[USN-2129-1] Linux kernel (EC2) vulnerabilities
Several security issues were fixed in the kernel.
An information leak was discovered in the Linux kernel when inotify is used
to monitor the /dev/ptmx device. A local user could exploit this flaw to
discover keystroke timing and potentially discover sensitive information
like password length. (CVE-2013-0160)
Vasily Kulikov reported a flaw in the Linux kernel's implementation of
ptrace. An unprivileged local user could exploit this flaw to obtain
sensitive information from kernel memory. (CVE-2013-2929)
Andrew Honig reported a flaw in the Linux Kernel's kvm_vm_ioctl_create_vcpu
function of the Kernel Virtual Machine (KVM) subsystem. A local user could
exploit this flaw to gain privileges on the host machine. (CVE-2013-4587)
Andrew Honig reported a flaw in the apic_get_tmcct function of the Kernel
Virtual Machine (KVM) subsystem if the Linux kernel. A guest OS user could
exploit this flaw to cause a denial of service or host OS system crash.
(CVE-2013-6367)
Nico Golde and Fabian Yamaguchi reported a flaw in the driver for Adaptec
AACRAID scsi raid devices in the Linux kernel. A local user could use this
flaw to cause a denial of service or possibly other unspecified impact.
(CVE-2013-6380)
Nico Golde and Fabian Yamaguchi reported buffer underflow errors in the
implementation of the XFS filesystem in the Linux kernel. A local user with
CAP_SYS_ADMIN could exploit these flaw to cause a denial of service (memory
corruption) or possibly other unspecified issues. (CVE-2013-6382)
Evan Huus reported a buffer overflow in the Linux kernel's radiotap header
parsing. A remote attacker could cause a denial of service (buffer over-
read) via a specially crafted header. (CVE-2013-7027)
An information leak was discovered in the recvfrom, recvmmsg, and recvmsg
systemcalls when used with ISDN sockets in the Linux kernel. A local user
could exploit this leak to obtain potentially sensitive information from
kernel memory. (CVE-2013-7266)
An information leak was discovered in the recvfrom, recvmmsg, and recvmsg
systemcalls when used with apple talk sockets in the Linux kernel. A local
user could exploit this leak to obtain potentially sensitive information
from kernel memory. (CVE-2013-7267)
An information leak was discovered in the recvfrom, recvmmsg, and recvmsg
systemcalls when used with ipx protocol sockets in the Linux kernel. A
local user could exploit this leak to obtain potentially sensitive
information from kernel memory. (CVE-2013-7268)
An information leak was discovered in the recvfrom, recvmmsg, and recvmsg
systemcalls when used with the netrom address family in the Linux kernel. A
local user could exploit this leak to obtain potentially sensitive
information from kernel memory. (CVE-2013-7269)
An information leak was discovered in the recvfrom, recvmmsg, and recvmsg
systemcalls when used with packet address family sockets in the Linux
kernel. A local user could exploit this leak to obtain potentially
sensitive information from kernel memory. (CVE-2013-7270)
An information leak was discovered in the recvfrom, recvmmsg, and recvmsg
systemcalls when used with x25 protocol sockets in the Linux kernel. A
local user could exploit this leak to obtain potentially sensitive
information from kernel memory. (CVE-2013-7271)
An information leak was discovered in the Linux kernel's SIOCWANDEV ioctl
call. A local user with the CAP_NET_ADMIN capability could exploit this
flaw to obtain potentially sensitive information from kernel memory.
(CVE-2014-1444)
An information leak was discovered in the wanxl ioctl function the
Linux kernel. A local user could exploit this flaw to obtain potentially
sensitive information from kernel memory. (CVE-2014-1445)
An information leak was discovered in the Linux kernel's hamradio YAM
driver for AX.25 packet radio. A local user with the CAP_NET_ADMIN
capability could exploit this flaw to obtain sensitive information from
kernel memory. (CVE-2014-1446)
Matthew Thode reported a denial of service vulnerability in the Linux
kernel when SELinux support is enabled. A local user with the CAP_MAC_ADMIN
capability (and the SELinux mac_admin permission if running in enforcing
mode) could exploit this flaw to cause a denial of service (kernel crash).
