UbuntuUSN-2464-1Linux kernel (OMAP4) vulnerabilities
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.4 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.002 Low
EPSS
Percentile
51.5%
Releases
- Ubuntu 12.04
Packages
- linux-ti-omap4 - Linux kernel for OMAP4
Details
Andy Lutomirski discovered that the Linux kernel does not properly handle
faults associated with the Stack Segment (SS) register in the x86
architecture. A local attacker could exploit this flaw to gain
administrative privileges. (CVE-2014-9322)
An information leak in the Linux kernel was discovered that could leak the
high 16 bits of the kernel stack address on 32-bit Kernel Virtual Machine
(KVM) paravirt guests. A user in the guest OS could exploit this leak to
obtain information that could potentially be used to aid in attacking the
kernel. (CVE-2014-8134)
A race condition with MMIO and PIO transactions in the KVM (Kernel Virtual
Machine) subsystem of the Linux kernel was discovered. A guest OS user
could exploit this flaw to cause a denial of service (guest OS crash) via a
specially crafted application. (CVE-2014-7842)
The KVM (kernel virtual machine) subsystem of the Linux kernel
miscalculates the number of memory pages during the handling of a mapping
failure. A guest OS user could exploit this to cause a denial of service
(host OS page unpinning) or possibly have unspecified other impact by
leveraging guest OS privileges. (CVE-2014-8369)
Andy Lutomirski discovered that the Linux kernel does not properly handle
faults associated with the Stack Segment (SS) register on the x86
architecture. A local attacker could exploit this flaw to cause a denial of
service (panic). (CVE-2014-9090)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 12.04 | noarch | linux-image-3.2.0-1458-omap4 | < 3.2.0-1458.78 | UNKNOWN |
| Ubuntu | 12.04 | noarch | block-modules-3.2.0-1458-omap4-di | < 3.2.0-1458.78 | UNKNOWN |
| Ubuntu | 12.04 | noarch | crypto-modules-3.2.0-1458-omap4-di | < 3.2.0-1458.78 | UNKNOWN |
| Ubuntu | 12.04 | noarch | fat-modules-3.2.0-1458-omap4-di | < 3.2.0-1458.78 | UNKNOWN |
| Ubuntu | 12.04 | noarch | fs-core-modules-3.2.0-1458-omap4-di | < 3.2.0-1458.78 | UNKNOWN |
| Ubuntu | 12.04 | noarch | fs-secondary-modules-3.2.0-1458-omap4-di | < 3.2.0-1458.78 | UNKNOWN |
| Ubuntu | 12.04 | noarch | input-modules-3.2.0-1458-omap4-di | < 3.2.0-1458.78 | UNKNOWN |
| Ubuntu | 12.04 | noarch | irda-modules-3.2.0-1458-omap4-di | < 3.2.0-1458.78 | UNKNOWN |
| Ubuntu | 12.04 | noarch | kernel-image-3.2.0-1458-omap4-di | < 3.2.0-1458.78 | UNKNOWN |
| Ubuntu | 12.04 | noarch | linux-headers-3.2.0-1458 | < 3.2.0-1458.78 | UNKNOWN |
Related
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.4 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.002 Low
EPSS
Percentile
51.5%