What is the severity of USN-2467-1?

The severity of USN-2467-1 is categorized as a denial of service vulnerability that can lead to system crashes.

How do I fix USN-2467-1?

To fix USN-2467-1, update to the patched kernel version 3.16.0-29.39~14.04.1 or later.

What is the impact of exploiting USN-2467-1?

Exploitation of USN-2467-1 can result in a system crash and unavailability of services.

Which Ubuntu versions are affected by USN-2467-1?

USN-2467-1 affects Ubuntu 14.04 LTS running specific versions of the Linux kernel packages.

Who discovered the vulnerability in USN-2467-1?

The null pointer dereference flaw described in USN-2467-1 was discovered in the Linux kernel's SCTP implementation.

Vulnerability/
USN-2467-1

CWE

119 476 362

13/1/2015

USN-2467-1: Linux kernel (Utopic HWE) vulnerabilities

First published: Tue Jan 13 2015(Updated: )

A null pointer dereference flaw was discovered in the the Linux kernel's SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841) A race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842) Miloš Prchlík reported a flaw in how the ARM64 platform handles a single byte overflow in __clear_user. A local user could exploit this flaw to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary. (CVE-2014-7843) A stack buffer overflow was discovered in the ioctl command handling for the Technotrend/Hauppauge USB DEC devices driver. A local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges. (CVE-2014-8884)

Affected Software	Affected Version	How to fix
All of
ubuntu/linux-image-3.16.0-29-generic	<3.16.0-29.39~14.04.1	3.16.0-29.39~14.04.1
Ubuntu 22.04 LTS	=14.04
All of
ubuntu/linux-image-3.16.0-29-generic-lpae	<3.16.0-29.39~14.04.1	3.16.0-29.39~14.04.1
Ubuntu 22.04 LTS	=14.04
All of
ubuntu/linux-image-3.16.0-29-lowlatency	<3.16.0-29.39~14.04.1	3.16.0-29.39~14.04.1
Ubuntu 22.04 LTS	=14.04
All of
ubuntu/linux-image-3.16.0-29-powerpc-e500mc	<3.16.0-29.39~14.04.1	3.16.0-29.39~14.04.1
Ubuntu 22.04 LTS	=14.04
All of
ubuntu/linux-image-3.16.0-29-powerpc-smp	<3.16.0-29.39~14.04.1	3.16.0-29.39~14.04.1
Ubuntu 22.04 LTS	=14.04
All of
ubuntu/linux-image-3.16.0-29-powerpc64-emb	<3.16.0-29.39~14.04.1	3.16.0-29.39~14.04.1
Ubuntu 22.04 LTS	=14.04
All of
ubuntu/linux-image-3.16.0-29-powerpc64-smp	<3.16.0-29.39~14.04.1	3.16.0-29.39~14.04.1
Ubuntu 22.04 LTS	=14.04

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

What is the severity of USN-2467-1?
The severity of USN-2467-1 is categorized as a denial of service vulnerability that can lead to system crashes.
How do I fix USN-2467-1?
To fix USN-2467-1, update to the patched kernel version 3.16.0-29.39~14.04.1 or later.
What is the impact of exploiting USN-2467-1?
Exploitation of USN-2467-1 can result in a system crash and unavailability of services.
Which Ubuntu versions are affected by USN-2467-1?
USN-2467-1 affects Ubuntu 14.04 LTS running specific versions of the Linux kernel packages.
Who discovered the vulnerability in USN-2467-1?
The null pointer dereference flaw described in USN-2467-1 was discovered in the Linux kernel's SCTP implementation.

agent/severity
agent/type
agent/first-publish-date
agent/last-modified-date
agent/title
agent/weakness
agent/references
agent/description
agent/event
agent/trending
agent/source
agent/softwarecombine
agent/tags
collector/usn
source/Ubuntu
agent/software-canonical-lookup
agent/software-canonical-lookup-request
package-manager/ubuntu
vendor/ubuntu
canonical/ubuntu 22.04 lts
version/ubuntu 22.04 lts/14.04