[USN-2286-1] Linux kernel (Raring HWE) vulnerabilities
Several security issues were fixed in the kernel.
Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol
(PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user
could exploit this flaw to gain administrative privileges. (CVE-2014-4943)
Michael S. Tsirkin discovered an information leak in the Linux kernel's
segmentation of skbs when using the zerocopy feature of vhost-net. A local
attacker could exploit this flaw to gain potentially sensitive information
from kernel memory. (CVE-2014-0131)
Salva Peiró discovered an information leak in the Linux kernel's media-
device driver. A local attacker could exploit this flaw to obtain sensitive
information from kernel memory. (CVE-2014-1739)
A bounds check error was discovered in the socket filter subsystem of the
Linux kernel. A local user could exploit this flaw to cause a denial of
service (system crash) via crafted BPF instructions. (CVE-2014-3144)
A remainder calculation error was discovered in the socket filter subsystem
of the Linux kernel. A local user could exploit this flaw to cause a denial
of service (system crash) via crafted BPF instructions. (CVE-2014-3145)
An flaw was discovered in the Linux kernel's audit subsystem when auditing
certain syscalls. A local attacker could exploit this flaw to obtain
potentially sensitive single-bit values from kernel memory or cause a
denial of service (OOPS). (CVE-2014-3917)
A flaw was discovered in the Linux kernel's implementation of user
namespaces with respect to inode permissions. A local user could exploit
this flaw by creating a user namespace to gain administrative privileges.
(CVE-2014-4014)
Don Bailey discovered a flaw in the LZO decompress algorithm used by the
Linux kernel. An attacker could exploit this flaw to cause a denial of
service (memory corruption or OOPS). (CVE-2014-4608)
- ID
- USN-2286-1
- Severity
- high
- Severity from
- CVE-2014-4608
- URL
- https://ubuntu.com/security/notices/USN-2286-1
- Published
-
2014-07-17T00:40:37
(10 years ago) - Modified
-
2014-07-17T00:40:37
(10 years ago) - Other Advisories
-
-
ALAS-2014-368
-
ALAS-2014-392
-
DSA-2949-1
-
DSA-2992-1
-
ELSA-2014-0786
-
ELSA-2014-0923
-
ELSA-2014-0924
-
ELSA-2014-0981
-
ELSA-2014-1143
-
ELSA-2014-1167
-
ELSA-2014-1281
-
ELSA-2014-1392
-
ELSA-2014-1971
-
ELSA-2014-3046
-
ELSA-2014-3047
-
ELSA-2014-3048
-
ELSA-2014-3049
-
ELSA-2014-3052
-
ELSA-2014-3053
-
ELSA-2014-3054
-
ELSA-2014-3072
-
ELSA-2014-3073
-
ELSA-2014-3074
-
ELSA-2014-3096
-
ELSA-2014-3104
-
FEDORA-2014-11008
-
FEDORA-2014-11031
-
FEDORA-2014-13020
-
FEDORA-2014-13045
-
FEDORA-2014-13558
-
FEDORA-2014-13773
-
FEDORA-2014-14068
-
FEDORA-2014-15200
-
FEDORA-2014-16632
-
FEDORA-2014-17244
-
FEDORA-2014-17283
-
FEDORA-2014-4317
-
FEDORA-2014-4360
-
FEDORA-2014-4675
-
FEDORA-2014-4844
-
FEDORA-2014-4849
-
FEDORA-2014-5235
-
FEDORA-2014-5609
-
FEDORA-2014-6122
-
FEDORA-2014-6354
-
FEDORA-2014-6357
-
FEDORA-2014-7033
-
FEDORA-2014-7128
-
FEDORA-2014-7320
-
FEDORA-2014-7426
-
FEDORA-2014-7430
-
FEDORA-2014-7863
-
FEDORA-2014-8171
-
FEDORA-2014-8487
-
FEDORA-2014-8519
-
FEDORA-2014-9010
-
FEDORA-2014-9142
-
FEDORA-2014-9449
-
FEDORA-2014-9466
-
FEDORA-2014-9959
-
FEDORA-2015-0515
-
FEDORA-2015-1672
-
FEDORA-2015-3594
-
FEDORA-2015-5024
-
FEDORA-2015-6294
-
FEDORA-2015-8518
-
FREEBSD:6294F75F-03F2-11E5-AAB1-D050996490D0
-
FREEBSD:D1F5E12A-FD5A-11E3-A108-080027EF73EC
-
RHSA-2014:0786
-
RHSA-2014:0923
-
RHSA-2014:0924
-
RHSA-2014:0981
-
RHSA-2014:1167
-
RHSA-2014:1281
-
RHSA-2014:1392
-
RHSA-2014:1971
-
SUSE-SU-2015:0481-1
-
SUSE-SU-2015:0581-1
-
SUSE-SU-2015:0652-1
-
SUSE-SU-2015:0736-1
-
SUSE-SU-2015:1174-1
-
SUSE-SU-2015:1376-1
-
USN-2251-1
-
USN-2252-1
-
USN-2259-1
-
USN-2261-1
-
USN-2262-1
-
USN-2263-1
-
USN-2264-1
-
USN-2281-1
-
USN-2282-1
-
USN-2283-1
-
USN-2284-1
-
USN-2285-1
-
USN-2287-1
-
USN-2288-1
-
USN-2289-1
-
USN-2290-1
-
USN-2313-1
-
USN-2314-1
-
USN-2334-1
-
USN-2335-1
-
USN-2336-1
-
USN-2337-1
-
USN-2415-1
-
USN-2416-1
-
USN-2417-1
-
USN-2418-1
-
USN-2419-1
-
USN-2420-1
-
USN-2421-1
-
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |