Vulnerability-Lookup

CVE-2014-0101 (GCVE-0-2014-0101)

Vulnerability from cvelistv5 – Published: 2014-03-11 01:00 – Updated: 2024-08-06 09:05

Summary

The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

12 references

URL	Tags
http://www.securityfocus.com/bid/65943	vdb-entryx_refsource_BID
http://support.f5.com/kb/en-us/solutions/public/1…	x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2014-0328.html	vendor-advisoryx_refsource_REDHAT
http://www.ubuntu.com/usn/USN-2173-1	vendor-advisoryx_refsource_UBUNTU
http://git.kernel.org/?p=linux/kernel/git/torvald…	x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2014-0432.html	vendor-advisoryx_refsource_REDHAT
http://www.ubuntu.com/usn/USN-2174-1	vendor-advisoryx_refsource_UBUNTU
http://rhn.redhat.com/errata/RHSA-2014-0419.html	vendor-advisoryx_refsource_REDHAT
http://secunia.com/advisories/59216	third-party-advisoryx_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=1070705	x_refsource_CONFIRM
https://github.com/torvalds/linux/commit/ec0223ec…	x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2014/03/04/6	mailing-listx_refsource_MLIST

Date Public ?

2014-03-04 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:05:38.283Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "65943",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/65943"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html"
          },
          {
            "name": "RHSA-2014:0328",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0328.html"
          },
          {
            "name": "USN-2173-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2173-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729"
          },
          {
            "name": "RHSA-2014:0432",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0432.html"
          },
          {
            "name": "USN-2174-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2174-1"
          },
          {
            "name": "RHSA-2014:0419",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0419.html"
          },
          {
            "name": "59216",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59216"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1070705"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729"
          },
          {
            "name": "[oss-security] 20140304 CVE-2014-0101 -- Linux kernel: net: sctp: null pointer dereference when processing authenticated cookie_echo chunk",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/03/04/6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-03-04T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-15T17:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "65943",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/65943"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html"
        },
        {
          "name": "RHSA-2014:0328",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0328.html"
        },
        {
          "name": "USN-2173-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2173-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729"
        },
        {
          "name": "RHSA-2014:0432",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0432.html"
        },
        {
          "name": "USN-2174-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2174-1"
        },
        {
          "name": "RHSA-2014:0419",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0419.html"
        },
        {
          "name": "59216",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59216"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1070705"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729"
        },
        {
          "name": "[oss-security] 20140304 CVE-2014-0101 -- Linux kernel: net: sctp: null pointer dereference when processing authenticated cookie_echo chunk",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/03/04/6"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2014-0101",
    "datePublished": "2014-03-11T01:00:00.000Z",
    "dateReserved": "2013-12-03T00:00:00.000Z",
    "dateUpdated": "2024-08-06T09:05:38.283Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2014-0101",
      "date": "2026-05-21",
      "epss": "0.03091",
      "percentile": "0.8695"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.6.24\", \"versionEndExcluding\": \"3.2.56\", \"matchCriteriaId\": \"A0E9005C-26CB-4056-8F6B-98C7FDF2F7B9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.3\", \"versionEndExcluding\": \"3.4.84\", \"matchCriteriaId\": \"2869AF87-7E94-4E08-8EF9-8C62F663EC82\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.5\", \"versionEndExcluding\": \"3.10.34\", \"matchCriteriaId\": \"67836467-8BEF-44A1-B031-98EFBA19F38C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.11\", \"versionEndExcluding\": \"3.12.15\", \"matchCriteriaId\": \"4AE2B033-586E-48AC-95DC-880018601DFC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.13\", \"versionEndExcluding\": \"3.13.7\", \"matchCriteriaId\": \"B13865A2-6E9A-4FFE-A1C2-02B75D66C207\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8382A145-CDD9-437E-9DE7-A349956778B3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A8E07B7-3739-4BEB-88F8-C7F62431E889\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"569964DA-31BE-4520-A66D-C3B09D557AB8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9BBCD86A-E6C7-4444-9D74-F861084090F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF83BB87-B203-48F9-9D06-48A5FE399050\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"835AE071-CEAE-49E5-8F0C-E5F50FB85EFC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*\", \"matchCriteriaId\": \"01EDA41C-6B2E-49AF-B503-EB3882265C11\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.1.0\", \"versionEndIncluding\": \"11.5.3\", \"matchCriteriaId\": \"F876CB01-E4E3-461B-BF67-F993D3C058B9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.3.0\", \"versionEndIncluding\": \"11.5.3\", \"matchCriteriaId\": \"AF513AF7-A3D9-46E0-BDCF-A4C9F6DDE83E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.1.0\", \"versionEndIncluding\": \"11.5.3\", \"matchCriteriaId\": \"A0D2EAFC-436A-4553-B688-268EF5610499\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.4.0\", \"versionEndIncluding\": \"11.5.3\", \"matchCriteriaId\": \"91D62DE9-6693-474F-A2F4-9F53A06F5663\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.1.0\", \"versionEndIncluding\": \"11.5.3\", \"matchCriteriaId\": \"AA78FF31-4D4A-402D-9C3C-61DC9B14A790\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.1.0\", \"versionEndIncluding\": \"11.3.0\", \"matchCriteriaId\": \"9FF30167-0241-4136-82F8-2D2FB545C19A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_enterprise_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.1.0\", \"versionEndIncluding\": \"2.3.0\", \"matchCriteriaId\": \"980317BB-165F-4804-926E-9973BC16E28A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_enterprise_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.0.0\", \"versionEndIncluding\": \"3.1.1\", \"matchCriteriaId\": \"23AEA33F-71CC-473F-86A4-C120532928DE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.1.0\", \"versionEndIncluding\": \"11.5.3\", \"matchCriteriaId\": \"EEE25317-09BF-46D2-934B-2D05B1390EFA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.1.0\", \"versionEndIncluding\": \"11.5.3\", \"matchCriteriaId\": \"D2CBEB8A-617C-470F-BF49-10BE16FBFA97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.1.0\", \"versionEndIncluding\": \"11.5.3\", \"matchCriteriaId\": \"4C8165D3-9160-4947-B1DF-226698B39E90\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.3.0\", \"versionEndIncluding\": \"11.5.3\", \"matchCriteriaId\": \"A63021EE-71D7-4CB3-AEDD-90A890FD5959\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.1.0\", \"versionEndIncluding\": \"11.4.1\", \"matchCriteriaId\": \"8C666A18-9DED-4B49-92DE-474403FC17BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.1.0\", \"versionEndIncluding\": \"11.3.0\", \"matchCriteriaId\": \"A6B52D60-38DB-4BE9-91F4-B6553F5E5A93\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.1.0\", \"versionEndIncluding\": \"11.3.0\", \"matchCriteriaId\": \"E1E3204F-9464-4AC3-819B-D1A6B399FAE3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-iq_adc:4.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9768142-C554-44DE-B8D5-45CB51E3C34C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"24AEF0B2-7C8C-432C-A840-C2441A70343F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.0.0\", \"versionEndIncluding\": \"4.5.0\", \"matchCriteriaId\": \"8C8BF865-BA45-4711-829F-EC8E5EA22D2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.2.0\", \"versionEndIncluding\": \"4.5.0\", \"matchCriteriaId\": \"3BC0EAFD-DA5E-4A1B-81CB-0D5A964F9EB6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.0.0\", \"versionEndIncluding\": \"4.5.0\", \"matchCriteriaId\": \"6B3E56EB-202A-4F58-8E94-B2DDA1693498\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk.\"}, {\"lang\": \"es\", \"value\": \"La funci\\u00f3n sctp_sf_do_5_1D_ce en net/sctp/sm_statefuns.c en el kernel de Linux hasta la versi\\u00f3n 3.13.6 no valida ciertos campos auth_enable y auth_capable antes de hacer una llamada sctp_sf_authenticate, lo que permite a atacantes remotos provocar una denegaci\\u00f3n de servicio (referencia a puntero NULL y ca\\u00edda del sistema) a trav\\u00e9s de un SCTP handshake con un fragmento INIT modificado y un fragmento AUTH manipulado anterior a un fragmento COOKIE_ECHO.\"}]",
      "id": "CVE-2014-0101",
      "lastModified": "2024-11-21T02:01:22.173",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2014-03-11T13:01:06.733",
      "references": "[{\"url\": \"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-0328.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-0419.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-0432.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/59216\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2014/03/04/6\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/65943\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2173-1\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2174-1\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1070705\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-0328.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-0419.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-0432.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/59216\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2014/03/04/6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/65943\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2173-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2174-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1070705\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-476\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-0101\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2014-03-11T13:01:06.733\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n sctp_sf_do_5_1D_ce en net/sctp/sm_statefuns.c en el kernel de Linux hasta la versi\u00f3n 3.13.6 no valida ciertos campos auth_enable y auth_capable antes de hacer una llamada sctp_sf_authenticate, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (referencia a puntero NULL y ca\u00edda del sistema) a trav\u00e9s de un SCTP handshake con un fragmento INIT modificado y un fragmento AUTH manipulado anterior a un fragmento COOKIE_ECHO.