CVE-2014-8134)Rabin Vincent, Robert Swiecki, Russell King discovered that the ftracesubsystem of the Linux kernel does not properly handle private syscallnumbers. A local user could exploit this flaw to cause a denial of service(OOPS). (CVE-2014-7826)A flaw in the handling of malformed ASCONF chunks by SCTP (Stream ControlTransmission Protocol) implementation in the Linux kernel was discovered. Aremote attacker could exploit this flaw to cause a denial of service(system crash). (CVE-2014-3673)A flaw in the handling of duplicate ASCONF chunks by SCTP (Stream ControlTransmission Protocol) implementation in the Linux kernel was discovered. Aremote attacker could exploit this flaw to cause a denial of service(panic). (CVE-2014-3687)It was discovered that excessive queuing by SCTP (Stream ControlTransmission Protocol) implementation in the Linux kernel can cause memorypressure. A remote attacker could exploit this flaw to cause a denial ofservice. (CVE-2014-3688)Rabin Vincent, Robert Swiecki, Russell Kinglaw discovered a flaw in how theperf subsystem of the Linux kernel handles private systecall numbers. Alocal user could exploit this to cause a denial of service (OOPS) or bypassASLR protections via a crafted application. (CVE-2014-7825)Andy Lutomirski discovered a flaw in how the Linux kernel handlespivot_root when used with a chroot directory. A local user could exploitthis flaw to cause a denial of service (mount-tree loop). (CVE-2014-7970)Dmitry Monakhov discovered a race condition in the ext4_file_write_iterfunction of the Linux kernel's ext4 filesystem. A local user could exploitthis flaw to cause a denial of service (file unavailability).(CVE-2014-8086)The KVM (kernel virtual machine) subsystem of the Linux kernelmiscalculates the number of memory pages during the handling of a mappingfailure. A guest OS user could exploit this to cause a denial of service(host OS page unpinning) or possibly have unspecified other impact byleveraging guest OS privileges. (CVE-2014-8369)Andy Lutomirski discovered that the Linux kernel does not properly handlefaults associated with the Stack Segment (SS) register on the x86architecture. A local attacker could exploit this flaw to cause a denial ofservice (panic). (CVE-2014-9090)"> OVAL Reference oval:org.mitre.oval:def:28611 - CERT Civis.Net
Oval Definition:oval:org.mitre.oval:def:28611
Revision Date:2015-02-23Version:3
Title:USN-2448-1 -- Linux kernel vulnerabilities
Description:An information leak in the Linux kernel was discovered that could leak thehigh 16 bits of the kernel stack address on 32-bit Kernel Virtual Machine(KVM) paravirt guests. A user in the guest OS could exploit this leak toobtain information that could potentially be used to aid in attacking thekernel. (CVE-2014-8134)Rabin Vincent, Robert Swiecki, Russell King discovered that the ftracesubsystem of the Linux kernel does not properly handle private syscallnumbers. A local user could exploit this flaw to cause a denial of service(OOPS). (CVE-2014-7826)A flaw in the handling of malformed ASCONF chunks by SCTP (Stream ControlTransmission Protocol) implementation in the Linux kernel was discovered. Aremote attacker could exploit this flaw to cause a denial of service(system crash). (CVE-2014-3673)A flaw in the handling of duplicate ASCONF chunks by SCTP (Stream ControlTransmission Protocol) implementation in the Linux kernel was discovered. Aremote attacker could exploit this flaw to cause a denial of service(panic). (CVE-2014-3687)It was discovered that excessive queuing by SCTP (Stream ControlTransmission Protocol) implementation in the Linux kernel can cause memorypressure. A remote attacker could exploit this flaw to cause a denial ofservice. (CVE-2014-3688)Rabin Vincent, Robert Swiecki, Russell Kinglaw discovered a flaw in how theperf subsystem of the Linux kernel handles private systecall numbers. Alocal user could exploit this to cause a denial of service (OOPS) or bypassASLR protections via a crafted application. (CVE-2014-7825)Andy Lutomirski discovered a flaw in how the Linux kernel handlespivot_root when used with a chroot directory. A local user could exploitthis flaw to cause a denial of service (mount-tree loop). (CVE-2014-7970)Dmitry Monakhov discovered a race condition in the ext4_file_write_iterfunction of the Linux kernel's ext4 filesystem. A local user could exploitthis flaw to cause a denial of service (file unavailability).(CVE-2014-8086)The KVM (kernel virtual machine) subsystem of the Linux kernelmiscalculates the number of memory pages during the handling of a mappingfailure. A guest OS user could exploit this to cause a denial of service(host OS page unpinning) or possibly have unspecified other impact byleveraging guest OS privileges. (CVE-2014-8369)Andy Lutomirski discovered that the Linux kernel does not properly handlefaults associated with the Stack Segment (SS) register on the x86architecture. A local attacker could exploit this flaw to cause a denial ofservice (panic). (CVE-2014-9090)
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2014-3673
CVE-2014-3687
CVE-2014-3688
CVE-2014-7825
CVE-2014-7826
CVE-2014-7970
CVE-2014-8086
CVE-2014-8134
CVE-2014-8369
CVE-2014-9090
USN-2448-1
Platform(s):Ubuntu 14.10
Product(s):linux
Definition Synopsis
  • Ubuntu 14.10 is installed
  • AND Packages match section
  • linux-image-3.16.0-28-lowlatency is earlier than 0:3.16.0-28.37
  • OR linux-image-3.16.0-28-powerpc64-emb is earlier than 0:3.16.0-28.37
  • OR linux-image-3.16.0-28-generic is earlier than 0:3.16.0-28.37
  • OR linux-image-3.16.0-28-powerpc-e500mc is earlier than 0:3.16.0-28.37
  • OR linux-image-3.16.0-28-powerpc64-smp is earlier than 0:3.16.0-28.37
  • OR linux-image-3.16.0-28-generic-lpae is earlier than 0:3.16.0-28.37
  • OR linux-image-3.16.0-28-powerpc-smp is earlier than 0:3.16.0-28.37
    • BACK