what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2014-038

Mandriva Linux Security Advisory 2014-038
Posted Feb 18, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-038 - Multiple vulnerabilities has been found and corrected in the Linux kernel. The compat_sys_recvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIG_X86_X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted timeout pointer parameter. The restore_fpu_checking function in arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8 on the AMD K7 and K8 platforms does not clear pending exceptions before proceeding to an EMMS instruction, which allows local users to cause a denial of service or possibly gain privileges via a crafted application. The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability for an SIOCYAMGCFG ioctl call. The updated packages provides a solution for these security issues.

tags | advisory, denial of service, x86, kernel, local, vulnerability
systems | linux, mandriva
advisories | CVE-2014-0038, CVE-2014-1438, CVE-2014-1446
SHA-256 | e2c4547e50770bd3df69abde587f4db32a1c9a1954a305f2d7cf5ee05330a99e

Mandriva Linux Security Advisory 2014-038

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:038
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : kernel
Date : February 17, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

Multiple vulnerabilities has been found and corrected in the Linux
kernel:

The compat_sys_recvmmsg function in net/compat.c in the Linux kernel
before 3.13.2, when CONFIG_X86_X32 is enabled, allows local users
to gain privileges via a recvmmsg system call with a crafted timeout
pointer parameter (CVE-2014-0038).

The restore_fpu_checking function in
arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8
on the AMD K7 and K8 platforms does not clear pending exceptions
before proceeding to an EMMS instruction, which allows local users
to cause a denial of service (task kill) or possibly gain privileges
via a crafted application (CVE-2014-1438).

The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux
kernel before 3.12.8 does not initialize a certain structure member,
which allows local users to obtain sensitive information from kernel
memory by leveraging the CAP_NET_ADMIN capability for an SIOCYAMGCFG
ioctl call (CVE-2014-1446).

The updated packages provides a solution for these security issues.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0038
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1438
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1446
_______________________________________________________________________

Updated Packages:

Mandriva Business Server 1/X86_64:
d1faf9544075ff4790e29edd6e7061f6 mbs1/x86_64/cpupower-3.4.80-1.1.mbs1.x86_64.rpm
3498721d639bf646ed55e2903ce728e4 mbs1/x86_64/kernel-firmware-3.4.80-1.1.mbs1.noarch.rpm
f9927f4b1512a26d874a82a99636fb09 mbs1/x86_64/kernel-firmware-3.4.80-1.1.mbs1.src.rpm
e874467839b96e04bebd0c5b24f31fc3 mbs1/x86_64/kernel-headers-3.4.80-1.1.mbs1.src.rpm
208f74225f3d18189a871ac308c8df5b mbs1/x86_64/kernel-headers-3.4.80-1.1.mbs1.x86_64.rpm
e1f82c2b50db46cdb4db2daa933f7173 mbs1/x86_64/kernel-server-3.4.80-1.1.mbs1.x86_64.rpm
ed0d8eed6c61553e73121117bcfc978f mbs1/x86_64/kernel-server-devel-3.4.80-1.1.mbs1.x86_64.rpm
00ca38d2289182149e8f43c6871711e8 mbs1/x86_64/kernel-source-3.4.80-1.mbs1.noarch.rpm
429b6e48ee63a03a83577a710bc5368d mbs1/x86_64/lib64cpupower0-3.4.80-1.1.mbs1.x86_64.rpm
a6e3898905be2a8d7ded39a5312f7670 mbs1/x86_64/lib64cpupower-devel-3.4.80-1.1.mbs1.x86_64.rpm
086bc3e49adec4147aa1138ae5d5245c mbs1/x86_64/perf-3.4.80-1.1.mbs1.x86_64.rpm
f5a65feb515d65f9f1f526f6294af2c3 mbs1/SRPMS/cpupower-3.4.80-1.1.mbs1.src.rpm
56fafb86f60233b29fcd8d42d35e4678 mbs1/SRPMS/kernel-server-3.4.80-1.1.mbs1.src.rpm
715647161acd9ec082c0a2fef0f35fc3 mbs1/SRPMS/kernel-source-3.4.80-1.mbs1.src.rpm
cc72e360fa32823a575d1c9536fdecc3 mbs1/SRPMS/perf-3.4.80-1.1.mbs1.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/en/support/security/advisories/

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFTAiBGmqjQ0CJFipgRAiryAKCz6vqRlzaZ+l0B6QyuMb95i8UVoACgjAGx
F7TlfjN081P00FfeKN47Je4=
=osPP
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close