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.6.24\",\"versionEndExcluding\":\"3.2.56\",\"matchCriteriaId\":\"A0E9005C-26CB-4056-8F6B-98C7FDF2F7B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.3\",\"versionEndExcluding\":\"3.4.84\",\"matchCriteriaId\":\"2869AF87-7E94-4E08-8EF9-8C62F663EC82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.5\",\"versionEndExcluding\":\"3.10.34\",\"matchCriteriaId\":\"67836467-8BEF-44A1-B031-98EFBA19F38C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.11\",\"versionEndExcluding\":\"3.12.15\",\"matchCriteriaId\":\"4AE2B033-586E-48AC-95DC-880018601DFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.13\",\"versionEndExcluding\":\"3.13.7\",\"matchCriteriaId\":\"B13865A2-6E9A-4FFE-A1C2-02B75D66C207\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8382A145-CDD9-437E-9DE7-A349956778B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A8E07B7-3739-4BEB-88F8-C7F62431E889\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"569964DA-31BE-4520-A66D-C3B09D557AB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BBCD86A-E6C7-4444-9D74-F861084090F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF83BB87-B203-48F9-9D06-48A5FE399050\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"835AE071-CEAE-49E5-8F0C-E5F50FB85EFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"01EDA41C-6B2E-49AF-B503-EB3882265C11\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.0\",\"versionEndIncluding\":\"11.5.3\",\"matchCriteriaId\":\"F876CB01-E4E3-461B-BF67-F993D3C058B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.3.0\",\"versionEndIncluding\":\"11.5.3\",\"matchCriteriaId\":\"AF513AF7-A3D9-46E0-BDCF-A4C9F6DDE83E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.0\",\"versionEndIncluding\":\"11.5.3\",\"matchCriteriaId\":\"A0D2EAFC-436A-4553-B688-268EF5610499\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.4.0\",\"versionEndIncluding\":\"11.5.3\",\"matchCriteriaId\":\"91D62DE9-6693-474F-A2F4-9F53A06F5663\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.0\",\"versionEndIncluding\":\"11.5.3\",\"matchCriteriaId\":\"AA78FF31-4D4A-402D-9C3C-61DC9B14A790\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.0\",\"versionEndIncluding\":\"11.3.0\",\"matchCriteriaId\":\"9FF30167-0241-4136-82F8-2D2FB545C19A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_enterprise_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.1.0\",\"versionEndIncluding\":\"2.3.0\",\"matchCriteriaId\":\"980317BB-165F-4804-926E-9973BC16E28A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_enterprise_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndIncluding\":\"3.1.1\",\"matchCriteriaId\":\"23AEA33F-71CC-473F-86A4-C120532928DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.0\",\"versionEndIncluding\":\"11.5.3\",\"matchCriteriaId\":\"EEE25317-09BF-46D2-934B-2D05B1390EFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.0\",\"versionEndIncluding\":\"11.5.3\",\"matchCriteriaId\":\"D2CBEB8A-617C-470F-BF49-10BE16FBFA97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.0\",\"versionEndIncluding\":\"11.5.3\",\"matchCriteriaId\":\"4C8165D3-9160-4947-B1DF-226698B39E90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.3.0\",\"versionEndIncluding\":\"11.5.3\",\"matchCriteriaId\":\"A63021EE-71D7-4CB3-AEDD-90A890FD5959\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.0\",\"versionEndIncluding\":\"11.4.1\",\"matchCriteriaId\":\"8C666A18-9DED-4B49-92DE-474403FC17BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.0\",\"versionEndIncluding\":\"11.3.0\",\"matchCriteriaId\":\"A6B52D60-38DB-4BE9-91F4-B6553F5E5A93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.0\",\"versionEndIncluding\":\"11.3.0\",\"matchCriteriaId\":\"E1E3204F-9464-4AC3-819B-D1A6B399FAE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-iq_adc:4.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9768142-C554-44DE-B8D5-45CB51E3C34C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24AEF0B2-7C8C-432C-A840-C2441A70343F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0.0\",\"versionEndIncluding\":\"4.5.0\",\"matchCriteriaId\":\"8C8BF865-BA45-4711-829F-EC8E5EA22D2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.2.0\",\"versionEndIncluding\":\"4.5.0\",\"matchCriteriaId\":\"3BC0EAFD-DA5E-4A1B-81CB-0D5A964F9EB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0.0\",\"versionEndIncluding\":\"4.5.0\",\"matchCriteriaId\":\"6B3E56EB-202A-4F58-8E94-B2DDA1693498\"}]}]}],\"references\":[{\"url\":\"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-0328.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-0419.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-0432.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/59216\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2014/03/04/6\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/65943\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2173-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2174-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1070705\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-0328.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-0419.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-0432.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/59216\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2014/03/04/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/65943\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2173-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2174-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1070705\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
  }
}

