Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseSUSE-SU-2014:0667-1
HistoryMay 16, 2014 - 3:04 a.m.

Security update for Linux Kernel (important)

2014-05-1603:04:20
lists.opensuse.org
47

0.019 Low

EPSS

Percentile

87.2%

JSON

The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to fix the
following severe security issues:

CVE-2014-1737: The raw_cmd_copyin function in drivers/block/floppy.c
in the Linux kernel through 3.14.3 does not properly handle error
conditions during processing of an FDRAWCMD ioctl call, which allows local
users to trigger kfree operations and gain privileges by leveraging write
access to a /dev/fd device. (bnc#875798)

CVE-2014-1738: The raw_cmd_copyout function in
drivers/block/floppy.c in the Linux kernel through 3.14.3 does not
properly restrict access to certain pointers during processing of an
FDRAWCMD ioctl call, which allows local users to obtain sensitive
information from kernel heap memory by leveraging write access to a
/dev/fd device. (bnc#875798)

CVE-2014-0196: The n_tty_write function in drivers/tty/n_tty.c in
the Linux kernel through 3.14.3 does not properly manage tty driver access
in the "LECHO & !OPOST" case, which allows local users to cause a denial
of service (memory corruption and system crash) or gain privileges by
triggering a race condition involving read and write operations with long
strings. (bnc#875690)

Security Issues references:

OSVersionArchitecturePackageVersionFilename
SUSE Linux Enterprise Server11.3ppc64kernel-default-base< 3.0.101-0.29.1kernel-default-base-3.0.101-0.29.1.ppc64.rpm
SUSE Linux Enterprise Desktop11.3x86_64xen-kmp-default< 4.2.4_02_3.0.101_0.29-0.7.24xen-kmp-default-4.2.4_02_3.0.101_0.29-0.7.24.x86_64.rpm
SUSE Linux Enterprise Desktop11.3i586kernel-xen-base< 3.0.101-0.29.1kernel-xen-base-3.0.101-0.29.1.i586.rpm
SUSE Linux Enterprise Server11.3i586kernel-pae-base< 3.0.101-0.29.1kernel-pae-base-3.0.101-0.29.1.i586.rpm
SLE SERVER Unsupported Extras11ia64kernel-default-extra< 3.0.101-0.29.1kernel-default-extra-3.0.101-0.29.1.ia64.rpm
SUSE Linux Enterprise High Availability Extension11.3ia64cluster-network-kmp-trace< 1.4_3.0.101_0.29-2.27.63cluster-network-kmp-trace-1.4_3.0.101_0.29-2.27.63.ia64.rpm
SUSE Linux Enterprise Server11.3ppc64kernel-syms< 3.0.101-0.29.1kernel-syms-3.0.101-0.29.1.ppc64.rpm
SUSE Linux Enterprise High Availability Extension11.3s390xgfs2-kmp-trace< 2_3.0.101_0.29-0.16.69gfs2-kmp-trace-2_3.0.101_0.29-0.16.69.s390x.rpm
SUSE Linux Enterprise High Availability Extension11.3ppc64ocfs2-kmp-ppc64< 1.6_3.0.101_0.29-0.20.63ocfs2-kmp-ppc64-1.6_3.0.101_0.29-0.20.63.ppc64.rpm
SUSE Linux Enterprise Server11.3x86_64kernel-xen-devel< 3.0.101-0.29.1kernel-xen-devel-3.0.101-0.29.1.x86_64.rpm
Rows per page:
1-10 of 1631

