Back
    Linux Security
    Linux Security
    Linux Security

    Debian: DSA-3170-1: linux security update

    Date 23 Feb 2015
    Category Debian Linux Distribution - Security Advisories
    142
    Posted By LinuxSecurity Advisories
    Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leaks or privilege escalation. 
    -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3160-1                   This email address is being protected from spambots. You need JavaScript enabled to view it.
https://www.debian.org/security/                             Ben Hutchings
February 23, 2015                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : linux
CVE ID         : CVE-2013-7421 CVE-2014-7822 CVE-2014-8160 CVE-2014-8559 
                 CVE-2014-9585 CVE-2014-9644 CVE-2014-9683 CVE-2015-0239
                 CVE-2015-1420 CVE-2015-1421 CVE-2015-1593

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service, information leaks or privilege
escalation.

CVE-2013-7421 / CVE-2014-9644

    It was discovered that the Crypto API allowed unprivileged users
    to load arbitrary kernel modules. A local user can use this flaw
    to exploit vulnerabilities in modules that would not normally be
    loaded.

CVE-2014-7822

    Akira Fujita found that the splice() system call did not validate
    the given file offset and length. A local unprivileged user can use
    this flaw to cause filesystem corruption on ext4 filesystems, or
    possibly other effects.

CVE-2014-8160

    Florian Westphal discovered that a netfilter (iptables/ip6tables) rule
    accepting packets to a specific SCTP, DCCP, GRE or UDPlite
    port/endpoint could result in incorrect connection tracking state.
    If only the generic connection tracking module (nf_conntrack) was
    loaded, and not the protocol-specific connection tracking module,
    this would allow access to any port/endpoint of the specified
    protocol.

CVE-2014-8559

    It was found that kernel functions that iterate over a directory
    tree can dead-lock or live-lock in case some of the directory
    entries were recently deleted or dropped from the cache. A local
    unprivileged user can use this flaw for denial of service.

CVE-2014-9585

    Andy Lutomirski discovered that address randomisation for the vDSO
    in 64-bit processes is extremely biased. A local unprivileged user
    could potentially use this flaw to bypass the ASLR protection
    mechanism.

CVE-2014-9683

    Dmitry Chernenkov discovered that eCryptfs writes past the end of
    the allocated buffer during encrypted filename decoding, resulting
    in local denial of service.

CVE-2015-0239

    It was found that KVM did not correctly emulate the x86 SYSENTER
    instruction. An unprivileged user within a guest system that has
    not enabled SYSENTER, for example because the emulated CPU vendor
    is AMD, could potentially use this flaw to cause a denial of
    service or privilege escalation in that guest.

CVE-2015-1420

    It was discovered that the open_by_handle_at() system call reads
    the handle size from user memory a second time after validating
    it. A local user with the CAP_DAC_READ_SEARCH capability could use
    this flaw for privilege escalation.

CVE-2015-1421

    It was found that the SCTP implementation could free an
    authentication state while it was still in use, resulting in heap
    corruption. This could allow remote users to cause a denial of
    service or privilege escalation.

CVE-2015-1593

    It was found that address randomisation for the initial stack in
    64-bit processes was limited to 20 rather than 22 bits of entropy.
    A local unprivileged user could potentially use this flaw to
    bypass the ASLR protection mechanism.

For the stable distribution (wheezy), these problems have been fixed in
version 3.2.65-1+deb7u2. Additionally this update fixes regressions
introduced in versions 3.2.65-1 and 3.2.65-1+deb7u1.

For the upcoming stable distribution (jessie), these problems will be fixed
soon (a subset is fixed already).

For the unstable distribution (sid), these problems will be fixed soon
(a subset is fixed already).

We recommend that you upgrade your linux packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.

    Get the Latest News & Insights

    Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox

    Related News

    New Linux SUDO flaw lets local users gain root privileges
    New Linux SUDO flaw lets local users gain root privileges
    Is Oracle Linux a valid replacement for CentOS?
    Is Oracle Linux a valid replacement for CentOS?
    Kali Linux hands-on: A look at the installation options
    Kali Linux hands-on: A look at the installation options
    7 Linux Distros to Look Forward to in 2021
    7 Linux Distros to Look Forward to in 2021

    Advisories

    Debian LTS: DLA-2535-1: ansible security update
    Date 27 Jan 2021 @ 12:14
    SciLinux: SLSA-2021-0290-1 Important: firefox on SL7.x x86_64
    Date 27 Jan 2021 @ 11:16
    Debian: DSA-4841-1: slurm-llnl security update
    Date 27 Jan 2021 @ 08:44
    Debian: DSA-4840-1: firefox-esr security update
    Date 27 Jan 2021 @ 08:36

    LinuxSecurity Poll

    'Tis the season of giving! How have you given back to the open-source community?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/49-tis-the-season-of-giving-how-have-you-given-back-to-the-open-source-community?task=poll.vote&format=json
    49
    radio
    [{"id":"171","title":"I've contributed to the development of an open-source project.","votes":"15","type":"x","order":"1","pct":36.59,"resources":[]},{"id":"172","title":"I've reviewed open-source code for security bugs.","votes":"8","type":"x","order":"2","pct":19.51,"resources":[]},{"id":"173","title":"I've made a donation to an open-source project.","votes":"18","type":"x","order":"3","pct":43.9,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200
    Phishing Is The #1 Cybersecurity Threat Businesses Face

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

    Our Cookie Policy