CVE-2014-8134)Rabin Vincent, Robert Swiecki, Russell King discovered that the ftracesubsystem of the Linux kernel does not properly handle private syscallnumbers. A local user could exploit this flaw to cause a denial of service(OOPS). (CVE-2014-7826)A flaw in the handling of malformed ASCONF chunks by SCTP (Stream ControlTransmission Protocol) implementation in the Linux kernel was discovered. Aremote attacker could exploit this flaw to cause a denial of service(system crash). (CVE-2014-3673)A flaw in the handling of duplicate ASCONF chunks by SCTP (Stream ControlTransmission Protocol) implementation in the Linux kernel was discovered. Aremote attacker could exploit this flaw to cause a denial of service(panic). (CVE-2014-3687)It was discovered that excessive queuing by SCTP (Stream ControlTransmission Protocol) implementation in the Linux kernel can cause memorypressure. A remote attacker could exploit this flaw to cause a denial ofservice. (CVE-2014-3688)Rabin Vincent, Robert Swiecki, Russell Kinglaw discovered a flaw in how theperf subsystem of the Linux kernel handles private systecall numbers. Alocal user could exploit this to cause a denial of service (OOPS) or bypassASLR protections via a crafted application. (CVE-2014-7825)The KVM (kernel virtual machine) subsystem of the Linux kernelmiscalculates the number of memory pages during the handling of a mappingfailure. A guest OS user could exploit this to cause a denial of service(host OS page unpinning) or possibly have unspecified other impact byleveraging guest OS privileges. (CVE-2014-8369)Andy Lutomirski discovered that the Linux kernel does not properly handlefaults associated with the Stack Segment (SS) register on the x86architecture. A local attacker could exploit this flaw to cause a denial ofservice (panic). (CVE-2014-9090)"> OVAL Reference oval:org.mitre.oval:def:28504 - CERT Civis.Net
Oval Definition:oval:org.mitre.oval:def:28504
Revision Date:2015-02-23Version:3
Title:USN-2446-1 -- Linux kernel vulnerabilities
Description:An information leak in the Linux kernel was discovered that could leak thehigh 16 bits of the kernel stack address on 32-bit Kernel Virtual Machine(KVM) paravirt guests. A user in the guest OS could exploit this leak toobtain information that could potentially be used to aid in attacking thekernel. (CVE-2014-8134)Rabin Vincent, Robert Swiecki, Russell King discovered that the ftracesubsystem of the Linux kernel does not properly handle private syscallnumbers. A local user could exploit this flaw to cause a denial of service(OOPS). (CVE-2014-7826)A flaw in the handling of malformed ASCONF chunks by SCTP (Stream ControlTransmission Protocol) implementation in the Linux kernel was discovered. Aremote attacker could exploit this flaw to cause a denial of service(system crash). (CVE-2014-3673)A flaw in the handling of duplicate ASCONF chunks by SCTP (Stream ControlTransmission Protocol) implementation in the Linux kernel was discovered. Aremote attacker could exploit this flaw to cause a denial of service(panic). (CVE-2014-3687)It was discovered that excessive queuing by SCTP (Stream ControlTransmission Protocol) implementation in the Linux kernel can cause memorypressure. A remote attacker could exploit this flaw to cause a denial ofservice. (CVE-2014-3688)Rabin Vincent, Robert Swiecki, Russell Kinglaw discovered a flaw in how theperf subsystem of the Linux kernel handles private systecall numbers. Alocal user could exploit this to cause a denial of service (OOPS) or bypassASLR protections via a crafted application. (CVE-2014-7825)The KVM (kernel virtual machine) subsystem of the Linux kernelmiscalculates the number of memory pages during the handling of a mappingfailure. A guest OS user could exploit this to cause a denial of service(host OS page unpinning) or possibly have unspecified other impact byleveraging guest OS privileges. (CVE-2014-8369)Andy Lutomirski discovered that the Linux kernel does not properly handlefaults associated with the Stack Segment (SS) register on the x86architecture. A local attacker could exploit this flaw to cause a denial ofservice (panic). (CVE-2014-9090)
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2014-3673
CVE-2014-3687
CVE-2014-3688
CVE-2014-7825
CVE-2014-7826
CVE-2014-8134
CVE-2014-8369
CVE-2014-9090
USN-2446-1
Platform(s):Ubuntu 14.04
Product(s):linux
Definition Synopsis
  • Ubuntu 14.04 is installed
  • AND Packages match section
  • linux-image-3.13.0-43-generic is earlier than 0:3.13.0-43.72
  • OR linux-image-3.13.0-43-powerpc64-smp is earlier than 0:3.13.0-43.72
  • OR linux-image-3.13.0-43-powerpc-e500 is earlier than 0:3.13.0-43.72
  • OR linux-image-3.13.0-43-lowlatency is earlier than 0:3.13.0-43.72
  • OR linux-image-3.13.0-43-powerpc-smp is earlier than 0:3.13.0-43.72
  • OR linux-image-3.13.0-43-powerpc-e500mc is earlier than 0:3.13.0-43.72
  • OR linux-image-3.13.0-43-generic-lpae is earlier than 0:3.13.0-43.72
  • OR linux-image-3.13.0-43-powerpc64-emb is earlier than 0:3.13.0-43.72
    • BACK