07451bedee197df868c9
linux-kernel-cve20147825-dos(98557)
https://exchange.xforce.ibmcloud.com/vulnerabilities/98557
Common Vulnerability Exposure (CVE) ID: CVE-2014-7826
70971
http://www.securityfocus.com/bid/70971
SUSE-SU-2015:0481
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
linux-kernel-cve20147826-dos(98556)
https://exchange.xforce.ibmcloud.com/vulnerabilities/98556
openSUSE-SU-2015:0566
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-7841
62305
http://secunia.com/advisories/62305
62597
http://secunia.com/advisories/62597
62735
http://secunia.com/advisories/62735
71081
http://www.securityfocus.com/bid/71081
DSA-3093
http://www.debian.org/security/2014/dsa-3093
RHSA-2015:0087
http://rhn.redhat.com/errata/RHSA-2015-0087.html
RHSA-2015:0102
http://rhn.redhat.com/errata/RHSA-2015-0102.html
RHSA-2015:0284
http://rhn.redhat.com/errata/RHSA-2015-0284.html
RHSA-2015:0285
http://rhn.redhat.com/errata/RHSA-2015-0285.html
RHSA-2015:0695
http://rhn.redhat.com/errata/RHSA-2015-0695.html
SUSE-SU-2015:0529
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html
SUSE-SU-2015:0652
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html
[oss-security] 20141113 CVE-2014-7841 Linux kernel: net: sctp: NULL pointer dereference in af->from_addr_param on malformed packet
http://www.openwall.com/lists/oss-security/2014/11/13/6
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e40607cbe270a9e8360907cb1e62ddf0736e4864
http://linux.oracle.com/errata/ELSA-2015-3004.html
http://linux.oracle.com/errata/ELSA-2015-3005.html
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4
https://bugzilla.redhat.com/show_bug.cgi?id=1163087
https://github.com/torvalds/linux/commit/e40607cbe270a9e8360907cb1e62ddf0736e4864
https://support.f5.com/kb/en-us/solutions/public/16000/000/sol16016.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-8884
Debian Security Information: DSA-3093 (Google Search)
http://www.openwall.com/lists/oss-security/2014/11/14/7
RedHat Security Advisories: RHSA-2015:0290
RedHat Security Advisories: RHSA-2015:0782
http://rhn.redhat.com/errata/RHSA-2015-0782.html
RedHat Security Advisories: RHSA-2015:0864
CopyrightCopyright (C) 2022 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.