USN-2336-1: Linux kernel (Trusty HWE) vulnerabilities

Ubuntu Security Notice USN-2336-1


2nd September, 2014


linux-lts-trusty vulnerabilities


A security issue affects these releases of Ubuntu and its derivatives:



  • Ubuntu 12.04 LTS


Summary


Several security issues were fixed in the kernel.


Software description



  • linux-lts-trusty - Linux hardware enablement kernel from Trusty


Details


A flaw was discovered in the Linux kernel virtual machine's (kvm)

validation of interrupt requests (irq). A guest OS user could exploit this

flaw to cause a denial of service (host OS crash). (CVE-2014-0155)


Andy Lutomirski discovered a flaw in the authorization of netlink socket

operations when a socket is passed to a process of more privilege. A local

user could exploit this flaw to bypass access restrictions by having a

privileged executable do something it was not intended to do.

(CVE-2014-0181)


An information leak was discovered in the Linux kernels

aio_read_events_ring function. A local user could exploit this flaw to

obtain potentially sensitive information from kernel memory.

(CVE-2014-0206)


A flaw was discovered in the Linux kernel's implementation of user

namespaces with respect to inode permissions. A local user could exploit

this flaw by creating a user namespace to gain administrative privileges.

(CVE-2014-4014)


An information leak was discovered in the rd_mcp backend of the iSCSI

target subsystem in the Linux kernel. A local user could exploit this flaw

to obtain sensitive information from ramdisk_mcp memory by leveraging

access to a SCSI initiator. (CVE-2014-4027)


Sasha Levin reported an issue with the Linux kernel's shared memory

subsystem when used with range notifications and hole punching. A local

user could exploit this flaw to cause a denial of service. (CVE-2014-4171)


Toralf Förster reported an error in the Linux kernels syscall auditing on

32 bit x86 platforms. A local user could exploit this flaw to cause a

denial of service (OOPS and system crash). (CVE-2014-4508)


An information leak was discovered in the control implemenation of the

Advanced Linux Sound Architecture (ALSA) subsystem in the Linux kernel. A

local user could exploit this flaw to obtain sensitive information from

kernel memory. (CVE-2014-4652)


A use-after-free flaw was discovered in the Advanced Linux Sound

Architecture (ALSA) control implementation of the Linux kernel. A local

user could exploit this flaw to cause a denial of service (system crash).

(CVE-2014-4653)


A authorization bug was discovered with the snd_ctl_elem_add function of

the Advanced Linux Sound Architecture (ALSA) in the Linux kernel. A local

user could exploit his bug to cause a denial of service (remove kernel

controls). (CVE-2014-4654)


A flaw discovered in how the snd_ctl_elem function of the Advanced Linux

Sound Architecture (ALSA) handled a reference count. A local user could

exploit this flaw to cause a denial of service (integer overflow and limit

bypass). (CVE-2014-4655)


An integer overflow flaw was discovered in the control implementation of

the Advanced Linux Sound Architecture (ALSA). A local user could exploit

this flaw to cause a denial of service (system crash). (CVE-2014-4656)


An integer underflow flaw was discovered in the Linux kernel's handling of

the backlog value for certain SCTP packets. A remote attacker could exploit

this flaw to cause a denial of service (socket outage) via a crafted SCTP

packet. (CVE-2014-4667)


Vasily Averin discover a reference count flaw during attempts to umount in

conjunction with a symlink. A local user could exploit this flaw to cause a

denial of service (memory consumption or use after free) or possibly have

other unspecified impact. (CVE-2014-5045)


Update instructions


The problem can be corrected by updating your system to the following package version:



Ubuntu 12.04 LTS:

linux-image-3.13.0-35-generic-lpae 3.13.0-35.62~precise1

linux-image-3.13.0-35-generic 3.13.0-35.62~precise1


To update your system, please follow these instructions: http://bit.ly/1aJDvTw.


After a standard system update you need to reboot your computer to make

all the necessary changes.


ATTENTION: Due to an unavoidable ABI change the kernel updates have

been given a new version number, which requires you to recompile and

reinstall all third party kernel modules you might have installed. If

you use linux-restricted-modules, you have to update that package as

well to get modules which work with the new kernel version. Unless you

manually uninstalled the standard kernel metapackages (e.g. linux-generic,

linux-server, linux-powerpc), a standard system upgrade will automatically

perform this as well.


References


CVE-2014-0155, CVE-2014-0181, CVE-2014-0206, CVE-2014-4014, CVE-2014-4027, CVE-2014-4171, CVE-2014-4508, CVE-2014-4652, CVE-2014-4653, CVE-2014-4654, CVE-2014-4655, CVE-2014-4656, CVE-2014-4667, CVE-2014-5045






from Ubuntu Security Notices http://bit.ly/W7raqo