OVAL Reference oval:com.ubuntu.xenial:def:20143144000

Oval Definition:

oval:com.ubuntu.xenial:def:20143144000

Revision Date:	2014-05-11	Version:	1
Title:	CVE-2014-3144 on Ubuntu 16.04 LTS (xenial) - medium.
Description:	The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service (integer underflow and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr and __skb_get_nlattr_nest functions before the vulnerability was announced. A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2014-3144
Platform(s):	Ubuntu 16.04 LTS	Product(s):
Definition Synopsis
Ubuntu 16.04 LTS (xenial) is installed. AND Package Information NOT While related to the CVE in some way, the 'linux' package in xenial is not affected (note: '4.2.0-16.19'). OR NOT While related to the CVE in some way, the 'linux-aws' package in xenial is not affected (note: '4.4.0-1001.10'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR NOT While related to the CVE in some way, the 'linux-gke' package in xenial is not affected (note: '4.4.0-1003.3'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR NOT While related to the CVE in some way, the 'linux-hwe' package in xenial is not affected (note: '4.8.0-36.36~16.04.1'). OR NOT While related to the CVE in some way, the 'linux-hwe-edge' package in xenial is not affected (note: '4.8.0-36.36~16.04.1'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR NOT While related to the CVE in some way, the 'linux-raspi2' package in xenial is not affected (note: '4.2.0-1013.19'). OR NOT While related to the CVE in some way, the 'linux-snapdragon' package in xenial is not affected (note: '4.4.0-1012.12').

BACK