CERTFR-2014-AVI-144

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été corrigée dans le noyau Linux. Elle permet à un attaquant de provoquer un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	noyau Linux versions 3.4.x
N/A	N/A	noyau Linux versions 3.12.x
N/A	N/A	noyau Linux versions 3.10.x
N/A	N/A	noyau Linux versions 2.6.x
N/A	N/A	noyau Linux versions 3.2.x
N/A	N/A	noyau Linux versions 3.13.x

References

Title

Publication Time

Tags

Bulletin de sécurité Linux du 24 mars 2014

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "noyau Linux versions 3.4.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "noyau Linux versions 3.12.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "noyau Linux versions 3.10.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "noyau Linux versions 2.6.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "noyau Linux versions 3.2.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "noyau Linux versions 3.13.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-0101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0101"
    }
  ],
  "links": [],
  "reference": "CERTFR-2014-AVI-144",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-03-24T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans le \u003cspan class=\"textit\"\u003enoyau\nLinux\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer un d\u00e9ni de service\n\u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans le noyau Linux",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Linux du 24 mars 2014",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1070705"
    }
  ]
}

CERTFR-2014-AVI-206

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 12.10
Ubuntu	Ubuntu	Ubuntu 13.10
Ubuntu	Ubuntu	Ubuntu 10.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-2173-1 du 26 avril 2014	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-2178-1 du 26 avril 2014	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-2179-1 du 26 avril 2014	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 12.10",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 13.10",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 10.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-0101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0101"
    },
    {
      "name": "CVE-2014-2523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2523"
    },
    {
      "name": "CVE-2014-0069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0069"
    },
    {
      "name": "CVE-2014-0049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0049"
    }
  ],
  "links": [],
  "reference": "CERTFR-2014-AVI-206",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-04-28T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau Linux\nd\u0027\u003cspan class=\"textit\"\u003eUbuntu\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2173-1 du 26 avril 2014",
      "url": "http://www.ubuntu.com/usn/usn-2173-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2178-1 du 26 avril 2014",
      "url": "http://www.ubuntu.com/usn/usn-2178-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2179-1 du 26 avril 2014",
      "url": "http://www.ubuntu.com/usn/usn-2179-1/"
    }
  ]
}

