exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2014-038

Mandriva Linux Security Advisory 2014-038
Posted Feb 18, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-038 - Multiple vulnerabilities has been found and corrected in the Linux kernel. The compat_sys_recvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIG_X86_X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted timeout pointer parameter. The restore_fpu_checking function in arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8 on the AMD K7 and K8 platforms does not clear pending exceptions before proceeding to an EMMS instruction, which allows local users to cause a denial of service or possibly gain privileges via a crafted application. The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability for an SIOCYAMGCFG ioctl call. The updated packages provides a solution for these security issues.

tags | advisory, denial of service, x86, kernel, local, vulnerability
systems | linux, mandriva
advisories | CVE-2014-0038, CVE-2014-1438, CVE-2014-1446
SHA-256 | e2c4547e50770bd3df69abde587f4db32a1c9a1954a305f2d7cf5ee05330a99e

Mandriva Linux Security Advisory 2014-038

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:038
https://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : kernel
Date : February 17, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

Multiple vulnerabilities has been found and corrected in the Linux
kernel:

The compat_sys_recvmmsg function in net/compat.c in the Linux kernel
before 3.13.2, when CONFIG_X86_X32 is enabled, allows local users
to gain privileges via a recvmmsg system call with a crafted timeout
pointer parameter (CVE-2014-0038).

The restore_fpu_checking function in
arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8
on the AMD K7 and K8 platforms does not clear pending exceptions
before proceeding to an EMMS instruction, which allows local users
to cause a denial of service (task kill) or possibly gain privileges
via a crafted application (CVE-2014-1438).

The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux
kernel before 3.12.8 does not initialize a certain structure member,
which allows local users to obtain sensitive information from kernel
memory by leveraging the CAP_NET_ADMIN capability for an SIOCYAMGCFG
ioctl call (CVE-2014-1446).

The updated packages provides a solution for these security issues.
_______________________________________________________________________

References:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0038
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1438
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1446
_______________________________________________________________________

Updated Packages:

Mandriva Business Server 1/X86_64:
d1faf9544075ff4790e29edd6e7061f6 mbs1/x86_64/cpupower-3.4.80-1.1.mbs1.x86_64.rpm
3498721d639bf646ed55e2903ce728e4 mbs1/x86_64/kernel-firmware-3.4.80-1.1.mbs1.noarch.rpm
f9927f4b1512a26d874a82a99636fb09 mbs1/x86_64/kernel-firmware-3.4.80-1.1.mbs1.src.rpm
e874467839b96e04bebd0c5b24f31fc3 mbs1/x86_64/kernel-headers-3.4.80-1.1.mbs1.src.rpm
208f74225f3d18189a871ac308c8df5b mbs1/x86_64/kernel-headers-3.4.80-1.1.mbs1.x86_64.rpm
e1f82c2b50db46cdb4db2daa933f7173 mbs1/x86_64/kernel-server-3.4.80-1.1.mbs1.x86_64.rpm
ed0d8eed6c61553e73121117bcfc978f mbs1/x86_64/kernel-server-devel-3.4.80-1.1.mbs1.x86_64.rpm
00ca38d2289182149e8f43c6871711e8 mbs1/x86_64/kernel-source-3.4.80-1.mbs1.noarch.rpm
429b6e48ee63a03a83577a710bc5368d mbs1/x86_64/lib64cpupower0-3.4.80-1.1.mbs1.x86_64.rpm
a6e3898905be2a8d7ded39a5312f7670 mbs1/x86_64/lib64cpupower-devel-3.4.80-1.1.mbs1.x86_64.rpm
086bc3e49adec4147aa1138ae5d5245c mbs1/x86_64/perf-3.4.80-1.1.mbs1.x86_64.rpm
f5a65feb515d65f9f1f526f6294af2c3 mbs1/SRPMS/cpupower-3.4.80-1.1.mbs1.src.rpm
56fafb86f60233b29fcd8d42d35e4678 mbs1/SRPMS/kernel-server-3.4.80-1.1.mbs1.src.rpm
715647161acd9ec082c0a2fef0f35fc3 mbs1/SRPMS/kernel-source-3.4.80-1.mbs1.src.rpm
cc72e360fa32823a575d1c9536fdecc3 mbs1/SRPMS/perf-3.4.80-1.1.mbs1.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

https://www.mandriva.com/en/support/security/advisories/

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFTAiBGmqjQ0CJFipgRAiryAKCz6vqRlzaZ+l0B6QyuMb95i8UVoACgjAGx
F7TlfjN081P00FfeKN47Je4=
=osPP
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close