[RHSA-2014:0924] kernel security update
Severity
Important
Affected Packages
34
CVEs
2
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
- It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-4699, Important)
Note: The CVE-2014-4699 issue only affected systems using an Intel CPU.
- A flaw was found in the way the pppol2tp_setsockopt() and pppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP implementation handled requests with a non-SOL_PPPOL2TP socket option level. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-4943, Important)
Red Hat would like to thank Andy Lutomirski for reporting CVE-2014-4699,
and Sasha Levin for reporting CVE-2014-4943.
All kernel users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. The system must be
rebooted for this update to take effect.
- ID
- RHSA-2014:0924
- Severity
- important
- URL
- https://access.redhat.com/errata/RHSA-2014:0924
- Published
-
2014-07-23T00:00:00
(10 years ago) - Modified
-
2014-07-23T00:00:00
(10 years ago) - Rights
- Copyright 2014 Red Hat, Inc.
- Other Advisories
-
- DSA-2972-1
- DSA-2992-1
- ELSA-2014-0923
- ELSA-2014-0924
- ELSA-2014-3046
- ELSA-2014-3047
- ELSA-2014-3048
- ELSA-2014-3049
- FEDORA-2014-11008
- FEDORA-2014-11031
- FEDORA-2014-13020
- FEDORA-2014-13045
- FEDORA-2014-13558
- FEDORA-2014-13773
- FEDORA-2014-14068
- FEDORA-2014-15200
- FEDORA-2014-16632
- FEDORA-2014-17244
- FEDORA-2014-17283
- FEDORA-2014-8171
- FEDORA-2014-8487
- FEDORA-2014-8519
- FEDORA-2014-9010
- FEDORA-2014-9142
- FEDORA-2014-9449
- FEDORA-2014-9466
- FEDORA-2014-9959
- FEDORA-2015-0515
- FEDORA-2015-1672
- FEDORA-2015-3594
- FEDORA-2015-5024
- FEDORA-2015-6294
- FEDORA-2015-8518
- RHSA-2014:0923
- SUSE-SU-2015:0481-1
- SUSE-SU-2015:0581-1
- SUSE-SU-2015:0652-1
- SUSE-SU-2015:0736-1
- SUSE-SU-2015:1174-1
- SUSE-SU-2015:1376-1
- USN-2266-1
- USN-2267-1
- USN-2268-1
- USN-2269-1
- USN-2270-1
- USN-2271-1
- USN-2272-1
- USN-2273-1
- USN-2274-1
- USN-2281-1
- USN-2282-1
- USN-2283-1
- USN-2284-1
- USN-2285-1
- USN-2286-1
- USN-2287-1
- USN-2288-1
- USN-2289-1
- USN-2290-1
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 1115927 | https://bugzilla.redhat.com/1115927 | |
Bugzilla | 1119458 | https://bugzilla.redhat.com/1119458 | |
RHSA | RHSA-2014:0924 | https://access.redhat.com/errata/RHSA-2014:0924 | |
CVE | CVE-2014-4699 | https://access.redhat.com/security/cve/CVE-2014-4699 | |
CVE | CVE-2014-4943 | https://access.redhat.com/security/cve/CVE-2014-4943 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/redhat/python-perf?arch=x86_64&distro=redhat-6 | redhat | python-perf | < 2.6.32-431.20.5.el6 | redhat-6 | x86_64 | |
Affected | pkg:rpm/redhat/python-perf?arch=s390x&distro=redhat-6 | redhat | python-perf | < 2.6.32-431.20.5.el6 | redhat-6 | s390x | |
Affected | pkg:rpm/redhat/python-perf?arch=ppc64&distro=redhat-6 | redhat | python-perf | < 2.6.32-431.20.5.el6 | redhat-6 | ppc64 | |
Affected | pkg:rpm/redhat/python-perf?arch=i686&distro=redhat-6 | redhat | python-perf | < 2.6.32-431.20.5.el6 | redhat-6 | i686 | |
Affected | pkg:rpm/redhat/perf?arch=x86_64&distro=redhat-6 | redhat | perf | < 2.6.32-431.20.5.el6 | redhat-6 | x86_64 | |
Affected | pkg:rpm/redhat/perf?arch=s390x&distro=redhat-6 | redhat | perf | < 2.6.32-431.20.5.el6 | redhat-6 | s390x | |
Affected | pkg:rpm/redhat/perf?arch=ppc64&distro=redhat-6 | redhat | perf | < 2.6.32-431.20.5.el6 | redhat-6 | ppc64 | |
Affected | pkg:rpm/redhat/perf?arch=i686&distro=redhat-6 | redhat | perf | < 2.6.32-431.20.5.el6 | redhat-6 | i686 | |
Affected | pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-6 | redhat | kernel | < 2.6.32-431.20.5.el6 | redhat-6 | x86_64 | |
Affected | pkg:rpm/redhat/kernel?arch=s390x&distro=redhat-6 | redhat | kernel | < 2.6.32-431.20.5.el6 | redhat-6 | s390x | |
Affected | pkg:rpm/redhat/kernel?arch=ppc64&distro=redhat-6 | redhat | kernel | < 2.6.32-431.20.5.el6 | redhat-6 | ppc64 | |
Affected | pkg:rpm/redhat/kernel?arch=i686&distro=redhat-6 | redhat | kernel | < 2.6.32-431.20.5.el6 | redhat-6 | i686 | |
Affected | pkg:rpm/redhat/kernel-kdump?arch=s390x&distro=redhat-6 | redhat | kernel-kdump | < 2.6.32-431.20.5.el6 | redhat-6 | s390x | |
Affected | pkg:rpm/redhat/kernel-kdump-devel?arch=s390x&distro=redhat-6 | redhat | kernel-kdump-devel | < 2.6.32-431.20.5.el6 | redhat-6 | s390x | |
Affected | pkg:rpm/redhat/kernel-headers?arch=x86_64&distro=redhat-6 | redhat | kernel-headers | < 2.6.32-431.20.5.el6 | redhat-6 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-headers?arch=s390x&distro=redhat-6 | redhat | kernel-headers | < 2.6.32-431.20.5.el6 | redhat-6 | s390x | |
Affected | pkg:rpm/redhat/kernel-headers?arch=ppc64&distro=redhat-6 | redhat | kernel-headers | < 2.6.32-431.20.5.el6 | redhat-6 | ppc64 | |
Affected | pkg:rpm/redhat/kernel-headers?arch=i686&distro=redhat-6 | redhat | kernel-headers | < 2.6.32-431.20.5.el6 | redhat-6 | i686 | |
Affected | pkg:rpm/redhat/kernel-firmware?distro=redhat-6 | redhat | kernel-firmware | < 2.6.32-431.20.5.el6 | redhat-6 | ||
Affected | pkg:rpm/redhat/kernel-doc?distro=redhat-6 | redhat | kernel-doc | < 2.6.32-431.20.5.el6 | redhat-6 | ||
Affected | pkg:rpm/redhat/kernel-devel?arch=x86_64&distro=redhat-6 | redhat | kernel-devel | < 2.6.32-431.20.5.el6 | redhat-6 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-devel?arch=s390x&distro=redhat-6 | redhat | kernel-devel | < 2.6.32-431.20.5.el6 | redhat-6 | s390x | |
Affected | pkg:rpm/redhat/kernel-devel?arch=ppc64&distro=redhat-6 | redhat | kernel-devel | < 2.6.32-431.20.5.el6 | redhat-6 | ppc64 | |
Affected | pkg:rpm/redhat/kernel-devel?arch=i686&distro=redhat-6 | redhat | kernel-devel | < 2.6.32-431.20.5.el6 | redhat-6 | i686 | |
Affected | pkg:rpm/redhat/kernel-debug?arch=x86_64&distro=redhat-6 | redhat | kernel-debug | < 2.6.32-431.20.5.el6 | redhat-6 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-debug?arch=s390x&distro=redhat-6 | redhat | kernel-debug | < 2.6.32-431.20.5.el6 | redhat-6 | s390x | |
Affected | pkg:rpm/redhat/kernel-debug?arch=ppc64&distro=redhat-6 | redhat | kernel-debug | < 2.6.32-431.20.5.el6 | redhat-6 | ppc64 | |
Affected | pkg:rpm/redhat/kernel-debug?arch=i686&distro=redhat-6 | redhat | kernel-debug | < 2.6.32-431.20.5.el6 | redhat-6 | i686 | |
Affected | pkg:rpm/redhat/kernel-debug-devel?arch=x86_64&distro=redhat-6 | redhat | kernel-debug-devel | < 2.6.32-431.20.5.el6 | redhat-6 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-debug-devel?arch=s390x&distro=redhat-6 | redhat | kernel-debug-devel | < 2.6.32-431.20.5.el6 | redhat-6 | s390x | |
Affected | pkg:rpm/redhat/kernel-debug-devel?arch=ppc64&distro=redhat-6 | redhat | kernel-debug-devel | < 2.6.32-431.20.5.el6 | redhat-6 | ppc64 | |
Affected | pkg:rpm/redhat/kernel-debug-devel?arch=i686&distro=redhat-6 | redhat | kernel-debug-devel | < 2.6.32-431.20.5.el6 | redhat-6 | i686 | |
Affected | pkg:rpm/redhat/kernel-bootwrapper?arch=ppc64&distro=redhat-6 | redhat | kernel-bootwrapper | < 2.6.32-431.20.5.el6 | redhat-6 | ppc64 | |
Affected | pkg:rpm/redhat/kernel-abi-whitelists?distro=redhat-6 | redhat | kernel-abi-whitelists | < 2.6.32-431.20.5.el6 | redhat-6 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |