First published: Tue Sep 02 2014(Updated: )
A bug was discovered in the handling of pathname components when used with an autofs direct mount. A local user could exploit this flaw to cause a denial of service (system crash) via an open system call. (CVE-2014-0203) Toralf Förster reported an error in the Linux kernels syscall auditing on 32 bit x86 platforms. A local user could exploit this flaw to cause a denial of service (OOPS and system crash). (CVE-2014-4508) An information leak was discovered in the control implemenation of the Advanced Linux Sound Architecture (ALSA) subsystem in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2014-4652) A use-after-free flaw was discovered in the Advanced Linux Sound Architecture (ALSA) control implementation of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash). (CVE-2014-4653) A authorization bug was discovered with the snd_ctl_elem_add function of the Advanced Linux Sound Architecture (ALSA) in the Linux kernel. A local user could exploit his bug to cause a denial of service (remove kernel controls). (CVE-2014-4654) A flaw discovered in how the snd_ctl_elem function of the Advanced Linux Sound Architecture (ALSA) handled a reference count. A local user could exploit this flaw to cause a denial of service (integer overflow and limit bypass). (CVE-2014-4655) An integer overflow flaw was discovered in the control implementation of the Advanced Linux Sound Architecture (ALSA). A local user could exploit this flaw to cause a denial of service (system crash). (CVE-2014-4656) An integer underflow flaw was discovered in the Linux kernel's handling of the backlog value for certain SCTP packets. A remote attacker could exploit this flaw to cause a denial of service (socket outage) via a crafted SCTP packet. (CVE-2014-4667) Jason Gunthorpe reported a flaw with SCTP authentication in the Linux kernel. A remote attacker could exploit this flaw to cause a denial of service (NULL pointer dereference and OOPS). (CVE-2014-5077)
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/linux-image-2.6.32-65-versatile | <2.6.32-65.131 | 2.6.32-65.131 |
=10.04 | ||
All of | ||
ubuntu/linux-image-2.6.32-65-sparc64-smp | <2.6.32-65.131 | 2.6.32-65.131 |
=10.04 | ||
All of | ||
ubuntu/linux-image-2.6.32-65-lpia | <2.6.32-65.131 | 2.6.32-65.131 |
=10.04 | ||
All of | ||
ubuntu/linux-image-2.6.32-65-powerpc | <2.6.32-65.131 | 2.6.32-65.131 |
=10.04 | ||
All of | ||
ubuntu/linux-image-2.6.32-65-preempt | <2.6.32-65.131 | 2.6.32-65.131 |
=10.04 | ||
All of | ||
ubuntu/linux-image-2.6.32-65-generic-pae | <2.6.32-65.131 | 2.6.32-65.131 |
=10.04 | ||
All of | ||
ubuntu/linux-image-2.6.32-65-virtual | <2.6.32-65.131 | 2.6.32-65.131 |
=10.04 | ||
All of | ||
ubuntu/linux-image-2.6.32-65-386 | <2.6.32-65.131 | 2.6.32-65.131 |
=10.04 | ||
All of | ||
ubuntu/linux-image-2.6.32-65-generic | <2.6.32-65.131 | 2.6.32-65.131 |
=10.04 | ||
All of | ||
ubuntu/linux-image-2.6.32-65-ia64 | <2.6.32-65.131 | 2.6.32-65.131 |
=10.04 | ||
All of | ||
ubuntu/linux-image-2.6.32-65-server | <2.6.32-65.131 | 2.6.32-65.131 |
=10.04 | ||
All of | ||
ubuntu/linux-image-2.6.32-65-powerpc64-smp | <2.6.32-65.131 | 2.6.32-65.131 |
=10.04 | ||
All of | ||
ubuntu/linux-image-2.6.32-65-powerpc-smp | <2.6.32-65.131 | 2.6.32-65.131 |
=10.04 | ||
All of | ||
ubuntu/linux-image-2.6.32-65-sparc64 | <2.6.32-65.131 | 2.6.32-65.131 |
=10.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Contains the following vulnerabilities)