[USN-2286-1] Linux kernel (Raring HWE) vulnerabilities
Several security issues were fixed in the kernel.
Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol
(PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user
could exploit this flaw to gain administrative privileges. (CVE-2014-4943)
Michael S. Tsirkin discovered an information leak in the Linux kernel's
segmentation of skbs when using the zerocopy feature of vhost-net. A local
attacker could exploit this flaw to gain potentially sensitive information
from kernel memory. (CVE-2014-0131)
Salva Peiró discovered an information leak in the Linux kernel's media-
device driver. A local attacker could exploit this flaw to obtain sensitive
information from kernel memory. (CVE-2014-1739)
A bounds check error was discovered in the socket filter subsystem of the
Linux kernel. A local user could exploit this flaw to cause a denial of
service (system crash) via crafted BPF instructions. (CVE-2014-3144)
A remainder calculation error was discovered in the socket filter subsystem
of the Linux kernel. A local user could exploit this flaw to cause a denial
of service (system crash) via crafted BPF instructions. (CVE-2014-3145)
An flaw was discovered in the Linux kernel's audit subsystem when auditing
certain syscalls. A local attacker could exploit this flaw to obtain
potentially sensitive single-bit values from kernel memory or cause a
denial of service (OOPS). (CVE-2014-3917)
A flaw was discovered in the Linux kernel's implementation of user
namespaces with respect to inode permissions. A local user could exploit
this flaw by creating a user namespace to gain administrative privileges.
(CVE-2014-4014)
Don Bailey discovered a flaw in the LZO decompress algorithm used by the
Linux kernel. An attacker could exploit this flaw to cause a denial of
service (memory corruption or OOPS). (CVE-2014-4608)
- ID
- USN-2286-1
- Severity
- high
- Severity from
- CVE-2014-4608
- URL
- https://ubuntu.com/security/notices/USN-2286-1
- Published
-
2014-07-17T00:40:37
(10 years ago) - Modified
-
2014-07-17T00:40:37
(10 years ago) - Other Advisories
-
- ALAS-2014-368
- ALAS-2014-392
- DSA-2949-1
- DSA-2992-1
- ELSA-2014-0786
- ELSA-2014-0923
- ELSA-2014-0924
- ELSA-2014-0981
- ELSA-2014-1143
- ELSA-2014-1167
- ELSA-2014-1281
- ELSA-2014-1392
- ELSA-2014-1971
- ELSA-2014-3046
- ELSA-2014-3047
- ELSA-2014-3048
- ELSA-2014-3049
- ELSA-2014-3052
- ELSA-2014-3053
- ELSA-2014-3054
- ELSA-2014-3072
- ELSA-2014-3073
- ELSA-2014-3074
- ELSA-2014-3096
- ELSA-2014-3104
- FEDORA-2014-11008
- FEDORA-2014-11031
- FEDORA-2014-13020
- FEDORA-2014-13045
- FEDORA-2014-13558
- FEDORA-2014-13773
- FEDORA-2014-14068
- FEDORA-2014-15200
- FEDORA-2014-16632
- FEDORA-2014-17244
- FEDORA-2014-17283
- FEDORA-2014-4317
- FEDORA-2014-4360
- FEDORA-2014-4675
- FEDORA-2014-4844
- FEDORA-2014-4849
- FEDORA-2014-5235
- FEDORA-2014-5609
- FEDORA-2014-6122
- FEDORA-2014-6354
- FEDORA-2014-6357
- FEDORA-2014-7033
- FEDORA-2014-7128
- FEDORA-2014-7320
- FEDORA-2014-7426
- FEDORA-2014-7430
- FEDORA-2014-7863
- FEDORA-2014-8171
- FEDORA-2014-8487
- FEDORA-2014-8519
- FEDORA-2014-9010
- FEDORA-2014-9142
- FEDORA-2014-9449
- FEDORA-2014-9466
- FEDORA-2014-9959
- FEDORA-2015-0515
- FEDORA-2015-1672
- FEDORA-2015-3594
- FEDORA-2015-5024
- FEDORA-2015-6294
- FEDORA-2015-8518
- FREEBSD:6294F75F-03F2-11E5-AAB1-D050996490D0
- FREEBSD:D1F5E12A-FD5A-11E3-A108-080027EF73EC
- RHSA-2014:0786
- RHSA-2014:0923
- RHSA-2014:0924
- RHSA-2014:0981
- RHSA-2014:1167
- RHSA-2014:1281
- RHSA-2014:1392
- RHSA-2014:1971
- SUSE-SU-2015:0481-1
- SUSE-SU-2015:0581-1
- SUSE-SU-2015:0652-1
- SUSE-SU-2015:0736-1
- SUSE-SU-2015:1174-1
- SUSE-SU-2015:1376-1
- USN-2251-1
- USN-2252-1
- USN-2259-1
- USN-2261-1
- USN-2262-1
- USN-2263-1
- USN-2264-1
- USN-2281-1
- USN-2282-1
- USN-2283-1
- USN-2284-1
- USN-2285-1
- USN-2287-1
- USN-2288-1
- USN-2289-1
- USN-2290-1
- USN-2313-1
- USN-2314-1
- USN-2334-1
- USN-2335-1
- USN-2336-1
- USN-2337-1
- USN-2415-1
- USN-2416-1
- USN-2417-1
- USN-2418-1
- USN-2419-1
- USN-2420-1
- USN-2421-1
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |