Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ALAS-2014-289

Related Vulnerabilities: CVE-2013-7263   CVE-2013-7265   CVE-2014-0069   CVE-2014-1874  

The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context. The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c. The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges via a writev system call with a crafted pointer.

Source

ALAS-2014-289

Amazon Linux AMI Security Advisory: ALAS-2014-289
Advisory Release Date: 2014-02-26 14:26 Pacific
Advisory Updated Date: 2014-09-16 22:32 Pacific
Severity: Medium
Issue Overview:

The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context.

The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c.

The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges via a writev system call with a crafted pointer.


Affected Packages:

kernel


Issue Correction:
Run yum update kernel to update your system. You will need to reboot your system in order for the new kernel to be running.

New Packages:
i686:
    kernel-tools-3.4.82-69.112.amzn1.i686
    kernel-tools-debuginfo-3.4.82-69.112.amzn1.i686
    kernel-3.4.82-69.112.amzn1.i686
    kernel-headers-3.4.82-69.112.amzn1.i686
    kernel-debuginfo-common-i686-3.4.82-69.112.amzn1.i686
    kernel-devel-3.4.82-69.112.amzn1.i686
    kernel-debuginfo-3.4.82-69.112.amzn1.i686

noarch:
    kernel-doc-3.4.82-69.112.amzn1.noarch

src:
    kernel-3.4.82-69.112.amzn1.src

x86_64:
    kernel-headers-3.4.82-69.112.amzn1.x86_64
    kernel-3.4.82-69.112.amzn1.x86_64
    kernel-tools-debuginfo-3.4.82-69.112.amzn1.x86_64
    kernel-debuginfo-common-x86_64-3.4.82-69.112.amzn1.x86_64
    kernel-devel-3.4.82-69.112.amzn1.x86_64
    kernel-debuginfo-3.4.82-69.112.amzn1.x86_64
    kernel-tools-3.4.82-69.112.amzn1.x86_64

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started