CWE
416
Advisory Published

RHSA-2014:1971: Important: kernel security and bug fix update

First published: Tue Dec 09 2014(Updated: )

<li> A flaw was found in the way the Linux kernel's SCTP implementation</li> handled malformed or duplicate Address Configuration Change Chunks<br>(ASCONF). A remote attacker could use either of these flaws to crash the<br>system. (CVE-2014-3673, CVE-2014-3687, Important)<br><li> A flaw was found in the way the Linux kernel's SCTP implementation</li> handled the association's output queue. A remote attacker could send<br>specially crafted packets that would cause the system to use an excessive<br>amount of memory, leading to a denial of service. (CVE-2014-3688,<br>Important)<br><li> Two flaws were found in the way the Apple Magic Mouse/Trackpad</li> multi-touch driver and the Minibox PicoLCD driver handled invalid HID<br>reports. An attacker with physical access to the system could use these<br>flaws to crash the system or, potentially, escalate their privileges on the<br>system. (CVE-2014-3181, CVE-2014-3186, Moderate)<br><li> A memory corruption flaw was found in the way the USB ConnectTech</li> WhiteHEAT serial driver processed completion commands sent via USB Request<br>Blocks buffers. An attacker with physical access to the system could use<br>this flaw to crash the system or, potentially, escalate their privileges on<br>the system. (CVE-2014-3185, Moderate)<br><li> A flaw was found in the way the Linux kernel's keys subsystem handled the</li> termination condition in the associative array garbage collection<br>functionality. A local, unprivileged user could use this flaw to crash the<br>system. (CVE-2014-3631, Moderate)<br><li> Multiple flaws were found in the way the Linux kernel's ALSA</li> implementation handled user controls. A local, privileged user could use<br>either of these flaws to crash the system. (CVE-2014-4654, CVE-2014-4655,<br>CVE-2014-4656, Moderate)<br><li> A flaw was found in the way the Linux kernel's VFS subsystem handled</li> reference counting when performing unmount operations on symbolic links.<br>A local, unprivileged user could use this flaw to exhaust all available<br>memory on the system or, potentially, trigger a use-after-free error,<br>resulting in a system crash or privilege escalation. (CVE-2014-5045,<br>Moderate)<br><li> A flaw was found in the way the get_dumpable() function return value was</li> interpreted in the ptrace subsystem of the Linux kernel. When<br>'fs.suid_dumpable' was set to 2, a local, unprivileged local user could<br>use this flaw to bypass intended ptrace restrictions and obtain<br>potentially sensitive information. (CVE-2013-2929, Low)<br><li> A stack overflow flaw caused by infinite recursion was found in the way</li> the Linux kernel's UDF file system implementation processed indirect ICBs.<br>An attacker with physical access to the system could use a specially<br>crafted UDF image to crash the system. (CVE-2014-6410, Low)<br><li> An information leak flaw in the way the Linux kernel handled media device</li> enumerate entities IOCTL requests could allow a local user able to access<br>the /dev/media0 device file to leak kernel memory bytes. (CVE-2014-1739,<br>Low)<br><li> An out-of-bounds read flaw in the Logitech Unifying receiver driver could</li> allow an attacker with physical access to the system to crash the system<br>or, potentially, escalate their privileges on the system. (CVE-2014-3182,<br>Low)<br><li> Multiple out-of-bounds write flaws were found in the way the Cherry</li> Cymotion keyboard driver, KYE/Genius device drivers, Logitech device<br>drivers, Monterey Genius KB29E keyboard driver, Petalynx Maxter remote<br>control driver, and Sunplus wireless desktop driver handled invalid HID<br>reports. An attacker with physical access to the system could use either of<br>these flaws to write data past an allocated memory buffer. (CVE-2014-3184,<br>Low)<br><li> An information leak flaw was found in the RAM Disks Memory Copy (rd_mcp)</li> back end driver of the iSCSI Target subsystem could allow a privileged user<br>to leak the contents of kernel memory to an iSCSI initiator remote client.<br>(CVE-2014-4027, Low)<br><li> An information leak flaw in the Linux kernel's ALSA implementation could</li> allow a local, privileged user to leak kernel memory to user space.<br>(CVE-2014-4652, Low)<br>

Affected SoftwareAffected VersionHow to fix
redhat/kernel<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-abi-whitelists<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-debug<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-debug-debuginfo<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-debug-devel<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-debuginfo<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-devel<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-doc<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-headers<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-tools<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-tools-debuginfo<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-tools-libs<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-tools-libs-devel<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/perf<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/perf-debuginfo<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/python-perf<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/python-perf-debuginfo<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-debug<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-debug-debuginfo<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-debug-devel<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-debuginfo<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-debuginfo-common-s390x<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-devel<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-headers<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-kdump<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-kdump-debuginfo<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-kdump-devel<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/perf<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/perf-debuginfo<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/python-perf<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/python-perf-debuginfo<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-bootwrapper<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-debuginfo-common-ppc64<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-tools<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-tools-debuginfo<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-tools-libs<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7
redhat/kernel-tools-libs-devel<3.10.0-123.13.1.el7
3.10.0-123.13.1.el7

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203