[USN-2441-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-2441-1 December 12, 2014 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

UBUNTU-CVE-2014-4323

The mdpluthwupdate function in drivers/video/msm/mdp.c in the MDP display driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, does not validate certain start and length values within an ioctl call, which allows...

USN-2444-1: Linux kernel (OMAP4) vulnerabilities

Rabin Vincent, Robert Swiecki, Russell King discovered that the ftrace subsystem of the Linux kernel does not properly handle private syscall numbers. A local user could exploit this flaw to cause a denial of service OOPS. CVE-2014-7826 Rabin Vincent, Robert Swiecki, Russell Kinglaw discovered a...

CVE-2014-8884

CVE-2014-8884 describes a stack-based buffer overflow in the Linux kernel before 3.17.4, specifically in the ttusbdecfe_dvbs_diseqc_send_master_cmd function (drivers/media/usb/ttusb-dec/ttusbdecfe.c). A large ioctl message length can allow local users to cause a system crash (DoS) or potentially ...

CVE-2014-8884

Stack-based buffer overflow in the ttusbdecfedvbsdiseqcsendmastercmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial of service system crash or possibly gain privileges via a large message length in an ioctl call...

CVE-2014-8884

Stack-based buffer overflow in the ttusbdecfedvbsdiseqcsendmastercmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial of service system crash or possibly gain privileges via a large message length in an ioctl call...

UBUNTU-CVE-2014-8884

Stack-based buffer overflow in the ttusbdecfedvbsdiseqcsendmastercmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial of service system crash or possibly gain privileges via a large message length in an ioctl call...

CVE-2014-2382

The DfDiskLo.sys driver in Faronics Deep Freeze Standard and Enterprise 8.10 and earlier allows local administrators to cause a denial of service crash and execute arbitrary code via a crafted IOCTL request that writes to arbitrary memory locations, related to the IofCallDriver function...

Memory corruption

The DfDiskLo.sys driver in Faronics Deep Freeze Standard and Enterprise 8.10 and earlier allows local administrators to cause a denial of service crash and execute arbitrary code via a crafted IOCTL request that writes to arbitrary memory locations, related to the IofCallDriver function...

CVE-2014-2382

The CVE-2014-2382 issue affects the DfDiskLo.sys driver in Faronics Deep Freeze Standard/Enterprise ≤8.10. A crafted IOCTL request allows writing to arbitrary memory via the IofCallDriver path, enabling local administrators to crash the system or execute arbitrary code with kernel-level privilege...

VMware Workstations 10.0.0.40273 vmx86.sys Arbitrary Kernel Read

No description provided by source. Title: VMWare vmx86.sys Arbitrary Kernel Read Advisory ID: KL-001-2014-004 Publication Date: 2014.11.04 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-004.txt 1. Vulnerability Details Affected Vendor: VMWare Affected Product:...

Microsoft Windows TCP/IP Privilege Elevation Vulnerability (2989935)

This host is missing an important security update according to Microsoft Bulletin MS14-070. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2014-4076

Microsoft Windows Server 2003 SP2 allows local users to gain privileges via a crafted IOCTL call to 1 tcpip.sys or 2 tcpip6.sys, aka "TCP/IP Elevation of Privilege Vulnerability."...

Privilege escalation

Microsoft Windows Server 2003 SP2 allows local users to gain privileges via a crafted IOCTL call to 1 tcpip.sys or 2 tcpip6.sys, aka "TCP/IP Elevation of Privilege Vulnerability."...

CVE-2014-4076

Microsoft Windows Server 2003 SP2 allows local users to gain privileges via a crafted IOCTL call to 1 tcpip.sys or 2 tcpip6.sys, aka "TCP/IP Elevation of Privilege Vulnerability."...

VMWare Workstation / Player DoS

Uninitialized potiner dereference on IOCTL processing...

KL-001-2014-004 : VMWare vmx86.sys Arbitrary Kernel Read

Title: VMWare vmx86.sys Arbitrary Kernel Read Advisory ID: KL-001-2014-004 Publication Date: 2014.11.04 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-004.txt 1. Vulnerability Details Affected Vendor: VMWare Affected Product: Workstation Affected Version: 10.0.0.40273...

VMware Workstation 10.0.0.40273 - 'vmx86.sys' Arbitrary Kernel Read

Title: VMWare vmx86.sys Arbitrary Kernel Read Advisory ID: KL-001-2014-004 Publication Date: 2014.11.04 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-004.txt 1. Vulnerability Details Affected Vendor: VMWare Affected Product: Workstation Affected Version: 10.0.0.40273...

VMware Workstation 10.0.0.40273 - vmx86.sys Arbitrary Kernel Read

VMware Workstation 10.0.0.40273 - vmx86.sys Arbitrary Kernel Read Title: VMWare vmx86.sys Arbitrary Kernel Read Advisory ID: KL-001-2014-004 Publication Date: 2014.11.04 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-004.txt 1. Vulnerability Details Affected Vendor:...

VMWare vmx86.sys Arbitrary Kernel Read

Title: VMWare vmx86.sys Arbitrary Kernel Read Advisory ID: KL-001-2014-004 Publication Date: 2014.11.04 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-004.txt 1. Vulnerability Details Affected Vendor: VMWare Affected Product: Workstation Affected Version: 10.0.0.40273...