(CVE-2014-1874)
- ID
- USN-2129-1
- Severity
- high
- Severity from
- CVE-2013-4587
- URL
- https://ubuntu.com/security/notices/USN-2129-1
- Published
-
2014-03-06T05:42:52
(10 years ago) - Modified
-
2014-03-06T05:42:52
(10 years ago) - Other Advisories
-
- ALAS-2013-258
- ALAS-2014-289
- DSA-2669-1
- ELSA-2013-1801
- ELSA-2013-2587
- ELSA-2013-2588
- ELSA-2013-2589
- ELSA-2014-0159
- ELSA-2014-0163
- ELSA-2014-0285
- ELSA-2014-0771
- ELSA-2014-1971
- ELSA-2014-3009
- ELSA-2014-3010
- ELSA-2014-3011
- ELSA-2014-3034
- ELSA-2014-3042
- ELSA-2014-3043
- FEDORA-2013-22531
- FEDORA-2013-22669
- FEDORA-2013-22695
- FEDORA-2013-23445
- FEDORA-2013-23653
- FEDORA-2014-0684
- FEDORA-2014-0696
- FEDORA-2014-1062
- FEDORA-2014-1072
- FEDORA-2014-11008
- FEDORA-2014-11031
- FEDORA-2014-13020
- FEDORA-2014-13045
- FEDORA-2014-13558
- FEDORA-2014-13773
- FEDORA-2014-14068
- FEDORA-2014-15200
- FEDORA-2014-16632
- FEDORA-2014-17244
- FEDORA-2014-17283
- FEDORA-2014-2576
- FEDORA-2014-2606
- FEDORA-2014-2887
- FEDORA-2014-3094
- FEDORA-2014-3442
- FEDORA-2014-3448
- FEDORA-2014-4317
- FEDORA-2014-4360
- FEDORA-2014-4675
- FEDORA-2014-4844
- FEDORA-2014-4849
- FEDORA-2014-5235
- FEDORA-2014-5609
- FEDORA-2014-6122
- FEDORA-2014-6354
- FEDORA-2014-6357
- FEDORA-2014-7033
- FEDORA-2014-7128
- FEDORA-2014-7320
- FEDORA-2014-7426
- FEDORA-2014-7430
- FEDORA-2014-7863
- FEDORA-2014-8171
- FEDORA-2014-8487
- FEDORA-2014-8519
- FEDORA-2014-9010
- FEDORA-2014-9142
- FEDORA-2014-9449
- FEDORA-2014-9466
- FEDORA-2014-9959
- FEDORA-2015-0515
- FEDORA-2015-1672
- FEDORA-2015-3594
- FEDORA-2015-5024
- FEDORA-2015-6294
- FEDORA-2015-8518
- RHSA-2013:1801
- RHSA-2014:0159
- RHSA-2014:0328
- RHSA-2014:0771
- RHSA-2014:1971
- SUSE-SU-2015:0481-1
- SUSE-SU-2015:0581-1
- SUSE-SU-2015:0652-1
- SUSE-SU-2015:0736-1
- SUSE-SU-2015:1174-1
- SUSE-SU-2015:1376-1
- USN-1878-1
- USN-1879-1
- USN-1880-1
- USN-1881-1
- USN-1882-1
- USN-1883-1
- USN-1916-1
- USN-2040-1
- USN-2042-1
- USN-2049-1
- USN-2050-1
- USN-2066-1
- USN-2067-1
- USN-2068-1
- USN-2069-1
- USN-2070-1
- USN-2071-1
- USN-2072-1
- USN-2073-1
- USN-2074-1
- USN-2075-1
- USN-2076-1
- USN-2109-1
- USN-2110-1
- USN-2111-1
- USN-2112-1
- USN-2113-1
- USN-2114-1
- USN-2115-1
- USN-2116-1
- USN-2117-1
- USN-2128-1
- USN-2133-1
- USN-2134-1
- USN-2135-1
- USN-2136-1
- USN-2137-1
- USN-2138-1
- USN-2139-1
- USN-2140-1
- USN-2141-1
- USN-2158-1
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |