- Home
- CVEs with nessus.description==Updated+Red+Hat+Enterprise+MRG+Realtime+packages+that+fix+multiple+security+issues+and+add+one+enhancement+are+now+available+for+Red+Hat+Enterprise+MRG+2.5.%0A%0ARed+Hat+Product+Security+has+rated+this+update+as+having+Moderate+security+impact.+Common+Vulnerability+Scoring+System+%28CVSS%29+base+scores%2C+which+give+detailed+severity+ratings%2C+are+available+for+each+vulnerability+from+the+CVE+links+in+the+References+section.%0A%0ARed+Hat+Enterprise+MRG+%28Messaging%2C+Realtime%2C+and+Grid%29+is+a+next-generation+IT+infrastructure+for+enterprise+computing.+MRG+offers+increased+performance%2C+reliability%2C+interoperability%2C+and+faster+computing+for+enterprise+customers.%0A%0AMRG+Realtime+provides+the+highest+levels+of+predictability+for+consistent+low-latency+response+times+to+meet+the+needs+of+time-sensitive+workloads.+MRG+Realtime+also+provides+new+levels+of+determinism+by+optimizing+lengthy+kernel+code+paths+to+ensure+that+they+do+not+become+bottlenecks.+This+allows+for+better+prioritization+of+applications%2C+resulting+in+consistent%2C+predictable+response+times+for+high-priority+applications.%0A%0A++%2A+An+out-of-bounds+write+flaw+was+found+in+the+way+the+++++Apple+Magic+Mouse%2FTrackpad+multi-touch+driver+handled+++++Human+Interface+Device+%28HID%29+reports+with+an+invalid+++++size.+An+attacker+with+physical+access+to+the+system+++++could+use+this+flaw+to+crash+the+system+or%2C+potentially%2C+++++escalate+their+privileges+on+the+system.+%28CVE-2014-3181%2C+++++Moderate%29%0A%0A++%2A+A+memory+corruption+flaw+was+found+in+the+way+the+USB+++++ConnectTech+WhiteHEAT+serial+driver+processed+completion+++++commands+sent+via+USB+Request+Blocks+buffers.+An+++++attacker+with+physical+access+to+the+system+could+use+++++this+flaw+to+crash+the+system+or%2C+potentially%2C+escalate+++++their+privileges+on+the+system.+%28CVE-2014-3185%2C+++++Moderate%29%0A%0A++%2A+A+race+condition+flaw+was+found+in+the+way+the+Linux+++++kernel%27s+mmap%282%29%2C+madvise%282%29%2C+and+fallocate%282%29+system+++++calls+interacted+with+each+other+while+operating+on+++++virtual+memory+file+system+files.+A+local+user+could+use+++++this+flaw+to+cause+a+denial+of+service.+%28CVE-2014-4171%2C+++++Moderate%29%0A%0A++%2A+A+stack+overflow+flaw+caused+by+infinite+recursion+was+++++found+in+the+way+the+Linux+kernel%27s+Universal+Disk+++++Format+%28UDF%29+file+system+implementation+processed+++++indirect+Information+Control+Blocks+%28ICBs%29.+An+attacker+++++with+physical+access+to+the+system+could+use+a+specially+++++crafted+UDF+image+to+crash+the+system.+%28CVE-2014-6410%2C+++++Low%29%0A%0A++%2A+An+out-of-bounds+read+flaw+was+found+in+the+way+the+++++Logitech+Unifying+receiver+driver+handled+HID+reports+++++with+an+invalid+device_index+value.+An+attacker+with+++++physical+access+to+the+system+could+use+this+flaw+to+++++crash+the+system+or%2C+potentially%2C+escalate+their+++++privileges+on+the+system.+%28CVE-2014-3182%2C+Low%29%0A%0A++%2A+Multiple+out-of-bounds+write+flaws+were+found+in+the+++++way+the+Cherry+Cymotion+keyboard+driver%2C+KYE%2FGenius+++++device+drivers%2C+Logitech+device+drivers%2C+Monterey+++++Genius+KB29E+keyboard+driver%2C+Petalynx+Maxter+remote+++++control+driver%2C+and+Sunplus+wireless+desktop+driver+++++handled+HID+reports+with+an+invalid+report+descriptor+++++size.+An+attacker+with+physical+access+to+the+system+++++could+use+either+of+these+flaws+to+write+data+past+an+++++allocated+memory+buffer.+%28CVE-2014-3184%2C+Low%29%0A%0A++%2A+It+was+found+that+the+parse_rock_ridge_inode_internal%28%29+++++function+of+the+Linux+kernel%27s+ISOFS+implementation+did+++++not+correctly+check+relocated+directories+when+++++processing+Rock+Ridge+child+link+%28CL%29+tags.+An+attacker+++++with+physical+access+to+the+system+could+use+a+specially+++++crafted+ISO+image+to+crash+the+system+or%2C+potentially%2C+++++escalate+their+privileges+on+the+system.+%28CVE-2014-5471%2C+++++CVE-2014-5472%2C+Low%29%0A%0AThis+update+also+adds+the+following+enhancement+%3A%0A%0A++%2A+The+Solarflare+SFC9120+10GBE+Ethernet+NICs+were+not+++++supported+by+the+MRG+Realtime+kernel.+With+this+update%2C+++++the+drivers+have+been+updated+to+enable+the+Solarflare+++++SFC9120+cards+on+the+Realtime+kernel.+%28BZ%231086945%29%0A%0AAll+Red+Hat+Enterprise+MRG+Realtime+users+are+advised+to+upgrade+to+these+updated+packages%2C+which+contain+backported+patches+to+correct+these+issues+and+add+this+enhancement
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top