CERTFR-2014-AVI-241

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Ubuntu	Ubuntu	Ubuntu 12.04 LTS
	Ubuntu	Ubuntu	Ubuntu 10.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-2221-1 du 26 mai 2014	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-2219-1 du 26 mai 2014	None	vendor-advisory
Bulletin de sécurité Ubuntu UUSN-2221-1 du 26 mai 2014	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 12.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 10.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-2678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2678"
    },
    {
      "name": "CVE-2013-4483",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4483"
    },
    {
      "name": "CVE-2014-0101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0101"
    },
    {
      "name": "CVE-2014-2523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2523"
    },
    {
      "name": "CVE-2014-2672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2672"
    },
    {
      "name": "CVE-2014-2706",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2706"
    },
    {
      "name": "CVE-2014-2309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2309"
    },
    {
      "name": "CVE-2013-7339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-7339"
    },
    {
      "name": "CVE-2014-2851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2851"
    },
    {
      "name": "CVE-2014-1738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1738"
    },
    {
      "name": "CVE-2014-1737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1737"
    },
    {
      "name": "CVE-2014-0069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0069"
    },
    {
      "name": "CVE-2014-0077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0077"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu UUSN-2221-1 du 26 mai 2014",
      "url": "http://www.ubuntu.com/usn/usn-2221-1/"
    }
  ],
  "reference": "CERTFR-2014-AVI-241",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-05-26T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau Linux\nd\u0027\u003cspan class=\"textit\"\u003eUbuntu\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance,\nune ex\u00e9cution de code arbitraire et un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2221-1 du 26 mai 2014",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2219-1 du 26 mai 2014",
      "url": "http://www.ubuntu.com/usn/usn-2219-1/"
    }
  ]
}

CERTFR-2014-AVI-242

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Ubuntu	Ubuntu	Ubuntu 13.10
	Ubuntu	Ubuntu	Ubuntu 14.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-2228-1 du 27 mai 2014	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-2226-1 du 27 mai 2014	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 13.10",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-0055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0055"
    },
    {
      "name": "CVE-2014-2678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2678"
    },
    {
      "name": "CVE-2014-0101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0101"
    },
    {
      "name": "CVE-2014-2523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2523"
    },
    {
      "name": "CVE-2014-2672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2672"
    },
    {
      "name": "CVE-2014-2706",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2706"
    },
    {
      "name": "CVE-2014-2309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2309"
    },
    {
      "name": "CVE-2014-2851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2851"
    },
    {
      "name": "CVE-2014-1738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1738"
    },
    {
      "name": "CVE-2014-1737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1737"
    },
    {
      "name": "CVE-2014-0100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0100"
    },
    {
      "name": "CVE-2014-2673",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2673"
    },
    {
      "name": "CVE-2014-0077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0077"
    }
  ],
  "links": [],
  "reference": "CERTFR-2014-AVI-242",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-05-27T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau Linux\nd\u0027\u003cspan class=\"textit\"\u003eUbuntu\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance,\nune ex\u00e9cution de code arbitraire et un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2228-1 du 27 mai 2014",
      "url": "http://www.ubuntu.com/usn/usn-2228-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2226-1 du 27 mai 2014",
      "url": "http://www.ubuntu.com/usn/usn-2226-1/"
    }
  ]
}

CERTFR-2014-AVI-144

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été corrigée dans le noyau Linux. Elle permet à un attaquant de provoquer un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	noyau Linux versions 3.4.x
N/A	N/A	noyau Linux versions 3.12.x
N/A	N/A	noyau Linux versions 3.10.x
N/A	N/A	noyau Linux versions 2.6.x
N/A	N/A	noyau Linux versions 3.2.x
N/A	N/A	noyau Linux versions 3.13.x

