Branch t7 update bulletin.

Package branding-altlinux-kdesktop updated to version 7.0.2-alt2 for branch t7 in task 111106.

Запускается в KDE

Package kernel-image-un-def updated to version 3.12.6-alt1 for branch t7 in task 111106.

Published: 2013-12-14

BDU:2014-00094

Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии

Severity: HIGH (7.2) Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

References:

CVE-2013-4587

Published: 2013-12-14

BDU:2014-00095

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании

Severity: MEDIUM (5.7) Vector: AV:A/AC:M/Au:N/C:N/I:N/A:C

References:

CVE-2013-6367

Published: 2013-12-14
Modified: 2025-04-11

CVE-2013-4587

Array index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value.

Severity: HIGH (7.2) Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

References:

Published: 2013-12-14
Modified: 2025-04-11

CVE-2013-6367

The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via crafted modifications of the TMICT value.

Severity: MEDIUM (5.7) Vector: AV:A/AC:M/Au:N/C:N/I:N/A:C

References:

Published: 2013-12-14
Modified: 2025-04-11

CVE-2013-6368

The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address.

Severity: MEDIUM (6.2) Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C

References:

Published: 2013-12-14
Modified: 2025-04-11

CVE-2013-6376

The recalculate_apic_map function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (host OS crash) via a crafted ICR write operation in x2apic mode.

Severity: MEDIUM (5.2) Vector: AV:A/AC:M/Au:S/C:N/I:N/A:C

References:

Package kernel-modules-virtualbox-addition-std-def updated to version 4.3.4-alt1.199193.1 for branch t7 in task 111106.

Published: 2014-01-15
Modified: 2025-04-11

CVE-2014-0404

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0406.

Severity: LOW (2.4) Vector: AV:L/AC:H/Au:S/C:N/I:P/A:P

References:

Published: 2014-01-15
Modified: 2025-04-11

CVE-2014-0405

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0407.

Severity: LOW (3.5) Vector: AV:L/AC:H/Au:S/C:P/I:P/A:P

References:

Published: 2014-01-15
Modified: 2025-04-11

CVE-2014-0406

Severity: LOW (2.4) Vector: AV:L/AC:H/Au:S/C:N/I:P/A:P

References:

Published: 2014-01-15
Modified: 2025-04-11

CVE-2014-0407

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0405.

Severity: LOW (3.5) Vector: AV:L/AC:H/Au:S/C:P/I:P/A:P

References:

Published: 2015-01-21
Modified: 2025-04-12

CVE-2015-0377

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.26, 4.0.28, 4.1.36, and 4.2.28 allows local users to affect availability via unknown vectors related to Core, a different vulnerability than CVE-2015-0418.

Severity: MEDIUM (4.4) Vector: AV:L/AC:M/Au:S/C:N/I:N/A:C

References:

Published: 2015-01-21
Modified: 2025-04-12

CVE-2015-0418

Severity: LOW (2.1) Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

References:

Package kernel-modules-virtualbox-std-def updated to version 4.3.4-alt1.199193.1 for branch t7 in task 111106.

Published: 2014-01-15
Modified: 2025-04-11

CVE-2014-0404

Severity: LOW (2.4) Vector: AV:L/AC:H/Au:S/C:N/I:P/A:P

References:

Published: 2014-01-15
Modified: 2025-04-11

CVE-2014-0405

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0407.

Severity: LOW (3.5) Vector: AV:L/AC:H/Au:S/C:P/I:P/A:P

References:

Published: 2014-01-15
Modified: 2025-04-11

CVE-2014-0406

Severity: LOW (2.4) Vector: AV:L/AC:H/Au:S/C:N/I:P/A:P

References:

Published: 2014-01-15
Modified: 2025-04-11

CVE-2014-0407

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0405.

Severity: LOW (3.5) Vector: AV:L/AC:H/Au:S/C:P/I:P/A:P

References:

Published: 2015-01-21
Modified: 2025-04-12

CVE-2015-0377

Severity: MEDIUM (4.4) Vector: AV:L/AC:M/Au:S/C:N/I:N/A:C

References:

Published: 2015-01-21
Modified: 2025-04-12

CVE-2015-0418

Severity: LOW (2.1) Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

References:

Package kernel-modules-virtualbox-un-def updated to version 4.3.4-alt1.199686.1 for branch t7 in task 111106.

Published: 2014-01-15
Modified: 2025-04-11

CVE-2014-0404

Severity: LOW (2.4) Vector: AV:L/AC:H/Au:S/C:N/I:P/A:P

References:

Published: 2014-01-15
Modified: 2025-04-11

CVE-2014-0405

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0407.

Severity: LOW (3.5) Vector: AV:L/AC:H/Au:S/C:P/I:P/A:P

References:

Published: 2014-01-15
Modified: 2025-04-11

CVE-2014-0406

Severity: LOW (2.4) Vector: AV:L/AC:H/Au:S/C:N/I:P/A:P

References:

Published: 2014-01-15
Modified: 2025-04-11

CVE-2014-0407

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0405.

Severity: LOW (3.5) Vector: AV:L/AC:H/Au:S/C:P/I:P/A:P

References:

Published: 2015-01-21
Modified: 2025-04-12

CVE-2015-0377

Severity: MEDIUM (4.4) Vector: AV:L/AC:M/Au:S/C:N/I:N/A:C

References:

Published: 2015-01-21
Modified: 2025-04-12

CVE-2015-0418

Severity: LOW (2.1) Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

References:

Version: 2.1.2

Branch t7 update on 2013-12-28

ALT-BU-2013-1463-1

ALT-PU-2013-1325-1

Closed bugs

Bug #26549

ALT-PU-2013-1326-1

Closed vulnerabilities

BDU:2014-00094

BDU:2014-00095

CVE-2013-4587

CVE-2013-6367

CVE-2013-6368

CVE-2013-6376

ALT-PU-2013-1327-1

Closed vulnerabilities

CVE-2014-0404

CVE-2014-0405

CVE-2014-0406

CVE-2014-0407

CVE-2015-0377

CVE-2015-0418

ALT-PU-2013-1328-1

Closed vulnerabilities

CVE-2014-0404

CVE-2014-0405

CVE-2014-0406

CVE-2014-0407

CVE-2015-0377

CVE-2015-0418

ALT-PU-2013-1329-1

Closed vulnerabilities

CVE-2014-0404

CVE-2014-0405

CVE-2014-0406

CVE-2014-0407

CVE-2015-0377

CVE-2015-0418