ALT-BU-2014-2736-1
Branch sisyphus update bulletin.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2013-4758
Double free vulnerability in the writeDataError function in the ElasticSearch plugin (omelasticsearch) in rsyslog before 7.4.2 and before 7.5.2 devel, when errorfile is set to local logging, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted JSON response.
- [oss-security] 20130705 LSE Leading Security Experts GmbH - LSE-2013-07-03 - rsyslog ElasticSearch Plugin
- [oss-security] 20130705 LSE Leading Security Experts GmbH - LSE-2013-07-03 - rsyslog ElasticSearch Plugin
- http://www.rsyslog.com/rsyslog-7-4-2-v7-stable-released/
- http://www.rsyslog.com/rsyslog-7-4-2-v7-stable-released/
- http://www.rsyslog.com/rsyslog-7-5-2-v7-devel-released/
- http://www.rsyslog.com/rsyslog-7-5-2-v7-devel-released/
Closed vulnerabilities
Modified: 2024-11-21
CVE-2014-2915
Xen 4.4.x, when running on ARM systems, does not properly restrict access to hardware features, which allows local guest users to cause a denial of service (host or guest crash) via unspecified vectors, related to (1) cache control, (2) coprocessors, (3) debug registers, and (4) other unspecified registers.
- [oss-security] 20140422 Re: Xen Security Advisory 93 - Hardware features unintentionally exposed to guests on ARM
- [oss-security] 20140422 Re: Xen Security Advisory 93 - Hardware features unintentionally exposed to guests on ARM
- [oss-security] 20140423 Xen Security Advisory 93 (CVE-2014-2915) - Hardware features unintentionally exposed to guests on ARM
- [oss-security] 20140423 Xen Security Advisory 93 (CVE-2014-2915) - Hardware features unintentionally exposed to guests on ARM
- 1030135
- 1030135
- http://xenbits.xen.org/xsa/advisory-93.html
- http://xenbits.xen.org/xsa/advisory-93.html
Modified: 2024-11-21
CVE-2014-2986
The vgic_distr_mmio_write function in the virtual guest interrupt controller (GIC) distributor (arch/arm/vgic.c) in Xen 4.4.x, when running on an ARM system, allows local guest users to cause a denial of service (NULL pointer dereference and host crash) via unspecified vectors.
- [oss-security] 20140423 Xen Security Advisory 94 - ARM hypervisor crash on guest interrupt controller access
- [oss-security] 20140423 Xen Security Advisory 94 - ARM hypervisor crash on guest interrupt controller access
- [oss-security] 20140423 Re: Xen Security Advisory 94 - ARM hypervisor crash on guest interrupt controller access
- [oss-security] 20140423 Re: Xen Security Advisory 94 - ARM hypervisor crash on guest interrupt controller access
- [oss-security] 20140423 Xen Security Advisory 94 (CVE-2014-2986) - ARM hypervisor crash on guest interrupt controller access
- [oss-security] 20140423 Xen Security Advisory 94 (CVE-2014-2986) - ARM hypervisor crash on guest interrupt controller access
- 67047
- 67047
- 1030146
- 1030146
- http://xenbits.xen.org/xsa/advisory-94.html
- http://xenbits.xen.org/xsa/advisory-94.html