MGASA-2015-0006
- Source
- https://advisories.mageia.org/MGASA-2015-0006.html
- Import Source
- https://advisories.mageia.org/MGASA-2015-0006.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/MGASA-2015-0006
- Related
- Published
- 2015-01-07T15:14:58Z
- Modified
- 2015-01-07T15:05:08Z
- Summary
- Updated kernel packages fix security vulnerabilities
- Details
-
This kernel update is based on upstream -longterm 3.14.27 and fixes the following security issues:
arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation in the Linux kernel through 3.18.1 allows local users to bypass the espfix protection mechanism, and consequently makes it easier for local users to bypass the ASLR protection mechanism, via a crafted application that makes a setthreadarea system call and later reads a 16-bit value (CVE-2014-8133).
The paravirtopssetup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value (CVE-2014-8134).
The dodoublefault function in arch/x86/kernel/traps.c in the Linux kernel through 3.17.4 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to cause a denial of service (panic) via a modifyldt system call, as demonstrated by sigreturn32 in the linux-clock-tests test suite (CVE-2014-9090).
arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space (CVE-2014-9322).
On x86_64 Linux kernels a malicious user program can do a partial ASLR bypass through TLS base addresses leak when attacking other programs (CVE-2014-9419)
Linux kernel built with the iso9660 file system (CONFIGISO9660FS) support is vulnerable to an infinite recursion loop flaw, which could lead to a crash or render a system unresponsive/unusable after a while. This occurs while mounting an iso9660 image. An unprivileged user/process could use this flaw to crash the system resulting in DoS (CVE-2014-9420).
For other fixes in this update, see the referenced changelogs.
- References
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:4 / kmod-broadcom-wl
Package
- Name
- kmod-broadcom-wl
- Purl
- pkg:rpm/mageia/kmod-broadcom-wl?distro=mageia-4
Mageia:4 / kmod-fglrx
Package
- Name
- kmod-fglrx
- Purl
- pkg:rpm/mageia/kmod-fglrx?distro=mageia-4
Mageia:4 / kmod-nvidia173
Package
- Name
- kmod-nvidia173
- Purl
- pkg:rpm/mageia/kmod-nvidia173?distro=mageia-4
Mageia:4 / kernel
Package
- Name
- kernel
- Purl
- pkg:rpm/mageia/kernel?distro=mageia-4
Mageia:4 / kernel-userspace-headers
Package
- Name
- kernel-userspace-headers
- Purl
- pkg:rpm/mageia/kernel-userspace-headers?distro=mageia-4
Mageia:4 / kmod-vboxadditions
Package
- Name
- kmod-vboxadditions
- Purl
- pkg:rpm/mageia/kmod-vboxadditions?distro=mageia-4
Mageia:4 / kmod-virtualbox
Package
- Name
- kmod-virtualbox
- Purl
- pkg:rpm/mageia/kmod-virtualbox?distro=mageia-4
Mageia:4 / kmod-xtables-addons
Package
- Name
- kmod-xtables-addons
- Purl
- pkg:rpm/mageia/kmod-xtables-addons?distro=mageia-4