LanGuard reports



Supported OVAL Bulletins


More information on 2015 updates



ID:
MITRE:28532
Title:
oval:org.mitre.oval:def:28532: RHSA-2014:2021 -- jasper security update
Type:
Miscellaneous
Bulletins:
MITRE:28532
Severity:
Low
Description:
JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Multiple off-by-one flaws, leading to heap-based buffer overflows, were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-9029) A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8138) A double free flaw was found in the way JasPer parsed ICC color profiles in JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8137) Red Hat would like to thank oCERT for reporting these issues. oCERT acknowledges Jose Duart of the Google Security Team as the original reporter. All JasPer users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All applications using the JasPer libraries must be restarted for the update to take effect.
Applies to:
jasper
Created:
2014-12-30
Updated:
2015-02-23

ID:
MITRE:28585
Title:
oval:org.mitre.oval:def:28585: SUSE-SU-2014:1652-1 -- Security update for cpio
Type:
Miscellaneous
Bulletins:
MITRE:28585
Severity:
Low
Description:
This cpio security update fixes the following buffer overflow issue and two non security issues: - fix an OOB write with cpio -i (bnc#907456) (CVE-2014-9112) - prevent cpio from extracting over a symlink (bnc#658010) - fix a truncation check in mt
Applies to:
cpio
Created:
2014-12-30
Updated:
2015-02-23

ID:
MITRE:28044
Title:
oval:org.mitre.oval:def:28044: SUSE-SU-2014:1557-2 -- Security update for compat-openssl097g
Type:
Miscellaneous
Bulletins:
MITRE:28044
Severity:
Low
Description:
The SLES 9 compatibility package compat-openssl097g received a roll up update fixing various security issues: * Build option no-ssl3 is incomplete (CVE-2014-3568) * Add support for TLS_FALLBACK_SCSV (CVE-2014-3566) * Information leak in pretty printing functions (CVE-2014-3508) * OCSP bad key DoS attack (CVE-2013-0166) * SSL/TLS CBC plaintext recovery attack (CVE-2013-0169) * Anonymous ECDH denial of service (CVE-2014-3470) * SSL/TLS MITM vulnerability (CVE-2014-0224) Security Issues: * CVE-2013-0166 * CVE-2013-0169 * CVE-2014-0224 * CVE-2014-3470 * CVE-2014-3508 * CVE-2014-3566 * CVE-2014-3568
Applies to:
compat-openssl097g
Created:
2014-12-30
Updated:
2015-02-23

ID:
MITRE:28460
Title:
oval:org.mitre.oval:def:28460: RHSA-2014:2025 -- ntp security update
Type:
Miscellaneous
Bulletins:
MITRE:28460
Severity:
Low
Description:
The Network Time Protocol (NTP) is used to synchronize a computer's time with a referenced time source. Multiple buffer overflow flaws were discovered in ntpd's crypto_recv(), ctl_putdata(), and configure() functions. A remote attacker could use either of these flaws to send a specially crafted request packet that could crash ntpd or, potentially, execute arbitrary code with the privileges of the ntp user. Note: the crypto_recv() flaw requires non-default configurations to be active, while the ctl_putdata() flaw, by default, can only be exploited via local attackers, and the configure() flaw requires additional authentication to exploit. (CVE-2014-9295) It was found that ntpd automatically generated weak keys for its internal use if no ntpdc request authentication key was specified in the ntp.conf configuration file. A remote attacker able to match the configured IP restrictions could guess the generated key, and possibly use it to send ntpdc query or configuration requests. (CVE-2014-9293) It was found that ntp-keygen used a weak method for generating MD5 keys. This could possibly allow an attacker to guess generated MD5 keys that could then be used to spoof an NTP client or server. Note: it is recommended to regenerate any MD5 keys that had explicitly been generated with ntp-keygen; the default installation does not contain such keys). (CVE-2014-9294) All ntp users are advised to upgrade to this updated package, which contains backported patches to resolve these issues. After installing the update, the ntpd daemon will restart automatically.
Applies to:
ntp
Created:
2014-12-30
Updated:
2015-03-16

ID:
MITRE:28453
Title:
oval:org.mitre.oval:def:28453: RHSA-2014:2008 -- kernel security update
Type:
Software
Bulletins:
MITRE:28453
Severity:
Low
Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a #SS (stack segment) fault on an erroneous return to user space. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-9322, Important) Red Hat would like to thank Andy Lutomirski for reporting this issue. All kernel users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect.
Applies to:
kernel
Created:
2014-12-30
Updated:
2015-02-23

ID:
MITRE:28399
Title:
oval:org.mitre.oval:def:28399: RHSA-2014:1971 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:28399
Severity:
Low
Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's SCTP implementation handled malformed or duplicate Address Configuration Change Chunks (ASCONF). A remote attacker could use either of these flaws to crash the system. (CVE-2014-3673, CVE-2014-3687, Important) * A flaw was found in the way the Linux kernel's SCTP implementation handled the association's output queue. A remote attacker could send specially crafted packets that would cause the system to use an excessive amount of memory, leading to a denial of service. (CVE-2014-3688, Important) * Two flaws were found in the way the Apple Magic Mouse/Trackpad multi-touch driver and the Minibox PicoLCD driver handled invalid HID reports. An attacker with physical access to the system could use these flaws to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-3181, CVE-2014-3186, Moderate) * A memory corruption flaw was found in the way the USB ConnectTech WhiteHEAT serial driver processed completion commands sent via USB Request Blocks buffers. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-3185, Moderate) * A flaw was found in the way the Linux kernel's keys subsystem handled the termination condition in the associative array garbage collection functionality. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-3631, Moderate) * Multiple flaws were found in the way the Linux kernel's ALSA implementation handled user controls. A local, privileged user could use either of these flaws to crash the system. (CVE-2014-4654, CVE-2014-4655, CVE-2014-4656, Moderate) * A flaw was found in the way the Linux kernel's VFS subsystem handled reference counting when performing unmount operations on symbolic links. A local, unprivileged user could use this flaw to exhaust all available memory on the system or, potentially, trigger a use-after-free error, resulting in a system crash or privilege escalation. (CVE-2014-5045, Moderate) * A flaw was found in the way the get_dumpable() function return value was interpreted in the ptrace subsystem of the Linux kernel. When 'fs.suid_dumpable' was set to 2, a local, unprivileged local user could use this flaw to bypass intended ptrace restrictions and obtain potentially sensitive information. (CVE-2013-2929, Low) * A stack overflow flaw caused by infinite recursion was found in the way the Linux kernel's UDF file system implementation processed indirect ICBs. An attacker with physical access to the system could use a specially crafted UDF image to crash the system. (CVE-2014-6410, Low) * An information leak flaw in the way the Linux kernel handled media device enumerate entities IOCTL requests could allow a local user able to access the /dev/media0 device file to leak kernel memory bytes. (CVE-2014-1739, Low) * An out-of-bounds read flaw in the Logitech Unifying receiver driver could allow an attacker with physical access to the system to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-3182, Low) * Multiple out-of-bounds write flaws were found in the way the Cherry Cymotion keyboard driver, KYE/Genius device drivers, Logitech device drivers, Monterey Genius KB29E keyboard driver, Petalynx Maxter remote control driver, and Sunplus wireless desktop driver handled invalid HID reports. An attacker with physical access to the system could use either of these flaws to write data past an allocated memory buffer. (CVE-2014-3184, Low) * An information leak flaw was found in the RAM Disks Memory Copy (rd_mcp) back end driver of the iSCSI Target subsystem could allow a privileged user to leak the contents of kernel memory to an iSCSI initiator remote client. (CVE-2014-4027, Low) * An information leak flaw in the Linux kernel's ALSA implementation could allow a local, privileged user to leak kernel memory to user space. (CVE-2014-4652, Low)
Applies to:
kernel
Created:
2014-12-30
Updated:
2015-02-23

ID:
MITRE:28466
Title:
oval:org.mitre.oval:def:28466: SUSE-SU-2014:1555-1 -- Security update for file
Type:
Software
Bulletins:
MITRE:28466
Severity:
Low
Description:
file was updated to fix one security issue. This security issue was fixed: - Out-of-bounds read in elf note headers (CVE-2014-3710). This non-security issues was fixed: - Correctly identify GDBM files created by libgdbm4 (bnc#888308).
Applies to:
file
Created:
2014-12-30
Updated:
2015-02-23

ID:
MITRE:28652
Title:
oval:org.mitre.oval:def:28652: RHSA-2014:1982 -- xorg-x11-server security update
Type:
Software
Bulletins:
MITRE:28652
Severity:
Low
Description:
X.Org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Multiple integer overflow flaws and out-of-bounds write flaws were found in the way the X.Org server calculated memory requirements for certain X11 core protocol and GLX extension requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially, execute arbitrary code with root privileges. (CVE-2014-8092, CVE-2014-8093, CVE-2014-8098) It was found that the X.Org server did not properly handle SUN-DES-1 (Secure RPC) authentication credentials. A malicious, unauthenticated client could use this flaw to crash the X.Org server by submitting a specially crafted authentication request. (CVE-2014-8091) Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server, or leak memory contents to the client. (CVE-2014-8097) Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server. (CVE-2014-8095, CVE-2014-8096, CVE-2014-8099, CVE-2014-8100, CVE-2014-8101, CVE-2014-8102) All xorg-x11-server users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
Applies to:
xorg-x11-server
Created:
2014-12-30
Updated:
2015-02-23

ID:
MITRE:28498
Title:
oval:org.mitre.oval:def:28498: RHSA-2014:1985 -- bind97 security update
Type:
Software
Bulletins:
MITRE:28498
Severity:
Low
Description:
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash. (CVE-2014-8500) All bind97 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
Applies to:
bind97
Created:
2014-12-30
Updated:
2015-03-16

ID:
MITRE:28385
Title:
oval:org.mitre.oval:def:28385: RHSA-2014:1999 -- mailx security update
Type:
Software
Bulletins:
MITRE:28385
Severity:
Low
Description:
The mailx packages contain a mail user agent that is used to manage mail using scripts. A flaw was found in the way mailx handled the parsing of email addresses. A syntactically valid email address could allow a local attacker to cause mailx to execute arbitrary shell commands through shell meta-characters and the direct command execution functionality. (CVE-2004-2771, CVE-2014-7844) Note: Applications using mailx to send email to addresses obtained from untrusted sources will still remain vulnerable to other attacks if they accept email addresses which start with "-" (so that they can be confused with mailx options). To counteract this issue, this update also introduces the "--" option, which will treat the remaining command line arguments as email addresses. All mailx users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
Applies to:
mailx
Created:
2014-12-30
Updated:
2015-02-23

ID:
MITRE:28661
Title:
oval:org.mitre.oval:def:28661: RHSA-2014:1974 -- rpm security update
Type:
Software
Bulletins:
MITRE:28661
Severity:
Low
Description:
The RPM Package Manager (RPM) is a powerful command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Each software package consists of an archive of files along with information about the package such as its version, description, and other information. It was found that RPM wrote file contents to the target installation directory under a temporary name, and verified its cryptographic signature only after the temporary file has been written completely. Under certain conditions, the system interprets the unverified temporary file contents and extracts commands from it. This could allow an attacker to modify signed RPM files in such a way that they would execute code chosen by the attacker during package installation. (CVE-2013-6435) This issue was discovered by Florian Weimer of Red Hat Product Security. All rpm users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications linked against the RPM library must be restarted for this update to take effect.
Applies to:
rpm
Created:
2014-12-30
Updated:
2015-02-23

ID:
MITRE:28630
Title:
oval:org.mitre.oval:def:28630: RHSA-2014:2010 -- kernel security update
Type:
Software
Bulletins:
MITRE:28630
Severity:
Low
Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a #SS (stack segment) fault on an erroneous return to user space. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-9322, Important) Red Hat would like to thank Andy Lutomirski for reporting this issue. All kernel users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect.
Applies to:
kernel
Created:
2014-12-30
Updated:
2015-02-23

ID:
MITRE:28314
Title:
oval:org.mitre.oval:def:28314: SUSE-SU-2014:1615-1 -- Security update for pidgin
Type:
Software
Bulletins:
MITRE:28314
Severity:
Low
Description:
This pidgin security update fixes the following issues: - bnc#902408: remote information leak via crafted XMPP message. (CVE-2014-3698) - bnc#902410: denial of service parsing Groupwise server message. (CVE-2014-3696) - bnc#902409: crash in MXit protocol plug-in. (CVE-2014-3695)
Applies to:
pidgin
Created:
2014-12-30
Updated:
2015-02-23

ID:
MITRE:27703
Title:
oval:org.mitre.oval:def:27703: RHSA-2014:1997 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:27703
Severity:
Low
Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a #SS (stack segment) fault on an erroneous return to user space. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-9322, Important) * A flaw was found in the way the Linux kernel's SCTP implementation handled malformed or duplicate Address Configuration Change Chunks (ASCONF). A remote attacker could use either of these flaws to crash the system. (CVE-2014-3673, CVE-2014-3687, Important) * A flaw was found in the way the Linux kernel's SCTP implementation handled the association's output queue. A remote attacker could send specially crafted packets that would cause the system to use an excessive amount of memory, leading to a denial of service. (CVE-2014-3688, Important) * A stack overflow flaw caused by infinite recursion was found in the way the Linux kernel's UDF file system implementation processed indirect ICBs. An attacker with physical access to the system could use a specially crafted UDF image to crash the system. (CVE-2014-6410, Low) * It was found that the Linux kernel's networking implementation did not correctly handle the setting of the keepalive socket option on raw sockets. A local user able to create a raw socket could use this flaw to crash the system. (CVE-2012-6657, Low) * It was found that the parse_rock_ridge_inode_internal() function of the Linux kernel's ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link (CL) tags. An attacker with physical access to the system could use a specially crafted ISO image to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-5471, CVE-2014-5472, Low) Red Hat would like to thank Andy Lutomirski for reporting CVE-2014-9322. The CVE-2014-3673 issue was discovered by Liu Wei of Red Hat. Bug fixes: * This update fixes a race condition issue between the sock_queue_err_skb function and sk_forward_alloc handling in the socket error queue (MSG_ERRQUEUE), which could occasionally cause the kernel, for example when using PTP, to incorrectly track allocated memory for the error queue, in which case a traceback would occur in the system log. (BZ#1155427) * The zcrypt device driver did not detect certain crypto cards and the related domains for crypto adapters on System z and s390x architectures. Consequently, it was not possible to run the system on new crypto hardware. This update enables toleration mode for such devices so that the system can make use of newer crypto hardware. (BZ#1158311) * After mounting and unmounting an XFS file system several times consecutively, the umount command occasionally became unresponsive. This was caused by the xlog_cil_force_lsn() function that was not waiting for completion as expected. With this update, xlog_cil_force_lsn() has been modified to correctly wait for completion, thus fixing this bug. (BZ#1158325) * When using the ixgbe adapter with disabled LRO and the tx-usec or rs-usec variables set to 0, transmit interrupts could not be set lower than the default of 8 buffered tx frames. Consequently, a delay of TCP transfer occurred. The restriction of a minimum of 8 buffered frames has been removed, and the TCP delay no longer occurs. (BZ#1158326) * The offb driver has been updated for the QEMU standard VGA adapter, fixing an incorrect displaying of colors issue. (BZ#1158328) * Under certain circumstances, when a discovered MTU expired, the IPv6 connection became unavailable for a short period of time. This bug has been fixed, and the connection now works as expected. (BZ#1161418) * A low throughput occurred when using the dm-thin driver to write to unprovisioned or shared chunks for a thin pool with the chunk size bigger than the max_sectors_kb variable. (BZ#1161420) * Large write workloads on thin LVs could cause the iozone and smallfile utilities to terminate unexpectedly. (BZ#1161421)
Applies to:
kernel
Created:
2014-12-30
Updated:
2015-02-23

ID:
MITRE:28659
Title:
oval:org.mitre.oval:def:28659: SUSE-SU-2014:1649-1 -- Security update for flash-player
Type:
Software
Bulletins:
MITRE:28659
Severity:
Low
Description:
This flash-player security version update fixes the following issues: - Security update to 11.2.202.425 (bsc#909219): * APSB14-27, CVE-2014-0580, CVE-2014-0587, CVE-2014-8443, CVE-2014-9162, CVE-2014-9163, CVE-2014-9164
Applies to:
flash-player
Created:
2014-12-30
Updated:
2015-02-23

ID:
MITRE:28685
Title:
oval:org.mitre.oval:def:28685: SUSE-SU-2014:1628-1 -- Security update for gnutls
Type:
Software
Bulletins:
MITRE:28685
Severity:
Low
Description:
gnutls was updated to fix one security issue. - Fixed parsing problem in elliptic curve blobs over TLS that could lead to remote crashes (CVE-2014-8564).
Applies to:
gnutls
Created:
2014-12-30
Updated:
2015-02-23

ID:
MITRE:28439
Title:
oval:org.mitre.oval:def:28439: RHSA-2014:2023 -- glibc security and bug fix update
Type:
Miscellaneous
Bulletins:
MITRE:28439
Severity:
Low
Description:
The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. It was found that the wordexp() function would perform command substitution even when the WRDE_NOCMD flag was specified. An attacker able to provide specially crafted input to an application using the wordexp() function, and not sanitizing the input correctly, could potentially use this flaw to execute arbitrary commands with the credentials of the user running that application. (CVE-2014-7817) This issue was discovered by Tim Waugh of the Red Hat Developer Experience Team. This update also fixes the following bug: * Prior to this update, if a file stream that was opened in append mode and its underlying file descriptor were used at the same time and the file was truncated using the ftruncate() function on the file descriptor, a subsequent ftell() call on the stream incorrectly modified the file offset by seeking to the new end of the file. This update ensures that ftell() modifies the state of the file stream only when it is in append mode and its buffer is not empty. As a result, the described incorrect changes to the file offset no longer occur. (BZ#1170187) All glibc users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
Applies to:
glibc
Created:
2014-12-30
Updated:
2015-02-23

ID:
MITRE:28588
Title:
oval:org.mitre.oval:def:28588: RHSA-2014:1984 -- bind security update
Type:
Software
Bulletins:
MITRE:28588
Severity:
Low
Description:
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash. (CVE-2014-8500) All bind users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
Applies to:
bind
Created:
2014-12-30
Updated:
2015-03-16

ID:
MITRE:28676
Title:
oval:org.mitre.oval:def:28676: SUSE-SU-2014:1592-1 -- Security update for tigervnc
Type:
Software
Bulletins:
MITRE:28676
Severity:
Low
Description:
This update for tigervnc provides the following fixes: - Fixed integer overflow flaw, leading to a heap-based buffer overflow in screen size handling. (CVE-2014-8240) - Send correctly keys that don't type any characters, such as CTRL+Space. (bnc#906922)
Applies to:
tigervnc
Created:
2014-12-30
Updated:
2015-02-23

ID:
MITRE:28483
Title:
oval:org.mitre.oval:def:28483: RHSA-2014:2024 -- ntp security update
Type:
Miscellaneous
Bulletins:
MITRE:28483
Severity:
Low
Description:
The Network Time Protocol (NTP) is used to synchronize a computer's time with a referenced time source. Multiple buffer overflow flaws were discovered in ntpd's crypto_recv(), ctl_putdata(), and configure() functions. A remote attacker could use either of these flaws to send a specially crafted request packet that could crash ntpd or, potentially, execute arbitrary code with the privileges of the ntp user. Note: the crypto_recv() flaw requires non-default configurations to be active, while the ctl_putdata() flaw, by default, can only be exploited via local attackers, and the configure() flaw requires additional authentication to exploit. (CVE-2014-9295) It was found that ntpd automatically generated weak keys for its internal use if no ntpdc request authentication key was specified in the ntp.conf configuration file. A remote attacker able to match the configured IP restrictions could guess the generated key, and possibly use it to send ntpdc query or configuration requests. (CVE-2014-9293) It was found that ntp-keygen used a weak method for generating MD5 keys. This could possibly allow an attacker to guess generated MD5 keys that could then be used to spoof an NTP client or server. Note: it is recommended to regenerate any MD5 keys that had explicitly been generated with ntp-keygen; the default installation does not contain such keys). (CVE-2014-9294) A missing return statement in the receive() function could potentially allow a remote attacker to bypass NTP's authentication mechanism. (CVE-2014-9296) All ntp users are advised to upgrade to this updated package, which contains backported patches to resolve these issues. After installing the update, the ntpd daemon will restart automatically.
Applies to:
ntp
Created:
2014-12-30
Updated:
2015-04-13

ID:
MITRE:28571
Title:
oval:org.mitre.oval:def:28571: SUSE-SU-2014:1650-1 -- Security update for flash-player
Type:
Software
Bulletins:
MITRE:28571
Severity:
Low
Description:
This flash-player security update fixes the following issues: * Security update to 11.2.202.425 (bnc#909219): o APSB14-27, CVE-2014-0580, CVE-2014-0587, CVE-2014-8443, CVE-2014-9162, CVE-2014-9163, CVE-2014-9164 Security Issues: * CVE-2014-0580 * CVE-2014-0587 * CVE-2014-8443 * CVE-2014-9162 * CVE-2014-9163 * CVE-2014-9164
Applies to:
flash-player
Created:
2014-12-30
Updated:
2015-02-23

ID:
MITRE:28591
Title:
oval:org.mitre.oval:def:28591: SUSE-SU-2014:1595-1 -- Security update for ImageMagick
Type:
Software
Bulletins:
MITRE:28591
Severity:
Low
Description:
ImageMagick was updated to fix four security issues. These security issues were fixed: - Crafted JPEG file could lead to DOS (CVE-2014-8716). - Out-of-bounds memory access in PCX parser (CVE-2014-8355). - Out-of-bounds memory access in resize code (CVE-2014-8354). - Out-of-bounds memory error in DCM decode (CVE-2014-8562).
Applies to:
ImageMagick
Created:
2014-12-30
Updated:
2015-02-23

ID:
MITRE:28499
Title:
oval:org.mitre.oval:def:28499: SUSE-SU-2014:1545-1 -- Security update for flash-player
Type:
Software
Bulletins:
MITRE:28499
Severity:
Low
Description:
The following vulnerability is fixed with this update: * bnc#907257 hardening against a remote code execution flaw (APSB14-26) Security Issues: * CVE-2014-8439
Applies to:
flash-player
Created:
2014-12-30
Updated:
2015-02-23

ID:
MITRE:28097
Title:
oval:org.mitre.oval:def:28097: SUSE-SU-2014:1549-1 -- Security update for java-1_7_1-ibm
Type:
Miscellaneous
Bulletins:
MITRE:28097
Severity:
Low
Description:
java-1_7_1-ibm was updated to version 1.7.1_sr1.2 to fix 21 security issues. These security issues were fixed: - Unspecified vulnerability in Oracle Java (CVE-2014-3065). - The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue (CVE-2014-3566). - Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT (CVE-2014-6513). - Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors (CVE-2014-6456). - Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6493, and CVE-2014-6532 (CVE-2014-6503). - Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6493, and CVE-2014-6503 (CVE-2014-6532). - Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-6493, CVE-2014-6503, and CVE-2014-6532 (CVE-2014-4288). - Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6503, and CVE-2014-6532 (CVE-2014-6493). - Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, when running on Firefox, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment (CVE-2014-6492). - Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment (CVE-2014-6458). - Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, when running on Internet Explorer, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment (CVE-2014-6466). - Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries (CVE-2014-6506). - Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-6527 (CVE-2014-6476). - Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect integrity via unknown vectors related to Deployment (CVE-2014-6515). - Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality via unknown vectors related to 2D (CVE-2014-6511). - Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Libraries (CVE-2014-6531). - Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Libraries (CVE-2014-6512). - Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3, and R28.3.3 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE (CVE-2014-6457). - Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-6476 (CVE-2014-6527). - Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Libraries (CVE-2014-6502). - Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and JRockit R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Security (CVE-2014-6558).
Applies to:
java-1_7_1-ibm
Created:
2014-12-30
Updated:
2015-02-23

ID:
MITRE:28437
Title:
oval:org.mitre.oval:def:28437: RHSA-2014:1976 -- rpm security update
Type:
Software
Bulletins:
MITRE:28437
Severity:
Low
Description:
The RPM Package Manager (RPM) is a powerful command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Each software package consists of an archive of files along with information about the package such as its version, description, and other information. It was found that RPM wrote file contents to the target installation directory under a temporary name, and verified its cryptographic signature only after the temporary file has been written completely. Under certain conditions, the system interprets the unverified temporary file contents and extracts commands from it. This could allow an attacker to modify signed RPM files in such a way that they would execute code chosen by the attacker during package installation. (CVE-2013-6435) It was found that RPM could encounter an integer overflow, leading to a stack-based buffer overflow, while parsing a crafted CPIO header in the payload section of an RPM file. This could allow an attacker to modify signed RPM files in such a way that they would execute code chosen by the attacker during package installation. (CVE-2014-8118) These issues were discovered by Florian Weimer of Red Hat Product Security. All rpm users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running applications linked against the RPM library must be restarted for this update to take effect.
Applies to:
rpm
Created:
2014-12-30
Updated:
2015-02-23

ID:
MITRE:28613
Title:
oval:org.mitre.oval:def:28613: RHSA-2014:1983 -- xorg-x11-server security update
Type:
Software
Bulletins:
MITRE:28613
Severity:
Low
Description:
X.Org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Multiple integer overflow flaws and out-of-bounds write flaws were found in the way the X.Org server calculated memory requirements for certain X11 core protocol and GLX extension requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially, execute arbitrary code with root privileges. (CVE-2014-8092, CVE-2014-8093, CVE-2014-8098) It was found that the X.Org server did not properly handle SUN-DES-1 (Secure RPC) authentication credentials. A malicious, unauthenticated client could use this flaw to crash the X.Org server by submitting a specially crafted authentication request. (CVE-2014-8091) Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server, or leak memory contents to the client. (CVE-2014-8097) An integer overflow flaw was found in the way the X.Org server calculated memory requirements for certain DRI2 extension requests. A malicious, authenticated client could use this flaw to crash the X.Org server. (CVE-2014-8094) Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server. (CVE-2014-8095, CVE-2014-8096, CVE-2014-8099, CVE-2014-8100, CVE-2014-8101, CVE-2014-8102, CVE-2014-8103) All xorg-x11-server users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
Applies to:
xorg-x11-server
Created:
2014-12-30
Updated:
2015-02-23

ID:
MITRE:28176
Title:
oval:org.mitre.oval:def:28176: SUSE-SU-2014:1623-1 -- Security update for pidgin
Type:
Software
Bulletins:
MITRE:28176
Severity:
Low
Description:
This pidgin update fixes the following security issues: * bnc#902408: remote information leak via crafted XMPP message (CVE-2014-3698) * bnc#902410: denial of service parsing Groupwise server message (CVE-2014-3696) * bnc#902409: crash in MXit protocol plug-in (CVE-2014-3695) Security Issues: * CVE-2014-3698 * CVE-2014-3696 * CVE-2014-3695
Applies to:
pidgin
Created:
2014-12-30
Updated:
2015-02-23

ID:
MITRE:28612
Title:
oval:org.mitre.oval:def:28612: ELSA-2014-1997 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:28612
Severity:
Low
Description:
[2.6.32-504.3.3] - [x86] traps: stop using IST for #SS (Petr Matousek) [1172810 1172811] {CVE-2014-9322} [2.6.32-504.3.2] - [md] dm-thin: fix pool_io_hints to avoid looking at max_hw_sectors (Mike Snitzer) [1161420 1161421 1142773 1145230] [2.6.32-504.3.1] - [s390] zcrypt: toleration of new crypto adapter hardware (Hendrik Brueckner) [1158311 1134984] - [s390] zcrypt: support for extended number of ap domains (Hendrik Brueckner) [1158311 1134984] - [md] dm-thin: fix potential for infinite loop in pool_io_hints (Mike Snitzer) [1161420 1161421 1142773 1145230] [2.6.32-504.2.1] - [fs] udf: Avoid infinite loop when processing indirect ICBs (Jacob Tanenbaum) [1142319 1142320] {CVE-2014-6410} - [fs] isofs: unbound recursion when processing relocated directories (Jacob Tanenbaum) [1142268 1142269] {CVE-2014-5472 CVE-2014-5471} - [net] ipv6: delete expired route in ip6_pmtu_deliver (Hannes Frederic Sowa) [1161418 1156137] - [net] sctp: fix remote memory pressure from excessive queueing (Daniel Borkmann) [1155746 1154676] {CVE-2014-3688} - [net] sctp: fix panic on duplicate ASCONF chunks (Daniel Borkmann) [1155733 1154676] {CVE-2014-3687} - [net] sctp: fix skb_over_panic when receiving malformed ASCONF chunks (Daniel Borkmann) [1147857 1154676] {CVE-2014-3673} - [net] sctp: handle association restarts when the socket is closed (Daniel Borkmann) [1147857 1154676] - [md] dm-thin: refactor requeue_io to eliminate spinlock bouncing (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin: optimize retry_bios_on_resume (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin: sort the deferred cells (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin: direct dispatch when breaking sharing (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin: remap the bios in a cell immediately (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin: defer whole cells rather than individual bios (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin: factor out remap_and_issue_overwrite (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin: performance improvement to discard processing (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin: grab a virtual cell before looking up the mapping (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin: implement thin_merge (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm: improve documentation and code clarity in dm_merge_bvec (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin: adjust max_sectors_kb based on thinp blocksize (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] block: fix alignment_offset math that assumes io_min is a power-of-2 (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin: throttle incoming IO (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin: prefetch missing metadata pages (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-transaction-manager: add support for prefetching blocks of metadata (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin-metadata: change dm_thin_find_block to allow blocking, but not issuing, IO (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-bio-prison: switch to using a red black tree (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-bufio: evict buffers that are past the max age but retain some buffers (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-bufio: switch from a huge hash table to an rbtree (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-bufio: update last_accessed when relinking a buffer (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-bufio: use kzalloc when allocating dm_bufio_client (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin-metadata: do not allow the data block size to change (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin: cleanup noflush_work to use a proper completion (Mike Snitzer) [1161420 1161421 1142773 1145230] - [md] dm-thin: fix DMERR typo in pool_status error path (Mike Snitzer) [1161420 1161421 1142773 1145230] - [fs] xfs: xlog_cil_force_lsn doesn't always wait correctly (Eric Sandeen) [1158325 1133304] - [netdrv] ixgbe: allow TXDCTL.WRTHRESH to be 1 will small ITR values (John Greene) [1158326 1132267] - [netdrv] ixgbe: Intel Change to allow itr changes without CONFIG_BQL support (John Greene) [1158326 1132267] - [video] offb: Fix setting of the pseudo-palette for >8bpp (Gerd Hoffmann) [1158328 1142450] - [video] offb: Add palette hack for qemu 'standard vga' framebuffer (Gerd Hoffmann) [1158328 1142450] - [video] offb: Fix bug in calculating requested vram size (Gerd Hoffmann) [1158328 1142450] - [net] sock_queue_err_skb() dont mess with sk_forward_alloc (Jiri Benc) [1155427 1148257] - [net] guard tcp_set_keepalive() to tcp sockets (Florian Westphal) [1141744 1141746] {CVE-2012-6657} - Revert: [net] revert 'bridge: Set vlan_features to allow offloads on vlans' (Vlad Yasevich) [1144442 1121991] - [x86] kvm: fix PIT timer race condition (mguzik) [1149592 1149593] {CVE-2014-3611} - [x86] kvm: vmx: handle invept and invvpid vm exits gracefull (mguzik) [1144826 1144837 1144827 1144838] {CVE-2014-3646 CVE-2014-3645}
Applies to:
kernel
Created:
2014-12-22
Updated:
2015-02-23

ID:
MITRE:28324
Title:
oval:org.mitre.oval:def:28324: ELSA-2014-1999 -- mailx security update
Type:
Software
Bulletins:
MITRE:28324
Severity:
Low
Description:
[12.4-8] - CVE-2004-2771 mailx: command execution flaw resolves: #1171175
Applies to:
mailx
Created:
2014-12-22
Updated:
2015-02-23

ID:
MITRE:28192
Title:
oval:org.mitre.oval:def:28192: ELSA-2014-2025 -- ntp security update
Type:
Miscellaneous
Bulletins:
MITRE:28192
Severity:
Low
Description:
[4.2.2p1-18.el5] - don't generate weak control key for resolver (CVE-2014-9293) - don't generate weak MD5 keys in ntp-keygen (CVE-2014-9294) - fix buffer overflows via specially-crafted packets (CVE-2014-9295)
Applies to:
ntp
Created:
2014-12-22
Updated:
2015-02-23

ID:
MITRE:28616
Title:
oval:org.mitre.oval:def:28616: ELSA-2014-2008-1 -- kernel security update
Type:
Software
Bulletins:
MITRE:28616
Severity:
Low
Description:
kernel [2.6.18-400.1.1.0.1] - [net] fix tcp_trim_head() (James Li) [orabug 14512145, 19219078] - ocfs2: dlm: fix recovery hung (Junxiao Bi) [orabug 13956772] - i386: fix MTRR code (Zhenzhong Duan) [orabug 15862649] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]
Applies to:
kernel
Created:
2014-12-22
Updated:
2015-03-16

ID:
MITRE:28088
Title:
oval:org.mitre.oval:def:28088: ELSA-2014-2023 -- glibc security and bug fix update
Type:
Miscellaneous
Bulletins:
MITRE:28088
Severity:
Low
Description:
[2.17-55.0.4.el7_0.3] - Remove strstr and strcasestr implementations using sse4.2 instructions. - Upstream commits 584b18eb4df61ccd447db2dfe8c8a7901f8c8598 and 1818483b15d22016b0eae41d37ee91cc87b37510 backported. (Jose E. Marchesi) [2.17-55.3] - Fix wordexp() to honour WRDE_NOCMD (CVE-2014-7817, #1170118) [2.17-55.2] - ftell: seek to end only when there are unflushed bytes (#1170187). [2.17-55.1] - Remove gconv transliteration loadable modules support (CVE-2014-5119, - _nl_find_locale: Improve handling of crafted locale names (CVE-2014-0475,
Applies to:
glibc
Created:
2014-12-22
Updated:
2015-02-23

ID:
MITRE:28420
Title:
oval:org.mitre.oval:def:28420: ELSA-2014-2021 -- jasper security update
Type:
Miscellaneous
Bulletins:
MITRE:28420
Severity:
Low
Description:
[1.900.1-16.2] - CVE-2014-8137 - double-free in in jas_iccattrval_destroy (#1173566) - CVE-2014-8138 - heap overflow in jp2_decode (#1173566) [1.900.1-16.1] - CVE-2014-9029 - incorrect component number check in COC, RGN and QCC marker segment decoders (#1171208) [1.900.1-16] - CERT VU#887409: heap buffer overflow flaws lead to arbitrary code execution (#749150)
Applies to:
jasper
Created:
2014-12-22
Updated:
2015-02-23

ID:
MITRE:28304
Title:
oval:org.mitre.oval:def:28304: ELSA-2014-2024 -- ntp security update
Type:
Miscellaneous
Bulletins:
MITRE:28304
Severity:
Low
Description:
[4.2.6p5-2] - don't generate weak control key for resolver (CVE-2014-9293) - don't generate weak MD5 keys in ntp-keygen (CVE-2014-9294) - fix buffer overflows via specially-crafted packets (CVE-2014-9295) - don't mobilize passive association when authentication fails (CVE-2014-9296)
Applies to:
ntp
Created:
2014-12-22
Updated:
2015-02-23

ID:
MITRE:28310
Title:
oval:org.mitre.oval:def:28310: ELSA-2014-2010 -- kernel security update
Type:
Software
Bulletins:
MITRE:28310
Severity:
Low
Description:
[3.10.0-123.13.2] - Oracle Linux certificates (Alexey Petrenko) [3.10.0-123.13.2] - [x86] traps: stop using IST for #SS (Petr Matousek) [1172812 1172813] {CVE-2014-9322}
Applies to:
kernel
Created:
2014-12-22
Updated:
2015-02-23

ID:
MITRE:28418
Title:
oval:org.mitre.oval:def:28418: ELSA-2014-1971 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:28418
Severity:
Low
Description:
[3.10.0-123.13.1] - Oracle Linux certificates (Alexey Petrenko) [3.10.0-123.13.1] - [powerpc] mm: Make sure a local_irq_disable prevent a parallel THP split (Don Zickus) [1151057 1083296] - [powerpc] Implement __get_user_pages_fast() (Don Zickus) [1151057 1083296] - [scsi] vmw_pvscsi: Some improvements in pvscsi driver (Ewan Milne) [1144016 1075090] - [scsi] vmw_pvscsi: Add support for I/O requests coalescing (Ewan Milne) [1144016 1075090] - [scsi] vmw_pvscsi: Fix pvscsi_abort() function (Ewan Milne) [1144016 1075090] [3.10.0-123.12.1] - [alsa] control: Make sure that id->index does not overflow (Jaroslav Kysela) [1117313 1117314] {CVE-2014-4656} - [alsa] control: Handle numid overflow (Jaroslav Kysela) [1117313 1117314] {CVE-2014-4656} - [alsa] control: Protect user controls against concurrent access (Jaroslav Kysela) [1117338 1117339] {CVE-2014-4652} - [alsa] control: Fix replacing user controls (Jaroslav Kysela) [1117323 1117324] {CVE-2014-4654 CVE-2014-4655} - [net] sctp: fix remote memory pressure from excessive queueing (Daniel Borkmann) [1155750 1152755] {CVE-2014-3688} - [net] sctp: fix panic on duplicate ASCONF chunks (Daniel Borkmann) [1155737 1152755] {CVE-2014-3687} - [net] sctp: fix skb_over_panic when receiving malformed ASCONF chunks (Daniel Borkmann) [1147856 1152755] {CVE-2014-3673} - [net] sctp: handle association restarts when the socket is closed (Daniel Borkmann) [1147856 1152755] [1155737 1152755] [1155750 1152755] - [pci] Add ACS quirk for Intel 10G NICs (Alex Williamson) [1156447 1141399] - [pci] Add ACS quirk for Solarflare SFC9120 & SFC9140 (Alex Williamson) [1158316 1131552] - [lib] assoc_array: Fix termination condition in assoc array garbage collection (David Howells) [1155136 1139431] {CVE-2014-3631} - [block] cfq-iosched: Add comments on update timing of weight (Vivek Goyal) [1152874 1116126] - [block] cfq-iosched: Fix wrong children_weight calculation (Vivek Goyal) [1152874 1116126] - [powerpc] mm: Check paca psize is up to date for huge mappings (Gustavo Duarte) [1151927 1107337] - [x86] perf/intel: ignore CondChgd bit to avoid false NMI handling (Don Zickus) [1146819 1110264] - [x86] smpboot: initialize secondary CPU only if master CPU will wait for it (Phillip Lougher) [1144295 968147] - [x86] smpboot: Log error on secondary CPU wakeup failure at ERR level (Igor Mammedov) [1144295 968147] - [x86] smpboot: Fix list/memory corruption on CPU hotplug (Igor Mammedov) [1144295 968147] - [acpi] processor: do not mark present at boot but not onlined CPU as onlined (Igor Mammedov) [1144295 968147] - [fs] udf: Avoid infinite loop when processing indirect ICBs (Jacob Tanenbaum) [1142321 1142322] {CVE-2014-6410} - [hid] picolcd: fix memory corruption via OOB write (Jacob Tanenbaum) [1141408 1141409] {CVE-2014-3186} - [usb] serial/whiteheat: fix memory corruption flaw (Jacob Tanenbaum) [1141403 1141404] {CVE-2014-3185} - [hid] fix off by one error in various _report_fixup routines (Jacob Tanenbaum) [1141393 1141394] {CVE-2014-3184} - [hid] logitech-dj: fix OOB array access (Jacob Tanenbaum) [1141211 1141212] {CVE-2014-3182} - [hid] fix OOB write in magicmouse driver (Jacob Tanenbaum) [1141176 1141177] {CVE-2014-3181} - [acpi] Fix bug when ACPI reset register is implemented in system memory (Nigel Croxon) [1136525 1109971] - [fs] vfs: fix ref count leak in path_mountpoint() (Ian Kent) [1122481 1122376] {CVE-2014-5045} - [kernel] ptrace: get_dumpable() incorrect tests (Jacob Tanenbaum) [1111605 1111606] {CVE-2013-2929} - [media] media-device: fix an information leakage (Jacob Tanenbaum) [1109776 1109777] {CVE-2014-1739} - [target] rd: Refactor rd_build_device_space + rd_release_device_space (Denys Vlasenko) [1108754 1108755] {CVE-2014-4027} - [block] blkcg: fix use-after-free in __blkg_release_rcu() by making blkcg_gq refcnt an atomic_t (Vivek Goyal) [1158313 1118436] - [virt] kvm: fix PIT timer race condition (Petr Matousek) [1144879 1144880] {CVE-2014-3611} - [virt] kvm/vmx: handle invept and invvpid vm exits gracefully (Petr Matousek) [1145449 1116936] [1144828 1144829] {CVE-2014-3645 CVE-2014-3646} [3.10.0-123.11.1] - [net] fix UDP tunnel GSO of frag_list GRO packets (Phillip Lougher) [1149661 1119392] [3.10.0-123.10.1] - [pci] hotplug: Prevent NULL dereference during pciehp probe (Myron Stowe) [1142393 1133107] - [kernel] workqueue: apply __WQ_ORDERED to create_singlethread_workqueue() (Tomas Henzl) [1151314 1131563]
Applies to:
kernel
Created:
2014-12-22
Updated:
2015-02-23

ID:
MITRE:27668
Title:
oval:org.mitre.oval:def:27668: ELSA-2014-3105 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27668
Severity:
Low
Description:
kernel-uek [2.6.32-400.36.12] - HID: fix a couple of off-by-ones (Jiri Kosina) [Orabug: 19849320] {CVE-2014-3184} - ALSA: control: Protect user controls against concurrent access (Lars-Peter Clausen) [Orabug: 20192545] {CVE-2014-4652} - udf: Avoid infinite loop when processing indirect ICBs (Jan Kara) [Orabug: 20192451] {CVE-2014-6410} - ALSA: control: Make sure that id->index does not overflow (Lars-Peter Clausen) [Orabug: 20192420] {CVE-2014-4656} - ALSA: control: Handle numid overflow (Lars-Peter Clausen) [Orabug: 20192379] {CVE-2014-4656} - net: sctp: fix remote memory pressure from excessive queueing (Daniel Borkmann) [Orabug: 20192060] {CVE-2014-3688}
Applies to:
kernel-uek
Created:
2014-12-22
Updated:
2015-03-16

ID:
MITRE:28492
Title:
oval:org.mitre.oval:def:28492: ELSA-2014-3107 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:28492
Severity:
Low
Description:
[2.6.39-400.215.15] - isofs: Fix unbounded recursion when processing relocated directories (Jan Kara) [Orabug: 20224060] {CVE-2014-5471} {CVE-2014-5472} - x86_64, traps: Stop using IST for #SS (Andy Lutomirski) [Orabug: 20224028] {CVE-2014-9090} {CVE-2014-9322}
Applies to:
kernel-uek
Created:
2014-12-22
Updated:
2015-02-23

ID:
MITRE:28543
Title:
oval:org.mitre.oval:def:28543: ELSA-2014-1983 -- xorg-x11-server security update
Type:
Software
Bulletins:
MITRE:28543
Severity:
Low
Description:
[1.15.0-7.0.1.el7_0.3] - Invalid BUG_RETURN_VAL fix, upstream patch (orabug 18896390) [1.15.0-7.3] - CVE fixes for: CVE-2014-8099, CVE-2014-8098, CVE-2014-8097, CVE-2014-8096, CVE-2014-8095, CVE-2014-8094, CVE-2014-8093, CVE-2014-8092, CVE-2014-8091, CVE-2014-8101, CVE-2014-8100, CVE-2014-8103, CVE-2014-8102
Applies to:
xorg-x11-server
Created:
2014-12-22
Updated:
2015-02-23

ID:
MITRE:28079
Title:
oval:org.mitre.oval:def:28079: ELSA-2014-1985 -- bind97 security update
Type:
Software
Bulletins:
MITRE:28079
Severity:
Low
Description:
[32:9.7.0-21.P2.1] - Fix CVE-2014-8500 (#1171972)
Applies to:
bind97
Created:
2014-12-22
Updated:
2015-02-23

ID:
MITRE:28615
Title:
oval:org.mitre.oval:def:28615: ELSA-2014-1976 -- rpm security update
Type:
Software
Bulletins:
MITRE:28615
Severity:
Low
Description:
[4.11.1-18] - Add check against malicious CPIO file name size (#1163060) - Fixes CVE-2014-8118 [4.11.1-17] - Fix race condidition where unchecked data is exposed in the file system (#1163060) - Fixes CVE-2013-6435
Applies to:
rpm
Created:
2014-12-22
Updated:
2015-02-23

ID:
MITRE:28387
Title:
oval:org.mitre.oval:def:28387: ELSA-2014-2008 -- kernel security update
Type:
Software
Bulletins:
MITRE:28387
Severity:
Low
Description:
kernel [2.6.18-400.1.1] - [x86] traps: stop using IST for #SS (Petr Matousek) [1172809] {CVE-2014-9322}
Applies to:
kernel
Created:
2014-12-22
Updated:
2015-03-16

ID:
MITRE:27915
Title:
oval:org.mitre.oval:def:27915: ELSA-2014-3106 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27915
Severity:
Low
Description:
kernel-uek [3.8.13-55.1.2.el6uek] - isofs: Fix unbounded recursion when processing relocated directories (Jan Kara) [Orabug: 20224059] {CVE-2014-5471} {CVE-2014-5472} - x86_64, traps: Stop using IST for #SS (Andy Lutomirski) [Orabug: 20224027] {CVE-2014-9090} {CVE-2014-9322}
Applies to:
kernel-uek
Created:
2014-12-22
Updated:
2015-03-16

ID:
MITRE:28577
Title:
oval:org.mitre.oval:def:28577: ELSA-2014-1982 -- xorg-x11-server security update
Type:
Software
Bulletins:
MITRE:28577
Severity:
Low
Description:
[1.1.1-48.107.0.1.el5_11] - Added oracle-enterprise-detect.patch - Replaced 'Red Hat' in spec file [1.1.1-48.107] - CVE-2014-8091 denial of service due to unchecked malloc in client authentication (#1168680) - CVE-2014-8092 integer overflow in X11 core protocol requests when calculating memory needs for requests (#1168684) - CVE-2014-8097 out of bounds access due to not validating length or offset values in DBE extension (#1168705) - CVE-2014-8095 out of bounds access due to not validating length or offset values in XInput extension (#1168694) - CVE-2014-8096 out of bounds access due to not validating length or offset values in XC-MISC extension(#1168700) - CVE-2014-8099 out of bounds access due to not validating length or offset values in XVideo extension (#1168710) - CVE-2014-8100 out of bounds access due to not validating length or offset values in Render extension (#1168711) - CVE-2014-8102 out of bounds access due to not validating length or offset values in XFixes extension (#1168714) - CVE-2014-8101 out of bounds access due to not validating length or offset values in RandR extension (#1168713) - CVE-2014-8093 xorg-x11-server: integer overflow in GLX extension requests when calculating memory needs for requests (#1168688) - CVE-2014-8098 xorg-x11-server: out of bounds access due to not validating length or offset values in GLX extension (#1168707) [1.1.1-48.104] - xserver-1.1.1-randr-config-timestamps.patch: Backport timestamp comparison fix from upstream RANDR code (#1006076) [1.1.1-48.103] - CVE-2013-6424: Fix OOB in trapezoid rasterization
Applies to:
xorg-x11-server
Created:
2014-12-22
Updated:
2015-02-23

ID:
MITRE:28305
Title:
oval:org.mitre.oval:def:28305: ELSA-2014-3103 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:28305
Severity:
Low
Description:
kernel-uek [3.8.13-55.1.1] - ALSA: control: Protect user controls against concurrent access (Lars-Peter Clausen) [Orabug: 20192540] {CVE-2014-4652} - target/rd: Refactor rd_build_device_space + rd_release_device_space (Nicholas Bellinger) [Orabug: 20192516] {CVE-2014-4027} - HID: logitech: perform bounds checking on device_id early enough (Jiri Kosina) [Orabug: 20192477] {CVE-2014-3182} - udf: Avoid infinite loop when processing indirect ICBs (Jan Kara) [Orabug: 20192448] {CVE-2014-6410} - ALSA: control: Make sure that id->index does not overflow (Lars-Peter Clausen) [Orabug: 20192416] {CVE-2014-4656} - ALSA: control: Handle numid overflow (Lars-Peter Clausen) [Orabug: 20192367] {CVE-2014-4656} - HID: picolcd: sanity check report size in raw_event() callback (Jiri Kosina) [Orabug: 20192208] {CVE-2014-3186} - net: sctp: fix remote memory pressure from excessive queueing (Daniel Borkmann) [Orabug: 20192058] {CVE-2014-3688}
Applies to:
kernel-uek
Created:
2014-12-22
Updated:
2015-03-16

ID:
MITRE:28485
Title:
oval:org.mitre.oval:def:28485: ELSA-2014-1984 -- bind security update
Type:
Software
Bulletins:
MITRE:28485
Severity:
Low
Description:
[32:9.9.4-14.0.1.el7_0.1] - Rebuild to fix libmysqlclient dependency [32:9.9.4-14.1] - Fix CVE-2014-8500 (#1171975)
Applies to:
bind
Created:
2014-12-22
Updated:
2015-02-23

ID:
MITRE:28647
Title:
oval:org.mitre.oval:def:28647: ELSA-2014-3108 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:28647
Severity:
Low
Description:
kernel-uek [2.6.32-400.36.13uek] - net: guard tcp_set_keepalive() to tcp sockets (Eric Dumazet) [Orabug: 20224099] {CVE-2012-6657} - isofs: Fix unbounded recursion when processing relocated directories (Jan Kara) [Orabug: 20224061] {CVE-2014-5471} {CVE-2014-5472} - x86_64, traps: Stop using IST for #SS (Andy Lutomirski) [Orabug: 20224029] {CVE-2014-9090} {CVE-2014-9322}
Applies to:
kernel-uek
Created:
2014-12-22
Updated:
2015-03-16

ID:
MITRE:28261
Title:
oval:org.mitre.oval:def:28261: ELSA-2014-1974 -- rpm security update
Type:
Software
Bulletins:
MITRE:28261
Severity:
Low
Description:
[4.4.2.3-36.0.1] - Add missing files in /usr/share/doc/ [4.8.0-36] - Fix warning when applying the patch for #1163057 [4.8.0-35] - Fix race condidition where unchecked data is exposed in the file system (CVE-2013-6435)(#1163057)
Applies to:
rpm
Created:
2014-12-22
Updated:
2015-02-23

ID:
MITRE:28482
Title:
oval:org.mitre.oval:def:28482: ELSA-2014-3104 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:28482
Severity:
Low
Description:
[2.6.39-400.215.14] - HID: magicmouse: sanity check report size in raw_event() callback (Jiri Kosina) [Orabug: 19849355] {CVE-2014-3181} - ALSA: control: Protect user controls against concurrent access (Lars-Peter Clausen) [Orabug: 20192542] {CVE-2014-4652} - target/rd: Refactor rd_build_device_space + rd_release_device_space (Nicholas Bellinger) [Orabug: 20192517] {CVE-2014-4027} - media-device: fix infoleak in ioctl media_enum_entities() (Salva Peiro) [Orabug: 20192501] {CVE-2014-1739} {CVE-2014-1739} - udf: Avoid infinite loop when processing indirect ICBs (Jan Kara) [Orabug: 20192449] {CVE-2014-6410} - ALSA: control: Make sure that id->index does not overflow (Lars-Peter Clausen) [Orabug: 20192418] {CVE-2014-4656} - ALSA: control: Handle numid overflow (Lars-Peter Clausen) [Orabug: 20192376] {CVE-2014-465} - HID: picolcd: sanity check report size in raw_event() callback (Jiri Kosina) [Orabug: 20192205] {CVE-2014-3186} - net: sctp: fix remote memory pressure from excessive queueing (Daniel Borkmann) [Orabug: 20192059] {CVE-2014-3688}
Applies to:
kernel-uek
Created:
2014-12-22
Updated:
2015-02-23

ID:
CVE-2014-8014
Title:
Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malformed RSVP packet, aka Bug ID CSCub63710.
Type:
Hardware
Bulletins:
CVE-2014-8014
Severity:
Medium
Description:
Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malformed RSVP packet, aka Bug ID CSCub63710.
Applies to:
Created:
2014-12-18
Updated:
2017-07-05

ID:
CVE-2014-9322
Title:
arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that...
Type:
Mobile Devices
Bulletins:
CVE-2014-9322
Severity:
High
Description:
arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.
Applies to:
Created:
2014-12-17
Updated:
2017-07-05

ID:
CVE-2014-7911
Title:
luni/src/main/java/java/io/ObjectInputStream.java in the java.io.ObjectInputStream implementation in Android before 5.0.0 does not verify that deserialization will result in an object that met the requirements for serialization,...
Type:
Mobile Devices
Bulletins:
CVE-2014-7911
Severity:
High
Description:
luni/src/main/java/java/io/ObjectInputStream.java in the java.io.ObjectInputStream implementation in Android before 5.0.0 does not verify that deserialization will result in an object that met the requirements for serialization, which allows attackers to execute arbitrary code via a crafted finalize method for a serialized object in an ArrayMap Parcel within an intent sent to system_service, as demonstrated by the finalize method of android.os.BinderProxy, aka Bug 15874291.
Applies to:
Created:
2014-12-15
Updated:
2017-07-05

ID:
CVE-2014-8507
Title:
Multiple SQL injection vulnerabilities in the queryLastApp method in packages/WAPPushManager/src/com/android/smspush/WapPushManager.java in the WAPPushManager module in Android before 5.0.0 allow remote attackers to execute arbitrary...
Type:
Mobile Devices
Bulletins:
CVE-2014-8507
SFBID71310
Severity:
High
Description:
Multiple SQL injection vulnerabilities in the queryLastApp method in packages/WAPPushManager/src/com/android/smspush/WapPushManager.java in the WAPPushManager module in Android before 5.0.0 allow remote attackers to execute arbitrary SQL commands, and consequently launch an activity or service, via the (1) wapAppId or (2) contentType field of a PDU for a malformed WAPPush message, aka Bug 17969135.
Applies to:
Created:
2014-12-15
Updated:
2017-07-05

ID:
CVE-2014-8609
Title:
The addAccount method in src/com/android/settings/accounts/AddAccountSettings.java in the Settings application in Android before 5.0.0 does not properly create a PendingIntent, which allows attackers to use the SYSTEM uid for...
Type:
Mobile Devices
Bulletins:
CVE-2014-8609
Severity:
High
Description:
The addAccount method in src/com/android/settings/accounts/AddAccountSettings.java in the Settings application in Android before 5.0.0 does not properly create a PendingIntent, which allows attackers to use the SYSTEM uid for broadcasting an intent with arbitrary component, action, or category information via a third-party authenticator in a crafted application, aka Bug 17356824.
Applies to:
Created:
2014-12-15
Updated:
2017-07-05

ID:
CVE-2014-8610
Title:
AndroidManifest.xml in Android before 5.0.0 does not require the SEND_SMS permission for the SmsReceiver receiver, which allows attackers to send stored SMS messages, and consequently transmit arbitrary new draft SMS messages or...
Type:
Mobile Devices
Bulletins:
CVE-2014-8610
Severity:
Low
Description:
AndroidManifest.xml in Android before 5.0.0 does not require the SEND_SMS permission for the SmsReceiver receiver, which allows attackers to send stored SMS messages, and consequently transmit arbitrary new draft SMS messages or trigger additional per-message charges from a network operator for old messages, via a crafted application that broadcasts an intent with the com.android.mms.transaction.MESSAGE_SENT action, aka Bug 17671795.
Applies to:
Created:
2014-12-15
Updated:
2017-07-05

ID:
MITRE:28328
Title:
oval:org.mitre.oval:def:28328: OWA XSS vulnerability () - MS14-075
Type:
Software
Bulletins:
MITRE:28328
CVE-2014-6326
Severity:
Low
Description:
Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2013 SP1 and Cumulative Update 6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "OWA XSS Vulnerability," a different vulnerability than CVE-2014-6325.
Applies to:
Microsoft Exchange Server 2013
Created:
2014-12-12
Updated:
2015-01-26

ID:
MITRE:28401
Title:
oval:org.mitre.oval:def:28401: Internet Explorer memory corruption vulnerability
Type:
Web
Bulletins:
MITRE:28401
CVE-2014-6374
Severity:
Low
Description:
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Applies to:
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Created:
2014-12-12
Updated:
2015-01-26

ID:
MITRE:28329
Title:
oval:org.mitre.oval:def:28329: Internet Explorer memory corruption vulnerability
Type:
Software
Bulletins:
MITRE:28329
CVE-2014-6330
Severity:
Low
Description:
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Applies to:
Microsoft Internet Explorer 9
Created:
2014-12-12
Updated:
2015-01-26

ID:
MITRE:27937
Title:
oval:org.mitre.oval:def:27937: Microsoft Office component use after free vulnerability
Type:
Software
Bulletins:
MITRE:27937
CVE-2014-6364
Severity:
Low
Description:
Use-after-free vulnerability in Microsoft Office 2007 SP3; 2010 SP2; 2013 Gold, SP1, and SP2; and 2013 RT Gold and SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Component Use After Free Vulnerability."
Applies to:
Microsoft Office 2007
Microsoft Office 2010
Microsoft Office 2013
Created:
2014-12-12
Updated:
2015-01-26

ID:
MITRE:28006
Title:
oval:org.mitre.oval:def:28006: Use After Free Word Remote Code Execution Vulnerability
Type:
Software
Bulletins:
MITRE:28006
CVE-2014-6357
Severity:
Low
Description:
Use-after-free vulnerability in Microsoft Office 2010 SP2, Office 2013 Gold and SP1, Office 2013 RT Gold and SP1, Office for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 Gold and SP1, and Office Web Apps 2010 SP2 and 2013 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Use After Free Word Remote Code Execution Vulnerability."
Applies to:
Microsoft Office Compatibility Pack
Microsoft Office Web Apps 2010
Microsoft Office Web Apps Server 2013
Microsoft SharePoint Server 2010
Microsoft SharePoint Server 2013
Microsoft Word 2013
Microsoft Word Viewer
Created:
2014-12-12
Updated:
2015-01-26

ID:
MITRE:28084
Title:
oval:org.mitre.oval:def:28084: Graphics component information disclosure vulnerability
Type:
Software
Bulletins:
MITRE:28084
CVE-2014-6355
Severity:
Low
Description:
The Graphics Component in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly process JPEG images, which makes it easier for remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Graphics Component Information Disclosure Vulnerability."
Applies to:
Created:
2014-12-12
Updated:
2015-01-26

ID:
MITRE:28404
Title:
oval:org.mitre.oval:def:28404: Internet Explorer memory corruption vulnerability
Type:
Software
Bulletins:
MITRE:28404
CVE-2014-6327
Severity:
Low
Description:
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6329 and CVE-2014-6376.
Applies to:
Microsoft Internet Explorer 11
Created:
2014-12-12
Updated:
2015-01-26

ID:
MITRE:28280
Title:
oval:org.mitre.oval:def:28280: Global free remote code execution in excel vulnerability
Type:
Software
Bulletins:
MITRE:28280
CVE-2014-6360
Severity:
Low
Description:
Microsoft Excel 2007 SP3, Excel 2010 SP2, and Office Compatibility Pack allow remote attackers to execute arbitrary code via a crafted Office document, aka "Global Free Remote Code Execution in Excel Vulnerability."
Applies to:
Microsoft Excel 2007
Microsoft Excel 2010
Microsoft Office Compatibility Pack
Created:
2014-12-12
Updated:
2015-01-26

ID:
MITRE:28408
Title:
oval:org.mitre.oval:def:28408: Internet Explorer memory corruption vulnerability
Type:
Web
Bulletins:
MITRE:28408
CVE-2014-6375
Severity:
Low
Description:
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Applies to:
Microsoft Internet Explorer 8
Created:
2014-12-12
Updated:
2015-01-26

ID:
MITRE:28368
Title:
oval:org.mitre.oval:def:28368: Internet Explorer memory corruption vulnerability
Type:
Miscellaneous
Bulletins:
MITRE:28368
CVE-2014-6363
Severity:
Low
Description:
vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memory Corruption Vulnerability."
Applies to:
VBScript 5.6
VBScript 5.7
VBScript 5.8
Created:
2014-12-12
Updated:
2015-03-09

ID:
MITRE:28377
Title:
oval:org.mitre.oval:def:28377: Internet Explorer memory corruption vulnerability
Type:
Software
Bulletins:
MITRE:28377
CVE-2014-6376
Severity:
Low
Description:
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6327 and CVE-2014-6329.
Applies to:
Microsoft Internet Explorer 11
Created:
2014-12-12
Updated:
2015-01-26

ID:
MITRE:27704
Title:
oval:org.mitre.oval:def:27704: Internet Explorer memory corruption vulnerability
Type:
Software
Bulletins:
MITRE:27704
CVE-2014-6369
Severity:
Low
Description:
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Applies to:
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Microsoft Internet Explorer 9
Created:
2014-12-12
Updated:
2015-01-26

ID:
MITRE:28415
Title:
oval:org.mitre.oval:def:28415: Exchange URL redirection vulnerability () - MS14-075
Type:
Software
Bulletins:
MITRE:28415
CVE-2014-6336
Severity:
Low
Description:
Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 6 does not properly validate redirection tokens, which allows remote attackers to redirect users to arbitrary web sites and spoof the origin of e-mail messages via unspecified vectors, aka "Exchange URL Redirection Vulnerability."
Applies to:
Microsoft Exchange Server 2013
Created:
2014-12-12
Updated:
2015-01-26

ID:
MITRE:28425
Title:
oval:org.mitre.oval:def:28425: Outlook Web App token spoofing vulnerability () - MS14-075
Type:
Services
Bulletins:
MITRE:28425
CVE-2014-6319
Severity:
Low
Description:
Outlook Web App (OWA) in Microsoft Exchange Server 2007 SP3, 2010 SP3, and 2013 SP1 and Cumulative Update 6 does not properly validate tokens in requests, which allows remote attackers to spoof the origin of e-mail messages via unspecified vectors, aka "Outlook Web App Token Spoofing Vulnerability."
Applies to:
Microsoft Exchange Server 2007
Microsoft Exchange Server 2010
Microsoft Exchange Server 2013
Created:
2014-12-12
Updated:
2015-01-26

ID:
MITRE:28430
Title:
oval:org.mitre.oval:def:28430: Internet Explorer memory corruption vulnerability
Type:
Web
Bulletins:
MITRE:28430
CVE-2014-6366
Severity:
Low
Description:
Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Applies to:
Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Created:
2014-12-12
Updated:
2015-01-26

ID:
MITRE:28349
Title:
oval:org.mitre.oval:def:28349: Internet Explorer memory corruption vulnerability
Type:
Web
Bulletins:
MITRE:28349
CVE-2014-8966
Severity:
Low
Description:
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Applies to:
Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Created:
2014-12-12
Updated:
2015-01-26

ID:
MITRE:28392
Title:
oval:org.mitre.oval:def:28392: Internet Explorer memory corruption vulnerability
Type:
Software
Bulletins:
MITRE:28392
CVE-2014-6373
Severity:
Low
Description:
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Applies to:
Microsoft Internet Explorer 10
Created:
2014-12-12
Updated:
2015-01-26

ID:
MITRE:27446
Title:
oval:org.mitre.oval:def:27446: Excel invalid pointer remote code execution vulnerability
Type:
Software
Bulletins:
MITRE:27446
CVE-2014-6361
Severity:
Low
Description:
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 Gold and SP1, Excel 2013 RT Gold and SP1, and Office Compatibility Pack allow remote attackers to execute arbitrary code via a crafted Office document, aka "Excel Invalid Pointer Remote Code Execution Vulnerability."
Applies to:
Microsoft Excel 2007
Microsoft Excel 2010
Microsoft Excel 2013
Microsoft Office Compatibility Pack
Created:
2014-12-12
Updated:
2015-01-26

ID:
MITRE:28172
Title:
oval:org.mitre.oval:def:28172: Internet Explorer XSS filter bypass vulnerability
Type:
Web
Bulletins:
MITRE:28172
CVE-2014-6328
Severity:
Low
Description:
Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the XSS filter via a crafted attribute of an element in an HTML document, aka "Internet Explorer XSS Filter Bypass Vulnerability," a different vulnerability than CVE-2014-6365.
Applies to:
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Created:
2014-12-12
Updated:
2015-01-26

ID:
MITRE:28416
Title:
oval:org.mitre.oval:def:28416: Internet Explorer memory corruption vulnerability
Type:
Software
Bulletins:
MITRE:28416
CVE-2014-6329
Severity:
Low
Description:
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6327 and CVE-2014-6376.
Applies to:
Microsoft Internet Explorer 11
Created:
2014-12-12
Updated:
2015-01-26

ID:
MITRE:27932
Title:
oval:org.mitre.oval:def:27932: Internet Explorer XSS filter bypass vulnerability
Type:
Web
Bulletins:
MITRE:27932
CVE-2014-6365
Severity:
Low
Description:
Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the XSS filter via a crafted attribute of an element in an HTML document, aka "Internet Explorer XSS Filter Bypass Vulnerability," a different vulnerability than CVE-2014-6328.
Applies to:
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Created:
2014-12-12
Updated:
2015-01-26

ID:
MITRE:28299
Title:
oval:org.mitre.oval:def:28299: Invalid index remote code execution vulnerability
Type:
Miscellaneous
Bulletins:
MITRE:28299
CVE-2014-6356
Severity:
Low
Description:
Array index error in Microsoft Word 2007 SP3, Word 2010 SP2, and Office Compatibility Pack SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Invalid Index Remote Code Execution Vulnerability."
Applies to:
Microsoft Office Compatibility Pack
Microsoft Word 2007
Microsoft Word 2010
Created:
2014-12-12
Updated:
2015-01-26

ID:
MITRE:28291
Title:
oval:org.mitre.oval:def:28291: OWA XSS vulnerability () - MS14-075
Type:
Software
Bulletins:
MITRE:28291
CVE-2014-6325
Severity:
Low
Description:
Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2013 SP1 and Cumulative Update 6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "OWA XSS Vulnerability," a different vulnerability than CVE-2014-6326.
Applies to:
Microsoft Exchange Server 2013
Created:
2014-12-12
Updated:
2015-01-26

ID:
MITRE:28376
Title:
oval:org.mitre.oval:def:28376: Internet Explorer memory corruption vulnerability
Type:
Software
Bulletins:
MITRE:28376
CVE-2014-6368
Severity:
Low
Description:
Microsoft Internet Explorer 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."
Applies to:
Microsoft Internet Explorer 11
Created:
2014-12-12
Updated:
2015-01-26

ID:
CVE-2014-4465
Title:
WebKit in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1 allows remote attackers to bypass the Same Origin Policy via crafted Cascading Style Sheets (CSS) token sequences within an SVG file in the SRC attribute of...
Type:
Mobile Devices
Bulletins:
CVE-2014-4465
Severity:
Medium
Description:
WebKit in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1 allows remote attackers to bypass the Same Origin Policy via crafted Cascading Style Sheets (CSS) token sequences within an SVG file in the SRC attribute of an IMG element.
Applies to:
Created:
2014-12-10
Updated:
2017-07-05

ID:
CVE-2014-4466
Title:
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a...
Type:
Mobile Devices
Bulletins:
CVE-2014-4466
SFBID71445
Severity:
High
Description:
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.
Applies to:
Created:
2014-12-10
Updated:
2017-07-05

ID:
CVE-2014-4468
Title:
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a...
Type:
Mobile Devices
Bulletins:
CVE-2014-4468
SFBID71459
Severity:
Medium
Description:
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.
Applies to:
Created:
2014-12-10
Updated:
2017-07-05

ID:
CVE-2014-4469
Title:
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a...
Type:
Mobile Devices
Bulletins:
CVE-2014-4469
SFBID71461
Severity:
Medium
Description:
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.
Applies to:
Created:
2014-12-10
Updated:
2017-07-05

ID:
CVE-2014-4470
Title:
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a...
Type:
Mobile Devices
Bulletins:
CVE-2014-4470
SFBID71462
Severity:
Medium
Description:
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.
Applies to:
Created:
2014-12-10
Updated:
2017-07-05

ID:
CVE-2014-4471
Title:
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a...
Type:
Mobile Devices
Bulletins:
CVE-2014-4471
SFBID71438
Severity:
Medium
Description:
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.
Applies to:
Created:
2014-12-10
Updated:
2017-07-05

ID:
CVE-2014-4472
Title:
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a...
Type:
Mobile Devices
Bulletins:
CVE-2014-4472
SFBID71442
Severity:
Medium
Description:
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.
Applies to:
Created:
2014-12-10
Updated:
2017-07-05

ID:
CVE-2014-4473
Title:
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a...
Type:
Mobile Devices
Bulletins:
CVE-2014-4473
SFBID71444
Severity:
Medium
Description:
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.
Applies to:
Created:
2014-12-10
Updated:
2017-07-05

ID:
CVE-2014-4474
Title:
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a...
Type:
Mobile Devices
Bulletins:
CVE-2014-4474
SFBID71449
Severity:
Medium
Description:
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.
Applies to:
Created:
2014-12-10
Updated:
2017-07-05

ID:
CVE-2014-4475
Title:
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a...
Type:
Mobile Devices
Bulletins:
CVE-2014-4475
SFBID71451
Severity:
Medium
Description:
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.
Applies to:
Created:
2014-12-10
Updated:
2017-07-05

ID:
MITRE:28273
Title:
oval:org.mitre.oval:def:28273: SUSE-SU-2014:1524-1 -- Security update for openssl
Type:
Web
Bulletins:
MITRE:28273
Severity:
Low
Description:
openssl was updated to fix four security issues. These security issues were fixed: - SRTP Memory Leak (CVE-2014-3513). - Session Ticket Memory Leak (CVE-2014-3567). - Fixed incomplete no-ssl3 build option (CVE-2014-3568). - Add support for TLS_FALLBACK_SCSV (CVE-2014-3566). NOTE: This update alone DOESN'T FIX the POODLE SSL protocol vulnerability. OpenSSL only adds downgrade detection support for client applications. See https://www.suse.com/support/kb/doc.php?id=7015773 for mitigations.
Applies to:
openssl
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28443
Title:
oval:org.mitre.oval:def:28443: SUSE-SU-2014:1464-1 -- Security update for wget
Type:
Software
Bulletins:
MITRE:28443
Severity:
Low
Description:
wget was updated to fix one security issue. This security issue was fixed: - FTP symlink arbitrary filesystem access (CVE-2014-4877).
Applies to:
wget
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28150
Title:
oval:org.mitre.oval:def:28150: SUSE-SU-2014:1510-1 -- Security update for MozillaFirefox and mozilla-nss
Type:
Software
Bulletins:
MITRE:28150
Severity:
Low
Description:
- update to Firefox 31.2.0 ESR (bnc#900941) * MFSA 2014-74/CVE-2014-1574/CVE-2014-1575 (bmo#1001994, bmo#1011354, bmo#1018916, bmo#1020034, bmo#1023035, bmo#1032208, bmo#1033020, bmo#1034230, bmo#1061214, bmo#1061600, bmo#1064346, bmo#1072044, bmo#1072174) Miscellaneous memory safety hazards (rv:33.0/rv:31.2) * MFSA 2014-75/CVE-2014-1576 (bmo#1041512) Buffer overflow during CSS manipulation * MFSA 2014-76/CVE-2014-1577 (bmo#1012609) Web Audio memory corruption issues with custom waveforms * MFSA 2014-77/CVE-2014-1578 (bmo#1063327) Out-of-bounds write with WebM video * MFSA 2014-79/CVE-2014-1581 (bmo#1068218) Use-after-free interacting with text directionality * MFSA 2014-81/CVE-2014-1585/CVE-2014-1586 (bmo#1062876, bmo#1062981) Inconsistent video sharing within iframe * MFSA 2014-82/CVE-2014-1583 (bmo#1015540) Accessing cross-origin objects via the Alarms API - SSLv3 is disabled by default. See README.POODLE for more detailed information. - disable call home features - update to 3.17.2 (bnc#900941) Bugfix release * bmo#1049435 - Importing an RSA private key fails if p < q * bmo#1057161 - NSS hangs with 100% CPU on invalid EC key * bmo#1078669 - certutil crashes when using the --certVersion parameter - changes from earlier version of the 3.17 branch: update to 3.17.1 (bnc#897890) * MFSA 2014-73/CVE-2014-1568 (bmo#1064636, bmo#1069405) RSA Signature Forgery in NSS * Change library's signature algorithm default to SHA256 * Add support for draft-ietf-tls-downgrade-scsv * Add clang-cl support to the NSS build system * Implement TLS 1.3: * Part 1. Negotiate TLS 1.3 * Part 2. Remove deprecated cipher suites andcompression. * Add support for little-endian powerpc64 update to 3.17 * required for Firefox 33 New functionality: * When using ECDHE, the TLS server code may be configured to generate a fresh ephemeral ECDH key for each handshake, by setting the SSL_REUSE_SERVER_ECDHE_KEY socket option to PR_FALSE. The SSL_REUSE_SERVER_ECDHE_KEY option defaults to PR_TRUE, which means the server's ephemeral ECDH key is reused for multiple handshakes. This option does not affect the TLS client code, which always generates a fresh ephemeral ECDH key for each handshake. New Macros * SSL_REUSE_SERVER_ECDHE_KEY Notable Changes: * The manual pages for the certutil and pp tools have been updated to document the new parameters that had been added in NSS 3.16.2.
Applies to:
MozillaFirefox
mozilla-nss
Created:
2014-12-08
Updated:
2015-03-16

ID:
MITRE:28112
Title:
oval:org.mitre.oval:def:28112: ELSA-2014-1919 -- firefox security update
Type:
Software
Bulletins:
MITRE:28112
Severity:
Low
Description:
[31.3.0-4.0.1] - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat ones [31.3.0-4] - Update to 31.3.0 ESR Build 2 - Fix for geolocation API (rhbz#1063739) [31.2.0-5] - splice workaround (rhbz#1150082) [31.2.0-4] - ppc build fix (rhbz#1151959)
Applies to:
firefox
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:27992
Title:
oval:org.mitre.oval:def:27992: RHSA-2014:1843 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:27992
Severity:
Low
Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system. * A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT (Programmable Interval Timer) emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. (CVE-2014-3611, Important) * A memory corruption flaw was found in the way the USB ConnectTech WhiteHEAT serial driver processed completion commands sent via USB Request Blocks buffers. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-3185, Moderate) * It was found that the Linux kernel's KVM subsystem did not handle the VM exits gracefully for the invept (Invalidate Translations Derived from EPT) and invvpid (Invalidate Translations Based on VPID) instructions. On hosts with an Intel processor and invept/invppid VM exit support, an unprivileged guest user could use these instructions to crash the guest. (CVE-2014-3645, CVE-2014-3646, Moderate) Red Hat would like to thank Lars Bull of Google for reporting CVE-2014-3611, and the Advanced Threat Research team at Intel Security for reporting CVE-2014-3645 and CVE-2014-3646. This update also fixes the following bugs: * This update fixes several race conditions between PCI error recovery callbacks and potential calls of the ifup and ifdown commands in the tg3 driver. When triggered, these race conditions could cause a kernel crash. (BZ#1142570) * Previously, GFS2 failed to unmount a sub-mounted GFS2 file system if its parent was also a GFS2 file system. This problem has been fixed by adding the appropriate d_op->d_hash() routine call for the last component of the mount point path in the path name lookup mechanism code (namei). (BZ#1145193) * Due to previous changes in the virtio-net driver, a Red Hat Enterprise Linux 6.6 guest was unable to boot with the "mgr_rxbuf=off" option specified. This was caused by providing the page_to_skb() function with an incorrect packet length in the driver's Rx path. This problem has been fixed and the guest in the described scenario can now boot successfully. (BZ#1148693) * When using one of the newer IPSec Authentication Header (AH) algorithms with Openswan, a kernel panic could occur. This happened because the maximum truncated ICV length was too small. To fix this problem, the MAX_AH_AUTH_LEN parameter has been set to 64. (BZ#1149083) * A bug in the IPMI driver caused the kernel to panic when an IPMI interface was removed using the hotmod script. The IPMI driver has been fixed to properly clean the relevant data when removing an IPMI interface. (BZ#1149578) * Due to a bug in the IPMI driver, the kernel could panic when adding an IPMI interface that was previously removed using the hotmod script. This update fixes this bug by ensuring that the relevant shadow structure is initialized at the right time. (BZ#1149580) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
Applies to:
kernel
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28050
Title:
oval:org.mitre.oval:def:28050: ELSA-2014-1885 -- libxml2 security update
Type:
Miscellaneous
Bulletins:
MITRE:28050
Severity:
Low
Description:
[2.6.26-2.1.25.0.1.el5_11] - Add libxml2-enterprise.patch - Replaced doc/redhat.gif in tarball with updated image [2.6.26-2.1.25.el5] - CVE-2014-3660 denial of service via recursive entity expansion (rhbz#1161841) [2.6.26-2.1.24.el5] - fixed one regexp bug and added a (rhbz#922450) - Another small change on the algorithm for the elimination of epsilon (rhbz#922450) [2.6.26-2.1.23.el5] - detect and stop excessive entities expansion upon replacement (rhbz#912573) [2.6.26-2.1.22.el5] - fix validation issues with some XSD (rhbz#877348) - xmlDOMWrapCloneNode discards namespace of the node parameter (rhbz#884707)
Applies to:
libxml2
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28363
Title:
oval:org.mitre.oval:def:28363: SUSE-SU-2014:1494-1 -- Security update for libreoffice
Type:
Software
Bulletins:
MITRE:28363
Severity:
Low
Description:
libreoffice was updated to version 4.3.3.2 to fix two security issues: These security issues were fixed: - "Document as E-mail" vulnerability (bnc#900218). - Impress remote control use-after-free vulnerability (CVE-2014-3693). Various other fixes are included in the update.
Applies to:
libreoffice
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28186
Title:
oval:org.mitre.oval:def:28186: RHSA-2014:1824 -- php security update
Type:
Web
Bulletins:
MITRE:28186
Severity:
Low
Description:
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. (CVE-2014-3670) A stack-based buffer overflow flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash. (CVE-2014-8626) An integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669) All php users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
Applies to:
php
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:27981
Title:
oval:org.mitre.oval:def:27981: SUSE-SU-2014:1259-1 -- bash
Type:
Software
Bulletins:
MITRE:27981
Severity:
Low
Description:
The command-line shell 'bash' evaluates environment variables, which allows the injection of characters and might be used to access files on the system in some circumstances (CVE-2014-7169). Please note that this issue is different from a previously fixed vulnerability tracked under CVE-2014-6271 and it is less serious due to the special, non-default system configuration that is needed to create an exploitable situation. To remove further exploitation potential we now limit the function-in-environment variable to variables prefixed with BASH_FUNC_ . This hardening feature is work in progress and might be improved in later updates. Additionaly two more security issues were fixed in bash: CVE-2014-7186: Nested HERE documents could lead to a crash of bash. CVE-2014-7187: Nesting of for loops could lead to a crash of bash.
Applies to:
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28393
Title:
oval:org.mitre.oval:def:28393: ELSA-2014-1870 -- libXfont security update
Type:
Software
Bulletins:
MITRE:28393
Severity:
Low
Description:
[1.4.5-4] - CVE-2014-0209: integer overflow of allocations in font metadata file parsing (bug 1163602, bug 1163601) - CVE-2014-0210: unvalidated length fields when parsing xfs protocol replies (bug 1163602, bug 1163601) - CVE-2014-0211: integer overflows calculating memory needs for xfs replies (bug 1163602, bug 1163601)
Applies to:
libXfont
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:27895
Title:
oval:org.mitre.oval:def:27895: RHSA-2014:1846 -- gnutls security update
Type:
Software
Bulletins:
MITRE:27895
Severity:
Low
Description:
The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). The gnutls packages also include the libtasn1 library, which provides Abstract Syntax Notation One (ASN.1) parsing and structures management, and Distinguished Encoding Rules (DER) encoding and decoding functions. An out-of-bounds memory write flaw was found in the way GnuTLS parsed certain ECC (Elliptic Curve Cryptography) certificates or certificate signing requests (CSR). A malicious user could create a specially crafted ECC certificate or a certificate signing request that, when processed by an application compiled against GnuTLS (for example, certtool), could cause that application to crash or execute arbitrary code with the permissions of the user running the application. (CVE-2014-8564) Red Hat would like to thank GnuTLS upstream for reporting this issue. Upstream acknowledges Sean Burford as the original reporter. All gnutls users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all applications linked to the GnuTLS or libtasn1 library must be restarted.
Applies to:
gnutls
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28142
Title:
oval:org.mitre.oval:def:28142: RHSA-2014:1911 -- ruby security update
Type:
Software
Bulletins:
MITRE:28142
Severity:
Low
Description:
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Multiple denial of service flaws were found in the way the Ruby REXML XML parser performed expansion of parameter entities. A specially crafted XML document could cause REXML to use an excessive amount of CPU and memory. (CVE-2014-8080, CVE-2014-8090) The CVE-2014-8090 issue was discovered by Red Hat Product Security. All ruby users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of Ruby need to be restarted for this update to take effect.
Applies to:
ruby
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28391
Title:
oval:org.mitre.oval:def:28391: ELSA-2014-1956 -- wpa_supplicant security update
Type:
Software
Bulletins:
MITRE:28391
Severity:
Low
Description:
[1:2.0-13] - Use os_exec() for action script execution (CVE-2014-3686)
Applies to:
wpa_supplicant
Created:
2014-12-08
Updated:
2015-02-23

ID:
MITRE:28303
Title:
oval:org.mitre.oval:def:28303: ELSA-2014-1912 -- ruby security update
Type:
Software
Bulletins:
MITRE:28303
Severity:
Low
Description:
[2.0.0.353-22] - Fix REXML billion laughs attack via parameter entity expansion (CVE-2014-8080). Resolves: rhbz#1163998 - REXML incomplete fix for CVE-2014-8080 (CVE-2014-8090). Resolves: rhbz#1163998 [2.0.0.353-21] - Fix off-by-one stack-based buffer overflow in the encodes() function (CVE-2014-4975) Resolves: rhbz#1163998 [2.0.0.353-21] - Fix FTBFS with new tzdata Related: rhbz#1163998
Applies to:
ruby
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:27461
Title:
oval:org.mitre.oval:def:27461: ELSA-2014-3093 -- bash security update
Type:
Software
Bulletins:
MITRE:27461
Severity:
Low
Description:
[4.1.2-29.0.1] - Fix segfaults from CVE-2014-6277 and CVE-2014-6278 completely. [orabug 19905294]
Applies to:
bash
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:27990
Title:
oval:org.mitre.oval:def:27990: ELSA-2014-1959 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:27990
Severity:
Low
Description:
kernel [2.6.18-400] - [net] bridge: disable snooping if there is no querier (Frantisek Hrbata) [902454] - [s390] kernel: sysinfo: convert /proc/sysinfo to seqfile (Alexander Gordeev) [1131283] - [net] netlink: verify permisions of socket creator (Jiri Benc) [1094266] {CVE-2014-0181} - [net] netlink: store effective caps at socket() time (Jiri Benc) [1094266] {CVE-2014-0181} - [net] netlink: Rename netlink_capable netlink_allowed (Jiri Benc) [1094266] {CVE-2014-0181} - [net] netlink: Fix permission check in netlink_connect() (Jiri Benc) [1094266] {CVE-2014-0181} - [net] netlink: fix possible spoofing from non-root processes (Jiri Benc) [1094266] {CVE-2014-0181} - [net] netlink: Make NETLINK_USERSOCK work again (Jiri Benc) [1094266] {CVE-2014-0181} - [net] netlink: fix for too early rmmod (Jiri Benc) [1094266] {CVE-2014-0181} [2.6.18-399] - [kernel] do_setitimer: cancel real_timer if try_to_cancel fails (Oleg Nesterov) [1134654]
Applies to:
kernel
Created:
2014-12-08
Updated:
2015-03-16

ID:
MITRE:27600
Title:
oval:org.mitre.oval:def:27600: SUSE-SU-2014:1458-3 -- Security update for MozillaFirefox
Type:
Software
Bulletins:
MITRE:27600
Severity:
Low
Description:
This version update of Mozilla Firefox to 31.2.0ESR brings improvements, stability fixes and also security fixes for the following CVEs: CVE-2014-1574, CVE-2014-1575, CVE-2014-1576 ,CVE-2014-1577, CVE-2014-1578, CVE-2014-1581, CVE-2014-1583, CVE-2014-1585, CVE-2014-1586 It also disables SSLv3 by default to mitigate the protocol downgrade attack known as POODLE. Security Issues: * CVE-2014-1574 * CVE-2014-1575 * CVE-2014-1576 * CVE-2014-1577 * CVE-2014-1578 * CVE-2014-1581 * CVE-2014-1583 * CVE-2014-1585 * CVE-2014-1586
Applies to:
MozillaFirefox
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:27707
Title:
oval:org.mitre.oval:def:27707: RHSA-2014:1885 -- libxml2 security update
Type:
Miscellaneous
Bulletins:
MITRE:27707
Severity:
Low
Description:
The libxml2 library is a development toolbox providing the implementation of various XML standards. A denial of service flaw was found in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption (denial of service) based on excessive entity substitutions, even if entity substitution was disabled, which is the parser default behavior. (CVE-2014-3660) All libxml2 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted (log out, then log back in) for this update to take effect.
Applies to:
libxml2
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28090
Title:
oval:org.mitre.oval:def:28090: RHSA-2014:1724 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:28090
Severity:
Low
Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes: * A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT (Programmable Interval Timer) emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. (CVE-2014-3611, Important) * A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system. (CVE-2014-5077, Important) * It was found that the Linux kernel's KVM subsystem did not handle the VM exits gracefully for the invept (Invalidate Translations Derived from EPT) and invvpid (Invalidate Translations Based on VPID) instructions. On hosts with an Intel processor and invept/invppid VM exit support, an unprivileged guest user could use these instructions to crash the guest. (CVE-2014-3645, CVE-2014-3646, Moderate) * A use-after-free flaw was found in the way the Linux kernel's Advanced Linux Sound Architecture (ALSA) implementation handled user controls. A local, privileged user could use this flaw to crash the system. (CVE-2014-4653, Moderate) Red Hat would like to thank Lars Bull of Google for reporting CVE-2014-3611, and the Advanced Threat Research team at Intel Security for reporting CVE-2014-3645 and CVE-2014-3646. Bug fixes: * A known issue that could prevent Chelsio adapters using the cxgb4 driver from being initialized on IBM POWER8 systems has been fixed. These adapters can now be used on IBM POWER8 systems as expected. (BZ#1130548) * When bringing a hot-added CPU online, the kernel did not initialize a CPU mask properly, which could result in a kernel panic. This update corrects the bug by ensuring that the CPU mask is properly initialized and the correct NUMA node selected. (BZ#1134715) * The kernel could fail to bring a CPU online if the hardware supported both, the acpi-cpufreq and intel_pstate modules. This update ensures that the acpi-cpufreq module is not loaded in the intel_pstate module is loaded. (BZ#1134716) * Due to a bug in the time accounting of the kernel scheduler, a divide error could occur when hot adding a CPU. To fix this problem, the kernel scheduler time accounting has been reworked. (BZ#1134717) * The kernel did not handle exceptions caused by an invalid floating point control (FPC) register, resulting in a kernel oops. This problem has been fixed by placing the label to handle these exceptions to the correct place in the code. (BZ#1138733) * A previous change to the kernel for the PowerPC architecture changed implementation of the compat_sys_sendfile() function. Consequently, the 64-bit sendfile() system call stopped working for files larger than 2 GB on PowerPC. This update restores previous behavior of sendfile() on PowerPC, and it again process files bigger than 2 GB as expected. (BZ#1139126) * Previously, the kernel scheduler could schedule a CPU topology update even though the topology did not change. This could negatively affect the CPU load balancing, cause degradation of the system performance, and eventually result in a kernel oops. This problem has been fixed by skipping the CPU topology update if the topology has not actually changed. (BZ#1140300) * Previously, recovery of a double-degraded RAID6 array could, under certain circumstances, result in data corruption. This could happen because the md driver was using an optimization that is safe to use only for single-degraded arrays. This update ensures that this optimization is skipped during the recovery of double-degraded RAID6 arrays. (BZ#1143850) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
Applies to:
kernel
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28254
Title:
oval:org.mitre.oval:def:28254: ELSA-2014-1924 -- thunderbird security update
Type:
Software
Bulletins:
MITRE:28254
Severity:
Low
Description:
[31.3.0-1.0.1.el6_6] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [31.3.0-1] - Update to 31.3.0
Applies to:
thunderbird
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28435
Title:
oval:org.mitre.oval:def:28435: RHSA-2014:1870 -- libXfont security update
Type:
Software
Bulletins:
MITRE:28435
Severity:
Low
Description:
The libXfont packages provide the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. A use-after-free flaw was found in the way libXfont processed certain font files when attempting to add a new directory to the font path. A malicious, local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server. (CVE-2014-0209) Multiple out-of-bounds write flaws were found in the way libXfont parsed replies received from an X.org font server. A malicious X.org server could cause an X client to crash or, possibly, execute arbitrary code with the privileges of the X.Org server. (CVE-2014-0210, CVE-2014-0211) Red Hat would like to thank the X.org project for reporting these issues. Upstream acknowledges Ilja van Sprundel as the original reporter. Users of libXfont should upgrade to these updated packages, which contain a backported patch to resolve this issue. All running X.Org server instances must be restarted for the update to take effect.
Applies to:
libXfont
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28139
Title:
oval:org.mitre.oval:def:28139: RHSA-2014:1948 -- nss, nss-util, and nss-softokn security, bug fix, and enhancement update
Type:
Miscellaneous
Bulletins:
MITRE:28139
Severity:
Low
Description:
Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication.
Applies to:
nss
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:27526
Title:
oval:org.mitre.oval:def:27526: SUSE-SU-2014:1360-1 -- Security update for flash-player
Type:
Software
Bulletins:
MITRE:27526
Severity:
Low
Description:
This update fixes multiple code execution vulnerabilities in flash-player (APSB14-22). CVE-2014-0564, CVE-2014-0558 and CVE-2014-0569 have been assigned to this issue. Security Issues: * CVE-2014-0569 * CVE-2014-0564 * CVE-2014-0558
Applies to:
flash-player
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28389
Title:
oval:org.mitre.oval:def:28389: RHSA-2014:1859 -- mysql55-mysql security update
Type:
Software
Bulletins:
MITRE:28389
Severity:
Low
Description:
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2014-2494, CVE-2014-4207, CVE-2014-4243, CVE-2014-4258, CVE-2014-4260, CVE-2014-4287, CVE-2014-4274, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6484, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559) These updated packages upgrade MySQL to version 5.5.40. Refer to the MySQL Release Notes listed in the References section for a complete list of changes. All MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
Applies to:
mysql55-mysql
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28194
Title:
oval:org.mitre.oval:def:28194: SUSE-SU-2014:1442-1 -- Security update for flash-player
Type:
Software
Bulletins:
MITRE:28194
Severity:
Low
Description:
flash-player was updated to version 11.2.202.418 to fix 18 security issues: * Memory corruption vulnerabilities that could lead to code execution (CVE-2014-0576, CVE-2014-0581, CVE-2014-8440, CVE-2014-8441). * Use-after-free vulnerabilities that could lead to code execution (CVE-2014-0573, CVE-2014-0588, CVE-2014-8438). * A double free vulnerability that could lead to code execution (CVE-2014-0574). * Type confusion vulnerabilities that could lead to code execution (CVE-2014-0577, CVE-2014-0584, CVE-2014-0585, CVE-2014-0586, CVE-2014-0590). * Heap buffer overflow vulnerabilities that could lead to code execution (CVE-2014-0582, CVE-2014-0589). * An information disclosure vulnerability that could be exploited to disclose session tokens (CVE-2014-8437). * A heap buffer overflow vulnerability that could be exploited to perform privilege escalation from low to medium integrity level (CVE-2014-0583). * A permission issue that could be exploited to perform privilege escalation from low to medium integrity level (CVE-2014-8442). Further information can be found at http://helpx.adobe.com/security/products/flash-player/apsb14-24.html
Applies to:
flash-player
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:27716
Title:
oval:org.mitre.oval:def:27716: RHSA-2014:1893 -- libXfont security update
Type:
Software
Bulletins:
MITRE:27716
Severity:
Low
Description:
The libXfont packages provide the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. A use-after-free flaw was found in the way libXfont processed certain font files when attempting to add a new directory to the font path. A malicious, local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server. (CVE-2014-0209) Multiple out-of-bounds write flaws were found in the way libXfont parsed replies received from an X.org font server. A malicious X.org server could cause an X client to crash or, possibly, execute arbitrary code with the privileges of the X.Org server. (CVE-2014-0210, CVE-2014-0211) Red Hat would like to thank the X.org project for reporting these issues. Upstream acknowledges Ilja van Sprundel as the original reporter. Users of libXfont should upgrade to these updated packages, which contain a backported patch to resolve this issue. All running X.Org server instances must be restarted for the update to take effect.
Applies to:
libXfont
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28374
Title:
oval:org.mitre.oval:def:28374: RHSA-2014:1803 -- mod_auth_mellon security update
Type:
Software
Bulletins:
MITRE:28374
Severity:
Low
Description:
mod_auth_mellon provides a SAML 2.0 authentication module for the Apache HTTP Server. An information disclosure flaw was found in mod_auth_mellon's session handling that could lead to sessions overlapping in memory. A remote attacker could potentially use this flaw to obtain data from another user's session. (CVE-2014-8566) It was found that uninitialized data could be read when processing a user's logout request. By attempting to log out, a user could possibly cause the Apache HTTP Server to crash. (CVE-2014-8567) Red Hat would like to thank the mod_auth_mellon team for reporting these issues. Upstream acknowledges Matthew Slowe as the original reporter of CVE-2014-8566. All users of mod_auth_mellon are advised to upgrade to this updated package, which contains a backported patch to correct these issues.
Applies to:
mod_auth_mellon
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:27775
Title:
oval:org.mitre.oval:def:27775: ELSA-2014-1959-1 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:27775
Severity:
Low
Description:
kernel [2.6.18-400.0.0.0.1] - [net] fix tcp_trim_head() (James Li) [orabug 14512145, 19219078] - ocfs2: dlm: fix recovery hung (Junxiao Bi) [orabug 13956772] - i386: fix MTRR code (Zhenzhong Duan) [orabug 15862649] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]
Applies to:
kernel
Created:
2014-12-08
Updated:
2015-03-16

ID:
MITRE:28459
Title:
oval:org.mitre.oval:def:28459: RHSA-2014:1924 -- thunderbird security update
Type:
Software
Bulletins:
MITRE:28459
Severity:
Low
Description:
Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1587, CVE-2014-1590, CVE-2014-1592, CVE-2014-1593) A flaw was found in the Alarm API, which could allow applications to schedule actions to be run in the future. A malicious web application could use this flaw to bypass the same-origin policy. (CVE-2014-1594) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. This update disables SSL 3.0 support by default in Thunderbird. Details on how to re-enable SSL 3.0 support are available at: https://access.redhat.com/articles/1284233 Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Gary Kwong, Randell Jesup, Nils Ohlmeier, Jesse Ruderman, Max Jonas Werner, Joe Vennix, Berend-Jan Wever, Abhishek Arya, and Boris Zbarsky as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 31.3.0. You can find a link to the Mozilla advisories in the References section of this erratum. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 31.3.0, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect.
Applies to:
thunderbird
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28295
Title:
oval:org.mitre.oval:def:28295: RHSA-2014:1959 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:28295
Severity:
Low
Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the permission checks performed by the Linux kernel when a netlink message was received were not sufficient. A local, unprivileged user could potentially bypass these restrictions by passing a netlink socket as stdout or stderr to a more privileged process and altering the output of this process. (CVE-2014-0181, Moderate) Red Hat would like to thank Andy Lutomirski for reporting this issue. This update also fixes the following bugs: * Previously, the kernel did not successfully deliver multicast packets when the multicast querier was disabled. Consequently, the corosync utility terminated unexpectedly and the affected storage node did not join its intended cluster. With this update, multicast packets are delivered properly when the multicast querier is disabled, and corosync handles the node as expected. (BZ#902454) * Previously, the kernel wrote the metadata contained in all system information blocks on a single page of the /proc/sysinfo file. However, when the machine configuration was very extensive and the data did not fit on a single page, the system overwrote random memory regions, which in turn caused data corruption when reading the /proc/sysconf file. With this update, /proc/sysinfo automatically allocates a larger buffer if the data output does not fit the current buffer, which prevents the data corruption. (BZ#1131283) * Prior to this update, the it_real_fn() function did not, in certain cases, successfully acquire the SIGLOCK signal when the do_setitimer() function used the ITIMER_REAL timer. As a consequence, the current process entered an endless loop and became unresponsive. This update fixes the bug and it_real_fn() no longer causes the kernel to become unresponsive. (BZ#1134654) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
Applies to:
kernel
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:27549
Title:
oval:org.mitre.oval:def:27549: ELSA-2014-3095 -- docker security and bug fix update
Type:
Software
Bulletins:
MITRE:27549
Severity:
Low
Description:
[1.3.2-1.0.1] - Rename requirement of docker-io-pkg-devel in %package devel as docker-pkg-devel - Restore SysV init scripts for Oracle Linux 6 - Require Oracle Unbreakable Enterprise Kernel Release 3 or higher - Rename as docker. - Re-enable btrfs graphdriver support [1.3.2-1] - Update source to 1.3.2 from https://github.com/docker/docker/releases/tag/v1.3.2 Prevent host privilege escalation from an image extraction vulnerability (CVE-2014-6407). Prevent container escalation from malicious security options applied to images (CVE-2014-6408). The '--insecure-registry' flag of the 'docker run' command has undergone several refinements and additions. You can now specify a sub-net in order to set a range of registries which the Docker daemon will consider insecure. By default, Docker now defines 'localhost' as an insecure registry. Registries can now be referenced using the Classless Inter-Domain Routing (CIDR) format. When mirroring is enabled, the experimental registry v2 API is skipped. [1.3.1-2] - Remove pandoc from build reqs [1.3.1-1] - update to v1.3.1 [1.3.0-1] - Resolves: rhbz#1153936 - update to v1.3.0 - iptables=false => ip-masq=false [1.2.0-3] - Resolves: rhbz#1139415 - correct path for bash completion /usr/share/bash-completion/completions - sysvinit script update as per upstream commit 640d2ef6f54d96ac4fc3f0f745cb1e6a35148607 - dont own dirs for vim highlighting, bash completion and udev [1.2.0-2] - Resolves: rhbz#1145660 - support /etc/sysconfig/docker-storage From: Colin Walters - patch to ignore selinux if its disabled https://github.com/docker/docker/commit/9e2eb0f1cc3c4ef000e139f1d85a20f0e00971e6 From: Dan Walsh - Resolves: rhbz#1139415 - correct path for bash completion - init script waits upto 5 mins before terminating daemon [1.2.0-1] - Resolves: rhbz#1132824 - update to v1.2.0
Applies to:
docker
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:27507
Title:
oval:org.mitre.oval:def:27507: RHSA-2014:1956 -- wpa_supplicant security update
Type:
Software
Bulletins:
MITRE:27507
Severity:
Low
Description:
The wpa_supplicant package contains an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. It implements key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. A command injection flaw was found in the way the wpa_cli utility executed action scripts. If wpa_cli was run in daemon mode to execute an action script (specified using the -a command line option), and wpa_supplicant was configured to connect to a P2P group, malicious P2P group parameters could cause wpa_cli to execute arbitrary code. (CVE-2014-3686) Red Hat would like to thank Jouni Malinen for reporting this issue. All wpa_supplicant users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
Applies to:
wpa_supplicant
Created:
2014-12-08
Updated:
2015-02-23

ID:
MITRE:27935
Title:
oval:org.mitre.oval:def:27935: RHSA-2014:1912 -- ruby security update
Type:
Software
Bulletins:
MITRE:27935
Severity:
Low
Description:
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Multiple denial of service flaws were found in the way the Ruby REXML XML parser performed expansion of parameter entities. A specially crafted XML document could cause REXML to use an excessive amount of CPU and memory. (CVE-2014-8080, CVE-2014-8090) A stack-based buffer overflow was found in the implementation of the Ruby Array pack() method. When performing base64 encoding, a single byte could be written past the end of the buffer, possibly causing Ruby to crash. (CVE-2014-4975) The CVE-2014-8090 issue was discovered by Red Hat Product Security. All ruby users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of Ruby need to be restarted for this update to take effect.
Applies to:
ruby
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28472
Title:
oval:org.mitre.oval:def:28472: SUSE-SU-2014:1544-1 -- Security update for LibreOffice
Type:
Software
Bulletins:
MITRE:28472
Severity:
Low
Description:
LibreOffice was updated to fix two security issues. These security issues have been fixed: * "Document as E-mail" vulnerability (bnc#900218). * Impress remote control use-after-free vulnerability (CVE-2014-3693). Security Issues: * CVE-2014-3693
Applies to:
LibreOffice
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:27610
Title:
oval:org.mitre.oval:def:27610: RHSA-2014:1861 -- mariadb security update
Type:
Software
Bulletins:
MITRE:27610
Severity:
Low
Description:
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2014-2494, CVE-2014-4207, CVE-2014-4243, CVE-2014-4258, CVE-2014-4260, CVE-2014-4287, CVE-2014-4274, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6484, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559) These updated packages upgrade MariaDB to version 5.5.40. Refer to the MariaDB Release Notes listed in the References section for a complete list of changes. All MariaDB users should upgrade to these updated packages, which correct these issues. After installing this update, the MariaDB server daemon (mysqld) will be restarted automatically.
Applies to:
mariadb
Created:
2014-12-08
Updated:
2015-02-23

ID:
MITRE:28461
Title:
oval:org.mitre.oval:def:28461: SUSE-SU-2014:1423-1 -- Security update for flash-player
Type:
Software
Bulletins:
MITRE:28461
Severity:
Low
Description:
Adobe Flash Player was updated to 11.2.202.411, fixing security issues and bugs. For more information please read: http://helpx.adobe.com/security/products/flash-player/apsb14-22.html
Applies to:
flash-player
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:27540
Title:
oval:org.mitre.oval:def:27540: SUSE-SU-2014:1511-1 -- Security update for python, python-base, python-doc
Type:
Software
Bulletins:
MITRE:27540
Severity:
Low
Description:
ython, python-base, python-doc was updated to fix one security issue. This security issue was fixed: - Fixed potential buffer overflow in buffer() (CVE-2014-7185).
Applies to:
python
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28369
Title:
oval:org.mitre.oval:def:28369: ELSA-2014-1859 -- mysql55-mysql security update
Type:
Software
Bulletins:
MITRE:28369
Severity:
Low
Description:
[5.5.40-2] filter perl(GD) from Requires (perl-gd is not available for RHEL5) Resolves: #1160514 [5.5.40-1] - Rebase to 5.5.40 Also fixes: CVE-2014-4274 CVE-2014-4287 CVE-2014-6463 CVE-2014-6464 CVE-2014-6469 CVE-2014-6484 CVE-2014-6505 CVE-2014-6507 CVE-2014-6520 CVE-2014-6530 CVE-2014-6551 CVE-2014-6555 CVE-2014-6559 CVE-2014-6564 Resolves: #1160514
Applies to:
mysql55-mysql
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28326
Title:
oval:org.mitre.oval:def:28326: RHSA-2014:1768 -- php53 security update
Type:
Software
Bulletins:
MITRE:28326
Severity:
Low
Description:
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. (CVE-2014-3670) An integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669) An out-of-bounds read flaw was found in the way the File Information (fileinfo) extension parsed Executable and Linkable Format (ELF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted ELF file. (CVE-2014-3710) An out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash. (CVE-2014-3668) The CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat Product Security. All php53 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
Applies to:
php53
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28457
Title:
oval:org.mitre.oval:def:28457: SUSE-SU-2014:1387-1 -- Security update for OpenSSL
Type:
Services
Bulletins:
MITRE:28457
Severity:
Low
Description:
This OpenSSL update fixes the following issues: * Session Ticket Memory Leak (CVE-2014-3567) * Build option no-ssl3 is incomplete ((CVE-2014-3568) * Add support for TLS_FALLBACK_SCSV to mitigate CVE-2014-3566 (POODLE) Security Issues: * CVE-2014-3567 * CVE-2014-3566 * CVE-2014-3568
Applies to:
OpenSSL
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28315
Title:
oval:org.mitre.oval:def:28315: SUSE-SU-2014:1178-1 -- Update for update-test-security
Type:
Miscellaneous
Bulletins:
MITRE:28315
Severity:
Low
Description:
This is a security update to test the software update stack.
Applies to:
update-test-security
Created:
2014-12-08
Updated:
2015-03-16

ID:
MITRE:28027
Title:
oval:org.mitre.oval:def:28027: ELSA-2014-1911 -- ruby security update
Type:
Software
Bulletins:
MITRE:28027
Severity:
Low
Description:
[1.8.7.374-3] - Fix REXML billion laughs attack via parameter entity expansion (CVE-2014-8080). Resolves: rhbz#1163993 - REXML incomplete fix for CVE-2014-8080 (CVE-2014-8090). Resolves: rhbz#1163993
Applies to:
ruby
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28208
Title:
oval:org.mitre.oval:def:28208: RHSA-2014:1826 -- libvncserver security update
Type:
Software
Bulletins:
MITRE:28208
Severity:
Low
Description:
LibVNCServer is a library that allows for easy creation of VNC server or client functionality. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way screen sizes were handled by LibVNCServer. A malicious VNC server could use this flaw to cause a client to crash or, potentially, execute arbitrary code in the client. (CVE-2014-6051) A NULL pointer dereference flaw was found in LibVNCServer's framebuffer setup. A malicious VNC server could use this flaw to cause a VNC client to crash. (CVE-2014-6052) A NULL pointer dereference flaw was found in the way LibVNCServer handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client. (CVE-2014-6053) A divide-by-zero flaw was found in the way LibVNCServer handled the scaling factor when it was set to "0". A remote attacker could use this flaw to crash the VNC server using a malicious VNC client. (CVE-2014-6054) Two stack-based buffer overflow flaws were found in the way LibVNCServer handled file transfers. A remote attacker could use this flaw to crash the VNC server using a malicious VNC client. (CVE-2014-6055) Red Hat would like to thank oCERT for reporting these issues. oCERT acknowledges Nicolas Ruff as the original reporter. All libvncserver users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running applications linked against libvncserver must be restarted for this update to take effect.
Applies to:
libvncserver
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28378
Title:
oval:org.mitre.oval:def:28378: ELSA-2014-1873 -- libvirt security and bug fix update
Type:
Software
Bulletins:
MITRE:28378
Severity:
Low
Description:
[0.10.2-46.0.1.el6_6.2] - Replace docs/et.png in tarball with blank image [0.10.2-46.el6_6.2] - qemu: allow restore with non-migratable XML input (rhbz#1155564) - qemu: Introduce qemuDomainDefCheckABIStability (rhbz#1155564) - Make ABI stability issue easier to debug (rhbz#1155564) - CVE-2014-3633: qemu: blkiotune: Use correct definition when looking up disk (CVE-2014-3633) - domain_conf: fix domain deadlock (CVE-2014-3657) - CVE-2014-7823: dumpxml: security hole with migratable flag (CVE-2014-7823)
Applies to:
libvirt
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28313
Title:
oval:org.mitre.oval:def:28313: RHSA-2014:1873 -- libvirt security and bug fix update
Type:
Software
Bulletins:
MITRE:28313
Severity:
Low
Description:
The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. An out-of-bounds read flaw was found in the way libvirt's qemuDomainGetBlockIoTune() function looked up the disk index in a non-persistent (live) disk configuration while a persistent disk configuration was being indexed. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd or, potentially, leak memory from the libvirtd process. (CVE-2014-3633) A denial of service flaw was found in the way libvirt's virConnectListAllDomains() function computed the number of used domains. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to make any domain operations within libvirt unresponsive. (CVE-2014-3657) It was found that when the VIR_DOMAIN_XML_MIGRATABLE flag was used, the QEMU driver implementation of the virDomainGetXMLDesc() function could bypass the restrictions of the VIR_DOMAIN_XML_SECURE flag. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to leak certain limited information from the domain XML data. (CVE-2014-7823) The CVE-2014-3633 issue was discovered by Luyao Huang of Red Hat. This update also fixes the following bug: When dumping migratable XML configuration of a domain, libvirt removes some automatically added devices for compatibility with older libvirt releases. If such XML is passed to libvirt as a domain XML that should be used during migration, libvirt checks this XML for compatibility with the internally stored configuration of the domain. However, prior to this update, these checks failed because of devices that were missing (the same devices libvirt removed). As a consequence, migration with user-supplied migratable XML failed. Since this feature is used by OpenStack, migrating QEMU/KVM domains with OpenStack always failed. With this update, before checking domain configurations for compatibility, libvirt transforms both user-supplied and internal configuration into a migratable form (automatically added devices are removed) and checks those instead. Thus, no matter whether the user-supplied configuration was generated as migratable or not, libvirt does not err about missing devices, and migration succeeds as expected. (BZ#1155564) All libvirt users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, libvirtd will be restarted automatically.
Applies to:
libvirt
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:27830
Title:
oval:org.mitre.oval:def:27830: SUSE-SU-2014:1260-1 -- bash
Type:
Software
Bulletins:
MITRE:27830
Severity:
Low
Description:
Bash was updated to fix unexpected code execution with environment variables (CVE-2014-6271).
Applies to:
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28277
Title:
oval:org.mitre.oval:def:28277: SUSE-SU-2014:1392-1 -- Security update for Java OpenJDK
Type:
Miscellaneous
Bulletins:
MITRE:28277
Severity:
Low
Description:
Oracle Critical Patch Update Advisory - October 2014 Description: A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Find more information here: http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
Applies to:
Java OpenJDK
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28030
Title:
oval:org.mitre.oval:def:28030: RHSA-2014:1767 -- php security update
Type:
Web
Bulletins:
MITRE:28030
Severity:
Low
Description:
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. (CVE-2014-3670) An integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669) An out-of-bounds read flaw was found in the way the File Information (fileinfo) extension parsed Executable and Linkable Format (ELF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted ELF file. (CVE-2014-3710) An out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash. (CVE-2014-3668) The CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat Product Security. All php users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
Applies to:
php
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28432
Title:
oval:org.mitre.oval:def:28432: SUSE-SU-2014:1438-1 -- update for rsyslog
Type:
Software
Bulletins:
MITRE:28432
Severity:
Low
Description:
This update for rsyslog provides the following fixes: - Fixed remote PRI DoS vulnerability patch (CVE-2014-3683, bnc#899756) - Removed broken, unsupported and dropped by upstream zpipe utility from rsyslog-diag-tools package (bnc#890228)
Applies to:
rsyslog
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28250
Title:
oval:org.mitre.oval:def:28250: SUSE-SU-2014:1465-1 -- Security update for flash-player
Type:
Software
Bulletins:
MITRE:28250
Severity:
Low
Description:
flash-player was updated to version 11.2.202.418 to fix 18 security issues. These security issues were fixed: - Memory corruption vulnerabilities that could lead to code execution (CVE-2014-0576, CVE-2014-0581, CVE-2014-8440, CVE-2014-8441). - Use-after-free vulnerabilities that could lead to code execution (CVE-2014-0573, CVE-2014-0588, CVE-2014-8438). - A double free vulnerability that could lead to code execution (CVE-2014-0574). - Type confusion vulnerabilities that could lead to code execution (CVE-2014-0577, CVE-2014-0584, CVE-2014-0585, CVE-2014-0586, CVE-2014-0590). - Heap buffer overflow vulnerabilities that could lead to code execution (CVE-2014-0582, CVE-2014-0589). - An information disclosure vulnerability that could be exploited to disclose session tokens (CVE-2014-8437). - A heap buffer overflow vulnerability that could be exploited to perform privilege escalation from low to medium integrity level (CVE-2014-0583). - A permission issue that could be exploited to perform privilege escalation from low to medium integrity level (CVE-2014-8442). More information can be found at http://helpx.adobe.com/security/products/flash-player/apsb14-24.html
Applies to:
flash-player
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28507
Title:
oval:org.mitre.oval:def:28507: SUSE-SU-2014:1408-1 -- Security update for wget
Type:
Software
Bulletins:
MITRE:28507
Severity:
Low
Description:
wget was updated to fix one security issue: * FTP symbolic link arbitrary filesystem access (CVE-2014-4877). Security Issues: * CVE-2014-4877
Applies to:
wget
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28039
Title:
oval:org.mitre.oval:def:28039: RHSA-2014:1827 -- kdenetwork security update
Type:
Software
Bulletins:
MITRE:28039
Severity:
Low
Description:
The kdenetwork packages contain networking applications for the K Desktop Environment (KDE). Krfb Desktop Sharing, which is a part of the kdenetwork package, is a server application that allows session sharing between users. Krfb uses the LibVNCServer library. A NULL pointer dereference flaw was found in the way LibVNCServer handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client. (CVE-2014-6053) A divide-by-zero flaw was found in the way LibVNCServer handled the scaling factor when it was set to "0". A remote attacker could use this flaw to crash the VNC server using a malicious VNC client. (CVE-2014-6054) Two stack-based buffer overflow flaws were found in the way LibVNCServer handled file transfers. A remote attacker could use this flaw to crash the VNC server using a malicious VNC client. (CVE-2014-6055) Red Hat would like to thank oCERT for reporting these issues. oCERT acknowledges Nicolas Ruff as the original reporter. Note: Prior to this update, the kdenetwork packages used an embedded copy of the LibVNCServer library. With this update, the kdenetwork packages have been modified to use the system LibVNCServer packages. Therefore, the update provided by RHSA-2014:1826 must be installed to fully address the issues in krfb described above. All kdenetwork users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of the krfb server must be restarted for this update to take effect.
Applies to:
kdenetwork
Created:
2014-12-08
Updated:
2015-02-23

ID:
MITRE:27983
Title:
oval:org.mitre.oval:def:27983: RHSA-2014:1919 -- firefox security update
Type:
Software
Bulletins:
MITRE:27983
Severity:
Low
Description:
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1587, CVE-2014-1590, CVE-2014-1592, CVE-2014-1593) A flaw was found in the Alarm API, which could allow applications to schedule actions to be run in the future. A malicious web application could use this flaw to bypass the same-origin policy. (CVE-2014-1594) This update disables SSL 3.0 support by default in Firefox. Details on how to re-enable SSL 3.0 support are available at: https://access.redhat.com/articles/1283153 Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Gary Kwong, Randell Jesup, Nils Ohlmeier, Jesse Ruderman, Max Jonas Werner, Joe Vennix, Berend-Jan Wever, Abhishek Arya, and Boris Zbarsky as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 31.3.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to these updated packages, which contain Firefox version 31.3.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
Applies to:
firefox
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28263
Title:
oval:org.mitre.oval:def:28263: ELSA-2014-3094 -- bash security update
Type:
Software
Bulletins:
MITRE:28263
Severity:
Low
Description:
[3.2-33.4.0.1] - Fix segfaults from CVE-2014-6277 and CVE-2014-6278 completely. [orabug 19905421]
Applies to:
bash
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28481
Title:
oval:org.mitre.oval:def:28481: SUSE-SU-2014:1512-1 -- Security update for compat-openssl098
Type:
Miscellaneous
Bulletins:
MITRE:28481
Severity:
Low
Description:
compat-openssl098 was updated to fix three security issues. NOTE: this update alone DOESN'T FIX the POODLE SSL protocol vulnerability. OpenSSL only adds downgrade detection support for client applications. See https://www.suse.com/support/kb/doc.php?id=7015773 for mitigations. These security issues were fixed: - Session ticket memory leak (CVE-2014-3567). - Fixed build option no-ssl3 (CVE-2014-3568). - Added support for TLS_FALLBACK_SCSV (CVE-2014-3566).
Applies to:
compat-openssl098
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:27738
Title:
oval:org.mitre.oval:def:27738: ELSA-2014-1948 -- nss, nss-util, and nss-softokn security, bug fix, and enhancement update
Type:
Miscellaneous
Bulletins:
MITRE:27738
Severity:
Low
Description:
[3.16.2.3-2.0.1.el7_0] - Added nss-vendor.patch to change vendor [3.16.2.3-2] - Restore patch for certutil man page - supply missing options descriptions - Resolves: Bug 1165525 - Upgrade to NSS 3.16.2.3 for Firefox 31.3
Applies to:
nss
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28375
Title:
oval:org.mitre.oval:def:28375: RHSA-2014:1795 -- cups-filters security update
Type:
Software
Bulletins:
MITRE:28375
Severity:
Low
Description:
The cups-filters package contains backends, filters, and other software that was once part of the core CUPS distribution but is now maintained independently. An out-of-bounds read flaw was found in the way the process_browse_data() function of cups-browsed handled certain browse packets. A remote attacker could send a specially crafted browse packet that, when processed by cups-browsed, would crash the cups-browsed daemon. (CVE-2014-4337) A flaw was found in the way the cups-browsed daemon interpreted the "BrowseAllow" directive in the cups-browsed.conf file. An attacker able to add a malformed "BrowseAllow" directive to the cups-browsed.conf file could use this flaw to bypass intended access restrictions. (CVE-2014-4338) All cups-filters users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the cups-browsed daemon will be restarted automatically.
Applies to:
cups-filters
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:27477
Title:
oval:org.mitre.oval:def:27477: ELSA-2014-1861 -- mariadb security update
Type:
Software
Bulletins:
MITRE:27477
Severity:
Low
Description:
[1:5.5.40-1] - Rebase to 5.5.40 Also fixes: CVE-2014-4274 CVE-2014-4287 CVE-2014-6463 CVE-2014-6464 CVE-2014-6469 CVE-2014-6484 CVE-2014-6505 CVE-2014-6507 CVE-2014-6520 CVE-2014-6530 CVE-2014-6551 CVE-2014-6555 CVE-2014-6559 CVE-2014-6564 Resolves: #1160548 [1:5.5.37-1] - Rebase to 5.5.37 https://kb.askmonty.org/en/mariadb-5537-changelog/ Also fixes: CVE-2014-2440 CVE-2014-0384 CVE-2014-2432 CVE-2014-2431 CVE-2014-2430 CVE-2014-2436 CVE-2014-2438 CVE-2014-2419 Resolves: #1101062
Applies to:
mariadb
Created:
2014-12-08
Updated:
2015-02-23

ID:
MITRE:28252
Title:
oval:org.mitre.oval:def:28252: SUSE-SU-2014:1542-1 -- Security update for flash-player
Type:
Software
Bulletins:
MITRE:28252
Severity:
Low
Description:
flash-player was updated to fix one security issue. This security issue was fixed: - Hardening against a code execution flaw (CVE-2014-8439).
Applies to:
flash-player
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28373
Title:
oval:org.mitre.oval:def:28373: ELSA-2014-3096 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:28373
Severity:
Low
Description:
Unbreakable Enterprise kernel security update
Applies to:
kernel-uek
Created:
2014-12-08
Updated:
2015-03-16

ID:
MITRE:28354
Title:
oval:org.mitre.oval:def:28354: RHSA-2014:1764 -- wget security update
Type:
Software
Bulletins:
MITRE:28354
Severity:
Low
Description:
The wget package provides the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. A flaw was found in the way Wget handled symbolic links. A malicious FTP server could allow Wget running in the mirror mode (using the '-m' command line option) to write an arbitrary file to a location writable to by the user running Wget, possibly leading to code execution. (CVE-2014-4877) Note: This update changes the default value of the --retr-symlinks option. The file symbolic links are now traversed by default and pointed-to files are retrieved rather than creating a symbolic link locally. Red Hat would like to thank the GNU Wget project for reporting this issue. Upstream acknowledges HD Moore of Rapid7, Inc as the original reporter. All users of wget are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
Applies to:
wget
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28414
Title:
oval:org.mitre.oval:def:28414: ELSA-2014-1893 -- libXfont security update
Type:
Software
Bulletins:
MITRE:28414
Severity:
Low
Description:
[1.2.2-1.0.6] - CVE-2014-0209: integer overflow of allocations in font metadata file parsing (bug 1163602, bug 1163601) - CVE-2014-0210: unvalidated length fields when parsing xfs protocol replies (bug 1163602, bug 1163601) - CVE-2014-0211: integer overflows calculating memory needs for xfs replies (bug 1163602, bug 1163601)
Applies to:
libXfont
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:27612
Title:
oval:org.mitre.oval:def:27612: RHSA-2014:1801 -- shim security update
Type:
Software
Bulletins:
MITRE:27612
Severity:
Low
Description:
Shim is the initial UEFI bootloader that handles chaining to a trusted full bootloader under secure boot environments. A heap-based buffer overflow flaw was found the way shim parsed certain IPv6 addresses. If IPv6 network booting was enabled, a malicious server could supply a crafted IPv6 address that would cause shim to crash or, potentially, execute arbitrary code. (CVE-2014-3676) An out-of-bounds memory write flaw was found in the way shim processed certain Machine Owner Keys (MOKs). A local attacker could potentially use this flaw to execute arbitrary code on the system. (CVE-2014-3677) An out-of-bounds memory read flaw was found in the way shim parsed certain IPv6 packets. A specially crafted DHCPv6 packet could possibly cause shim to crash, preventing the system from booting if IPv6 booting was enabled. (CVE-2014-3675) Red Hat would like to thank the SUSE Security Team for reporting these issues. All shim users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
Applies to:
shim
shim-signed
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28237
Title:
oval:org.mitre.oval:def:28237: ELSA-2014-3092 -- bash security update
Type:
Software
Bulletins:
MITRE:28237
Severity:
Low
Description:
[4.2.45-5.4.0.1] - Fix segfaults from CVE-2014-6277 and CVE-2014-6278 completely. [orabug 19905256]
Applies to:
bash
Created:
2014-12-08
Updated:
2015-01-26

ID:
MITRE:28325
Title:
oval:org.mitre.oval:def:28325: SUSE-SU-2014:1422-1 -- Security update for java-1_7_0-openjdk
Type:
Software
Bulletins:
MITRE:28325
Severity:
Low
Description:
OpenJDK was updated to icedtea 2.5.3 (OpenJDK 7u71) fixing security issues and bugs. * Security: - S8015256: Better class accessibility - S8022783, CVE-2014-6504: Optimize C2 optimizations - S8035162: Service printing service - S8035781: Improve equality for annotations - S8036805: Correct linker method lookup. - S8036810: Correct linker field lookup - S8036936: Use local locales - S8037066, CVE-2014-6457: Secure transport layer - S8037846, CVE-2014-6558: Ensure streaming of input cipher streams - S8038364: Use certificate exceptions correctly - S8038899: Safer safepoints - S8038903: More native monitor monitoring - S8038908: Make Signature more robust - S8038913: Bolster XML support - S8039509, CVE-2014-6512: Wrap sockets more thoroughly - S8039533, CVE-2014-6517: Higher resolution resolvers - S8041540, CVE-2014-6511: Better use of pages in font processing - S8041529: Better parameterization of parameter lists - S8041545: Better validation of generated rasters - S8041564, CVE-2014-6506: Improved management of logger resources - S8041717, CVE-2014-6519: Issue with class file parser - S8042609, CVE-2014-6513: Limit splashiness of splash images - S8042797, CVE-2014-6502: Avoid strawberries in LogRecord - S8044274, CVE-2014-6531: Proper property processing
Applies to:
java-1_7_0-openjdk
Created:
2014-12-08
Updated:
2015-01-26

ID:
CVE-2014-8004
Title:
Cisco IOS XR allows remote attackers to cause a denial of service (LISP process reload) by establishing many LISP TCP sessions, aka Bug ID CSCuq90378.
Type:
Hardware
Bulletins:
CVE-2014-8004
Severity:
Medium
Description:
Cisco IOS XR allows remote attackers to cause a denial of service (LISP process reload) by establishing many LISP TCP sessions, aka Bug ID CSCuq90378.
Applies to:
Created:
2014-11-25
Updated:
2017-07-05

ID:
CVE-2014-8005
Title:
Race condition in the lighttpd module in Cisco IOS XR 5.1 and earlier on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (process reload) by establishing many TCP sessions, aka Bug ID CSCuq45239.
Type:
Hardware
Bulletins:
CVE-2014-8005
SFBID71287
Severity:
Medium
Description:
Race condition in the lighttpd module in Cisco IOS XR 5.1 and earlier on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (process reload) by establishing many TCP sessions, aka Bug ID CSCuq45239.
Applies to:
Created:
2014-11-25
Updated:
2017-07-05

ID:
MITRE:28205
Title:
oval:org.mitre.oval:def:28205: Internet Explorer memory corruption vulnerability
Type:
Web
Bulletins:
MITRE:28205
CVE-2014-6353
Severity:
Low
Description:
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Applies to:
Microsoft Internet Explorer 10
Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Created:
2014-11-18
Updated:
2015-02-23

ID:
MITRE:28266
Title:
oval:org.mitre.oval:def:28266: Internet Explorer elevation of privilege vulnerability
Type:
Software
Bulletins:
MITRE:28266
CVE-2014-6349
Severity:
Low
Description:
Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-6350.
Applies to:
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Created:
2014-11-18
Updated:
2015-02-23

ID:
MITRE:27601
Title:
oval:org.mitre.oval:def:27601: Internet Explorer memory corruption vulnerability
Type:
Web
Bulletins:
MITRE:27601
CVE-2014-6351
Severity:
Low
Description:
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Applies to:
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Created:
2014-11-18
Updated:
2015-02-23

ID:
MITRE:28204
Title:
oval:org.mitre.oval:def:28204: Internet Explorer cross-domain information disclosure vulnerability
Type:
Software
Bulletins:
MITRE:28204
CVE-2014-6345
Severity:
Low
Description:
Microsoft Internet Explorer 9 and 10 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."
Applies to:
Microsoft Internet Explorer 10
Microsoft Internet Explorer 9
Created:
2014-11-18
Updated:
2015-02-23

ID:
MITRE:28334
Title:
oval:org.mitre.oval:def:28334: Internet Explorer Clipboard Information Disclosure Vulnerability
Type:
Web
Bulletins:
MITRE:28334
CVE-2014-6323
Severity:
Low
Description:
Microsoft Internet Explorer 7 through 11 allows remote attackers to obtain sensitive clipboard information via a crafted web site, aka "Internet Explorer Clipboard Information Disclosure Vulnerability."
Applies to:
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Created:
2014-11-18
Updated:
2015-02-23

ID:
MITRE:28358
Title:
oval:org.mitre.oval:def:28358: Internet Explorer memory corruption vulnerability
Type:
Software
Bulletins:
MITRE:28358
CVE-2014-6343
Severity:
Low
Description:
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Applies to:
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Microsoft Internet Explorer 9
Created:
2014-11-18
Updated:
2015-02-23

ID:
MITRE:28290
Title:
oval:org.mitre.oval:def:28290: Internet Explorer cross-domain information disclosure vulnerability
Type:
Web
Bulletins:
MITRE:28290
CVE-2014-6346
Severity:
Low
Description:
Microsoft Internet Explorer 8 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."
Applies to:
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Created:
2014-11-18
Updated:
2015-02-23

ID:
MITRE:28339
Title:
oval:org.mitre.oval:def:28339: Internet Explorer cross-domain information disclosure vulnerability.
Type:
Web
Bulletins:
MITRE:28339
CVE-2014-6340
Severity:
Low
Description:
Microsoft Internet Explorer 6 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."
Applies to:
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Created:
2014-11-18
Updated:
2015-02-23

ID:
MITRE:27897
Title:
oval:org.mitre.oval:def:27897: Internet Explorer elevation of privilege vulnerability
Type:
Software
Bulletins:
MITRE:27897
CVE-2014-6350
Severity:
Low
Description:
Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-6349.
Applies to:
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Created:
2014-11-18
Updated:
2015-02-23

ID:
MITRE:27356
Title:
oval:org.mitre.oval:def:27356: Internet Explorer memory corruption vulnerability
Type:
Web
Bulletins:
MITRE:27356
CVE-2014-4143
Severity:
Low
Description:
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6341.
Applies to:
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Created:
2014-11-18
Updated:
2015-02-23

ID:
MITRE:27372
Title:
oval:org.mitre.oval:def:27372: Internet Explorer memory corruption vulnerability
Type:
Software
Bulletins:
MITRE:27372
CVE-2014-6337
Severity:
Low
Description:
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Applies to:
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Created:
2014-11-18
Updated:
2015-02-23

ID:
MITRE:28177
Title:
oval:org.mitre.oval:def:28177: Internet Explorer memory corruption vulnerability
Type:
Web
Bulletins:
MITRE:28177
CVE-2014-6341
Severity:
Low
Description:
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4143.
Applies to:
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Created:
2014-11-18
Updated:
2015-02-23

ID:
CVE-2014-4451
Title:
Apple iOS before 8.1.1 does not properly enforce the failed-passcode limit, which makes it easier for physically proximate attackers to bypass the lock-screen protection mechanism via a series of guesses.
Type:
Mobile Devices
Bulletins:
CVE-2014-4451
SFBID71138
Severity:
High
Description:
Apple iOS before 8.1.1 does not properly enforce the failed-passcode limit, which makes it easier for physically proximate attackers to bypass the lock-screen protection mechanism via a series of guesses.
Applies to:
Created:
2014-11-18
Updated:
2017-07-05

ID:
CVE-2014-4452
Title:
WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different...
Type:
Mobile Devices
Bulletins:
CVE-2014-4452
SFBID71137
Severity:
Medium
Description:
WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4462.
Applies to:
Created:
2014-11-18
Updated:
2017-07-05

ID:
CVE-2014-4453
Title:
Apple iOS before 8.1.1 and OS X before 10.10.1 include location data during establishment of a Spotlight Suggestions server connection by Spotlight or Safari, which might allow remote attackers to obtain sensitive information via...
Type:
Mobile Devices
Bulletins:
CVE-2014-4453
SFBID71135
Severity:
Medium
Description:
Apple iOS before 8.1.1 and OS X before 10.10.1 include location data during establishment of a Spotlight Suggestions server connection by Spotlight or Safari, which might allow remote attackers to obtain sensitive information via unspecified vectors.
Applies to:
Created:
2014-11-18
Updated:
2017-07-05

ID:
CVE-2014-4455
Title:
dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly handle overlapping segments in Mach-O executable files, which allows local users to bypass intended code-signing restrictions via a crafted file.
Type:
Mobile Devices
Bulletins:
CVE-2014-4455
SFBID71140
Severity:
Low
Description:
dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly handle overlapping segments in Mach-O executable files, which allows local users to bypass intended code-signing restrictions via a crafted file.
Applies to:
Created:
2014-11-18
Updated:
2017-07-05

ID:
CVE-2014-4457
Title:
The Sandbox Profiles subsystem in Apple iOS before 8.1.1 does not properly implement the debugserver sandbox, which allows attackers to bypass intended binary-execution restrictions via a crafted application that is run during a time...
Type:
Mobile Devices
Bulletins:
CVE-2014-4457
SFBID71143
Severity:
High
Description:
The Sandbox Profiles subsystem in Apple iOS before 8.1.1 does not properly implement the debugserver sandbox, which allows attackers to bypass intended binary-execution restrictions via a crafted application that is run during a time period when debugging is not enabled.
Applies to:
Created:
2014-11-18
Updated:
2017-07-05

ID:
CVE-2014-4459
Title:
Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document.
Type:
Mobile Devices
Bulletins:
CVE-2014-4459
SFBID71144
Severity:
Medium
Description:
Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document.
Applies to:
Created:
2014-11-18
Updated:
2017-07-05

ID:
CVE-2014-4460
Title:
CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1 does not properly clear the browsing cache upon a transition out of private-browsing mode, which makes it easier for physically proximate attackers to obtain sensitive...
Type:
Mobile Devices
Bulletins:
CVE-2014-4460
SFBID71135
Severity:
Low
Description:
CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1 does not properly clear the browsing cache upon a transition out of private-browsing mode, which makes it easier for physically proximate attackers to obtain sensitive information by reading cache files.
Applies to:
Created:
2014-11-18
Updated:
2017-07-05

ID:
CVE-2014-4461
Title:
The kernel in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly validate IOSharedDataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted application.
Type:
Mobile Devices
Bulletins:
CVE-2014-4461
SFBID71136
Severity:
High
Description:
The kernel in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly validate IOSharedDataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted application.
Applies to:
Created:
2014-11-18
Updated:
2017-07-05

ID:
CVE-2014-4462
Title:
WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different...
Type:
Mobile Devices
Bulletins:
CVE-2014-4462
SFBID71142
Severity:
Medium
Description:
WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4452.
Applies to:
Created:
2014-11-18
Updated:
2017-07-05

ID:
CVE-2014-4463
Title:
Apple iOS before 8.1.1 allows physically proximate attackers to bypass the lock-screen protection mechanism, and view or transmit a Photo Library photo, via the FaceTime "Leave a Message" feature.
Type:
Mobile Devices
Bulletins:
CVE-2014-4463
SFBID71141
Severity:
Low
Description:
Apple iOS before 8.1.1 allows physically proximate attackers to bypass the lock-screen protection mechanism, and view or transmit a Photo Library photo, via the FaceTime "Leave a Message" feature.
Applies to:
Created:
2014-11-18
Updated:
2017-07-05

ID:
MITRE:28173
Title:
oval:org.mitre.oval:def:28173: Active Directory Federation Services information disclosure vulnerability
Type:
Software
Bulletins:
MITRE:28173
CVE-2014-6331
Severity:
Low
Description:
Microsoft Active Directory Federation Services (AD FS) 2.0, 2.1, and 3.0, when a configured SAML Relying Party lacks a sign-out endpoint, does not properly process logoff actions, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation, aka "Active Directory Federation Services Information Disclosure Vulnerability."
Applies to:
Microsoft Active Directory Federation Services
Created:
2014-11-17
Updated:
2015-08-10

ID:
CVE-2014-7992
Title:
The DLSw implementation in Cisco IOS does not initialize packet buffers, which allows remote attackers to obtain sensitive credential information from process memory via a session on TCP port 2067, aka Bug ID CSCur14014.
Type:
Hardware
Bulletins:
CVE-2014-7992
SFBID71145
Severity:
Medium
Description:
The DLSw implementation in Cisco IOS does not initialize packet buffers, which allows remote attackers to obtain sensitive credential information from process memory via a session on TCP port 2067, aka Bug ID CSCur14014.
Applies to:
Created:
2014-11-17
Updated:
2017-07-05

ID:
MITRE:28219
Title:
oval:org.mitre.oval:def:28219: ELSA-2014-1827 -- kdenetwork security update
Type:
Software
Bulletins:
MITRE:28219
Severity:
Low
Description:
[7:4.10.5-8] - Resolves: CVE-2014-6055
Applies to:
kdenetwork
Created:
2014-11-14
Updated:
2015-02-23

ID:
MITRE:28227
Title:
oval:org.mitre.oval:def:28227: ELSA-2014-3087 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:28227
Severity:
Low
Description:
kernel-uek [3.8.13-44.1.5.el6uek] - net: sctp: fix panic on duplicate ASCONF chunks (Daniel Borkmann) [Orabug: 20010590] {CVE-2014-3687} - net: sctp: fix skb_over_panic when receiving malformed ASCONF chunks (Daniel Borkmann) [Orabug: 20010577] {CVE-2014-3673}
Applies to:
kernel-uek
Created:
2014-11-14
Updated:
2015-03-16

ID:
MITRE:27974
Title:
oval:org.mitre.oval:def:27974: ELSA-2014-3089 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27974
Severity:
Low
Description:
kernel-uek [2.6.32-400.36.11uek] - net: sctp: fix panic on duplicate ASCONF chunks (Daniel Borkmann) [Orabug: 20010592] {CVE-2014-3687} - net: sctp: fix skb_over_panic when receiving malformed ASCONF chunks (Daniel Borkmann) [Orabug: 20010579] {CVE-2014-3673}
Applies to:
kernel-uek
Created:
2014-11-14
Updated:
2015-03-16

ID:
MITRE:28056
Title:
oval:org.mitre.oval:def:28056: TypeFilterLevel vulnerability
Type:
Software
Bulletins:
MITRE:28056
CVE-2014-4149
Severity:
Low
Description:
Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly perform TypeFilterLevel checks, which allows remote attackers to execute arbitrary code via crafted data to a .NET Remoting endpoint, aka "TypeFilterLevel Vulnerability."
Applies to:
Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 4.0
Microsoft .NET Framework 4.5
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.2
Created:
2014-11-14
Updated:
2015-12-22

ID:
MITRE:27794
Title:
oval:org.mitre.oval:def:27794: Microsoft schannel remote code execution vulnerability
Type:
Software
Bulletins:
MITRE:27794
CVE-2014-6321
Severity:
Low
Description:
Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via crafted packets, aka "Microsoft Schannel Remote Code Execution Vulnerability."
Applies to:
Created:
2014-11-14
Updated:
2015-02-23

ID:
CVE-2014-7997
Title:
The DHCP implementation in Cisco IOS on Aironet access points does not properly handle error conditions with short leases and unsuccessful lease-renewal attempts, which allows remote attackers to cause a denial of service (device restart) by...
Type:
Hardware
Bulletins:
CVE-2014-7997
Severity:
Medium
Description:
The DHCP implementation in Cisco IOS on Aironet access points does not properly handle error conditions with short leases and unsuccessful lease-renewal attempts, which allows remote attackers to cause a denial of service (device restart) by triggering a transition into a recovery state that was intended to involve a network-interface restart but actually involves a full device restart, aka Bug ID CSCtn16281.
Applies to:
Created:
2014-11-14
Updated:
2017-07-05

ID:
CVE-2014-7998
Title:
Cisco IOS on Aironet access points, when "dot11 aaa authenticator" debugging is enabled, allows remote attackers to cause a denial of service via a malformed EAP packet, aka Bug ID CSCul15509.
Type:
Hardware
Bulletins:
CVE-2014-7998
Severity:
High
Description:
Cisco IOS on Aironet access points, when "dot11 aaa authenticator" debugging is enabled, allows remote attackers to cause a denial of service via a malformed EAP packet, aka Bug ID CSCul15509.
Applies to:
Created:
2014-11-14
Updated:
2017-07-05

ID:
CVE-2014-7991
Title:
The Remote Mobile Access Subsystem in Cisco Unified Communications Manager (CM) 10.0(1) and earlier does not properly validate the Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof VCS...
Type:
Hardware
Bulletins:
CVE-2014-7991
SFBID71013
Severity:
Medium
Description:
The Remote Mobile Access Subsystem in Cisco Unified Communications Manager (CM) 10.0(1) and earlier does not properly validate the Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof VCS core devices via a crafted certificate issued by a legitimate Certification Authority, aka Bug ID CSCuq86376.
Applies to:
Unified Communications Manager
Created:
2014-11-13
Updated:
2017-07-05

ID:
MITRE:27388
Title:
oval:org.mitre.oval:def:27388: ELSA-2013-2587 -- unbreakable enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27388
Severity:
Low
Description:
kernel-uek [3.8.13-16.2.3.el6uek] - ip_output: do skb ufo init for peeked non ufo skb as well (Jiri Pirko) [Orabug: 17951078] {CVE-2013-4470} - ip6_output: do skb ufo init for peeked non ufo skb as well (Jiri Pirko) [Orabug: 17951080] {CVE-2013-4470} - KVM: x86: fix guest-initiated crash with x2apic (CVE-2013-6376) (Gleb Natapov) [Orabug: 17951067] {CVE-2013-6376} - KVM: x86: Convert vapic synchronization to _cached functions (CVE-2013-6368) (Andy Honig) [Orabug: 17951071] {CVE-2013-6368} - KVM: x86: Fix potential divide by 0 in lapic (CVE-2013-6367) (Andy Honig) [Orabug: 17951073] {CVE-2013-6367}
Applies to:
dtrace-modules
dtrace-modules-3.8.13-16.2.3.el6uek-provider-headers
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:26522
Title:
oval:org.mitre.oval:def:26522: ELSA-2014-3002 -- Unbreakable Enterprise kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:26522
Severity:
Low
Description:
[3.8.13-26.el6uek] - spec: Don't remove crashkernel=auto setting (Jerry Snitselaar) [Orabug: 18137993] dtrace-modules-3.8.13-26.el6uek [0.4.2-3] - Obsolete the old provider headers package. [Orabug: 18061595]
Applies to:
dtrace-modules
dtrace-modules-headers
dtrace-modules-provider-headers
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27236
Title:
oval:org.mitre.oval:def:27236: ELSA-2014-3084 -- Unbreakable Enterprise kernel Security update
Type:
Software
Bulletins:
MITRE:27236
Severity:
Low
Description:
kernel-uek [3.8.13-44.1.4.el7uek] - USB: whiteheat: Added bounds checking for bulk command response (James Forshaw) [Orabug: 19849334] {CVE-2014-3185} - HID: fix a couple of off-by-ones (Jiri Kosina) [Orabug: 19849317] {CVE-2014-3181} - kvm: vmx: handle invvpid vm exit gracefully (Petr Matousek) [Orabug: 19906300] {CVE-2014-3646} - nEPT: Nested INVEPT (Nadav Har'El) [Orabug: 19906267] {CVE-2014-3645} - KVM: x86: Improve thread safety in pit (Andy Honig) [Orabug: 19905686] {CVE-2014-3611}
Applies to:
dtrace-modules
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27160
Title:
oval:org.mitre.oval:def:27160: ELSA-2014-0927 -- qemu-kvm security and bug fix update
Type:
Software
Bulletins:
MITRE:27160
Severity:
Low
Description:
[1.5.3-60.el7_0.5] - kvm-Allow-mismatched-virtio-config-len.patch [bz#1095782] - Resolves: bz#1095782 (CVE-2014-0182 qemu-kvm: qemu: virtio: out-of-bounds buffer write on state load with invalid config_len [rhel-7.0.z])
Applies to:
qemu-kvm
Created:
2014-11-05
Updated:
2015-02-23

ID:
MITRE:26995
Title:
oval:org.mitre.oval:def:26995: ELSA-2014-0890 -- java-1.7.0-openjdk security update
Type:
Software
Bulletins:
MITRE:26995
Severity:
Low
Description:
[1.7.0.65-2.5.1.2.0.1.el5_10] - Add oracle-enterprise.patch - Fix DISTRO_NAME to 'Enterprise Linux' [1.7.0.65-2.5.1.2] - added and applied fix for samrtcard io patch405, pr1864_smartcardIO.patch - Resolves: rhbz#1115872 [1.7.0.65-2.5.1.1.el5] - updated to security patched icedtea7-forest 2.5.1 - Resolves: rhbz#1115872 [1.7.0.60-2.5.0.1.el5] - update to icedtea7-forest 2.5.0 (rh1114937) - Resolves: rhbz#1115872
Applies to:
java-1.7.0-openjdk
Created:
2014-11-05
Updated:
2015-08-10

ID:
MITRE:27123
Title:
oval:org.mitre.oval:def:27123: ELSA-2014-0679 -- openssl security update
Type:
Web
Bulletins:
MITRE:27123
Severity:
Low
Description:
[1.0.1e-34.3] - fix CVE-2010-5298 - possible use of memory after free - fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment - fix CVE-2014-0198 - possible NULL pointer dereference - fix CVE-2014-0221 - DoS from invalid DTLS handshake packet - fix CVE-2014-0224 - SSL/TLS MITM vulnerability - fix CVE-2014-3470 - client-side DoS when using anonymous ECDH
Applies to:
openssl
Created:
2014-11-05
Updated:
2015-02-23

ID:
MITRE:28158
Title:
oval:org.mitre.oval:def:28158: ELSA-2011-2029 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:28158
Severity:
Low
Description:
[2.6.32-200.20.1.el6uek] - af_packet: prevent information leak {CVE-2011-2898} - gro: Only reset frag0 when skb can be pulled {CVE-2011-2723} - vm: fix vm_pgoff wrap in stack expansion {CVE-2011-2496} - vm: fix vm_pgoff wrap in upward expansion {CVE-2011-2496} - taskstats: don't allow duplicate entries in listener mode {CVE-2011-2484} - Ecryptfs: Add mount option to check uid of device being mounted {CVE-2011-1833}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27240
Title:
oval:org.mitre.oval:def:27240: ELSA-2010-2009 -- Oracle Linux 5 Unbreakable Enterprise kernel security fix update
Type:
Software
Bulletins:
MITRE:27240
Severity:
Low
Description:
Following security bugs are fixed in this errata CVE-2010-3904 When copying data to userspace, the RDS protocol failed to verify that the user-provided address was a valid userspace address. A local unprivileged user could issue specially crafted socket calls to write arbitrary values into kernel memory and potentially escalate privileges to root. CVE-2010-3067 Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call. CVE-2010-3477 The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel memory via vectors involving a dump operation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-2942. kernel: [2.6.32-100.21.1.el5] - [rds] fix access issue with rds (Chris Mason) {CVE-2010-3904} - [fuse] linux-2.6.32-fuse-return-EGAIN-if-not-connected-bug-10154489.patch - [net] linux-2.6.32-net-sched-fix-kernel-leak-in-act_police.patch - [aio] linux-2.6.32-aio-check-for-multiplication-overflow-in-do_io_subm.patch ofa: [1.5.1-4.0.23] - Fix rds permissions checks during copies [1.5.1-4.0.21] - Update to BXOFED 1.5.1-1.3.6-5
Applies to:
kernel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-firmware
kernel-headers
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27250
Title:
oval:org.mitre.oval:def:27250: ELSA-2014-3043 -- unbreakable enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27250
Severity:
Low
Description:
kernel-uek [2.6.32-400.36.3uek] - fix autofs/afs/etc. magic mountpoint breakage (Al Viro) [Orabug: 19028505] {CVE-2014-0203} - SELinux: Fix kernel BUG on empty security contexts. (Stephen Smalley) [Orabug: 19028381] {CVE-2014-1874} - floppy: don't write kernel-only members to FDRAWCMD ioctl output (Matthew Daley) [Orabug: 19028446] {CVE-2014-1738} - floppy: ignore kernel-only members in FDRAWCMD ioctl input (Matthew Daley) [Orabug: 19028439] {CVE-2014-1737} - libertas: potential oops in debugfs (Dan Carpenter) [Orabug: 19028417] {CVE-2013-6378}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27698
Title:
oval:org.mitre.oval:def:27698: ELSA-2012-2014 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27698
Severity:
Low
Description:
kernel-uek: [2.6.32-300.25.1.el6uek] - jbd2: clear BH_Delay & BH_Unwritten in journal_unmap_buffer (Eric Sandeen) [Bugdb: 13871] {CVE-2011-4086}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27818
Title:
oval:org.mitre.oval:def:27818: ELSA-2012-0690-1 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:27818
Severity:
Low
Description:
[2.6.18-308.8.1.0.1.el5] - [net] bonding: fix carrier detect when bond is down [orabug 12377284] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346]
Applies to:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
ocfs2
oracleasm
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27823
Title:
oval:org.mitre.oval:def:27823: ELSA-2012-0480-1 -- kernel security, bug fix, and enhancement update
Type:
Software
Bulletins:
MITRE:27823
Severity:
Low
Description:
[2.6.18-308.4.1.0.1.el5] - [net] bonding: fix carrier detect when bond is down [orabug 12377284] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346]
Applies to:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
ocfs2
oracleasm
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27051
Title:
oval:org.mitre.oval:def:27051: ELSA-2013-0168-1 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:27051
Severity:
Low
Description:
kernel [2.6.18-348.1.1.0.1] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346]
Applies to:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
ocfs2
oracleasm
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27623
Title:
oval:org.mitre.oval:def:27623: ELSA-2013-0594-1 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:27623
Severity:
Low
Description:
kernel [2.6.18-348.2.1.0.1] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]
Applies to:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
ocfs2
oracleasm
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:26359
Title:
oval:org.mitre.oval:def:26359: ELSA-2014-3052 -- unbreakable enterprise kernel security update
Type:
Software
Bulletins:
MITRE:26359
Severity:
Low
Description:
kernel-uek [3.8.13-35.3.3.el7uek] - filter: prevent nla extensions to peek beyond the end of the message (Mathias Krause) [Orabug: 19315781] {CVE-2014-3144} {CVE-2014-3145} - mac80211: fix AP powersave TX vs. wakeup race (Emmanuel Grumbach) [Orabug: 19316457] {CVE-2014-2706}
Applies to:
dtrace-modules
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:26983
Title:
oval:org.mitre.oval:def:26983: ELSA-2012-2044 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:26983
Severity:
Low
Description:
[2.6.32-300.39.1] - hugepages: fix use after free bug in 'quota' handling [15842385] {CVE-2012-2133} - mm: Hold a file reference in madvise_remove [15842884] {CVE-2012-3511} - udf: Fortify loading of sparing table [15843730] {CVE-2012-3400} - udf: Avoid run away loop when partition table length is corrupt [15843730] {CVE-2012-3400}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27334
Title:
oval:org.mitre.oval:def:27334: ELSA-2013-0847-1 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:27334
Severity:
Low
Description:
kernel [2.6.18-348.6.1.0.1] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]
Applies to:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
ocfs2
oracleasm
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:26673
Title:
oval:org.mitre.oval:def:26673: ELSA-2013-1790-1 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:26673
Severity:
Low
Description:
kernel [2.6.18-371.3.1.0.1] - i386: fix MTRR code (Zhenzhong Duan) [orabug 15862649] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]
Applies to:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
ocfs2
oracleasm
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27016
Title:
oval:org.mitre.oval:def:27016: ELSA-2014-1669 -- qemu-kvm security and bug fix update
Type:
Software
Bulletins:
MITRE:27016
Severity:
Low
Description:
[1.5.3-60.el7_0.10] - kvm-block-add-helper-function-to-determine-if-a-BDS-is-i.patch [bz#1122925] - kvm-block-extend-block-commit-to-accept-a-string-for-the.patch [bz#1122925] - kvm-block-add-backing-file-option-to-block-stream.patch [bz#1122925] - kvm-block-add-__com.redhat_change-backing-file-qmp-comma.patch [bz#1122925] - Resolves: bz#1122925 (Maintain relative path to backing file image during live merge (block-commit))
Applies to:
qemu-kvm
Created:
2014-11-05
Updated:
2015-02-23

ID:
MITRE:27343
Title:
oval:org.mitre.oval:def:27343: ELSA-2013-2589 -- unbreakable enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27343
Severity:
Low
Description:
kernel-uek [2.6.32-400.33.4uek] - kernel/signal.c: stop info leak via the tkill and the tgkill syscalls (Emese Revfy) [Orabug: 17951083] {CVE-2013-2141} - ip_output: do skb ufo init for peeked non ufo skb as well (Jiri Pirko) [Orabug: 17951078] {CVE-2013-4470} - KVM: x86: Fix potential divide by 0 in lapic (CVE-2013-6367) (Andy Honig) [Orabug: 17951073] {CVE-2013-6367}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:26951
Title:
oval:org.mitre.oval:def:26951: ELSA-2014-3067 -- unbreakable enterprise kernel security update
Type:
Software
Bulletins:
MITRE:26951
Severity:
Low
Description:
kernel-uek [3.8.13-35.3.5.el7uek] - net: Use netlink_ns_capable to verify the permisions of netlink messages (Eric W. Biederman) [Orabug: 19404231] {CVE-2014-0181} - net: Add variants of capable for use on netlink messages (Eric W. Biederman) [Orabug: 19404231] - net: Add variants of capable for use on on sockets (Eric W. Biederman) [Orabug: 19404231] - netlink: Rename netlink_capable netlink_allowed (Eric W. Biederman) [Orabug: 19404231] - sctp: Fix sk_ack_backlog wrap-around problem (Xufeng Zhang) [Orabug: 19404244] {CVE-2014-4667}
Applies to:
dtrace-modules
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27158
Title:
oval:org.mitre.oval:def:27158: ELSA-2014-3054 -- unbreakable enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27158
Severity:
Low
Description:
kernel-uek [2.6.32-400.36.6uek] - filter: prevent nla extensions to peek beyond the end of the message (Mathias Krause) [Orabug: 19315783] {CVE-2014-3144} {CVE-2014-3145} - futex: Forbid uaddr == uaddr2 in futex_wait_requeue_pi() (Darren Hart) [Orabug: 19315318] {CVE-2012-6647} [2.6.32-400.36.5uek] - n_tty: Fix n_tty_write crash when echoing in raw mode (Peter Hurley) [Orabug: 18756450] {CVE-2014-0196} {CVE-2014-0196}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27466
Title:
oval:org.mitre.oval:def:27466: ELSA-2013-2534 -- Unbreakable Enterprise kernel Security update
Type:
Software
Bulletins:
MITRE:27466
Severity:
Low
Description:
[2.6.32-400.29.1] - KVM: add missing void __user COPYING CREDITS Documentation Kbuild MAINTAINERS Makefile README REPORTING-BUGS arch block crypto drivers firmware fs include init ipc kernel lib mm net samples scripts security sound tools uek-rpm usr virt cast to access_ok() call (Heiko Carstens) [Orabug: 16941620] {CVE-2013-1943} - KVM: Validate userspace_addr of memslot when registered (Takuya Yoshikawa) [Orabug: 16941620] {CVE-2013-1943}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:26800
Title:
oval:org.mitre.oval:def:26800: ELSA-2013-0621-1 -- kernel security update
Type:
Software
Bulletins:
MITRE:26800
Severity:
Low
Description:
kernel [2.6.18-348.3.1.0.1] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203
Applies to:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
ocfs2
oracleasm
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27903
Title:
oval:org.mitre.oval:def:27903: ELSA-2011-2021 -- Oracle Linux 6 Unbreakable Enterprise kernel security fix update
Type:
Software
Bulletins:
MITRE:27903
Severity:
Low
Description:
[2.6.32-100.37.1.el6uek] - [net] gre: fix netns vs proto registration ordering {CVE-2011-1767} - [net] tunnels: fix netns vs proto registration ordering {CVE-2011-1768}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:28028
Title:
oval:org.mitre.oval:def:28028: ELSA-2010-2010 -- kernel security update
Type:
Software
Bulletins:
MITRE:28028
Severity:
Low
Description:
[2.6.18-194.17.1.0.2.el5] - [rds] fix access issue with rds (Chris Mason) {CVE-2010-3904} [orabug 10226701]
Applies to:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
ocfs2
oracleasm
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:26901
Title:
oval:org.mitre.oval:def:26901: ELSA-2013-0747-1 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:26901
Severity:
Low
Description:
kernel [2.6.18-348.4.1.0.1] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]
Applies to:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
ocfs2
oracleasm
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:26519
Title:
oval:org.mitre.oval:def:26519: ELSA-2014-3081 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:26519
Severity:
Low
Description:
kernel-uek [3.8.13-44.1.3.el7uek] - ALSA: control: Don't access controls outside of protected regions (Lars-Peter Clausen) [Orabug: 19817785] {CVE-2014-4653} {CVE-2014-4654} {CVE-2014-4655} - ALSA: control: Fix replacing user controls (Lars-Peter Clausen) [Orabug: 19817747] {CVE-2014-4653} {CVE-2014-4654} {CVE-2014-4655} - kvm: iommu: fix the third parameter of kvm_iommu_put_pages (CVE-2014-3601) (Michael S. Tsirkin) [Orabug: 19817646] {CVE-2014-3601} - net: sctp: inherit auth_capable on INIT collisions (Daniel Borkmann) [Orabug: 19816067] {CVE-2014-5077}
Applies to:
dtrace-modules
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27194
Title:
oval:org.mitre.oval:def:27194: ELSA-2012-1061-1 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:27194
Severity:
Low
Description:
[2.6.18-308.11.1.0.1.el5] - [net] bonding: fix carrier detect when bond is down [orabug 12377284] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] +- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346]
Applies to:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
ocfs2
oracleasm
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27916
Title:
oval:org.mitre.oval:def:27916: ELSA-2011-2037 -- Unbreakable Enterprise kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:27916
Severity:
Low
Description:
[2.6.32-300.3.1.el6uek] - proc: fix oops on invalid /proc//maps access (Linux Torvalds) - Revert 'capabilities: do not grant full privs for setuid w/ file caps + no effective caps' (Joe Jin) - [mm]: Use MMF_COMPAT instead ia32_compat to prevent kabi be broken (Joe Jin) - proc: enable writing to /proc/pid/mem (Stephen Wilson) - proc: make check_mem_permission() return an mm_struct on success (Stephen Wilson) - proc: hold cred_guard_mutex in check_mem_permission() (Joe Jin) - proc: disable mem_write after exec (Stephen Wilson) - mm: implement access_remote_vm (Stephen Wilson) - mm: factor out main logic of access_process_vm (Stephen Wilson) - mm: use mm_struct to resolve gate vma's in __get_user_pages (Stephen Wilson) - mm: arch: rename in_gate_area_no_task to in_gate_area_no_mm (Stephen Wilson) - mm: arch: make in_gate_area take an mm_struct instead of a task_struct (Stephen Wilson) - mm: arch: make get_gate_vma take an mm_struct instead of a task_struct (Stephen Wilson) - x86: mark associated mm when running a task in 32 bit compatibility mode (Stephen Wilson) - x86: add context tag to mark mm when running a task in 32-bit compatibility mode (Stephen Wilson) - auxv: require the target to be tracable (or yourself) (Al Viro) - close race in /proc/*/environ (Al Viro) - report errors in /proc/*/*map* sanely (Al Viro) - pagemap: close races with suid execve (Al Viro) - make sessionid permissions in /proc/*/task/* match those in /proc/* (Al Viro) - Revert 'report errors in /proc/*/*map* sanely' (Joe Jin) - Revert 'proc: fix oops on invalid /proc//maps access' (Joe Jin)
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:26365
Title:
oval:org.mitre.oval:def:26365: ELSA-2014-3034 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:26365
Severity:
Low
Description:
kernel-uek [3.8.13-35.el6uek] - n_tty: Fix n_tty_write crash when echoing in raw mode (Peter Hurley) [Orabug: 18754908] {CVE-2014-0196} {CVE-2014-0196}
Applies to:
dtrace-modules
dtrace-modules-headers
dtrace-modules-provider-headers
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27375
Title:
oval:org.mitre.oval:def:27375: ELSA-2012-1540-1 -- kernel security, bug fix, and enhancement update
Type:
Software
Bulletins:
MITRE:27375
Severity:
Low
Description:
kernel [2.6.18-308.24.1.0.1.el5] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printks when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346]
Applies to:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
ocfs2
oracleasm
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27635
Title:
oval:org.mitre.oval:def:27635: ELSA-2012-0721-1 -- kernel security update
Type:
Software
Bulletins:
MITRE:27635
Severity:
Low
Description:
kernel: [2.6.18-308.8.2.0.1.el5] - [net] bonding: fix carrier detect when bond is down [orabug 12377284] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] +- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] [2.6.18-308.8.2.el5] - [xen] x86_64: check address on trap handlers or guest callbacks (Paolo Bonzini) [813430 813431] {CVE-2012-0217} - [xen] x86_64: Do not execute sysret with a non-canonical return address (Paolo Bonzini) [813430 813431] {CVE-2012-0217} - [xen] x86: prevent hv boot on AMD CPUs with Erratum 121 (Laszlo Ersek) [824969 824970]
Applies to:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
ocfs2
oracleasm
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:26880
Title:
oval:org.mitre.oval:def:26880: ELSA-2014-1075 -- qemu-kvm security and bug fix update
Type:
Software
Bulletins:
MITRE:26880
Severity:
Low
Description:
[0.12.1.2-2.415.el6_5.14] - The commit for zrelease .13 was incomplete; the changes to qemu-kvm.spec did not include the '%patchNNNN -p1' lines for patches 4647 through 4655; so although the patch files themselves were committed, the srpm build did not pick them up. In addition, the commit log did not describe the patches. This commit corrects these problems and bumps the zrelease to .14.
Applies to:
qemu-kvm
Created:
2014-11-05
Updated:
2015-02-23

ID:
MITRE:27247
Title:
oval:org.mitre.oval:def:27247: ELSA-2014-0704 -- qemu-kvm security and bug fix update
Type:
Software
Bulletins:
MITRE:27247
Severity:
Low
Description:
[1.5.3-60.el7_0.2] - kvm-pc-add-hot_add_cpu-callback-to-all-machine-types.patch [bz#1094820] - Resolves: bz#1094820 (Hot plug CPU not working with RHEL6 machine types running on RHEL7 host.) [1.5.3-60.el7_0.1] - kvm-iscsi-fix-indentation.patch [bz#1090978] - kvm-iscsi-correctly-propagate-errors-in-iscsi_open.patch [bz#1090978] - kvm-block-iscsi-query-for-supported-VPD-pages.patch [bz#1090978] - kvm-block-iscsi-fix-segfault-if-writesame-fails.patch [bz#1090978] - kvm-iscsi-recognize-invalid-field-ASCQ-from-WRITE-SAME-c.patch [bz#1090978] - kvm-iscsi-ignore-flushes-on-scsi-generic-devices.patch [bz#1090978] - kvm-iscsi-always-query-max-WRITE-SAME-length.patch [bz#1090978] - kvm-iscsi-Don-t-set-error-if-already-set-in-iscsi_do_inq.patch [bz#1090978] - kvm-iscsi-Remember-to-set-ret-for-iscsi_open-in-error-ca.patch [bz#1090978] - kvm-qemu_loadvm_state-shadow-SeaBIOS-for-VM-incoming-fro.patch [1091322] - kvm-uhci-UNfix-irq-routing-for-RHEL-6-machtypes-RHEL-onl.patch [bz#1090981] - kvm-ide-Correct-improper-smart-self-test-counter-reset-i.patch [bz#1093612] - Resolves: bz#1091322 (fail to reboot guest after migration from RHEL6.5 host to RHEL7.0 host) - Resolves: bz#1090981 (Guest hits call trace migrate from RHEL6.5 to RHEL7.0 host with -M 6.1 & balloon & uhci device) - Resolves: bz#1090978 (qemu-kvm: iSCSI: Failure. SENSE KEY:ILLEGAL_REQUEST(5) ASCQ:INVALID_FIELD_IN_CDB(0x2400)) - Resolves: bz#1093612 (CVE-2014-2894 qemu-kvm: QEMU: out of bounds buffer accesses, guest triggerable via IDE SMART [rhel-7.0.z])
Applies to:
qemu-kvm
Created:
2014-11-05
Updated:
2015-02-23

ID:
MITRE:28157
Title:
oval:org.mitre.oval:def:28157: ELSA-2011-2025 -- Unbreakable Enterprise kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:28157
Severity:
Low
Description:
[2.6.32-200.19.1.el6uek] - Apply new fix for CVE-2011-1576. [2.6.32-200.18.1.el6uek] - Revert 'proc: fix a race in do_io_accounting' [2.6.32-200.17.1.el6uek] - net: Fix memory leak/corruption on VLAN GRO_DROP {CVE-2011-1576} - iommu-api: Extension to check for interrupt remapping {CVE-2011-1898} - KVM: IOMMU: Disable device assignment without interrupt remapping {CVE-2011-1898} - ext4: Fix max file size and logical block counting of extent format file {CVE-2011-2695} - nl80211: fix overflow in ssid_len {CVE-2011-2517} - Bluetooth: Prevent buffer overflow in l2cap config request {CVE-2011-2497} - proc: fix a race in do_io_accounting() {CVE-2011-2495} - proc: restrict access to /proc/PID/io {CVE-2011-2495} - Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace {CVE-2011-2492} - NLM: Don't hang forever on NLM unlock requests {CVE-2011-2491} - ksm: fix NULL pointer dereference in scan_get_next_rmap_item() {CVE-2011-2183}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27502
Title:
oval:org.mitre.oval:def:27502: ELSA-2013-2577 -- unbreakable enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27502
Severity:
Low
Description:
kernel-uek [3.8.13-16.1.1.el6uek] - dm snapshot: fix data corruption (Mikulas Patocka) [Orabug: 17617582] {CVE-2013-4299}
Applies to:
dtrace-modules
dtrace-modules-3.8.13-16.1.1.el6uek-provider-headers
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:28004
Title:
oval:org.mitre.oval:def:28004: ELSA-2011-2015 -- Oracle Linux 6 Unbreakable Enterprise kernel security fix update
Type:
Software
Bulletins:
MITRE:28004
Severity:
Low
Description:
[2.6.32-100.28.15.el6] - sctp: fix to calc the INIT/INIT-ACK chunk length correctly is set {CVE-2011-1573} - dccp: fix oops on Reset after close {CVE-2011-1093} - bridge: netfilter: fix information leak {CVE-2011-1080} - Bluetooth: bnep: fix buffer overflow {CVE-2011-1079} - net: don't allow CAP_NET_ADMIN to load non-netdev kernel modules {CVE-2011-1019} - ipip: add module alias for tunl0 tunnel device - gre: add module alias for gre0 tunnel device - drm/radeon/kms: check AA resolve registers on r300 {CVE-2011-1016} - drm/radeon: fix regression with AA resolve checking {CVE-2011-1016} - drm: fix unsigned vs signed comparison issue in modeset ctl ioctl {CVE-2011-1013} - proc: protect mm start_code/end_code in /proc/pid/stat {CVE-2011-0726} - ALSA: caiaq - Fix possible string-buffer overflow {CVE-2011-0712} - xfs: zero proper structure size for geometry calls {CVE-2011-0711} - xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1 {CVE-2011-0711} - ima: fix add LSM rule bug {CVE-2011-0006} - IB/uverbs: Handle large number of entries in poll CQ {CVE-2010-4649, CVE-2011-1044} - CAN: Use inode instead of kernel address for /proc file {CVE-2010-4565} [2.6.32-100.28.14.el6] - IB/qib: fix qib compile warning. - IB/core: Allow device-specific per-port sysfs files. - dm crypt: add plain64 iv. - firmware: add firmware for qib. - Infiniband: Add QLogic PCIe QLE InfiniBand host channel adapters support.
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27378
Title:
oval:org.mitre.oval:def:27378: ELSA-2013-2575 -- unbreakable enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27378
Severity:
Low
Description:
kernel-uek [2.6.32-400.33.2] - dm snapshot: fix data corruption (Mikulas Patocka) [Orabug: 17618900] {CVE-2013-4299} - ipv6: call udp_push_pending_frames when uncorking a socket with AF_INET pending data (Hannes Frederic Sowa) [Orabug: 17618897] {CVE-2013-4162}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27959
Title:
oval:org.mitre.oval:def:27959: ELSA-2011-2010 -- Oracle Linux 6 Unbreakable Enterprise kernel security fix update
Type:
Software
Bulletins:
MITRE:27959
Severity:
Low
Description:
[2.6.32-100.28.9.el6] - sync up the version [2.6.32-100.28.8.el6] - [block] check for proper length of iov entries earlier in blk_rq_map_user_iov (Xiaotian Feng) {CVE-2010-4668} - scm: lower SCM_MAX_FD (Eric Dumazet) {CVE-2010-4249} - perf_events: Fix perf_counter_mmap() hook in mprotect() (Pekka Enberg) {CVE-2010-4169} - tcp: Increase TCP_MAXSEG socket option minimum (David S. Miller) {CVE-2010-4165} - Enable module force load option [orabug 11782146] - Enable vmw balloon and pvscsi (Guru Anbalagane) [orabug 11697522] [2.6.32-100.28.7.el6] - build from git [2.6.32-100.28.6.el6] - Remove crashkernel option if it is present [bug 11714928]
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27337
Title:
oval:org.mitre.oval:def:27337: ELSA-2014-0702 -- mariadb security update
Type:
Software
Bulletins:
MITRE:27337
Severity:
Low
Description:
[1:5.5.37-1] - Rebase to 5.5.37 https://kb.askmonty.org/en/mariadb-5537-changelog/ Also fixes: CVE-2014-2440 CVE-2014-0384 CVE-2014-2432 CVE-2014-2431 CVE-2014-2430 CVE-2014-2436 CVE-2014-2438 CVE-2014-2419 Resolves: #1101062
Applies to:
mariadb
Created:
2014-11-05
Updated:
2015-02-23

ID:
MITRE:27071
Title:
oval:org.mitre.oval:def:27071: ELSA-2012-2041 -- Unbreakable Enterprise kernel Security update
Type:
Software
Bulletins:
MITRE:27071
Severity:
Low
Description:
[2.6.32-300.38.1] - [net/sfc] limit number of segments per skb on tx (Maxim Uvarov) [Orabug: 14769994] {CVE-2012-3412}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27550
Title:
oval:org.mitre.oval:def:27550: ELSA-2012-2020 -- Unbreakable Enterprise kernel security and bugfix update
Type:
Software
Bulletins:
MITRE:27550
Severity:
Low
Description:
kernel-uek: [2.6.32-300.27.1.el6uek] - net: sock: validate data_len before allocating skb (Jason Wang) [Bugdb: 13966]{CVE-2012-2136} - fcaps: clear the same personality flags as suid when fcaps are used (Eric Paris) [Bugdb: 13966] {CVE-2012-2123} - Revert 'nfs: when attempting to open a directory, fall back on normal lookup (Todd Vierling) [Orabug 14141154] [2.6.32-300.26.1.el6uek] - mptsas: do not call __mptsas_probe in kthread (Maxim Uvarov) [Orabug: 14175509] - mm: check if any page in a pageblock is reserved before marking it MIGRATE_RESERVE (Maxim Uvarov) [Orabug: 14073214] - mm: reduce the amount of work done when updating min_free_kbytes (Mel Gorman) [Orabug: 14073214] - vmxnet3: Updated to el6-u2 (Guangyu Sun) [Orabug: 14027961] - xen: expose host uuid via sysfs. (Zhigang Wang) - sched: Fix cgroup movement of waking process (Daisuke Nishimura) [Orabug: 13946210] - sched: Fix cgroup movement of newly created process (Daisuke Nishimura) [Orabug: 13946210] - sched: Fix cgroup movement of forking process (Daisuke Nishimura) [Orabug: 13946210] - x86, boot: Wait for boot cpu to show up if nr_cpus limit is about to hit (Zhenzhong Duan) [Orabug: 13629087] - smp: Use nr_cpus= to set nr_cpu_ids early (Zhenzhong Duan) [Orabug: 13629087] - net: ipv4: relax AF_INET check in bind() (Maxim Uvarov) [Orabug: 14054411] ofa-2.6.32-300.27.1.el6uek: [1.5.1-4.0.58] - Add Patch 158-169
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27255
Title:
oval:org.mitre.oval:def:27255: ELSA-2013-1348 -- Oracle linux 5 kernel update
Type:
Software
Bulletins:
MITRE:27255
Severity:
Low
Description:
kernel [2.6.18-371] - [net] be2net: enable polling prior enabling interrupts globally (Ivan Vecera) [987539]
Applies to:
kernel
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27587
Title:
oval:org.mitre.oval:def:27587: ELSA-2010-2008 -- Unbreakable enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27587
Severity:
Low
Description:
[2.6.32-100.20.1.el5] - [fs] xfs: return inode fork offset in bulkstat for fsr (Dave Chinner) - [fs] xfs: always use iget in bulkstat (Dave Chinner) {CVE-2010-2943} - [fs] xfs: validate untrusted inode numbers during lookup (Dave Chinner) {CVE-2 010-2943} - [fs] xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED (Dave Chinner) {CVE-2 010-2943} - [net] net sched: fix some kernel memory leaks (Eric Dumazet) {CVE-2010-2942} - [fs] ocfs2: Don't walk off the end of fast symlinks (Joel Becker)
Applies to:
kernel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-firmware
kernel-headers
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27596
Title:
oval:org.mitre.oval:def:27596: ELSA-2012-2038 -- Unbreakable Enterprise kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:27596
Severity:
Low
Description:
[2.6.32-300.37.1.] - sfc: Replace some literal constants with EFX_PAGE_SIZE/EFX_BUF_SIZE (Ben Hutchings) [Orabug: 14769994] - CVE-2012-3412 sfc: Fix maximum number of TSO segments and minimum TX queue size (Ben Hutchings) [Orabug: 14769994] {CVE-2012-3412}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27266
Title:
oval:org.mitre.oval:def:27266: ELSA-2014-3070 -- Unbreakable Enterprise kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:27266
Severity:
Low
Description:
kernel-uek [3.8.13-44] - net: Use netlink_ns_capable to verify the permisions of netlink messages (Eric W. Biederman) [Orabug: 19404229] {CVE-2014-0181} - net: Add variants of capable for use on netlink messages (Eric W. Biederman) [Orabug: 19404229] - net: Add variants of capable for use on on sockets (Eric W. Biederman) [Orabug: 19404229] - netlink: Rename netlink_capable netlink_allowed (Eric W. Biederman) [Orabug: 19404229] - sctp: Fix sk_ack_backlog wrap-around problem (Xufeng Zhang) [Orabug: 19404238] {CVE-2014-4667} - Revert 'xen/fb: allow xenfb initialization for hvm guests' (Vaughan Cao) [Orabug: 19320529]
Applies to:
dtrace-modules
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:26514
Title:
oval:org.mitre.oval:def:26514: ELSA-2014-3049 -- unbreakable enterprise kernel security update
Type:
Software
Bulletins:
MITRE:26514
Severity:
Low
Description:
kernel-uek [3.8.13-35.3.2.el7uek] - l2tp: fix an unprivileged user to kernel privilege escalation (Sasha Levin) [Orabug: 19229497] {CVE-2014-4943} {CVE-2014-4943} - ptrace,x86: force IRET path after a ptrace_stop() (Tejun Heo) [Orabug: 19230689] {CVE-2014-4699} - net: flow_dissector: fail on evil iph->ihl (Jason Wang) [Orabug: 19231234] {CVE-2013-4348}
Applies to:
dtrace-modules
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27341
Title:
oval:org.mitre.oval:def:27341: ELSA-2014-3048 -- unbreakable enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27341
Severity:
Low
Description:
kernel-uek [2.6.32-400.36.4uek] - l2tp: fix an unprivileged user to kernel privilege escalation (Sasha Levin) [Orabug: 19229529] {CVE-2014-4943} {CVE-2014-4943} - ptrace,x86: force IRET path after a ptrace_stop() (Tejun Heo) [Orabug: 19230692] {CVE-2014-4699}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27331
Title:
oval:org.mitre.oval:def:27331: ELSA-2014-0675 -- java-1.7.0-openjdk security update
Type:
Software
Bulletins:
MITRE:27331
Severity:
Low
Description:
[1.7.0.55-2.4.7.2.0.1.el7_0] - Update DISTRO_NAME in specfile [1.7.0.55-2.4.7.2] - Remove NSS patches. Issues with PKCS11 provider mean it shouldn't be enabled. - Always setup nss.cfg and depend on nss-devel at build-time to do so. - This allows users who wish to use PKCS11+NSS to just add it to java.security. - Patches to PKCS11 provider will be included upstream in 2.4.8 (ETA July 2014) - Resolves: rhbz#1099565 [1.7.0.55-2.4.7.0.el7] - bumped to future icedtea-forest 2.4.7 - updatever set to 55, buildver se to 13, release reset to 0 - removed upstreamed patch402 gstackbounds.patch - removed Requires: rhino, BuildRequires is enough - ppc64 repalced by power64 macro - patch111 applied as dry-run (6.6 forward port) - nss enabled, but notused as default (6.6 forward port) - Resolves: rhbz#1099565
Applies to:
java-1.7.0-openjdk
Created:
2014-11-05
Updated:
2015-08-10

ID:
MITRE:27047
Title:
oval:org.mitre.oval:def:27047: ELSA-2013-2512 -- Unbreakable Enterprise kernel Security update
Type:
Software
Bulletins:
MITRE:27047
Severity:
Low
Description:
kernel-uek [2.6.32-300.39.5uek] - x86/msr: Add capabilities check (Alan Cox) [Orabug: 16481233] {CVE-2013-0268} ofa-2.6.32-300.39.5.el6uek mlnx_en-2.6.32-300.39.5.el6uek * Mon Dec 12 2011 Guru Anbalagane - version 1.5.7-0.1 * Tue Nov 01 2011 Joe Jin - 1.5.7 for UEK kernel. * Mon Sep 08 2008 Vladimir Sokolovsky - Added nfsrdma support * Wed Aug 13 2008 Vladimir Sokolovsky - Added mlx4_en support * Tue Aug 21 2007 Vladimir Sokolovsky - Added %build LANG=C export LANG unset DISPLAY macro * Sun Jan 28 2007 Vladimir Sokolovsky - Created spec file for kernel-ib
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27318
Title:
oval:org.mitre.oval:def:27318: ELSA-2014-3021 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27318
Severity:
Low
Description:
[3.8.13-26.2.4.el6uek] - aacraid: missing capable() check in compat ioctl (Dan Carpenter) [Orabug: 18721961] {CVE-2013-6383} - vhost: fix total length when packets are too short (Michael S. Tsirkin) [Orabug: 18721976] {CVE-2014-0077}
Applies to:
dtrace-modules
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27347
Title:
oval:org.mitre.oval:def:27347: ELSA-2014-3016 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27347
Severity:
Low
Description:
kernel-uek [2.6.32-400.34.4uek] - netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages (Daniel Borkmann) [Orabug: 18462076] {CVE-2014-2523} - net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH capable (Daniel Borkmann) [Orabug: 18461091] {CVE-2014-0101}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27351
Title:
oval:org.mitre.oval:def:27351: ELSA-2014-0921 -- httpd security update
Type:
Web
Bulletins:
MITRE:27351
Severity:
Low
Description:
[2.4.6-18.0.1.el7_0] - replace index.html with Oracle's index page oracle_index.html [2.4.6-18] - mod_cgid: add security fix for CVE-2014-0231 (#1120607) - mod_proxy: add security fix for CVE-2014-0117 (#1120607) - mod_deflate: add security fix for CVE-2014-0118 (#1120607) - mod_status: add security fix for CVE-2014-0226 (#1120607) - mod_cache: add secutiry fix for CVE-2013-4352 (#1120607)
Applies to:
httpd
Created:
2014-11-05
Updated:
2015-08-10

