2014-02-04
ALT-BU-2014-2557-1
Branch p7 update bulletin.
Package kernel-image-led-ws updated to version 3.4.78-alt1.M70P.1 for branch p7 in task 113267.
Closed vulnerabilities
Published: 2014-01-15
BDU:2014-00065
Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии
References:
Published: 2014-02-07
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2014-0038
The compat_sys_recvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIG_X86_X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted timeout pointer parameter.
References:
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2def2ef2ae5f3990aabdbe8a755911902707d268
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2def2ef2ae5f3990aabdbe8a755911902707d268
- openSUSE-SU-2014:0204
- openSUSE-SU-2014:0204
- openSUSE-SU-2014:0205
- openSUSE-SU-2014:0205
- http://pastebin.com/raw.php?i=DH3Lbg54
- http://pastebin.com/raw.php?i=DH3Lbg54
- 56669
- 56669
- 31346
- 31346
- 31347
- 31347
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.2
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.2
- MDVSA-2014:038
- MDVSA-2014:038
- [oss-security] 20140131 Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038)
- [oss-security] 20140131 Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038)
- 65255
- 65255
- USN-2094-1
- USN-2094-1
- USN-2095-1
- USN-2095-1
- USN-2096-1
- USN-2096-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1060023
- https://bugzilla.redhat.com/show_bug.cgi?id=1060023
- https://code.google.com/p/chromium/issues/detail?id=338594
- https://code.google.com/p/chromium/issues/detail?id=338594
- https://github.com/saelo/cve-2014-0038
- https://github.com/saelo/cve-2014-0038
- https://github.com/torvalds/linux/commit/2def2ef2ae5f3990aabdbe8a755911902707d268
- https://github.com/torvalds/linux/commit/2def2ef2ae5f3990aabdbe8a755911902707d268
- 40503
- 40503