CVE-2014-8134)A flaw in the handling of malformed ASCONF chunks by SCTP (Stream ControlTransmission Protocol) implementation in the Linux kernel was discovered. Aremote attacker could exploit this flaw to cause a denial of service(system crash). (CVE-2014-3673)A flaw in the handling of duplicate ASCONF chunks by SCTP (Stream ControlTransmission Protocol) implementation in the Linux kernel was discovered. Aremote attacker could exploit this flaw to cause a denial of service(panic). (CVE-2014-3687)It was discovered that excessive queuing by SCTP (Stream ControlTransmission Protocol) implementation in the Linux kernel can cause memorypressure. A remote attacker could exploit this flaw to cause a denial ofservice. (CVE-2014-3688)A null pointer dereference flaw was discovered in the the Linux kernel'sSCTP implementation when ASCONF is used. A remote attacker could exploitthis flaw to cause a denial of service (system crash) via a malformed INITchunk. (CVE-2014-7841)Jouni Malinen reported a flaw in the handling of fragmentation in themac8Linux subsystem of the kernel. A remote attacker could exploit thisflaw to obtain potential sensitive cleartext information by readingpackets. (CVE-2014-8709)A stack buffer overflow was discovered in the ioctl command handling forthe Technotrend/Hauppauge USB DEC devices driver. A local user couldexploit this flaw to cause a denial of service (system crash) or possiblygain privileges. (CVE-2014-8884)Andy Lutomirski discovered that the Linux kernel does not properly handlefaults associated with the Stack Segment (SS) register on the x86architecture. A local attacker could exploit this flaw to cause a denial ofservice (panic). (CVE-2014-9090)"> OVAL Reference oval:org.mitre.oval:def:28705 - CERT Civis.Net
Oval Definition:
oval:org.mitre.oval:def:28705
Revision Date:
2015-02-23
Version:
3
Title:
USN-2441-1 -- Linux kernel vulnerabilities
Description:
An information leak in the Linux kernel was discovered that could leak thehigh 16 bits of the kernel stack address on 32-bit Kernel Virtual Machine(KVM) paravirt guests. A user in the guest OS could exploit this leak toobtain information that could potentially be used to aid in attacking thekernel. (CVE-2014-8134)A flaw in the handling of malformed ASCONF chunks by SCTP (Stream ControlTransmission Protocol) implementation in the Linux kernel was discovered. Aremote attacker could exploit this flaw to cause a denial of service(system crash). (CVE-2014-3673)A flaw in the handling of duplicate ASCONF chunks by SCTP (Stream ControlTransmission Protocol) implementation in the Linux kernel was discovered. Aremote attacker could exploit this flaw to cause a denial of service(panic). (CVE-2014-3687)It was discovered that excessive queuing by SCTP (Stream ControlTransmission Protocol) implementation in the Linux kernel can cause memorypressure. A remote attacker could exploit this flaw to cause a denial ofservice. (CVE-2014-3688)A null pointer dereference flaw was discovered in the the Linux kernel'sSCTP implementation when ASCONF is used. A remote attacker could exploitthis flaw to cause a denial of service (system crash) via a malformed INITchunk. (CVE-2014-7841)Jouni Malinen reported a flaw in the handling of fragmentation in themac8Linux subsystem of the kernel. A remote attacker could exploit thisflaw to obtain potential sensitive cleartext information by readingpackets. (CVE-2014-8709)A stack buffer overflow was discovered in the ioctl command handling forthe Technotrend/Hauppauge USB DEC devices driver. A local user couldexploit this flaw to cause a denial of service (system crash) or possiblygain privileges. (CVE-2014-8884)Andy Lutomirski discovered that the Linux kernel does not properly handlefaults associated with the Stack Segment (SS) register on the x86architecture. A local attacker could exploit this flaw to cause a denial ofservice (panic). (CVE-2014-9090)