ESB-2014.0735

Operating System:
[LINUX][Debian]
Published:
15 May 2014
Protect yourself against future threats.
//Service

Malicious URL Feed

Add this Australian-based feed to your firewall blacklist and SIEM to prevent compromises to your network.
Resources > Security Bulletins > ESB-2014.0735
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2014.0735
                         linux-2.6 security update
                                15 May 2014

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           linux-2.6
Publisher:         Debian
Operating System:  Debian GNU/Linux 6
                   Linux variants
Impact/Access:     Denial of Service    -- Existing Account
                   Increased Privileges -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2014-1738 CVE-2014-1737 CVE-2014-0196

Reference:         ESB-2014.0710

Original Bulletin: 
   http://www.debian.org/security/2014/dsa-2928

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ----------------------------------------------------------------------
Debian Security Advisory DSA-2928-1                security@debian.org
http://www.debian.org/security/                           Dann Frazier
May 14, 2014                        http://www.debian.org/security/faq
- - ----------------------------------------------------------------------

Package        : linux-2.6
Vulnerability  : privilege escalation/denial of service/information leak
Problem type   : local
Debian-specific: no
CVE Id(s)      : CVE-2014-0196 CVE-2014-1737 CVE-2014-1738

Several vulnerabilities have been discovered in the Linux kernel that may lead
to a denial of service, information leak or privilege escalation. The Common
Vulnerabilities and Exposures project identifies the following problems:

CVE-2014-0196

    Jiri Slaby discovered a race condition in the pty layer, which could lead
    to a denial of service or privilege escalation.

CVE-2014-1737 CVE-2014-1738

    Matthew Daley discovered an information leak and missing input
    sanitising in the FDRAWCMD ioctl of the floppy driver. This could result
    in a privilege escalation.

For the oldstable distribution (squeeze), this problem has been fixed in
version 2.6.32-48squeeze6.

The following matrix lists additional source packages that were rebuilt for
compatibility with or to take advantage of this update:

                                             Debian 6.0 (squeeze)
     user-mode-linux                         2.6.32-1um-4+48squeeze6

We recommend that you upgrade your linux-2.6 and user-mode-linux packages.

Note: Debian carefully tracks all known security issues across every
linux kernel package in all releases under active security support.
However, given the high frequency at which low-severity security
issues are discovered in the kernel and the resource requirements of
doing an update, updates for lower priority issues will normally not
be released for all kernels at the same time. Rather, they will be
released in a staggered or "leap-frog" fashion.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJTc7LUAAoJEBv4PF5U/IZA8NoQAIyX2/8dvzsbg3OLweZJkjYu
Ot4ixGKWN7cq1Xf9X/DSKqYcfsUUe8p/7zG8aNyMOB2Drw+m9onqjk1TtcL+UCu5
xrYNDXrGNaF7DB+79XKvlT1tuTa2nYs+S9TmtYEPNoSOQbAIYFE3Y5Kuiynb2Cg1
3ri0FrYMjPEH7ByS72qyvRQAJ6yMpjOIDL1Et3Q/H5QjrV4hyMVGfV398+c+lIdc
wBAwosMX73XA4Z8HkriDG5Af+QMwEB/CtOuOnEGFneXYCKdVlGXCacR8HJxavtCr
N0ffNdVe39OvM0W10WzVYiGmB1d/f1aLAWLbQg5b7bXZNEbjNpg3G5hFdjXJxf9z
SQ7jO+pTaSepzwiHb4o7m3LV70tFZv9gDV8nA2iDIMBldZxJAeVD8HtiDC/2UIBU
3N4fIJiI201X5P2f0IFeKNPlNlanj2byG1pAFC/sI3s+HJPJhpa6d8Ui7yH26vbM
WOiFLFlvX7e7RC7WKWBgQTQ0SRfKZ32juFxKnQqa6mqtg8E1SxMV0aCBgEvBM2Bi
MoXwm+3DVqlbVb4niWKqNymFKHJTSEPDHY8BgAR4GHpIKSs2yFaSZYwpVdAydYkg
sxGHdHimJQ17Q49SRf/n4u9bq3B6bTlOBJB2G0CwyHVmIqRoaLET3Rt9mvF4tsOO
B+aTRD4WKSaC3hfc7iPR
=gGjD
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBU3P1WBLndAQH1ShLAQLmzQ//SOHXqkBIYtIojorr263LUGtBAkMDSqEY
pETFvunIdzp+V0Nqtlizng9E6XTOnXqkrdJXZdHS/RzFjmh8rNEt4/7Y3aw1AT+x
z0jQLhn7Jc6mzlnnVXdlnFMkUVu4XByFT6dSIItA+MQKk/zUMddvlg3i/8piMVOP
SlQDf6w6KNnaBYyKXA2XnaZ+Yw5t1PNeiDisarfwElH9D6tNOsJZxpTHToVNsn9g
+BQy7XdzTeUOiVgDR+HLXotVKds4HgMfnyKN8ahho1aDVbBIbzpBFs/vGuT9Y3fZ
YnAG5wYPcoL5AzqJcmvp1DAmmvqB/U9As4DGRBGRXnf+T1w/x2x3nOgrLCK8YNPu
8FOrBl77P+40+WBAK+6rHZiCvXr4FyM49tjYcmssj14sdIbLRqN0XV6Vw9DnuIju
KhghN/+VAVxySOPK8ZCdM5ypa+x3ZXGTPt4mZ9zxLJC10K/0lSe7wK/qW5WS7dTo
wAeS22QteuDA5AJU2wnTCigLWGeGXq4DF0CUokpMVekVUeWwMyAOjVHuXIeq4x+K
yZ0TUwDnL8nR/e2cU1sna0adcky8+RLvcCtCyWfiNxJdkU50oaQJ0DROkCddVYR8
IUfQDeR5HJHIaBdOyb4H4GxCYVGAzXTi2MROq7YjZomhw5ODJg9sKsl3ayiPOuty
yZaJUHKFS/8=
=btco
-----END PGP SIGNATURE-----