| Reporter | Title | Published | Views | Family All 417 |
|---|---|---|---|---|
| CVE-2014-3185 affecting package kernel for versions less than 5.15.153.1-1 | 9 Apr 202420:48 | – | cbl_mariner | |
| CVE-2014-3185 affecting package kernel for versions less than 6.6.22.1-2 | 2 Apr 202421:08 | – | cbl_mariner | |
| CentOS 6 : kernel (CESA-2014:1843) | 12 Nov 201400:00 | – | nessus | |
| CentOS 7 : kernel (CESA-2014:1971) | 15 Dec 201400:00 | – | nessus | |
| CentOS 6 : kernel (CESA-2014:1997) | 18 Dec 201400:00 | – | nessus | |
| CentOS 6 : kernel (CESA-2015:1272) | 28 Jul 201500:00 | – | nessus | |
| Debian DLA-118-1 : linux-2.6 security update | 26 Mar 201500:00 | – | nessus | |
| Debian DLA-246-2 : linux-2.6 regression update | 18 Jun 201500:00 | – | nessus | |
| EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1480) | 13 May 201900:00 | – | nessus | |
| EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1481) | 13 May 201900:00 | – | nessus |
| Source | Link |
|---|---|
| ubuntu | www.ubuntu.com/security/notices/USN-2377-1 |
# SPDX-FileCopyrightText: 2014 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.842002");
script_cve_id("CVE-2014-3181", "CVE-2014-3182", "CVE-2014-3184", "CVE-2014-3185", "CVE-2014-3186", "CVE-2014-6410", "CVE-2014-6416", "CVE-2014-6417", "CVE-2014-6418");
script_tag(name:"creation_date", value:"2014-10-10 04:10:54 +0000 (Fri, 10 Oct 2014)");
script_version("2024-02-02T05:06:05+0000");
script_tag(name:"last_modification", value:"2024-02-02 05:06:05 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"7.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_name("Ubuntu: Security Advisory (USN-2377-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2014 Greenbone AG");
script_family("Ubuntu Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages", re:"ssh/login/release=UBUNTU12\.04\ LTS");
script_xref(name:"Advisory-ID", value:"USN-2377-1");
script_xref(name:"URL", value:"https://ubuntu.com/security/notices/USN-2377-1");
script_tag(name:"summary", value:"The remote host is missing an update for the 'linux-ti-omap4' package(s) announced via the USN-2377-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"Steven Vittitoe reported multiple stack buffer overflows in Linux kernel's
magicmouse HID driver. A physically proximate attacker could exploit this
flaw to cause a denial of service (system crash) or possibly execute
arbitrary code via specially crafted devices. (CVE-2014-3181)
A bounds check error was discovered in the driver for the Logitech Unifying
receivers and devices. A physically proximate attacker could exploit this
flaw to cause a denial of service (invalid kfree) or to execute
arbitrary code. (CVE-2014-3182)
Ben Hawkes reported some off by one errors for report descriptors in the
Linux kernel's HID stack. A physically proximate attacker could exploit
these flaws to cause a denial of service (out-of-bounds write) via a
specially crafted device. (CVE-2014-3184)
Several bounds check flaws allowing for buffer overflows were discovered in
the Linux kernel's Whiteheat USB serial driver. A physically proximate
attacker could exploit these flaws to cause a denial of service (system
crash) via a specially crafted device. (CVE-2014-3185)
Steven Vittitoe reported a buffer overflow in the Linux kernel's PicoLCD
HID device driver. A physically proximate attacker could exploit this flaw
to cause a denial of service (system crash) or possibly execute arbitrary
code via a specially craft device. (CVE-2014-3186)
A flaw was discovered in the Linux kernel's UDF filesystem (used on some
CD-ROMs and DVDs) when processing indirect ICBs. An attacker who can cause
CD, DVD or image file with a specially crafted inode to be mounted can
cause a denial of service (infinite loop or stack consumption).
(CVE-2014-6410)
James Eckersall discovered a buffer overflow in the Ceph filesystem in the
Linux kernel. A remote attacker could exploit this flaw to cause a denial
of service (memory consumption and panic) or possibly have other
unspecified impact via a long unencrypted auth ticket. (CVE-2014-6416)
James Eckersall discovered a flaw in the handling of memory allocation
failures in the Ceph filesystem. A remote attacker could exploit this flaw
to cause a denial of service (system crash) or possibly have unspecified
other impact. (CVE-2014-6417)
James Eckersall discovered a flaw in how the Ceph filesystem validates auth
replies. A remote attacker could exploit this flaw to cause a denial of
service (system crash) or possibly have other unspecified impact.
(CVE-2014-6418)");
script_tag(name:"affected", value:"'linux-ti-omap4' package(s) on Ubuntu 12.04.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "UBUNTU12.04 LTS") {
if(!isnull(res = isdpkgvuln(pkg:"linux-image-3.2.0-1455-omap4", ver:"3.2.0-1455.75", rls:"UBUNTU12.04 LTS"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation