USN-2448-1: Linux kernel vulnerabilities

First published: Fri Dec 12 2014(Updated: )

Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment (SS) register in the x86 architecture. A local attacker could exploit this flaw to gain administrative privileges. (CVE-2014-9322) An information leak in the Linux kernel was discovered that could leak the high 16 bits of the kernel stack address on 32-bit Kernel Virtual Machine (KVM) paravirt guests. A user in the guest OS could exploit this leak to obtain information that could potentially be used to aid in attacking the kernel. (CVE-2014-8134) Rabin Vincent, Robert Swiecki, Russell King discovered that the ftrace subsystem of the Linux kernel does not properly handle private syscall numbers. A local user could exploit this flaw to cause a denial of service (OOPS). (CVE-2014-7826) A flaw in the handling of malformed ASCONF chunks by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel was discovered. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2014-3673) A flaw in the handling of duplicate ASCONF chunks by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel was discovered. A remote attacker could exploit this flaw to cause a denial of service (panic). (CVE-2014-3687) It was discovered that excessive queuing by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel can cause memory pressure. A remote attacker could exploit this flaw to cause a denial of service. (CVE-2014-3688) Rabin Vincent, Robert Swiecki, Russell Kinglaw discovered a flaw in how the perf subsystem of the Linux kernel handles private systecall numbers. A local user could exploit this to cause a denial of service (OOPS) or bypass ASLR protections via a crafted application. (CVE-2014-7825) Andy Lutomirski discovered a flaw in how the Linux kernel handles pivot_root when used with a chroot directory. A local user could exploit this flaw to cause a denial of service (mount-tree loop). (CVE-2014-7970) Dmitry Monakhov discovered a race condition in the ext4_file_write_iter function of the Linux kernel's ext4 filesystem. A local user could exploit this flaw to cause a denial of service (file unavailability). (CVE-2014-8086) The KVM (kernel virtual machine) subsystem of the Linux kernel miscalculates the number of memory pages during the handling of a mapping failure. A guest OS user could exploit this to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveraging guest OS privileges. (CVE-2014-8369) Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment (SS) register on the x86 architecture. A local attacker could exploit this flaw to cause a denial of service (panic). (CVE-2014-9090)

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/references
• agent/type
• agent/first-publish-date
• agent/last-modified-date
• agent/softwarecombine
• agent/severity
• collector/usn
• source/Ubuntu
• anchor-related/USN-2442-1
• anchor-related/USN-2445-1
• anchor-related/USN-2447-1
• anchor-related/USN-2417-1
• anchor-related/USN-2446-1
• anchor-related/USN-2441-1
• anchor-related/USN-2418-1
• anchor-related/USN-2443-1
• anchor-related/USN-2444-1
• anchor-related/USN-2419-1
• anchor-related/USN-2514-1
• anchor-related/USN-2513-1
• anchor-related/USN-2420-1
• anchor-related/USN-2464-1
• anchor-related/USN-2463-1
• anchor-related/USN-2491-1
• anchor-related/USN-2462-1
• agent/software-canonical-lookup
• agent/title
• agent/weakness
• agent/tags
• agent/description
• agent/event
• agent/trending
• package-manager/ubuntu
• vendor/ubuntu
• canonical/ubuntu ubuntu
• version/ubuntu ubuntu/14.10