USN-2335-1: Linux kernel (OMAP4) vulnerabilities

Ubuntu Security Notice USN-2335-1

2nd September, 2014

linux-ti-omap4 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 12.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

• linux-ti-omap4 - Linux kernel for OMAP4

Details

An flaw was discovered in the Linux kernel's audit subsystem when auditing

certain syscalls. A local attacker could exploit this flaw to obtain

potentially sensitive single-bit values from kernel memory or cause a

denial of service (OOPS). (CVE-2014-3917)

An information leak was discovered in the rd_mcp backend of the iSCSI

target subsystem in the Linux kernel. A local user could exploit this flaw

to obtain sensitive information from ramdisk_mcp memory by leveraging

access to a SCSI initiator. (CVE-2014-4027)

Sasha Levin reported an issue with the Linux kernel's shared memory

subsystem when used with range notifications and hole punching. A local

user could exploit this flaw to cause a denial of service. (CVE-2014-4171)

An information leak was discovered in the control implemenation of the

Advanced Linux Sound Architecture (ALSA) subsystem in the Linux kernel. A

local user could exploit this flaw to obtain sensitive information from

kernel memory. (CVE-2014-4652)

A use-after-free flaw was discovered in the Advanced Linux Sound

Architecture (ALSA) control implementation of the Linux kernel. A local

user could exploit this flaw to cause a denial of service (system crash).

(CVE-2014-4653)

A authorization bug was discovered with the snd_ctl_elem_add function of

the Advanced Linux Sound Architecture (ALSA) in the Linux kernel. A local

user could exploit his bug to cause a denial of service (remove kernel

controls). (CVE-2014-4654)

A flaw discovered in how the snd_ctl_elem function of the Advanced Linux

Sound Architecture (ALSA) handled a reference count. A local user could

exploit this flaw to cause a denial of service (integer overflow and limit

bypass). (CVE-2014-4655)

An integer overflow flaw was discovered in the control implementation of

the Advanced Linux Sound Architecture (ALSA). A local user could exploit

this flaw to cause a denial of service (system crash). (CVE-2014-4656)

An integer underflow flaw was discovered in the Linux kernel's handling of

the backlog value for certain SCTP packets. A remote attacker could exploit

this flaw to cause a denial of service (socket outage) via a crafted SCTP

packet. (CVE-2014-4667)

Jason Gunthorpe reported a flaw with SCTP authentication in the Linux

kernel. A remote attacker could exploit this flaw to cause a denial of

service (NULL pointer dereference and OOPS). (CVE-2014-5077)

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 12.04 LTS:

linux-image-3.2.0-1452-omap4 3.2.0-1452.72

To update your system, please follow these instructions: http://bit.ly/1aJDvTw.

After a standard system update you need to reboot your computer to make

all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have

been given a new version number, which requires you to recompile and

reinstall all third party kernel modules you might have installed. If

you use linux-restricted-modules, you have to update that package as

well to get modules which work with the new kernel version. Unless you

manually uninstalled the standard kernel metapackages (e.g. linux-generic,

linux-server, linux-powerpc), a standard system upgrade will automatically

perform this as well.

References

CVE-2014-3917, CVE-2014-4027, CVE-2014-4171, CVE-2014-4652, CVE-2014-4653, CVE-2014-4654, CVE-2014-4655, CVE-2014-4656, CVE-2014-4667, CVE-2014-5077

from Ubuntu Security Notices http://bit.ly/W7ra9P