Home / mailingsPDF  

[USN-2515-2] Linux kernel (Trusty HWE) vulnerabilities regression

Posted on 04 March 2015
Ubuntu Security

==========================
==========================
========================
Ubuntu Security Notice USN-2515-2
March 04, 2015

linux-lts-trusty vulnerabilities
==========================
==========================
========================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

USN-2515-1 introduced a regression in the Linux kernel.

Software Description:
- linux-lts-trusty: Linux hardware enablement kernel from Trusty

Details:

USN-2515-1 fixed vulnerabilities in the Linux kernel. There was an unrela=
ted
regression in the use of the virtual counter (CNTVCT) on arm64 architectu=
res.
This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

A flaw was discovered in the Kernel Virtual Machine's (KVM) emulation of
the SYSTENTER instruction when the guest OS does not initialize the
SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial =
of
service of the guest OS (crash) or potentially gain privileges on the gue=
st
OS. (CVE-2015-0239)

Andy Lutomirski discovered an information leak in the Linux kernel's Thre=
ad
Local Storage (TLS) implementation allowing users to bypass the espfix to=

obtain information that could be used to bypass the Address Space Layout
Randomization (ASLR) protection mechanism. A local user could exploit thi=
s
flaw to obtain potentially sensitive information from kernel memory.
(CVE-2014-8133)

A restriction bypass was discovered in iptables when conntrack rules are
specified and the conntrack protocol handler module is not loaded into th=
e
Linux kernel. This flaw can cause the firewall rules on the system to be
bypassed when conntrack rules are used. (CVE-2014-8160)

A flaw was discovered with file renaming in the linux kernel. A local use=
r
could exploit this flaw to cause a denial of service (deadlock and system=

hang). (CVE-2014-8559)

A flaw was discovered in how supplemental group memberships are handled i=
n
certain namespace scenarios. A local user could exploit this flaw to bypa=
ss
file permission restrictions. (CVE-2014-8989)

A flaw was discovered in how Thread Local Storage (TLS) is handled by the=

task switching function in the Linux kernel for x86_64 based machines. A
local user could exploit this flaw to bypass the Address Space Layout
Radomization (ASLR) protection mechanism. (CVE-2014-9419)

Prasad J Pandit reported a flaw in the rock_continue function of the Linu=
x
kernel's ISO 9660 CDROM file system. A local user could exploit this flaw=

to cause a denial of service (system crash or hang). (CVE-2014-9420)

A flaw was discovered in the fragment handling of the B.A.T.M.A.N. Advanc=
ed
Meshing Protocol in the Linux kernel. A remote attacker could exploit thi=
s
flaw to cause a denial of service (mesh-node system crash) via fragmented=

packets. (CVE-2014-9428)

A race condition was discovered in the Linux kernel's key ring. A local
user could cause a denial of service (memory corruption or panic) or
possibly have unspecified impact via the keyctl commands. (CVE-2014-9529)=


A memory leak was discovered in the ISO 9660 CDROM file system when parsi=
ng
rock ridge ER records. A local user could exploit this flaw to obtain
sensitive information from kernel memory via a crafted iso9660 image.
(CVE-2014-9584)

A flaw was discovered in the Address Space Layout Randomization (ASLR) of=

the Virtual Dynamically linked Shared Objects (vDSO) location. This flaw
makes it easier for a local user to bypass the ASLR protection mechanism.=

(CVE-2014-9585)

Dmitry Chernenkov discovered a buffer overflow in eCryptfs' encrypted fil=
e
name decoding. A local unprivileged user could exploit this flaw to cause=
a
denial of service (system crash) or potentially gain administrative
privileges. (CVE-2014-9683)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.13.0-46-generic 3.13.0-46.77~precise1
linux-image-3.13.0-46-generic-lpae 3.13.0-46.77~precise1

After a standard system update you need to reboot your computer to make
all the necessary changes.


References:
http://www.ubuntu.com/usn/usn-2515-2
http://www.ubuntu.com/usn/usn-2515-1
https://launchpad.net/bugs/1427297

Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-trusty/3.13.0-46.77~prec=
ise1

 

TOP