What is the severity of USN-2359-1?

The severity of USN-2359-1 is considered high due to the potential for denial of service and host OS memory corruption.

How do I fix USN-2359-1?

To fix USN-2359-1, upgrade your Ubuntu 14.04 system to the patched version linux-image-3.13.0-36.63 or later.

What systems are affected by USN-2359-1?

USN-2359-1 affects Ubuntu 14.04 systems running specific versions of the linux-image packages.

What vulnerabilities are addressed in USN-2359-1?

USN-2359-1 addresses vulnerabilities related to page handling flaws in the KVM subsystem of the Linux kernel.

Can USN-2359-1 lead to data loss?

Yes, USN-2359-1 has the potential to cause data loss due to host OS memory corruption.

Vulnerability/
USN-2359-1

CWE

476

23/9/2014

USN-2359-1: Linux kernel vulnerabilities

First published: Tue Sep 23 2014(Updated: )

Jack Morgenstein reported a flaw in the page handling of the KVM (Kerenl Virtual Machine) subsystem in the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service (host OS memory corruption) or possibly have other unspecified impact on the host OS. (CVE-2014-3601) Jason Gunthorpe reported a flaw with SCTP authentication in the Linux kernel. A remote attacker could exploit this flaw to cause a denial of service (NULL pointer dereference and OOPS). (CVE-2014-5077) Chris Evans reported an flaw in the Linux kernel's handling of iso9660 (compact disk filesystem) images. An attacker who can mount a custom iso9660 image either via a CD/DVD drive or a loopback mount could cause a denial of service (system crash or reboot). (CVE-2014-5471) Chris Evans reported an flaw in the Linux kernel's handling of iso9660 (compact disk filesystem) images. An attacker who can mount a custom iso9660 image, with a self-referential CL entry, either via a CD/DVD drive or a loopback mount could cause a denial of service (unkillable mount process). (CVE-2014-5472)

Affected Software	Affected Version	How to fix
All of
ubuntu/linux-image-3.13.0-36-generic	<3.13.0-36.63	3.13.0-36.63
Ubuntu 22.04 LTS	=14.04
All of
ubuntu/linux-image-3.13.0-36-generic-lpae	<3.13.0-36.63	3.13.0-36.63
Ubuntu 22.04 LTS	=14.04
All of
ubuntu/linux-image-3.13.0-36-lowlatency	<3.13.0-36.63	3.13.0-36.63
Ubuntu 22.04 LTS	=14.04
All of
ubuntu/linux-image-3.13.0-36-powerpc-e500	<3.13.0-36.63	3.13.0-36.63
Ubuntu 22.04 LTS	=14.04
All of
ubuntu/linux-image-3.13.0-36-powerpc-e500mc	<3.13.0-36.63	3.13.0-36.63
Ubuntu 22.04 LTS	=14.04
All of
ubuntu/linux-image-3.13.0-36-powerpc-smp	<3.13.0-36.63	3.13.0-36.63
Ubuntu 22.04 LTS	=14.04
All of
ubuntu/linux-image-3.13.0-36-powerpc64-emb	<3.13.0-36.63	3.13.0-36.63
Ubuntu 22.04 LTS	=14.04
All of
ubuntu/linux-image-3.13.0-36-powerpc64-smp	<3.13.0-36.63	3.13.0-36.63
Ubuntu 22.04 LTS	=14.04

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

What is the severity of USN-2359-1?
The severity of USN-2359-1 is considered high due to the potential for denial of service and host OS memory corruption.
How do I fix USN-2359-1?
To fix USN-2359-1, upgrade your Ubuntu 14.04 system to the patched version linux-image-3.13.0-36.63 or later.
What systems are affected by USN-2359-1?
USN-2359-1 affects Ubuntu 14.04 systems running specific versions of the linux-image packages.
What vulnerabilities are addressed in USN-2359-1?
USN-2359-1 addresses vulnerabilities related to page handling flaws in the KVM subsystem of the Linux kernel.
Can USN-2359-1 lead to data loss?
Yes, USN-2359-1 has the potential to cause data loss due to host OS memory corruption.

agent/severity
agent/type
agent/first-publish-date
agent/last-modified-date
agent/title
agent/weakness
agent/references
agent/description
agent/event
agent/trending
agent/source
agent/softwarecombine
agent/tags
collector/usn
source/Ubuntu
agent/software-canonical-lookup
agent/software-canonical-lookup-request
package-manager/ubuntu
vendor/ubuntu
canonical/ubuntu 22.04 lts
version/ubuntu 22.04 lts/14.04