Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.703170
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 3170-1 (linux - security update)
Summary:Several vulnerabilities have been;discovered in the Linux kernel that may lead to a denial of service, information;leaks or privilege escalation.;;CVE-2013-7421 /;CVE-2014-9644;It was discovered that the Crypto API allowed unprivileged users;to load arbitrary kernel modules. A local user can use this flaw;to exploit vulnerabilities in modules that would not normally be;loaded.;;CVE-2014-7822;Akira Fujita found that the splice() system call did not validate;the given file offset and length. A local unprivileged user can use;this flaw to cause filesystem corruption on ext4 filesystems, or;possibly other effects.;;CVE-2014-8160;Florian Westphal discovered that a netfilter (iptables/ip6tables) rule;accepting packets to a specific SCTP, DCCP, GRE or UDPlite;port/endpoint could result in incorrect connection tracking state.;If only the generic connection tracking module (nf_conntrack) was;loaded, and not the protocol-specific connection tracking module,;this would allow access to any port/endpoint of the specified;protocol.;;CVE-2014-8559;It was found that kernel functions that iterate over a directory;tree can dead-lock or live-lock in case some of the directory;entries were recently deleted or dropped from the cache. A local;unprivileged user can use this flaw for denial of service.;;CVE-2014-9585;Andy Lutomirski discovered that address randomisation for the vDSO;in 64-bit processes is extremely biased. A local unprivileged user;could potentially use this flaw to bypass the ASLR protection;mechanism.;;CVE-2014-9683;Dmitry Chernenkov discovered that eCryptfs writes past the end of;the allocated buffer during encrypted filename decoding, resulting;in local denial of service.;;CVE-2015-0239;It was found that KVM did not correctly emulate the x86 SYSENTER;instruction. An unprivileged user within a guest system that has;not enabled SYSENTER, for example because the emulated CPU vendor;is AMD, could potentially use this flaw to cause a denial of;service or privilege escalation in that guest.;;CVE-2015-1420;It was discovered that the open_by_handle_at() system call reads;the handle size from user memory a second time after validating;it. A local user with the CAP_DAC_READ_SEARCH capability could use;this flaw for privilege escalation.;;CVE-2015-1421;It was found that the SCTP implementation could free an;authentication state while it was still in use, resulting in heap;corruption. This could allow remote users to cause a denial of;service or privilege escalation.;;CVE-2015-1593;It was found that address randomisation for the initial stack in;64-bit processes was limited to 20 rather than 22 bits of entropy.;A local unprivileged user could potentially use this flaw to;bypass the ASLR protection mechanism.
Description:Summary:
Several vulnerabilities have been
discovered in the Linux kernel that may lead to a denial of service, information
leaks or privilege escalation.

CVE-2013-7421 /
CVE-2014-9644
It was discovered that the Crypto API allowed unprivileged users
to load arbitrary kernel modules. A local user can use this flaw
to exploit vulnerabilities in modules that would not normally be
loaded.

CVE-2014-7822
Akira Fujita found that the splice() system call did not validate
the given file offset and length. A local unprivileged user can use
this flaw to cause filesystem corruption on ext4 filesystems, or
possibly other effects.

CVE-2014-8160
Florian Westphal discovered that a netfilter (iptables/ip6tables) rule
accepting packets to a specific SCTP, DCCP, GRE or UDPlite
port/endpoint could result in incorrect connection tracking state.
If only the generic connection tracking module (nf_conntrack) was
loaded, and not the protocol-specific connection tracking module,
this would allow access to any port/endpoint of the specified
protocol.

CVE-2014-8559
It was found that kernel functions that iterate over a directory
tree can dead-lock or live-lock in case some of the directory
entries were recently deleted or dropped from the cache. A local
unprivileged user can use this flaw for denial of service.

CVE-2014-9585
Andy Lutomirski discovered that address randomisation for the vDSO
in 64-bit processes is extremely biased. A local unprivileged user
could potentially use this flaw to bypass the ASLR protection
mechanism.

CVE-2014-9683
Dmitry Chernenkov discovered that eCryptfs writes past the end of
the allocated buffer during encrypted filename decoding, resulting
in local denial of service.

CVE-2015-0239
It was found that KVM did not correctly emulate the x86 SYSENTER
instruction. An unprivileged user within a guest system that has
not enabled SYSENTER, for example because the emulated CPU vendor
is AMD, could potentially use this flaw to cause a denial of
service or privilege escalation in that guest.

CVE-2015-1420
It was discovered that the open_by_handle_at() system call reads
the handle size from user memory a second time after validating
it. A local user with the CAP_DAC_READ_SEARCH capability could use
this flaw for privilege escalation.

CVE-2015-1421
It was found that the SCTP implementation could free an
authentication state while it was still in use, resulting in heap
corruption. This could allow remote users to cause a denial of
service or privilege escalation.

CVE-2015-1593
It was found that address randomisation for the initial stack in
64-bit processes was limited to 20 rather than 22 bits of entropy.
A local unprivileged user could potentially use this flaw to
bypass the ASLR protection mechanism.

Affected Software/OS:
linux on Debian Linux

Solution:
For the stable distribution (wheezy),
these problems have been fixed in version 3.2.65-1+deb7u2. Additionally this update
fixes regressions introduced in versions 3.2.65-1 and 3.2.65-1+deb7u1.

For the upcoming stable distribution (jessie), these problems will be fixed
soon (a subset is fixed already).

For the unstable distribution (sid), these problems will be fixed soon
(a subset is fixed already).

We recommend that you upgrade your linux packages.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-7421
BugTraq ID: 72322
http://www.securityfocus.com/bid/72322
Debian Security Information: DSA-3170 (Google Search)
http://www.debian.org/security/2015/dsa-3170
http://www.mandriva.com/security/advisories?name=MDVSA-2015:057
http://www.mandriva.com/security/advisories?name=MDVSA-2015:058
https://plus.google.com/+MathiasKrause/posts/PqFCo4bfrWu
https://lkml.org/lkml/2013/3/4/70
http://www.openwall.com/lists/oss-security/2015/01/24/4
RedHat Security Advisories: RHSA-2016:0068
http://rhn.redhat.com/errata/RHSA-2016-0068.html
http://www.ubuntu.com/usn/USN-2513-1
http://www.ubuntu.com/usn/USN-2514-1
http://www.ubuntu.com/usn/USN-2543-1
http://www.ubuntu.com/usn/USN-2544-1
http://www.ubuntu.com/usn/USN-2545-1
http://www.ubuntu.com/usn/USN-2546-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-7822
BugTraq ID: 72347
http://www.securityfocus.com/bid/72347
https://www.exploit-db.com/exploits/36743/
http://www.osvdb.org/117810
RedHat Security Advisories: RHSA-2015:0102
http://rhn.redhat.com/errata/RHSA-2015-0102.html
RedHat Security Advisories: RHSA-2015:0164
http://rhn.redhat.com/errata/RHSA-2015-0164.html
RedHat Security Advisories: RHSA-2015:0674
http://rhn.redhat.com/errata/RHSA-2015-0674.html
RedHat Security Advisories: RHSA-2015:0694
http://rhn.redhat.com/errata/RHSA-2015-0694.html
SuSE Security Announcement: SUSE-SU-2015:0529 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html
SuSE Security Announcement: SUSE-SU-2015:0736 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html
SuSE Security Announcement: SUSE-SU-2015:1488 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html
SuSE Security Announcement: SUSE-SU-2015:1489 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html
SuSE Security Announcement: openSUSE-SU-2015:0714 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html
http://www.ubuntu.com/usn/USN-2541-1
http://www.ubuntu.com/usn/USN-2542-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-8160
BugTraq ID: 72061
http://www.securityfocus.com/bid/72061
http://www.spinics.net/lists/netfilter-devel/msg33430.html
http://www.openwall.com/lists/oss-security/2015/01/14/3
RedHat Security Advisories: RHSA-2015:0284
http://rhn.redhat.com/errata/RHSA-2015-0284.html
RedHat Security Advisories: RHSA-2015:0290
http://rhn.redhat.com/errata/RHSA-2015-0290.html
SuSE Security Announcement: SUSE-SU-2015:0652 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html
http://www.ubuntu.com/usn/USN-2515-1
http://www.ubuntu.com/usn/USN-2516-1
http://www.ubuntu.com/usn/USN-2517-1
http://www.ubuntu.com/usn/USN-2518-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-8559
BugTraq ID: 70854
http://www.securityfocus.com/bid/70854
https://lkml.org/lkml/2014/10/25/171
https://lkml.org/lkml/2014/10/25/179
https://lkml.org/lkml/2014/10/25/180
https://lkml.org/lkml/2014/10/26/101
https://lkml.org/lkml/2014/10/26/116
https://lkml.org/lkml/2014/10/26/128
https://lkml.org/lkml/2014/10/26/129
http://www.openwall.com/lists/oss-security/2014/10/30/7
RedHat Security Advisories: RHSA-2015:1976
http://rhn.redhat.com/errata/RHSA-2015-1976.html
RedHat Security Advisories: RHSA-2015:1978
http://rhn.redhat.com/errata/RHSA-2015-1978.html
