Red Hat Security Advisory 2014-1872-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system. This update fixes several race conditions between PCI error recovery callbacks and potential calls of the ifup and ifdown commands in the tg3 driver. When triggered, these race conditions could cause a kernel crash.
54407e6e9d70167a75066e417334ef0ce14148e42cf5071246c5480fab521ac3Red Hat Security Advisory 2014-1763-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's futex subsystem handled reference counting when requeuing futexes during futex_wait(). A local, unprivileged user could use this flaw to zero out the reference counter of an inode or an mm struct that backs up the memory area of the futex, which could lead to a use-after-free flaw, resulting in a system crash or, potentially, privilege escalation. A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system.
d11690383c89e9c75a248988ea658d63fe0dc12f7c3772b59090ce8623debdc3Red Hat Security Advisory 2014-1724-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes: A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system.
85cc9187134cdbdffbc7fa557fe4ab543e024f48904dfc8d40361c7f5f430513Red Hat Security Advisory 2014-1668-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system. This update also fixes several bugs and adds one enhancement.
01a170866c4a0d40ca22a3813281625f83ff86f1c137a71121dc4af73fcba5eeMandriva Linux Security Advisory 2014-201 - Multiple vulnerabilities has been found and corrected in the Linux kernel. These include stack-based buffer overflows and denial of service issues.
18d0010448f4aacc19c217e3371db5d34c01d05bb3fb2bb9179b1b838891d685Red Hat Security Advisory 2014-1392-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system. An integer overflow flaw was found in the way the Linux kernel's Frame Buffer device implementation mapped kernel memory to user space via the mmap syscall. A local user able to access a frame buffer device file could possibly use this flaw to escalate their privileges on the system.
2d379835f8d8b30d2d5205e57ee447ccaebb299a17dcdeb38aa229c1a1b8d376Ubuntu Security Notice 2359-1 - Jack Morgenstein reported a flaw in the page handling of the KVM (Kernel Virtual Machine) subsystem in the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service (host OS memory corruption) or possibly have other unspecified impact on the host OS. Jason Gunthorpe reported a flaw with SCTP authentication in the Linux kernel. A remote attacker could exploit this flaw to cause a denial of service (NULL pointer dereference and OOPS). Various other issues were also addressed.
cf16b83f0cf1bc592f97d89975e48b9fc09cdb89e7cbea49009a9915a86c8c9bUbuntu Security Notice 2358-1 - Jack Morgenstein reported a flaw in the page handling of the KVM (Kernel Virtual Machine) subsystem in the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service (host OS memory corruption) or possibly have other unspecified impact on the host OS. Jason Gunthorpe reported a flaw with SCTP authentication in the Linux kernel. A remote attacker could exploit this flaw to cause a denial of service (NULL pointer dereference and OOPS). Various other issues were also addressed.
0d19c0cfd635887d874af2d1b5bf9dfce4d6a57b5a3961bb65c05caa2a2a30c8Ubuntu Security Notice 2335-1 - An flaw was discovered in the Linux kernel's audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS). An information leak was discovered in the rd_mcp backend of the iSCSI target subsystem in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator. Various other issues were also addressed.
1f6469115ae1e9bf66756c1ba511a70b860e32a6a371a0d0f97c5240fda89fc0Ubuntu Security Notice 2334-1 - An flaw was discovered in the Linux kernel's audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS). An information leak was discovered in the rd_mcp backend of the iSCSI target subsystem in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator. Various other issues were also addressed.
320de95f33b6f9a2559cca5cb221b03f3c70a08b3d9447fe4ab94e546233d565Ubuntu Security Notice 2333-1 - A bug was discovered in the handling of pathname components when used with an autofs direct mount. A local user could exploit this flaw to cause a denial of service (system crash) via an open system call. Toralf reported an error in the Linux kernels syscall auditing on 32 bit x86 platforms. A local user could exploit this flaw to cause a denial of service (OOPS and system crash). An information leak was discovered in the control implementation of the Advanced Linux Sound Architecture (ALSA) subsystem in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. Various other issues were also addressed.
937ac3be9b799434ac81bf071aed2f115c6f145b2044ee77c51f45a088575c99Ubuntu Security Notice 2332-1 - A bug was discovered in the handling of pathname components when used with an autofs direct mount. A local user could exploit this flaw to cause a denial of service (system crash) via an open system call. Toralf reported an error in the Linux kernels syscall auditing on 32 bit x86 platforms. A local user could exploit this flaw to cause a denial of service (OOPS and system crash). An information leak was discovered in the control implementation of the Advanced Linux Sound Architecture (ALSA) subsystem in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. Various other issues were also addressed.
d9919ad7ce17798e27ac5fdcd220af2dd382306a3e0b6db94d1b04fc95bac660Red Hat Security Advisory 2014-1083-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system. Multiple use-after-free flaws and an integer overflow flaw were found in the way the Linux kernel's Advanced Linux Sound Architecture implementation handled user controls. A local, privileged user could use either of these flaws to crash the system.
25199bf469feb34a9e53eaf2a67aadf4f5d1928513f4233128fae0cbe57edc83
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed