Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 464
Alerts This Week
Warning Icon 1 464

Debian DSA-3237-1 Severity Moderate: Kernel Escalation And DoS Issues

debian
Calendar Grey April 26, 2015
Debian Logo
- ------------------------------------------------------------------------- Debian Security Advisory
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks

Summary

CVE-2014-8159

It was found that the Linux kernel's InfiniBand/RDMA subsystem did
not properly sanitize input parameters while registering memory
regions from user space via the (u)verbs API. A local user with
access to a /dev/infiniband/uverbsX device could use this flaw to
crash the system or, potentially, escalate their privileges on the
system.

CVE-2014-9715

It was found that the netfilter connection tracking subsystem used
too small a type as an offset within each connection's data
structure, following a bug fix in Linux 3.2.33 and 3.6. In some
configurations, this would lead to memory corruption and crashes
(even without malicious traffic). This could potentially also
result in violation of the netfilter policy or remote code
execution.

This can be mitigated by disabling connection tracking accounting:
sysctl net.netfilter.nf_conntrack_acct=0

CVE-2015-2041

Sasha Levin discovered that the LLC subsystem exposed some variables
...

Read the Full Advisory

Package: linux
CVE ID: CVE-2014-8159 CVE-2014-9715 CVE-2015-2041 CVE-2015-2042

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.