copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login





 

ESB-2014.1085 - [Linux][Debian] kernel: Multiple vulnerabilities

Date: 07 July 2014
References: ESB-2014.1208  ESB-2014.1219  ESB-2014.1253  

Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2014.1085
                           linux security update
                                7 July 2014

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           kernel
Publisher:         Debian
Operating System:  Debian GNU/Linux 7
                   Linux variants
Impact/Access:     Root Compromise   -- Existing Account
                   Denial of Service -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2014-4699  

Original Bulletin: 
   http://www.debian.org/security/2014/dsa-2972

Comment: This advisory references vulnerabilities in the Linux kernel that 
         also affect distributions other than Debian. It is recommended that
         administrators running Linux check for an updated version of the 
         kernel for their system.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-2972-1                   security@debian.org
http://www.debian.org/security/                      Salvatore Bonaccorso
July 06, 2014                          http://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : linux
CVE ID         : CVE-2014-4699

Andy Lutomirski discovered that the ptrace syscall was not verifying the
RIP register to be valid in the ptrace API on x86_64 processors. An
unprivileged user could use this flaw to crash the kernel (resulting in
denial of service) or for privilege escalation.

For the stable distribution (wheezy), this problem has been fixed in
version 3.2.60-1+deb7u1. In addition, this update contains several
bugfixes originally targeted for the upcoming Wheezy point release.

For the unstable distribution (sid), this problem will be fixed soon.

We recommend that you upgrade your linux packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJTuW7PAAoJEAVMuPMTQ89EryEP/3iUzWWveiBYU6GCWfFEqUMw
5BBcKFkNsxLbWWMXTpAShO9x1VPOQznddYA1qg5rMqvsNjoQFqKJN7d3tMjzYUi4
wVpYnBCsmskXHXYTlkr/43Iafn7v4J7796X6uZiUpvosqXJr6wBdqwo57KjL4IRc
K0YlnmU6PrJ2scEEph/czP+c9o3f5MPGhw8YyHN0GFeQmLAc2JdrAZwKCD5Awloj
CCH5Wh34km3v/y4HzBDeBeqxp8s610vre/+Crt4aD/HvAf7Dho/uyw1VR5D8vKHH
eHvwVX9JYMAsDAuDd7j4xooTh4l9ts3NVivvLK/flFEj+1lLo+WEhZO+MvNt/lRH
XOpHLNltAt7LHQZqh07RqJ/Ggf8ieotqiNSCUJJoJy+3FiVvSIvqYbsA0OmvbVY5
c97dxLJSZMjCnPpkMdn8Xh66HGznHbsmT436nngsoneejSpieViNRH4T9rskJylw
6epCTKW/aLbn2+Avju0b3H7s0teiafhWXfNuIk/q6tuu1WDYuqvhimxs94EVWtFz
SynAiszxbjnOAGrvsy0EYM+5Kof/VUvPm2Q7supucXbcsVI3ffyEHKoqukAZhAs6
Lx4m6dYQQ3dzbubalFLBoklVqkIGV3+M6aXrLgdcGa+rRBee1+c4ZRXgHjKVAl2L
dcifXWXUR3J/5gJbs2yq
=Zy2b
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBU7ncHRLndAQH1ShLAQIe1RAAr6f/1TxNUYsFzbOGTtRo47JTlnJ1cJQ/
VkEMvHTM3oIc2TNSQvbp2g+GI2WsQjFfwWsIdTTbU2Bx6abzCPpSZq+2p+FjsFid
OgaWOkPk3kvVKyOSRkQsC+DplDYV7ceQvCziQcfnp3XINtvtGBcK3maEDaOe47yb
2wFBH/H8RgOE7gp90rO24LKRYurOAIgU0CZTCApAF3XtAvf3e5X4Qn3DZeaz0drB
oeVqMf09Uswgp0DuPVZmz0cN+fMD6Zw1UYRFC0yNNdlQZZx0TvGD2vRoA3PJXmTy
Fgmo6d3xlICymW9Zwy6eMpbeDDd0g1nkCSANw7yZIvWrx9WRK1K0gqVGL+fBYKNu
qTpL7OeJHYju3lE4bK76eRbLcLpudDrmBEW6XyCs6ltnoAyxYfvq5SIoqzmxWBgS
eCOhKEiaeg2IIufds3HtQkSriRsQNbKtV+On7QE+nbVTvvfgnFnhgwD3FSXFUtuV
1knWU8QESSpK4n1hR8qt15XVD3FBIN4HlyEDPM9T6QPSelfKBB8KQ2YDaetEvR0d
nKsSa6WAnKDfd8JE4nbEnKWtG1cRM3hcuTAXRKBWpQtpfte6Brcttjlqcj0O45qe
FEaGV4OYPdBTSSA5xENffu9MVUii1LiQlgI6S4eWjxSRW1ji4Sqilz1dv/3aTGoa
csSQtgs20sI=
=ynbb
-----END PGP SIGNATURE-----