CVE-2014-8134)A flaw in the handling of malformed ASCONF chunks by SCTP (Stream ControlTransmission Protocol) implementation in the Linux kernel was discovered. Aremote attacker could exploit this flaw to cause a denial of service(system crash). (CVE-2014-3673)A flaw in the handling of duplicate ASCONF chunks by SCTP (Stream ControlTransmission Protocol) implementation in the Linux kernel was discovered. Aremote attacker could exploit this flaw to cause a denial of service(panic). (CVE-2014-3687)It was discovered that excessive queuing by SCTP (Stream ControlTransmission Protocol) implementation in the Linux kernel can cause memorypressure. A remote attacker could exploit this flaw to cause a denial ofservice. (CVE-2014-3688)A null pointer dereference flaw was discovered in the the Linux kernel'sSCTP implementation when ASCONF is used. A remote attacker could exploitthis flaw to cause a denial of service (system crash) via a malformed INITchunk. (CVE-2014-7841)Jouni Malinen reported a flaw in the handling of fragmentation in themac8Linux subsystem of the kernel. A remote attacker could exploit thisflaw to obtain potential sensitive cleartext information by readingpackets. (CVE-2014-8709)A stack buffer overflow was discovered in the ioctl command handling forthe Technotrend/Hauppauge USB DEC devices driver. A local user couldexploit this flaw to cause a denial of service (system crash) or possiblygain privileges. (CVE-2014-8884)Andy Lutomirski discovered that the Linux kernel does not properly handlefaults associated with the Stack Segment (SS) register on the x86architecture. A local attacker could exploit this flaw to cause a denial ofservice (panic). (CVE-2014-9090)"> OVAL Reference oval:org.mitre.oval:def:28705 - CERT Civis.Net
Oval Definition:oval:org.mitre.oval:def:28705
Revision Date:2015-02-23Version:3
Title:USN-2441-1 -- Linux kernel vulnerabilities
Description:An information leak in the Linux kernel was discovered that could leak thehigh 16 bits of the kernel stack address on 32-bit Kernel Virtual Machine(KVM) paravirt guests. A user in the guest OS could exploit this leak toobtain information that could potentially be used to aid in attacking thekernel. (CVE-2014-8134)A flaw in the handling of malformed ASCONF chunks by SCTP (Stream ControlTransmission Protocol) implementation in the Linux kernel was discovered. Aremote attacker could exploit this flaw to cause a denial of service(system crash). (CVE-2014-3673)A flaw in the handling of duplicate ASCONF chunks by SCTP (Stream ControlTransmission Protocol) implementation in the Linux kernel was discovered. Aremote attacker could exploit this flaw to cause a denial of service(panic). (CVE-2014-3687)It was discovered that excessive queuing by SCTP (Stream ControlTransmission Protocol) implementation in the Linux kernel can cause memorypressure. A remote attacker could exploit this flaw to cause a denial ofservice. (CVE-2014-3688)A null pointer dereference flaw was discovered in the the Linux kernel'sSCTP implementation when ASCONF is used. A remote attacker could exploitthis flaw to cause a denial of service (system crash) via a malformed INITchunk. (CVE-2014-7841)Jouni Malinen reported a flaw in the handling of fragmentation in themac8Linux subsystem of the kernel. A remote attacker could exploit thisflaw to obtain potential sensitive cleartext information by readingpackets. (CVE-2014-8709)A stack buffer overflow was discovered in the ioctl command handling forthe Technotrend/Hauppauge USB DEC devices driver. A local user couldexploit this flaw to cause a denial of service (system crash) or possiblygain privileges. (CVE-2014-8884)Andy Lutomirski discovered that the Linux kernel does not properly handlefaults associated with the Stack Segment (SS) register on the x86architecture. A local attacker could exploit this flaw to cause a denial ofservice (panic). (CVE-2014-9090)
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2014-3673
CVE-2014-3687
CVE-2014-3688
CVE-2014-7841
CVE-2014-8134
CVE-2014-8709
CVE-2014-8884
CVE-2014-9090
USN-2441-1
Platform(s):Ubuntu 10.04
Product(s):linux
Definition Synopsis
  • Ubuntu 10.04 is installed
  • AND Packages match section
  • linux-image-2.6.32-70-generic-pae is earlier than 0:2.6.32-70.137
  • OR linux-image-2.6.32-70-preempt is earlier than 0:2.6.32-70.137
  • OR linux-image-2.6.32-70-lpia is earlier than 0:2.6.32-70.137
  • OR linux-image-2.6.32-70-sparc64 is earlier than 0:2.6.32-70.137
  • OR linux-image-2.6.32-70-server is earlier than 0:2.6.32-70.137
  • OR linux-image-2.6.32-70-powerpc-smp is earlier than 0:2.6.32-70.137
  • OR linux-image-2.6.32-70-versatile is earlier than 0:2.6.32-70.137
  • OR linux-image-2.6.32-70-powerpc64-smp is earlier than 0:2.6.32-70.137
  • OR linux-image-2.6.32-70-386 is earlier than 0:2.6.32-70.137
  • OR linux-image-2.6.32-70-generic is earlier than 0:2.6.32-70.137
  • OR linux-image-2.6.32-70-powerpc is earlier than 0:2.6.32-70.137
  • OR linux-image-2.6.32-70-sparc64-smp is earlier than 0:2.6.32-70.137
  • OR linux-image-2.6.32-70-virtual is earlier than 0:2.6.32-70.137
  • OR linux-image-2.6.32-70-ia64 is earlier than 0:2.6.32-70.137
    • BACK