First published: Thu Jun 26 2014(Updated: )
The kernel packages contain the Linux kernel, the core of any Linux<br>operating system.<br><li> A flaw was found in the way the Linux kernel's floppy driver handled user</li> space provided data in certain error code paths while processing FDRAWCMD<br>IOCTL commands. A local user with write access to /dev/fdX could use this<br>flaw to free (using the kfree() function) arbitrary kernel memory.<br>(CVE-2014-1737, Important)<br><li> It was found that the Linux kernel's floppy driver leaked internal kernel</li> memory addresses to user space during the processing of the FDRAWCMD IOCTL<br>command. A local user with write access to /dev/fdX could use this flaw to<br>obtain information about the kernel heap arrangement. (CVE-2014-1738, Low)<br>Note: A local user with write access to /dev/fdX could use these two flaws<br>(CVE-2014-1737 in combination with CVE-2014-1738) to escalate their<br>privileges on the system.<br>Red Hat would like to thank Matthew Daley for reporting these issues.<br>All kernel users are advised to upgrade to these updated packages, which<br>contain backported patches to correct these issues. The system must be<br>rebooted for this update to take effect.<br>
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel | <2.6.18-238.53.1.el5 | 2.6.18-238.53.1.el5 |
redhat/kernel | <2.6.18-238.53.1.el5 | 2.6.18-238.53.1.el5 |
redhat/kernel-debug | <2.6.18-238.53.1.el5 | 2.6.18-238.53.1.el5 |
redhat/kernel-debug-debuginfo | <2.6.18-238.53.1.el5 | 2.6.18-238.53.1.el5 |
redhat/kernel-debug-devel | <2.6.18-238.53.1.el5 | 2.6.18-238.53.1.el5 |
redhat/kernel-debuginfo | <2.6.18-238.53.1.el5 | 2.6.18-238.53.1.el5 |
redhat/kernel-debuginfo-common | <2.6.18-238.53.1.el5 | 2.6.18-238.53.1.el5 |
redhat/kernel-devel | <2.6.18-238.53.1.el5 | 2.6.18-238.53.1.el5 |
redhat/kernel-doc | <2.6.18-238.53.1.el5 | 2.6.18-238.53.1.el5 |
redhat/kernel-headers | <2.6.18-238.53.1.el5 | 2.6.18-238.53.1.el5 |
redhat/kernel-xen | <2.6.18-238.53.1.el5 | 2.6.18-238.53.1.el5 |
redhat/kernel-xen-debuginfo | <2.6.18-238.53.1.el5 | 2.6.18-238.53.1.el5 |
redhat/kernel-xen-devel | <2.6.18-238.53.1.el5 | 2.6.18-238.53.1.el5 |
redhat/kernel-debug | <2.6.18-238.53.1.el5 | 2.6.18-238.53.1.el5 |
redhat/kernel-debug-debuginfo | <2.6.18-238.53.1.el5 | 2.6.18-238.53.1.el5 |
redhat/kernel-debug-devel | <2.6.18-238.53.1.el5 | 2.6.18-238.53.1.el5 |
redhat/kernel-debuginfo | <2.6.18-238.53.1.el5 | 2.6.18-238.53.1.el5 |
redhat/kernel-debuginfo-common | <2.6.18-238.53.1.el5 | 2.6.18-238.53.1.el5 |
redhat/kernel-devel | <2.6.18-238.53.1.el5 | 2.6.18-238.53.1.el5 |
redhat/kernel-headers | <2.6.18-238.53.1.el5 | 2.6.18-238.53.1.el5 |
redhat/kernel-xen | <2.6.18-238.53.1.el5 | 2.6.18-238.53.1.el5 |
redhat/kernel-xen-debuginfo | <2.6.18-238.53.1.el5 | 2.6.18-238.53.1.el5 |
redhat/kernel-xen-devel | <2.6.18-238.53.1.el5 | 2.6.18-238.53.1.el5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.