References

Title

Publication Time

Tags

Bulletin de sécurité Linux du 24 mars 2014

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "noyau Linux versions 3.4.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "noyau Linux versions 3.12.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "noyau Linux versions 3.10.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "noyau Linux versions 2.6.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "noyau Linux versions 3.2.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "noyau Linux versions 3.13.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-0101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0101"
    }
  ],
  "links": [],
  "reference": "CERTFR-2014-AVI-144",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-03-24T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans le \u003cspan class=\"textit\"\u003enoyau\nLinux\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer un d\u00e9ni de service\n\u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans le noyau Linux",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Linux du 24 mars 2014",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1070705"
    }
  ]
}

CERTFR-2014-AVI-206

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 12.10
Ubuntu	Ubuntu	Ubuntu 13.10
Ubuntu	Ubuntu	Ubuntu 10.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-2173-1 du 26 avril 2014	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-2178-1 du 26 avril 2014	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-2179-1 du 26 avril 2014	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 12.10",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 13.10",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 10.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-0101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0101"
    },
    {
      "name": "CVE-2014-2523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2523"
    },
    {
      "name": "CVE-2014-0069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0069"
    },
    {
      "name": "CVE-2014-0049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0049"
    }
  ],
  "links": [],
  "reference": "CERTFR-2014-AVI-206",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-04-28T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau Linux\nd\u0027\u003cspan class=\"textit\"\u003eUbuntu\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2173-1 du 26 avril 2014",
      "url": "http://www.ubuntu.com/usn/usn-2173-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2178-1 du 26 avril 2014",
      "url": "http://www.ubuntu.com/usn/usn-2178-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2179-1 du 26 avril 2014",
      "url": "http://www.ubuntu.com/usn/usn-2179-1/"
    }
  ]
}

CERTFR-2014-AVI-241

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Ubuntu	Ubuntu	Ubuntu 12.04 LTS
	Ubuntu	Ubuntu	Ubuntu 10.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-2221-1 du 26 mai 2014	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-2219-1 du 26 mai 2014	None	vendor-advisory
Bulletin de sécurité Ubuntu UUSN-2221-1 du 26 mai 2014	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 12.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 10.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-2678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2678"
    },
    {
      "name": "CVE-2013-4483",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4483"
    },
    {
      "name": "CVE-2014-0101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0101"
    },
    {
      "name": "CVE-2014-2523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2523"
    },
    {
      "name": "CVE-2014-2672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2672"
    },
    {
      "name": "CVE-2014-2706",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2706"
    },
    {
      "name": "CVE-2014-2309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2309"
    },
    {
      "name": "CVE-2013-7339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-7339"
    },
    {
      "name": "CVE-2014-2851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2851"
    },
    {
      "name": "CVE-2014-1738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1738"
    },
    {
      "name": "CVE-2014-1737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1737"
    },
    {
      "name": "CVE-2014-0069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0069"
    },
    {
      "name": "CVE-2014-0077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0077"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu UUSN-2221-1 du 26 mai 2014",
      "url": "http://www.ubuntu.com/usn/usn-2221-1/"
    }
  ],
  "reference": "CERTFR-2014-AVI-241",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-05-26T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau Linux\nd\u0027\u003cspan class=\"textit\"\u003eUbuntu\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance,\nune ex\u00e9cution de code arbitraire et un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2221-1 du 26 mai 2014",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2219-1 du 26 mai 2014",
      "url": "http://www.ubuntu.com/usn/usn-2219-1/"
    }
  ]
}

