Lucene search

K
centosCentOS ProjectCESA-2014:1971
HistoryDec 10, 2014 - 12:48 p.m.

kernel, perf, python security update

2014-12-1012:48:13
CentOS Project
lists.centos.org
63

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.908

Percentile

98.9%

CentOS Errata and Security Advisory CESA-2014:1971

  • A flaw was found in the way the Linux kernel’s SCTP implementation
    handled malformed or duplicate Address Configuration Change Chunks
    (ASCONF). A remote attacker could use either of these flaws to crash the
    system. (CVE-2014-3673, CVE-2014-3687, Important)

  • A flaw was found in the way the Linux kernel’s SCTP implementation
    handled the association’s output queue. A remote attacker could send
    specially crafted packets that would cause the system to use an excessive
    amount of memory, leading to a denial of service. (CVE-2014-3688,
    Important)

  • Two flaws were found in the way the Apple Magic Mouse/Trackpad
    multi-touch driver and the Minibox PicoLCD driver handled invalid HID
    reports. An attacker with physical access to the system could use these
    flaws to crash the system or, potentially, escalate their privileges on the
    system. (CVE-2014-3181, CVE-2014-3186, Moderate)

  • A memory corruption flaw was found in the way the USB ConnectTech
    WhiteHEAT serial driver processed completion commands sent via USB Request
    Blocks buffers. An attacker with physical access to the system could use
    this flaw to crash the system or, potentially, escalate their privileges on
    the system. (CVE-2014-3185, Moderate)

  • A flaw was found in the way the Linux kernel’s keys subsystem handled the
    termination condition in the associative array garbage collection
    functionality. A local, unprivileged user could use this flaw to crash the
    system. (CVE-2014-3631, Moderate)

  • Multiple flaws were found in the way the Linux kernel’s ALSA
    implementation handled user controls. A local, privileged user could use
    either of these flaws to crash the system. (CVE-2014-4654, CVE-2014-4655,
    CVE-2014-4656, Moderate)

  • A flaw was found in the way the Linux kernel’s VFS subsystem handled
    reference counting when performing unmount operations on symbolic links.
    A local, unprivileged user could use this flaw to exhaust all available
    memory on the system or, potentially, trigger a use-after-free error,
    resulting in a system crash or privilege escalation. (CVE-2014-5045,
    Moderate)

  • A flaw was found in the way the get_dumpable() function return value was
    interpreted in the ptrace subsystem of the Linux kernel. When
    ‘fs.suid_dumpable’ was set to 2, a local, unprivileged local user could
    use this flaw to bypass intended ptrace restrictions and obtain
    potentially sensitive information. (CVE-2013-2929, Low)

  • A stack overflow flaw caused by infinite recursion was found in the way
    the Linux kernel’s UDF file system implementation processed indirect ICBs.
    An attacker with physical access to the system could use a specially
    crafted UDF image to crash the system. (CVE-2014-6410, Low)

  • An information leak flaw in the way the Linux kernel handled media device
    enumerate entities IOCTL requests could allow a local user able to access
    the /dev/media0 device file to leak kernel memory bytes. (CVE-2014-1739,
    Low)

  • An out-of-bounds read flaw in the Logitech Unifying receiver driver could
    allow an attacker with physical access to the system to crash the system
    or, potentially, escalate their privileges on the system. (CVE-2014-3182,
    Low)

  • Multiple out-of-bounds write flaws were found in the way the Cherry
    Cymotion keyboard driver, KYE/Genius device drivers, Logitech device
    drivers, Monterey Genius KB29E keyboard driver, Petalynx Maxter remote
    control driver, and Sunplus wireless desktop driver handled invalid HID
    reports. An attacker with physical access to the system could use either of
    these flaws to write data past an allocated memory buffer. (CVE-2014-3184,
    Low)

  • An information leak flaw was found in the RAM Disks Memory Copy (rd_mcp)
    back end driver of the iSCSI Target subsystem could allow a privileged user
    to leak the contents of kernel memory to an iSCSI initiator remote client.
    (CVE-2014-4027, Low)

  • An information leak flaw in the Linux kernel’s ALSA implementation could
    allow a local, privileged user to leak kernel memory to user space.
    (CVE-2014-4652, Low)

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2014-December/082982.html

Affected packages:
kernel
kernel-abi-whitelists
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-tools
kernel-tools-libs
kernel-tools-libs-devel
perf
python-perf

Upstream details at:
https://access.redhat.com/errata/RHSA-2014:1971

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.908

Percentile

98.9%