Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » SUSE-2014:9233

Overview

Id SUSE-2014:9233
Name Novell SUSE 2014:9233 kernel security update for SLE 11 SP3 i586
Vendor Name novell
Product Novell
Content Type Critical Critical
Language(s)
Operating System(s) Linux 
Released On 13 May 2014 12:00:00

SUSE-2014:9233

Novell SUSE 2014:9233 kernel security update for SLE 11 SP3 i586

Vendor Name

novell

Product

Novell

Released On

13 May 2014 12:00:00

Url

http://www.novell.com/support

Description

LSAC(v2)
The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to fix the following severe security issues: * CVE-2014-1737: The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. (bnc#875798) * CVE-2014-1738: The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device. (bnc#875798) * CVE-2014-0196: The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings. (bnc#875690) Security Issues references: * CVE-2014-0196 * CVE-2014-1737 * CVE-2014-1738

Related Resources

Related Vulnerabilities

None

Related Patches

None

Superseded Patches


Last Updated: 27 May 2016 11:18:53