- Home
- CVEs with nessus.description==The Linux Kernel was updated to fix various bugs and security issues.
CVE-2014-4699: The Linux kernel on Intel processors did not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allowed local users to leverage a race condition and gain privileges, or cause a denial of service (double fault), via a crafted application that makes ptrace and fork system calls.
CVE-2014-4667: The sctp_association_free function in net/sctp/associola.c in the Linux kernel did not properly manage a certain backlog value, which allowed remote attackers to cause a denial of service (socket outage) via a crafted SCTP packet.
CVE-2014-4171: mm/shmem.c in the Linux kernel did not properly implement the interaction between range notification and hole punching, which allowed local users to cause a denial of service (i_mutex hold) by using the mmap system call to access a hole, as demonstrated by interfering with intended shmem activity by blocking completion of (1) an MADV_REMOVE madvise call or (2) an FALLOC_FL_PUNCH_HOLE fallocate call.
CVE-2014-4508: arch/x86/kernel/entry_32.S in the Linux kernel on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allowed local users to cause a denial of service (OOPS and system crash) via an invalid syscall number, as demonstrated by number 1000.
CVE-2014-4656: Multiple integer overflows in sound/core/control.c in the ALSA control implementation in the Linux kernel allowed local users to cause a denial of service by leveraging /dev/snd/controlCX access, related to (1) index values in the snd_ctl_add function and (2) numid values in the snd_ctl_remove_numid_conflict function.
CVE-2014-4655: The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel did not properly maintain the user_ctl_count value, which allowed local users to cause a denial of service (integer overflow and limit bypass) by leveraging /dev/snd/controlCX access for a large number of SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl calls.
CVE-2014-4654: The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel did not check authorization for SNDRV_CTL_IOCTL_ELEM_REPLACE commands, which allowed local users to remove kernel controls and cause a denial of service (use-after-free and system crash) by leveraging /dev/snd/controlCX access for an ioctl call.
CVE-2014-4653: sound/core/control.c in the ALSA control implementation in the Linux kernel did not ensure possession of a read/write lock, which allowed local users to cause a denial of service (use-after-free) and obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access.
CVE-2014-4652: Race condition in the tlv handler functionality in the snd_ctl_elem_user_tlv function in sound/core/control.c in the ALSA control implementation in the Linux kernel allowed local users to obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access.
CVE-2014-4014: The capabilities implementation in the Linux kernel did not properly consider that namespaces are inapplicable to inodes, which allowed local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with group ownership of root.
CVE-2014-2309: The ip6_route_add function in net/ipv6/route.c in the Linux kernel did not properly count the addition of routes, which allowed remote attackers to cause a denial of service (memory consumption) via a flood of ICMPv6 Router Advertisement packets.
CVE-2014-3917: kernel/auditsc.c in the Linux kernel, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allowed local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number.
CVE-2014-0131: Use-after-free vulnerability in the skb_segment function in net/core/skbuff.c in the Linux kernel allowed attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation.
CVE-2014-3144: The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel did not check whether a certain length value is sufficiently large, which allowed local users to cause a denial of service (integer underflow and system crash) via crafted BPF instructions.
CVE-2014-3145: The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel used the reverse order in a certain subtraction, which allowed local users to cause a denial of service (over-read and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the
__skb_get_nlattr_nest function before the vulnerability was announced.
Additional Bug fixed :
- HID: logitech-dj: Fix USB 3.0 issue (bnc#788080).
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top