ALT-BU-2014-2633-1
Branch t7 update bulletin.
Package epsoneplijs updated to version 0.4.1-alt0.M70P.1 for branch t7 in task 116310.
Closed bugs
Обновить пакет
Package kernel-image-un-def updated to version 3.13.6-alt1 for branch t7 in task 116310.
Closed vulnerabilities
BDU:2014-00054
Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании, повысить свои привилегии или выполнить произвольный код
BDU:2014-00055
Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании, повысить свои привилегии или выполнить произвольный код
Modified: 2024-11-21
CVE-2014-0049
Buffer overflow in the complete_emulated_mmio function in arch/x86/kvm/x86.c in the Linux kernel before 3.13.6 allows guest OS users to execute arbitrary code on the host OS by leveraging a loop that triggers an invalid memory copy affecting certain cancel_work_item data.
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a08d3b3b99efd509133946056531cdf8f3a0c09b
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a08d3b3b99efd509133946056531cdf8f3a0c09b
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.6
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.6
- [oss-security] 20140303 CVE-2014-0049 -- Linux kernel: kvm: mmio_fragments out-of-the-bounds access
- [oss-security] 20140303 CVE-2014-0049 -- Linux kernel: kvm: mmio_fragments out-of-the-bounds access
- https://bugzilla.redhat.com/show_bug.cgi?id=1062368
- https://bugzilla.redhat.com/show_bug.cgi?id=1062368
- https://github.com/torvalds/linux/commit/a08d3b3b99efd509133946056531cdf8f3a0c09b
- https://github.com/torvalds/linux/commit/a08d3b3b99efd509133946056531cdf8f3a0c09b
Modified: 2024-11-21
CVE-2014-0069
The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges via a writev system call with a crafted pointer.
- [linux-cifs] 20140214 [PATCH] cifs: ensure that uncached writes handle unmapped areas correctly
- [linux-cifs] 20140214 [PATCH] cifs: ensure that uncached writes handle unmapped areas correctly
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5d81de8e8667da7135d3a32a964087c0faf5483f
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5d81de8e8667da7135d3a32a964087c0faf5483f
- SUSE-SU-2014:0459
- SUSE-SU-2014:0459
- RHSA-2014:0328
- RHSA-2014:0328
- [oss-security] 20140217 CVE-2014-0069 -- kernel: cifs: incorrect handling of bogus user pointers during uncached writes
- [oss-security] 20140217 CVE-2014-0069 -- kernel: cifs: incorrect handling of bogus user pointers during uncached writes
- 65588
- 65588
- https://bugzilla.redhat.com/show_bug.cgi?id=1064253
- https://bugzilla.redhat.com/show_bug.cgi?id=1064253
- https://github.com/torvalds/linux/commit/5d81de8e8667da7135d3a32a964087c0faf5483f
- https://github.com/torvalds/linux/commit/5d81de8e8667da7135d3a32a964087c0faf5483f