Home / mailings [USN-2448-2] Linux kernel regression
Posted on 19 December 2014
Ubuntu Security==========================
==========================
========================
Ubuntu Security Notice USN-2448-2
December 19, 2014
linux regression
==========================
==========================
========================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.10
Summary:
USN-2448-1 introduced a regression in the Linux kernel.
Software Description:
- linux: Linux kernel
Details:
USN-2448-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated=
regression TCP Throughput drops to zero for several drivers after upgradi=
ng.
This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
An information leak in the Linux kernel was discovered that could leak t=
he
high 16 bits of the kernel stack address on 32-bit Kernel Virtual Machin=
e
(KVM) paravirt guests. A user in the guest OS could exploit this leak to=
obtain information that could potentially be used to aid in attacking th=
e
kernel. (CVE-2014-8134)
=20
Rabin Vincent, Robert Swiecki, Russell King discovered that the ftrace
subsystem of the Linux kernel does not properly handle private syscall
numbers. A local user could exploit this flaw to cause a denial of servi=
ce
(OOPS). (CVE-2014-7826)
=20
A flaw in the handling of malformed ASCONF chunks by SCTP (Stream Contro=
l
Transmission Protocol) implementation in the Linux kernel was discovered=
=2E A
remote attacker could exploit this flaw to cause a denial of service
(system crash). (CVE-2014-3673)
=20
A flaw in the handling of duplicate ASCONF chunks by SCTP (Stream Contro=
l
Transmission Protocol) implementation in the Linux kernel was discovered=
=2E A
remote attacker could exploit this flaw to cause a denial of service
(panic). (CVE-2014-3687)
=20
It was discovered that excessive queuing by SCTP (Stream Control
Transmission Protocol) implementation in the Linux kernel can cause memo=
ry
pressure. A remote attacker could exploit this flaw to cause a denial of=
service. (CVE-2014-3688)
=20
Rabin Vincent, Robert Swiecki, Russell Kinglaw discovered a flaw in how =
the
perf subsystem of the Linux kernel handles private systecall numbers. A
local user could exploit this to cause a denial of service (OOPS) or byp=
ass
ASLR protections via a crafted application. (CVE-2014-7825)
=20
Andy Lutomirski discovered a flaw in how the Linux kernel handles
pivot_root when used with a chroot directory. A local user could exploit=
this flaw to cause a denial of service (mount-tree loop). (CVE-2014-7970=
)
=20
Dmitry Monakhov discovered a race condition in the ext4_file_write_iter
function of the Linux kernel's ext4 filesystem. A local user could explo=
it
this flaw to cause a denial of service (file unavailability).
(CVE-2014-8086)
=20
The KVM (kernel virtual machine) subsystem of the Linux kernel
miscalculates the number of memory pages during the handling of a mappin=
g
failure. A guest OS user could exploit this to cause a denial of service=
(host OS page unpinning) or possibly have unspecified other impact by
leveraging guest OS privileges. (CVE-2014-8369)
=20
Andy Lutomirski discovered that the Linux kernel does not properly handl=
e
faults associated with the Stack Segment (SS) register on the x86
architecture. A local attacker could exploit this flaw to cause a denial=
of
service (panic). (CVE-2014-9090)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.10:
linux-image-3.16.0-28-generic 3.16.0-28.38
linux-image-3.16.0-28-generic-lpae 3.16.0-28.38
linux-image-3.16.0-28-lowlatency 3.16.0-28.38
linux-image-3.16.0-28-powerpc-e500mc 3.16.0-28.38
linux-image-3.16.0-28-powerpc-smp 3.16.0-28.38
linux-image-3.16.0-28-powerpc64-emb 3.16.0-28.38
linux-image-3.16.0-28-powerpc64-smp 3.16.0-28.38
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2448-2
http://www.ubuntu.com/usn/usn-2448-1
http://bugs.launchpad.net/bugs/1390604
Package Information:
https://launchpad.net/ubuntu/+source/linux/3.16.0-28.38