CERTFR-2014-AVI-242

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Ubuntu	Ubuntu	Ubuntu 13.10
	Ubuntu	Ubuntu	Ubuntu 14.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-2228-1 du 27 mai 2014	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-2226-1 du 27 mai 2014	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 13.10",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-0055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0055"
    },
    {
      "name": "CVE-2014-2678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2678"
    },
    {
      "name": "CVE-2014-0101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0101"
    },
    {
      "name": "CVE-2014-2523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2523"
    },
    {
      "name": "CVE-2014-2672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2672"
    },
    {
      "name": "CVE-2014-2706",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2706"
    },
    {
      "name": "CVE-2014-2309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2309"
    },
    {
      "name": "CVE-2014-2851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2851"
    },
    {
      "name": "CVE-2014-1738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1738"
    },
    {
      "name": "CVE-2014-1737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1737"
    },
    {
      "name": "CVE-2014-0100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0100"
    },
    {
      "name": "CVE-2014-2673",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2673"
    },
    {
      "name": "CVE-2014-0077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0077"
    }
  ],
  "links": [],
  "reference": "CERTFR-2014-AVI-242",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-05-27T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau Linux\nd\u0027\u003cspan class=\"textit\"\u003eUbuntu\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance,\nune ex\u00e9cution de code arbitraire et un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2228-1 du 27 mai 2014",
      "url": "http://www.ubuntu.com/usn/usn-2228-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2226-1 du 27 mai 2014",
      "url": "http://www.ubuntu.com/usn/usn-2226-1/"
    }
  ]
}

BDU:2014-00102

Vulnerability from fstec - Published: 11.03.2014

Title

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании

Description

Удалённые пользователи могут вызвать отказ в обслуживании (разыменование NULL-указателя) при использовании сетевого протокола SCTP

Severity ?

Vendor

Сообщество свободного программного обеспечения

Software Name

Linux

Software Version

от 3.0.0 до 3.13.6 включительно (Linux)

Possible Mitigations

Обновление ядра операционной системы до версии 3.13.8

Reference

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0101

CWE

CWE-20

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
  "CVSS 3.0": null,
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 3.0.0 \u0434\u043e 3.13.6 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 3.13.8",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "11.03.2014",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "28.11.2016",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "05.07.2016",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2014-00102",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2014-0101",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Linux",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 3.0.0 \u0434\u043e 3.13.6 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e 64-bit, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 3.0.0 \u0434\u043e 3.13.6 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e 32-bit",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043c\u043e\u0433\u0443\u0442 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (\u0440\u0430\u0437\u044b\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 NULL-\u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f) \u043f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 SCTP",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0101",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,1)"
}

FKIE_CVE-2014-0101

Vulnerability from fkie_nvd - Published: 2014-03-11 13:01 - Updated: 2026-05-06 22:30

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2014-0328.html	Third Party Advisory
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2014-0419.html	Third Party Advisory
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2014-0432.html	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/59216	Third Party Advisory
secalert@redhat.com	http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html	Third Party Advisory
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2014/03/04/6	Mailing List, Patch, Third Party Advisory
secalert@redhat.com	http://www.securityfocus.com/bid/65943	Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.ubuntu.com/usn/USN-2173-1	Third Party Advisory
secalert@redhat.com	http://www.ubuntu.com/usn/USN-2174-1	Third Party Advisory
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=1070705	Issue Tracking, Patch, Third Party Advisory
secalert@redhat.com	https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-0328.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-0419.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-0432.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/59216	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2014/03/04/6	Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/65943	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2173-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2174-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1070705	Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729	Patch, Third Party Advisory

