exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Ubuntu Security Notice USN-2336-1

Posted Sep 2, 2014

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2336-1 - A flaw was discovered in the Linux kernel virtual machine's (kvm) validation of interrupt requests (irq). A guest OS user could exploit this flaw to cause a denial of service (host OS crash). Andy Lutomirski discovered a flaw in the authorization of netlink socket operations when a socket is passed to a process of more privilege. A local user could exploit this flaw to bypass access restrictions by having a privileged executable do something it was not intended to do. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local

systems | linux, ubuntu

advisories | CVE-2014-0155, CVE-2014-0181, CVE-2014-0206, CVE-2014-4014, CVE-2014-4027, CVE-2014-4171, CVE-2014-4508, CVE-2014-4652, CVE-2014-4653, CVE-2014-4654, CVE-2014-4655, CVE-2014-4656, CVE-2014-4667, CVE-2014-5045

SHA-256 | dc7e46f4955a3c32910dc04c40a47f9d4510df5db2814339aa3608859251c2df

Download | Favorite | View

Related Files

No related files