http://www.securitytracker.com/id/1034051
http://secunia.com/advisories/62801
SuSE Security Announcement: SUSE-SU-2015:0178 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html
SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
http://www.ubuntu.com/usn/USN-2492-1
http://www.ubuntu.com/usn/USN-2493-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-9585
BugTraq ID: 71990
http://www.securityfocus.com/bid/71990
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148480.html
http://git.kernel.org/?p=linux/kernel/git/luto/linux.git;a=commit;h=bc3b94c31d65e761ddfe150d02932c65971b74e2
http://v0ids3curity.blogspot.in/2014/12/return-to-vdso-using-elf-auxiliary.html
http://www.openwall.com/lists/oss-security/2014/12/09/10
http://www.openwall.com/lists/oss-security/2015/01/09/8
RedHat Security Advisories: RHSA-2015:1081
http://rhn.redhat.com/errata/RHSA-2015-1081.html
RedHat Security Advisories: RHSA-2015:1778
http://rhn.redhat.com/errata/RHSA-2015-1778.html
RedHat Security Advisories: RHSA-2015:1787
http://rhn.redhat.com/errata/RHSA-2015-1787.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-9644
BugTraq ID: 72320
http://www.securityfocus.com/bid/72320
Common Vulnerability Exposure (CVE) ID: CVE-2014-9683
BugTraq ID: 72643
http://www.securityfocus.com/bid/72643
http://www.openwall.com/lists/oss-security/2015/02/17/9
RedHat Security Advisories: RHSA-2015:1272
http://rhn.redhat.com/errata/RHSA-2015-1272.html
http://www.securitytracker.com/id/1031860
SuSE Security Announcement: SUSE-SU-2015:1478 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-0239
BugTraq ID: 72842
http://www.securityfocus.com/bid/72842
http://permalink.gmane.org/gmane.linux.kernel.commits.head/502245
http://www.openwall.com/lists/oss-security/2015/01/27/6
Common Vulnerability Exposure (CVE) ID: CVE-2015-1420
BugTraq ID: 72357
http://www.securityfocus.com/bid/72357
http://marc.info/?l=linux-kernel&m=142247707318982&w=2
http://www.openwall.com/lists/oss-security/2015/01/29/12
SuSE Security Announcement: SUSE-SU-2015:1224 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html
SuSE Security Announcement: SUSE-SU-2015:1592 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html
SuSE Security Announcement: SUSE-SU-2015:1611 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html
SuSE Security Announcement: openSUSE-SU-2015:1382 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html
http://www.ubuntu.com/usn/USN-2660-1
http://www.ubuntu.com/usn/USN-2661-1
http://www.ubuntu.com/usn/USN-2665-1
http://www.ubuntu.com/usn/USN-2667-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-1421
BugTraq ID: 72356
http://www.securityfocus.com/bid/72356
http://www.openwall.com/lists/oss-security/2015/01/29/15
RedHat Security Advisories: RHSA-2015:0726
http://rhn.redhat.com/errata/RHSA-2015-0726.html
RedHat Security Advisories: RHSA-2015:0751
http://rhn.redhat.com/errata/RHSA-2015-0751.html
RedHat Security Advisories: RHSA-2015:0782
http://rhn.redhat.com/errata/RHSA-2015-0782.html
RedHat Security Advisories: RHSA-2015:0864
http://rhn.redhat.com/errata/RHSA-2015-0864.html
RedHat Security Advisories: RHSA-2015:1082
http://rhn.redhat.com/errata/RHSA-2015-1082.html
http://www.securitytracker.com/id/1032172
SuSE Security Announcement: SUSE-SU-2015:0832 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00001.html
http://www.ubuntu.com/usn/USN-2562-1
http://www.ubuntu.com/usn/USN-2563-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-1593
BugTraq ID: 72607
http://www.securityfocus.com/bid/72607
http://hmarco.org/bugs/linux-ASLR-integer-overflow.html
https://lkml.org/lkml/2015/1/7/811
http://www.openwall.com/lists/oss-security/2015/02/13/13
RedHat Security Advisories: RHSA-2015:1137
http://rhn.redhat.com/errata/RHSA-2015-1137.html
RedHat Security Advisories: RHSA-2015:1138
http://rhn.redhat.com/errata/RHSA-2015-1138.html
RedHat Security Advisories: RHSA-2015:1221
http://rhn.redhat.com/errata/RHSA-2015-1221.html
RedHat Security Advisories: RHSA-2019:3517
https://access.redhat.com/errata/RHSA-2019:3517
http://www.ubuntu.com/usn/USN-2560-1
http://www.ubuntu.com/usn/USN-2561-1
http://www.ubuntu.com/usn/USN-2564-1
http://www.ubuntu.com/usn/USN-2565-1
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.