Related

debian 2
suse 4
openvas 51
nessus 53
osv 2
mageia 10
oraclelinux 10
redhat 12
securityvulns 3
centos 2
ubuntu 14
altlinux 1
veracode 8
debiancve 3
cve 4
ubuntucve 3
android 1
canvas 1
exploitpack 1
f5 2
prion 4
attackerkb 1
zdt 1
seebug 1
amazon 2
threatpost 1
cisa_kev 1
exploitdb 1
debian
debian
[SECURITY] [DSA 2928-1] linux-2.6 security update
2014-05-14 18:21:22
[SECURITY] [DSA 2926-1] linux security update
2014-05-12 15:59:46
suse
suse
Security update for Linux kernel (important)
2014-05-20 19:04:37
kernel: security and bugfix update (important)
2014-05-19 14:04:14
Security update for Linux Kernel (important)
2014-06-18 01:04:38
openvas
openvas
Debian Security Advisory DSA 2928-1 (linux-2.6 - privilege escalation/denial of service/information leak)
2014-05-14 00:00:00
Debian Security Advisory DSA 2928-1 (linux-2.6 - privilege escalation/denial of service/information leak)
2014-05-14 00:00:00
SUSE: Security Advisory for Linux (SUSE-SU-2014:0667-1)
2015-10-13 00:00:00
nessus
nessus
SuSE 11.3 Security Update : Linux Kernel (SAT Patch Numbers 9233 / 9236 / 9237)
2014-05-16 00:00:00
Debian DSA-2928-1 : linux-2.6 - privilege escalation/denial of service/information leak
2014-05-16 00:00:00
Oracle Linux 6 : unbreakable enterprise kernel (ELSA-2014-3041)
2014-06-23 00:00:00
osv
osv
linux-2.6 - security update
2014-05-14 00:00:00
linux - security update
2014-05-12 00:00:00
mageia
mageia
Updated kernel-linus packages fix multiple vulnerabilities
2014-05-19 22:30:17
Updated kernel-rt packages fix multiple vulnerabilities
2014-05-19 22:30:17
Updated kernel packages fix multiple vulnerabilities
2014-05-18 03:41:52
oraclelinux
oraclelinux
unbreakable enterprise kernel security update
2014-06-20 00:00:00
kernel security and bug fix update
2014-06-11 00:00:00
kernel security and bug fix update
2014-06-11 00:00:00
redhat
redhat
(RHSA-2014:0801) Important: kernel security update
2014-06-26 00:00:00
(RHSA-2014:0800) Important: kernel security update
2014-06-26 00:00:00
(RHSA-2014:0772) Important: kernel security and bug fix update
2014-06-19 00:00:00
securityvulns
securityvulns
[oss-security] Linux kernel floppy ioctl kernel code execution
2014-05-10 00:00:00
[SECURITY] [DSA 2926-1] linux security update
2014-05-15 00:00:00
[USN-2196-1] Linux kernel vulnerability
2014-05-07 00:00:00
centos
centos
kernel security update
2014-06-11 11:01:17
kernel, perf, python security update
2014-06-20 10:10:41
ubuntu
ubuntu
Linux kernel (EC2) vulnerabilities
2014-05-26 00:00:00
Linux kernel vulnerabilities
2014-05-26 00:00:00
Linux kernel vulnerability
2014-05-06 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt25
2014-06-21 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:03:26
Information Disclosure
2019-05-02 05:03:25
Denial Of Service (DoS)
2019-05-02 05:03:26
debiancve
debiancve
CVE-2014-1738
2014-05-11 21:55:00
CVE-2014-1737
2014-05-11 21:55:00
CVE-2014-0196
2014-05-07 10:55:00
cve
cve
CVE-2014-1738
2014-05-11 21:55:00
CVE-2014-0196
2014-05-07 10:55:00
CVE-2014-1737
2014-05-11 21:55:00
ubuntucve
ubuntucve
CVE-2014-1738
2014-05-11 00:00:00
CVE-2014-1737
2014-05-11 00:00:00
CVE-2014-0196
2014-05-05 00:00:00
android
android
pty race
2014-04-30 00:00:00
canvas
canvas
Immunity Canvas: LINUX_TTY_RACE
2014-05-07 10:55:00
exploitpack
exploitpack
Linux Kernel 3.14-rc1 3.15-rc4 (x64) - Raw Mode PTY Echo Race Condition Privilege Escalation
2014-05-26 00:00:00
f5
f5
SOL15319 - Linux kernel TTY vulnerability CVE-2014-0196
2014-06-05 00:00:00
K15319 : Linux kernel TTY vulnerability CVE-2014-0196
2014-12-04 00:00:00
prion
prion
Design/Logic Flaw
2014-05-11 21:55:00
Input validation
2014-05-11 21:55:00
Race condition
2014-05-07 10:55:00
attackerkb
attackerkb
CVE-2014-0196
2014-05-07 00:00:00
zdt
zdt
Linux Kernel 3.15-rc4 PTY Race Condition Exploit
2014-05-14 00:00:00
seebug
seebug
Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition (x64) Local Privilege Escalation
2014-07-01 00:00:00
amazon
amazon
Medium: kernel
2014-05-13 16:40:00
Medium: kernel
2014-08-21 11:03:00
threatpost
threatpost
Five Year Old Security Vulnerability Patched in Linux Kernel
2014-05-15 11:05:41
cisa_kev
cisa_kev
Linux Kernel Race Condition Vulnerability
2023-05-12 00:00:00
exploitdb
exploitdb
Linux Kernel 3.14-rc1 &lt; 3.15-rc4 (x64) - Raw Mode PTY Echo Race Condition Privilege Escalation
2014-05-26 00:00:00

0.019 Low

EPSS

Percentile

87.2%

JSON
Related for SUSE-SU-2014:0667-1
debian2suse4openvas51nessus53osv2mageia10oraclelinux10redhat12securityvulns3centos2ubuntu14altlinux1veracode8debiancve3cve4ubuntucve3android1canvas1exploitpack1f52prion4attackerkb1zdt1seebug1amazon2threatpost1cisa_kev1exploitdb1