Lucene search
RedHatRHSA-2014:0419HistoryApr 22, 2014 - 12:00 a.m.
(RHSA-2014:0419) Important: kernel security and bug fix update
2014-04-2200:00:00
access.redhat.com
15
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.928 High
EPSS
Percentile
98.7%
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
- A flaw was found in the way the Linux kernel processed an authenticated
COOKIE_ECHO chunk during the initialization of an SCTP connection. A remote
attacker could use this flaw to crash the system by initiating a specially
crafted SCTP handshake in order to trigger a NULL pointer dereference on
the system. (CVE-2014-0101, Important)
Red Hat would like to thank Nokia Siemens Networks for reporting this
issue.
This update also fixes the following bug:
- Due to an incorrect call of the weak-modules script in the kernel spec
file, the weak-modules directory was removed from the system when removing
or upgrading certain kernel packages related to weak-modules, such as
kernel-debug. With this update, the weak-modules call in the kernel spec
file has been corrected, and the script now preserves the weak-modules
directory on the system in this scenario. (BZ#1076599)
All kernel users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. The system must be
rebooted for this update to take effect.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 6 | s390x | kernel-debuginfo-common-s390x | < 2.6.32-279.43.1.el6 | kernel-debuginfo-common-s390x-2.6.32-279.43.1.el6.s390x.rpm |
| RedHat | 6 | x86_64 | python-perf | < 2.6.32-279.43.1.el6 | python-perf-2.6.32-279.43.1.el6.x86_64.rpm |
| RedHat | 6 | s390x | kernel-debug-devel | < 2.6.32-279.43.1.el6 | kernel-debug-devel-2.6.32-279.43.1.el6.s390x.rpm |
| RedHat | 6 | i686 | kernel-headers | < 2.6.32-279.43.1.el6 | kernel-headers-2.6.32-279.43.1.el6.i686.rpm |
| RedHat | 6 | ppc64 | perf-debuginfo | < 2.6.32-279.43.1.el6 | perf-debuginfo-2.6.32-279.43.1.el6.ppc64.rpm |
| RedHat | 6 | s390x | kernel-debug | < 2.6.32-279.43.1.el6 | kernel-debug-2.6.32-279.43.1.el6.s390x.rpm |
| RedHat | 6 | ppc64 | perf | < 2.6.32-279.43.1.el6 | perf-2.6.32-279.43.1.el6.ppc64.rpm |
| RedHat | 6 | x86_64 | perf-debuginfo | < 2.6.32-279.43.1.el6 | perf-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm |
| RedHat | 6 | noarch | kernel-doc | < 2.6.32-279.43.1.el6 | kernel-doc-2.6.32-279.43.1.el6.noarch.rpm |
| RedHat | 6 | s390x | kernel-kdump-devel | < 2.6.32-279.43.1.el6 | kernel-kdump-devel-2.6.32-279.43.1.el6.s390x.rpm |
Related
checkpoint_advisories
checkpoint_advisories
Linux Kernel SCTP Handshake Denial of Service (CVE-2014-0101)
2014-12-08 00:00:00
prion
prion
Null pointer dereference
2014-03-11 13:01:00
debiancve
debiancve
CVE-2014-0101
2014-03-11 13:01:00
f5
f5
K15317 : Linux kernel vulnerability CVE-2014-0101
2015-03-04 00:00:00
SOL15317 - Linux kernel vulnerability CVE-2014-0101
2014-06-05 00:00:00
cve
cve
CVE-2014-0101
2014-03-11 13:01:00
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2014-317)
2015-09-08 00:00:00
Ubuntu: Security Advisory (USN-2174-1)
2014-05-02 00:00:00
Ubuntu Update for linux USN-2173-1
2014-05-02 00:00:00
nessus
nessus
Amazon Linux AMI : kernel (ALAS-2014-317)
2014-03-28 00:00:00
RHEL 6 : kernel (RHSA-2014:0419)
2014-11-08 00:00:00
F5 Networks BIG-IP : Linux kernel vulnerability (K15317)
2014-10-10 00:00:00
ubuntucve
ubuntucve
CVE-2014-0101
2014-03-11 00:00:00
redhat
redhat
(RHSA-2014:0432) Important: kernel security and bug fix update
2014-04-24 00:00:00
(RHSA-2014:0520) Important: kernel security and bug fix update
2014-05-20 00:00:00
(RHSA-2014:0328) Important: kernel security and bug fix update
2014-03-25 00:00:00
amazon
amazon
Low: kernel
2014-03-24 23:39:00
ubuntu
ubuntu
Linux kernel (EC2) vulnerabilities
2014-04-26 00:00:00
Linux kernel vulnerabilities
2014-04-26 00:00:00
Linux kernel (Raring HWE) vulnerabilities
2014-05-27 00:00:00
securityvulns
securityvulns
[USN-2173-1] Linux kernel vulnerabilities
2014-05-04 00:00:00
[USN-2228-1] Linux kernel vulnerabilities
2014-05-29 00:00:00
Linux kernel multiple security vulnerabilities
2014-05-29 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2014-03-27 00:00:00
unbreakable enterprise kernel security update
2014-03-26 00:00:00
kernel security and bug fix update
2014-03-25 00:00:00
altlinux
altlinux
centos
centos
kernel, perf, python security update
2014-03-25 21:39:34
fedora
fedora
[SECURITY] Fedora 20 Update: kernel-3.13.5-202.fc20
2014-03-06 08:10:04
[SECURITY] Fedora 20 Update: kernel-3.13.7-200.fc20
2014-03-28 03:16:19
[SECURITY] Fedora 20 Update: kernel-3.13.8-200.fc20
2014-04-04 09:46:22
suse
suse
kernel: security and bugfix update (important)
2014-05-19 14:04:14
kernel: security and bugfix update (important)
2014-05-19 14:10:36
Security update for Linux Kernel (important)
2014-06-18 01:04:38
debian
debian
[SECURITY] [DSA 2906-1] linux-2.6 security update
2014-04-25 00:12:10
osv
osv
linux-2.6 - several
2014-04-24 00:00:00
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.928 High
EPSS
Percentile
98.7%
Related for RHSA-2014:0419