CVE-2014-3690)Don Bailey discovered a flaw in the LZO decompress algorithm used by theLinux kernel. An attacker could exploit this flaw to cause a denial ofservice (memory corruption or OOPS). (CVE-2014-4608)Andy Lutomirski discovered that the Linux kernel was not checking theCAP_SYS_ADMIN when remounting filesystems to read-only. A local user couldexploit this flaw to cause a denial of service (loss of writability).(CVE-2014-7975)">

Oval Definition:	oval:org.mitre.oval:def:28298
Revision Date: 2015-03-09 Version: 5 Title: USN-2421-1 -- Linux kernel vulnerabilities Description: A flaw was discovered in how the Linux kernel's KVM (Kernel VirtualMachine) subsystem handles the CR4 control register at VM entry on Intelprocessors. A local host OS user can exploit this to cause a denial ofservice (kill arbitrary processes, or system disruption) by leveraging/dev/kvm access. (CVE-2014-3690)Don Bailey discovered a flaw in the LZO decompress algorithm used by theLinux kernel. An attacker could exploit this flaw to cause a denial ofservice (memory corruption or OOPS). (CVE-2014-4608)Andy Lutomirski discovered that the Linux kernel was not checking theCAP_SYS_ADMIN when remounting filesystems to read-only. A local user couldexploit this flaw to cause a denial of service (loss of writability).(CVE-2014-7975) Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2014-3690 CVE-2014-4608 CVE-2014-7975 USN-2421-1 Platform(s): Ubuntu 14.10 Product(s): linux Definition Synopsis Ubuntu 14.10 is installed AND Packages match section linux-image-3.16.0-25-powerpc-smp is earlier than 0:3.16.0-25.33 OR linux-image-3.16.0-25-powerpc-e500mc is earlier than 0:3.16.0-25.33 OR linux-image-3.16.0-25-generic-lpae is earlier than 0:3.16.0-25.33 OR linux-image-3.16.0-25-generic is earlier than 0:3.16.0-25.33 OR linux-image-3.16.0-25-powerpc64-smp is earlier than 0:3.16.0-25.33 OR linux-image-3.16.0-25-lowlatency is earlier than 0:3.16.0-25.33 OR linux-image-3.16.0-25-powerpc64-emb is earlier than 0:3.16.0-25.33
BACK