copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login





 

ESB-2014.2322 - [Linux][Debian] kernel: Multiple vulnerabilities

Date: 09 December 2014
References: ESB-2015.0189  ESB-2015.1100  

Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2014.2322
                           linux security update
                              9 December 2014

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           kernel
Publisher:         Debian
Operating System:  Debian GNU/Linux 7
                   Linux variants
Impact/Access:     Root Compromise   -- Existing Account      
                   Denial of Service -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2014-9090 CVE-2014-8884 CVE-2014-8369
                   CVE-2014-7841  

Original Bulletin: 
   http://www.debian.org/security/2014/dsa-3093

Comment: This advisory references vulnerabilities in the Linux kernel that 
         also affect distributions other than Debian. It is recommended that
         administrators running Linux check for an updated version of the 
         kernel for their system.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-3093-1                   security@debian.org
http://www.debian.org/security/                      Salvatore Bonaccorso
December 08, 2014                      http://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : linux
CVE ID         : CVE-2014-7841 CVE-2014-8369 CVE-2014-8884 CVE-2014-9090

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service or privilege escalation:

CVE-2014-7841

    Liu Wei of Red Hat discovered that a SCTP server doing ASCONF will
    panic on malformed INIT chunks by triggering a NULL pointer
    dereference.

CVE-2014-8369

    A flaw was discovered in the way iommu mapping failures were handled
    in the kvm_iommu_map_pages() function in the Linux kernel. A guest
    OS user could exploit this flaw to cause a denial of service (host
    OS memory corruption) or possibly have other unspecified impact on
    the host OS.

CVE-2014-8884

    A stack-based buffer overflow flaw was discovered in the
    TechnoTrend/Hauppauge DEC USB driver. A local user with write access
    to the corresponding device could use this flaw to crash the kernel
    or, potentially, elevate their privileges.

CVE-2014-9090

    Andy Lutomirski discovered that the do_double_fault function in
    arch/x86/kernel/traps.c in the Linux kernel did not properly handle
    faults associated with the Stack Segment (SS) segment register,
    which allows local users to cause a denial of service (panic).

For the stable distribution (wheezy), these problems have been fixed in
version 3.2.63-2+deb7u2. This update also includes fixes for regressions
introduced by previous updates.

For the unstable distribution (sid), these problems will be fixed soon
in version 3.16.7-ckt2-1.

We recommend that you upgrade your linux packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJUhhMIAAoJEAVMuPMTQ89EWvoP/2Y+Dr62XSZ5MuBzFx739eZj
jPEj/YtVMUylVX6/3wBp74JxPZsOs6YTeCZ3U6WHBlNoInEBZp8wxQ56X6fbMdsS
NxNyvwQMCu52uneTujuSpXECnPyJAqJQtZnsILb6sHB+XbKlPGpfgt0Y5A1khMW6
zBndduifMBHv2D/ZoCHRzg94VIKmg1nG+DGjVSSDmti5BfNnb7j13aUXKqtdJG7m
BLP3Wvi+AtgzQFXLi9BbgR3B3CpmHEa0t2+gn5PyDbjglyM63DxNFPEtt0eM9RxQ
pMeRspIIvfSbvcrOtk1wFIc8LffptUnb/buYpvN6rs2/wfVywd0i9/yRAaXWlfr1
vryEWiK1R4yUZFBDmD3HU1boyBwsoDArhESwa7/ZL+B5WW1G773K7AKlB8JwB4AC
ssKT2CTnagLMr9Dsr5FJYCeuHPAXRx96JbivZPz5jIt7hnHitsg3q05E76RowOik
JzAfxQFovV2isHjrsuw3GYw/7VVLFE1Hzqch9K67Xa1c2gzpYOJl/M4wPdinDtM2
o69YjDRtcv4/voiET3X44loq9EoaEAqWF+QQhd7Flmuhj6JvEeKfqLN35MUGDSar
r5FJOc6y0+fHsR5zggMcNGGw10r1ctmfoRjxeGjQw+gBV2da5/4+ryRPedfsHFSD
yfxvUIxS1nq/ye3XQB2o
=wZ/Y
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBVIY6YRLndAQH1ShLAQKKrBAAt2S6cIgkJlJrZ4f2qFtTtq4D+X0ErmXQ
84MkmzsoMr4PuqtEmPHnkqsgVg+cFIGO7eXCs8jQHiBWPMHN7EhQEC7HNDk24TYY
XojPl2Xr103wBro2dpXaSnqpqbrPeuJcnEGxTu/nb0qs7DZO5+Zax9CqNBWksF5F
3eT38EAfnQ2UCZSZ+LOXPhBpCRpplEvW7BDkawdYKQlSlMbi+coCZN97l5YV/4v4
wpecvQpC5stPsK5QQmsQoq0Jx40GS0sYiPPuEPIaAgXbPzYsmGMy9Yy09tMp7DS6
fCBk3M+WZfQYlGfzBfD6Br3GyxmkpuVQvc7o+fpU30vHipgrjjwZ35E+xoWgjA/J
3Ff+rV4QF3snYoaVMH5usZYX3OtGGJqKVykGqv5+G9GtNyvY10VeEZEFtxweuYOi
267B6CRZIPtCmx5y862XUNZ9Kgtr2adKkAEwdFK4fZ+cWf8UPJ+r9M3HAiUinYC5
njgnBuqtBgHSw4EW19SOpVedBUuULVwI9h4ACuWsH+0ddOZrYzlaAKkOYyT4XGc/
UF8i4k6AWwC+K7IMMEk5sgfiVRzJ+PvW50W1B/vLxCeTrxgvbFppJh/hDM7atiVL
IlvN0nldZCxfgKpOaT5YY2GMmmlS3vl2cdYjMmnVQs6lst55teZERgEnbMml9vAk
c4Pk3C6tQXo=
=klZb
-----END PGP SIGNATURE-----