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
redhat	enterprise_linux_desktop	6.0
redhat	enterprise_linux_eus	6.3
redhat	enterprise_linux_eus	6.4
redhat	enterprise_linux_eus	6.5
redhat	enterprise_linux_server	6.0
redhat	enterprise_linux_server_aus	6.4
redhat	enterprise_linux_server_aus	6.5
redhat	enterprise_linux_server_tus	6.5
redhat	enterprise_linux_workstation	6.0
canonical	ubuntu_linux	10.04
f5	big-ip_access_policy_manager	*
f5	big-ip_advanced_firewall_manager	*
f5	big-ip_analytics	*
f5	big-ip_application_acceleration_manager	*
f5	big-ip_application_security_manager	*
f5	big-ip_edge_gateway	*
f5	big-ip_enterprise_manager	*
f5	big-ip_enterprise_manager	*
f5	big-ip_global_traffic_manager	*
f5	big-ip_link_controller	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_policy_enforcement_manager	*
f5	big-ip_protocol_security_module	*
f5	big-ip_wan_optimization_manager	*
f5	big-ip_webaccelerator	*
f5	big-iq_adc	4.5.0
f5	big-iq_centralized_management	4.6.0
f5	big-iq_cloud	*
f5	big-iq_device	*
f5	big-iq_security	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0E9005C-26CB-4056-8F6B-98C7FDF2F7B9",
              "versionEndExcluding": "3.2.56",
              "versionStartIncluding": "2.6.24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2869AF87-7E94-4E08-8EF9-8C62F663EC82",
              "versionEndExcluding": "3.4.84",
              "versionStartIncluding": "3.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67836467-8BEF-44A1-B031-98EFBA19F38C",
              "versionEndExcluding": "3.10.34",
              "versionStartIncluding": "3.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AE2B033-586E-48AC-95DC-880018601DFC",
              "versionEndExcluding": "3.12.15",
              "versionStartIncluding": "3.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B13865A2-6E9A-4FFE-A1C2-02B75D66C207",
              "versionEndExcluding": "3.13.7",
              "versionStartIncluding": "3.13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8382A145-CDD9-437E-9DE7-A349956778B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A8E07B7-3739-4BEB-88F8-C7F62431E889",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF83BB87-B203-48F9-9D06-48A5FE399050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
              "matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F876CB01-E4E3-461B-BF67-F993D3C058B9",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF513AF7-A3D9-46E0-BDCF-A4C9F6DDE83E",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0D2EAFC-436A-4553-B688-268EF5610499",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "91D62DE9-6693-474F-A2F4-9F53A06F5663",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA78FF31-4D4A-402D-9C3C-61DC9B14A790",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FF30167-0241-4136-82F8-2D2FB545C19A",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "980317BB-165F-4804-926E-9973BC16E28A",
              "versionEndIncluding": "2.3.0",
              "versionStartIncluding": "2.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "23AEA33F-71CC-473F-86A4-C120532928DE",
              "versionEndIncluding": "3.1.1",
              "versionStartIncluding": "3.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEE25317-09BF-46D2-934B-2D05B1390EFA",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2CBEB8A-617C-470F-BF49-10BE16FBFA97",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C8165D3-9160-4947-B1DF-226698B39E90",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A63021EE-71D7-4CB3-AEDD-90A890FD5959",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C666A18-9DED-4B49-92DE-474403FC17BF",
              "versionEndIncluding": "11.4.1",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6B52D60-38DB-4BE9-91F4-B6553F5E5A93",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1E3204F-9464-4AC3-819B-D1A6B399FAE3",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_adc:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9768142-C554-44DE-B8D5-45CB51E3C34C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C8BF865-BA45-4711-829F-EC8E5EA22D2F",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BC0EAFD-DA5E-4A1B-81CB-0D5A964F9EB6",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3E56EB-202A-4F58-8E94-B2DDA1693498",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n sctp_sf_do_5_1D_ce en net/sctp/sm_statefuns.c en el kernel de Linux hasta la versi\u00f3n 3.13.6 no valida ciertos campos auth_enable y auth_capable antes de hacer una llamada sctp_sf_authenticate, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (referencia a puntero NULL y ca\u00edda del sistema) a trav\u00e9s de un SCTP handshake con un fragmento INIT modificado y un fragmento AUTH manipulado anterior a un fragmento COOKIE_ECHO."
    }
  ],
  "id": "CVE-2014-0101",
  "lastModified": "2026-05-06T22:30:45.220",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-03-11T13:01:06.733",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0328.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0419.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0432.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/59216"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2014/03/04/6"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/65943"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2173-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2174-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1070705"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0328.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0419.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0432.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/59216"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2014/03/04/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/65943"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2173-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2174-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1070705"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2014-0101 (GCVE-0-2014-0101)

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Tags

Sightings

Nomenclature