ID:
MITRE:26595
Title:
oval:org.mitre.oval:def:26595: ELSA-2014-0926-1 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:26595
Severity:
Low
Description:
kernel [2.6.18-371.11.1.0.1] - ocfs2: dlm: fix recovery hung (Junxiao Bi) [orabug 13956772] - i386: fix MTRR code (Zhenzhong Duan) [orabug 15862649] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]
Applies to:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
ocfs2
oracleasm
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27232
Title:
oval:org.mitre.oval:def:27232: ELSA-2014-0108-1 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:27232
Severity:
Low
Description:
kernel [2.6.18-371.4.1.0.1] - i386: fix MTRR code (Zhenzhong Duan) [orabug 15862649] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]
Applies to:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
ocfs2
oracleasm
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:26804
Title:
oval:org.mitre.oval:def:26804: ELSA-2014-1004 -- yum-updatesd security update
Type:
Software
Bulletins:
MITRE:26804
Severity:
Low
Description:
[1:0.9-6] - updatesd: prevent installing unsigned packages. - Resolves: rhbz#1125185
Applies to:
yum-updatesd
Created:
2014-11-05
Updated:
2015-02-23

ID:
MITRE:27278
Title:
oval:org.mitre.oval:def:27278: ELSA-2014-3011 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27278
Severity:
Low
Description:
[3.8.13-26.1.1.el6uek] - inet: fix addr_len/msg->msg_namelen assignment in recv_error and rxpmtu functions (Hannes Frederic Sowa) [18247287] {CVE-2013-7263} {CVE-2013-7265} - inet: prevent leakage of uninitialized memory to user in recv syscalls (Hannes Frederic Sowa) [18238377] {CVE-2013-7263} {CVE-2013-7265} - exec/ptrace: fix get_dumpable() incorrect tests (Kees Cook) [18238348] {CVE-2013-2929}
Applies to:
dtrace-modules
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27338
Title:
oval:org.mitre.oval:def:27338: ELSA-2013-2583 -- Unbreakable Enterprise Kernel security update
Type:
Software
Bulletins:
MITRE:27338
Severity:
Low
Description:
[3.8.13-16.2.2.el6uek] - HID: pantherlord: validate output report details (Kees Cook) [Orabug: 17841973] {CVE-2013-2892} - HID: zeroplus: validate output report details (Kees Cook) [Orabug: 17841968] {CVE-2013-2889} - HID: provide a helper for validating hid reports (Kees Cook) [Orabug: 17841968] {CVE-2013-2889} - KVM: Fix iommu map/unmap to handle memory slot moves (Alex Williamson) [Orabug: 17841960] {CVE-2013-4592} - ansi_cprng: Fix off by one error in non-block size request (Jerry Snitselaar) [Orabug: 17837997] {CVE-2013-4345} - HID: validate HID report id size (Kees Cook) [Orabug: 17841940] {CVE-2013-2888} - ipv6: remove max_addresses check from ipv6_create_tempaddr (Hannes Frederic Sowa) [Orabug: 17841911] {CVE-2013-0343} - ipv6: udp packets following an UFO enqueued packet need also be handled by UFO (Hannes Frederic Sowa) [Orabug: 17841928] {CVE-2013-4387}
Applies to:
dtrace-modules
dtrace-modules-3.8.13-16.2.2.el6uek-provider-headers
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27200
Title:
oval:org.mitre.oval:def:27200: ELSA-2014-3046 -- unbreakable enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27200
Severity:
Low
Description:
kernel-uek [3.8.13-35.1.3.el6uek] - l2tp: fix an unprivileged user to kernel privilege escalation (Sasha Levin) [Orabug: 19229497] {CVE-2014-4943} {CVE-2014-4943} - ptrace,x86: force IRET path after a ptrace_stop() (Tejun Heo) [Orabug: 19230689] {CVE-2014-4699} - net: flow_dissector: fail on evil iph->ihl (Jason Wang) [Orabug: 19231234] {CVE-2013-4348}
Applies to:
dtrace-modules
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27491
Title:
oval:org.mitre.oval:def:27491: ELSA-2013-1292-1 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:27491
Severity:
Low
Description:
This update fixes the following security issues: * A use-after-free flaw was found in the madvise() system call implementation in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2012-3511, Moderate) * A flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled IPv6 sockets that used the UDP_CORK option. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2013-4162, Moderate) * An information leak flaw in the Linux kernel could allow a local, unprivileged user to leak kernel memory to user-space.
Applies to:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
ocfs2
oracleasm
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27657
Title:
oval:org.mitre.oval:def:27657: ELSA-2013-2504 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27657
Severity:
Low
Description:
[2.6.32-300.39.4] - exec: do not leave bprm->interp on stack (Kees Cook) [Orabug: 16286741] {CVE-2012-4530} - exec: use -ELOOP for max recursion depth (Kees Cook) [Orabug: 16286741] {CVE-2012-4530} [2.6.32-300.39.3] - Xen: Fix stack corruption in xen_failsafe_callback for 32bit PVOPS guests. (Frediano Ziglio) [Orabug: 16274192] {CVE-2013-0190}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27296
Title:
oval:org.mitre.oval:def:27296: ELSA-2014-0433-1 -- kernel security, bug fix, and enhancement update
Type:
Software
Bulletins:
MITRE:27296
Severity:
Low
Description:
kernel [2.6.18-371.8.1.0.1] - i386: fix MTRR code (Zhenzhong Duan) [orabug 15862649] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]
Applies to:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
ocfs2
oracleasm
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27648
Title:
oval:org.mitre.oval:def:27648: ELSA-2012-2035 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27648
Severity:
Low
Description:
[2.6.32-300.32.3] - dl2k: Clean up rio_ioctl (Stephan Mueller) [Orabug: 14675306] {CVE-2012-2313} - hugetlb: fix resv_map leak in error path (Christoph Lameter) [Orabug: 14676403] {CVE-2012-2390} - rds: set correct msg_namelen (Jay Fenlason) [Orabug: 14676504] {CVE-2012-3430}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27275
Title:
oval:org.mitre.oval:def:27275: ELSA-2014-0285-1 -- kernel security, bug fix, and enhancement update
Type:
Software
Bulletins:
MITRE:27275
Severity:
Low
Description:
kernel [2.6.18-371.6.1.0.1] - i386: fix MTRR code (Zhenzhong Duan) [orabug 15862649] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]
Applies to:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
ocfs2
oracleasm
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27242
Title:
oval:org.mitre.oval:def:27242: ELSA-2014-3010 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27242
Severity:
Low
Description:
[2.6.32-400.34.3] - inet: fix addr_len/msg->msg_namelen assignment in recv_error and rxpmtu functions (Hannes Frederic Sowa) [18247290] {CVE-2013-7263} {CVE-2013-7265} [2.6.32-400.34.2] - exec/ptrace: fix get_dumpable() incorrect tests (Kees Cook) [18239033] {CVE-2013-2929} {CVE-2013-2929} - inet: prevent leakage of uninitialized memory to user in recv syscalls (Hannes Frederic Sowa) [18239036] {CVE-2013-7263} {CVE-2013-7265}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:28005
Title:
oval:org.mitre.oval:def:28005: ELSA-2011-2014 -- Oracle Linux 6 Unbreakable Enterprise kernel security fix update
Type:
Software
Bulletins:
MITRE:28005
Severity:
Low
Description:
[2.6.32-100.28.11.el6] - fs/partitions: Validate map_count in Mac partition tables {CVE-2011-1010} - nfs4: Ensure that ACL pages sent over NFS were not allocated from the slab (v3) {CVE-2011-1090} [2.6.32-100.28.10.el6] - Use cciss for some Smart Array controller for OL5 [orabug 11899706] - CVEs from RHSA-2011-0421 - install_special_mapping skips security_file_mmap check {CVE-2010-4346} - orinoco: fix TKIP countermeasure behaviour {CVE-2010-4648} - net: clear heap allocation for ethtool_get_regs() {CVE-2010-4655} - usb: iowarrior: don't trust report_size for buffer size {CVE-2010-4656} - [media] [v3,media] av7110: check for negative array offset {CVE-2011-0521} - RDMA/cma: Fix crash in request handlers {CVE-2011-0695} - IB/cm: Bump reference count on cm_id before invoking callback {CVE-2011-0695} - gro: reset skb_iif on reuse {CVE-2011-1478}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27233
Title:
oval:org.mitre.oval:def:27233: ELSA-2014-1052 -- openssl security update
Type:
Web
Bulletins:
MITRE:27233
Severity:
Low
Description:
[1.0.1e-34.4] - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix CVE-2014-3507 - avoid memory leak in DTLS - fix CVE-2014-3508 - fix OID handling to avoid information leak - fix CVE-2014-3509 - fix race condition when parsing server hello - fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS - fix CVE-2014-3511 - disallow protocol downgrade via fragmentation
Applies to:
openssl
Created:
2014-11-05
Updated:
2015-02-23

ID:
MITRE:27215
Title:
oval:org.mitre.oval:def:27215: ELSA-2014-3069 -- unbreakable enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27215
Severity:
Low
Description:
kernel-uek [2.6.32-400.36.7uek] - sctp: Fix sk_ack_backlog wrap-around problem (Xufeng Zhang) [Orabug: 19404246] {CVE-2014-4667}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:26883
Title:
oval:org.mitre.oval:def:26883: ELSA-2014-3014 -- unbreakable enterprise kernel security update
Type:
Software
Bulletins:
MITRE:26883
Severity:
Low
Description:
kernel-uek [3.8.13-26.2.2.el6uek] - netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages (Daniel Borkmann) [Orabug: 18421673] {CVE-2014-2523} - cifs: ensure that uncached writes handle unmapped areas correctly (Jeff Layton) [Orabug: 18461067] {CVE-2014-0069} {CVE-2014-0069} - net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH capable (Daniel Borkmann) [Orabug: 18461065] {CVE-2014-0101} - vhost-net: insufficient handling of error conditions in get_rx_bufs() (Guangyu Sun) [Orabug: 18461050] {CVE-2014-0055}
Applies to:
dtrace-modules
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27518
Title:
oval:org.mitre.oval:def:27518: ELSA-2011-2019 -- Oracle Linux 6 Unbreakable Enterprise kernel security fix update
Type:
Software
Bulletins:
MITRE:27518
Severity:
Low
Description:
[2.6.32-100.35.1.el6uek] - [net] dccp: handle invalid feature options length {CVE-2011-1770} - [net] can: add missing socket check in can/raw release {CVE-2011-1748} - [net] can: Add missing socket check in can/bcm release {CVE-2011-1598}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27622
Title:
oval:org.mitre.oval:def:27622: ELSA-2013-2520 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27622
Severity:
Low
Description:
[2.6.32-400.26.2] - mm/hotplug: correctly add new zone to all other nodes' zone lists (Jiang Liu) [Orabug: 16603569] {CVE-2012-5517} - ptrace: ptrace_resume() shouldn't wake up !TASK_TRACED thread (Oleg Nesterov) [Orabug: 16405868] {CVE-2013-0871} - ptrace: ensure arch_ptrace/ptrace_request can never race with SIGKILL (Oleg Nesterov) [Orabug: 16405868] {CVE-2013-0871} - ptrace: introduce signal_wake_up_state() and ptrace_signal_wake_up() (Oleg Nesterov) [Orabug: 16405868] {CVE-2013-0871} - Bluetooth: Fix incorrect strncpy() in hidp_setup_hid() (Anderson Lizardo) [Orabug: 16711062] {CVE-2013-0349} - dccp: check ccid before dereferencing (Mathias Krause) [Orabug: 16711040] {CVE-2013-1827} - USB: io_ti: Fix NULL dereference in chase_port() (Wolfgang Frisch) [Orabug: 16425435] {CVE-2013-1774} - keys: fix race with concurrent install_user_keyrings() (David Howells) [Orabug: 16493369] {CVE-2013-1792} - KVM: Fix bounds checking in ioapic indirect register reads (CVE-2013-1798) (Andy Honig) [Orabug: 16710937] {CVE-2013-1798} - KVM: x86: fix for buffer overflow in handling of MSR_KVM_SYSTEM_TIME (CVE-2013-1796) (Jerry Snitselaar) [Orabug: 16710794] {CVE-2013-1796} - net/tun: fix ioctl() based info leaks (Mathias Krause) [Orabug: 16675501] {CVE-2012-6547} - atm: fix info leak via getsockname() (Mathias Krause) [Orabug: 16675501] {CVE-2012-6546} - atm: fix info leak in getsockopt(SO_ATMPVC) (Mathias Krause) [Orabug: 16675501] {CVE-2012-6546} - xfrm_user: fix info leak in copy_to_user_tmpl() (Mathias Krause) [Orabug: 16675501] {CVE-2012-6537} - xfrm_user: fix info leak in copy_to_user_policy() (Mathias Krause) [Orabug: 16675501] {CVE-2012-6537} - xfrm_user: fix info leak in copy_to_user_state() (Mathias Krause) [Orabug: 16675501] {CVE-2013-6537} - xfrm_user: return error pointer instead of NULL #2 (Mathias Krause) [Orabug: 16675501] {CVE-2013-1826} - xfrm_user: return error pointer instead of NULL (Mathias Krause) [Orabug: 16675501] {CVE-2013-1826}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27358
Title:
oval:org.mitre.oval:def:27358: ELSA-2013-2585 -- Unbreakable Enterprise Kernel security update
Type:
Software
Bulletins:
MITRE:27358
Severity:
Low
Description:
kernel-uek [2.6.32-400.33.3uek] - af_key: fix info leaks in notify messages (Mathias Krause) [Orabug: 17837974] {CVE-2013-2234} - drivers/cdrom/cdrom.c: use kzalloc() for failing hardware (Jonathan Salwan) [Orabug: 17837971] {CVE-2013-2164} - fs/compat_ioctl.c: VIDEO_SET_SPU_PALETTE missing error check (Kees Cook) [Orabug: 17837966] {CVE-2013-1928} - Bluetooth: RFCOMM - Fix info leak in ioctl(RFCOMMGETDEVLIST) (Mathias Krause) [Orabug: 17837959] {CVE-2012-6545} - Bluetooth: RFCOMM - Fix info leak via getsockname() (Mathias Krause) [Orabug: 17838023] {CVE-2012-6545} - llc: Fix missing msg_namelen update in llc_ui_recvmsg() (Mathias Krause) [Orabug: 17837945] {CVE-2013-3231} - HID: pantherlord: validate output report details (Kees Cook) [Orabug: 17837942] {CVE-2013-2892} - HID: zeroplus: validate output report details (Kees Cook) [Orabug: 17837936] {CVE-2013-2889} - HID: provide a helper for validating hid reports (Kees Cook) [Orabug: 17837936] - NFSv4: Check for buffer length in __nfs4_get_acl_uncached (Sven Wegener) [Orabug: 17837931] {CVE-2013-4591} - ansi_cprng: Fix off by one error in non-block size request (Neil Horman) [Orabug: 17837999] {CVE-2013-4345} - HID: validate HID report id size (Kees Cook) [Orabug: 17837925] {CVE-2013-2888} - ipv6: remove max_addresses check from ipv6_create_tempaddr (Hannes Frederic Sowa) [Orabug: 17837923] {CVE-2013-0343}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:26661
Title:
oval:org.mitre.oval:def:26661: ELSA-2013-1034-1 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:26661
Severity:
Low
Description:
kernel [2.6.18-348.12.1.0.1] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printks when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]
Applies to:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
ocfs2
oracleasm
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27281
Title:
oval:org.mitre.oval:def:27281: ELSA-2013-1348-1 -- Oracle Linux 5 kernel update
Type:
Software
Bulletins:
MITRE:27281
Severity:
Low
Description:
kernel [2.6.18-371.0.0.0.1] - i386: fix MTRR code (Zhenzhong Duan) [orabug 15862649] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]
Applies to:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
ocfs2
oracleasm
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:26940
Title:
oval:org.mitre.oval:def:26940: ELSA-2014-0926 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:26940
Severity:
Low
Description:
kernel [2.6.18-371.11.1] - [fs] dcache: fix cleanup on warning in d_splice_alias (Denys Vlasenko) [1109720 1080606] - [net] neigh: Make neigh_add_timer symmetrical to neigh_del_timer (Marcelo Ricardo Leitner) [1111195 1109888] - [net] neigh: set NUD_INCOMPLETE when probing router reachability (Marcelo Ricardo Leitner) [1106354 1090806] - [net] ipv6: router reachability probing (Marcelo Ricardo Leitner) [1106354 1090806] - [net] ipv6: probe routes asynchronous in rt6_probe (Marcelo Ricardo Leitner) [1106354 1090806] - [net] ndisc: Update neigh->updated with write lock (Marcelo Ricardo Leitner) [1106354 1090806] - [net] ipv6: remove the unnecessary statement in find_match() (Marcelo Ricardo Leitner) [1106354 1090806] - [net] ipv6: fix route selection if CONFIG_IPV6_ROUTER_PREF unset (Marcelo Ricardo Leitner) [1106354 1090806] - [net] ipv6: Fix def route failover when CONFIG_IPV6_ROUTER_PREF=n (Marcelo Ricardo Leitner) [1106354 1090806] - [net] ipv6: Prefer reachable nexthop only if the caller requests (Marcelo Ricardo Leitner) [1106354 1090806] - [fs] ext4/jbd2: don't wait forever stale tid caused by wraparound (Eric Sandeen) [1097528 980268] - [fs] ext4: Initialize fsync transaction ids in ext4_new_inode() (Eric Sandeen) [1097528 980268] - [fs] jbd2: don't wake kjournald unnecessarily (Eric Sandeen) [1097528 980268] - [fs] jbd2: fix fsync() tid wraparound bug (Eric Sandeen) [1097528 980268] - [infiniband] rds: do not deref NULL dev in rds_iw_laddr_check() (Jacob Tanenbaum) [1093311 1093312] {CVE-2014-2678} - [fs] nfs4: Add recovery for individual stateids - partial backport. (Dave Wysochanski) [1113468 867570] - [fs] nfs4: Don't start state recovery in nfs4_close_done - clean backport. (Dave Wysochanski) [1113468 867570] - [xen] page-alloc: scrub anonymous domain heap pages upon freeing (Vitaly Kuznetsov) [1103648 1103649] {CVE-2014-4021}
Applies to:
kernel
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27535
Title:
oval:org.mitre.oval:def:27535: ELSA-2012-1174-1 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:27535
Severity:
Low
Description:
kernel [2.6.18-308.13.1.0.1.el5] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [net] bonding: fix carrier detect when bond is down [orabug 12377284] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] [2.6.18-308.13.1.el5] - [net] e1000e: Cleanup logic in e1000_check_for_serdes_link_82571 (Dean Nelson) [841370 771366] - [net] e1000e: Correct link check logic for 82571 serdes (Dean Nelson) [841370 771366] - [mm] NULL pointer dereference in __vm_enough_memory (Jerome Marchand) [840077 836244] - [fs] dlm: fix slow rsb search in dir recovery (David Teigland) [838140 753244] - [fs] autofs: propogate LOOKUP_DIRECTORY flag only for last comp (Ian Kent) [830264 814418] - [fs] ext4: properly dirty split extent nodes (Eric Sandeen) [840946 839770] - [scsi] don't offline devices with a reservation conflict (David Jeffery) [839196 835660] - [fs] ext4: Fix overflow caused by missing cast in ext4_fallocate (Lukas Czerner) [837226 830351] - [net] dl2k: Clean up rio_ioctl (Weiping Pan) [818822 818823] {CVE-2012-2313} - [x86] sched: Avoid unnecessary overflow in sched_clock (Prarit Bhargava) [835450 834562] - [net] tg3: Fix TSO handling (John Feeney) [833182 795672] - [input] evdev: use after free from open/disconnect race (David Jeffery) [832448 822166] [2.6.18-308.12.1.el5] - [fs] nfs: Don't allow multiple mounts on same mntpnt with -o noac (Sachin Prabhu) [839806 839753]
Applies to:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
ocfs2
oracleasm
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27249
Title:
oval:org.mitre.oval:def:27249: ELSA-2012-2007 -- Unbreakable Enterprise kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:27249
Severity:
Low
Description:
[2.6.32-300.21.1.el6uek] - regset: Return -EFAULT, not -EIO, on host-side memory fault (H. Peter Anvin) CVE-2012-1097 - regset: Prevent null pointer reference on readonly regsets (H. Peter Anvin) CVE-2012-1097 - cifs: fix dentry refcount leak when opening a FIFO on lookup (Jeff Layton) CVE-2012-1090 - block: Fix io_context leak after failure of clone with CLONE_IO (Louis Rilling) CVE-2012-0879
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27323
Title:
oval:org.mitre.oval:def:27323: ELSA-2014-0740-1 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:27323
Severity:
Low
Description:
kernel [2.6.18-371.9.1.0.1] - i386: fix MTRR code (Zhenzhong Duan) [orabug 15862649] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]
Applies to:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
ocfs2
oracleasm
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27812
Title:
oval:org.mitre.oval:def:27812: ELSA-2012-1445-1 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:27812
Severity:
Low
Description:
[2.6.18-308.20.1.0.1.el5] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [net] bonding: fix carrier detect when bond is down [orabug 12377284] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printks when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346]
Applies to:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
ocfs2
oracleasm
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:26620
Title:
oval:org.mitre.oval:def:26620: ELSA-2014-3086 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:26620
Severity:
Low
Description:
kernel-uek [2.6.32-400.36.10uek] - USB: whiteheat: Added bounds checking for bulk command response (James Forshaw) [Orabug: 19849336] {CVE-2014-3185} - HID: fix a couple of off-by-ones (Jiri Kosina) [Orabug: 19849320] {CVE-2014-3181} logging macros to functions (Joe Perches) [Orabug: 19847630] {CVE-2014-3535} logging macros to functions (Joe Perches) [Orabug: 19847630] - vsprintf: Recursive vsnprintf: Add '%pV', struct va_format (Joe Perches) [Orabug: 19847630] - KVM: x86: Improve thread safety in pit (Andy Honig) [Orabug: 19905688] {CVE-2014-3611}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27877
Title:
oval:org.mitre.oval:def:27877: ELSA-2012-0150-1 -- Oracle Linux 5.8 kernel security and bug update
Type:
Software
Bulletins:
MITRE:27877
Severity:
Low
Description:
A flaw was found in the way the Linux kernel's Event Poll (epoll) subsystem handled large, nested epoll structures. A local, unprivileged user could use this flaw to cause a denial of service.
Applies to:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
ocfs2
oracleasm
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27342
Title:
oval:org.mitre.oval:def:27342: ELSA-2014-0907 -- java-1.6.0-openjdk security and bug fix update
Type:
Software
Bulletins:
MITRE:27342
Severity:
Low
Description:
[1:1.6.0.1-6.1.13.4] - moved to icedteaver 1.13.4 - moved to openjdkver b32 and openjdkdate 15_jul_2014 - added upstreamed patch patch9 rh1115580-unsyncHashMap.patch - Resolves: rhbz#1115580 - Resolves: rhbz#1115867
Applies to:
java-1.6.0-openjdk
Created:
2014-11-05
Updated:
2015-08-10

ID:
MITRE:26531
Title:
oval:org.mitre.oval:def:26531: ELSA-2014-0790 -- dovecot security update
Type:
Mail
Bulletins:
MITRE:26531
Severity:
Low
Description:
[1:2.0.9-7.1] - fix CVE-2014-3430: denial of service through maxxing out SSL connections (#1108001)
Applies to:
dovecot
Created:
2014-11-05
Updated:
2015-02-23

ID:
MITRE:27093
Title:
oval:org.mitre.oval:def:27093: ELSA-2014-3039 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27093
Severity:
Low
Description:
kernel-uek [2.6.32-400.36.2uek] - futex: Make lookup_pi_state more robust (Thomas Gleixner) [Orabug: 18918736] {CVE-2014-3153} - futex: Always cleanup owner tid in unlock_pi (Thomas Gleixner) [Orabug: 18918736] {CVE-2014-3153} - futex: Validate atomic acquisition in futex_lock_pi_atomic() (Thomas Gleixner) [Orabug: 18918736] {CVE-2014-3153} - futex: Forbid uaddr1 == uaddr2 in futex_requeue(..., requeue_pi=1) (Thomas Gleixner) [Orabug: 18918736] {CVE-2014-3153} {CVE-2014-3153}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27842
Title:
oval:org.mitre.oval:def:27842: ELSA-2012-2001 -- Unbreakable Enterprise kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:27842
Severity:
Low
Description:
[2.6.32-300.7.1.el6uek] - Revert "proc: enable writing to /proc/pid/mem" [orabug 13619701] {CVE-2012-0056} - [PATCH] x86, tsc: Skip TSC synchronization checks for tsc=reliable (Suresh Siddha) [2.6.32-300.6.1.el6uek] - tracing: Fix null pointer deref with SEND_SIG_FORCED (Oleg Nesterov) [orabug 13611655] [2.6.32-300.5.1.el6uek] - sched, x86: Avoid unnecessary overflow in sched_clock (Salman Qazi) [orabug 13604567] - [x86]: Don't resume/restore cpu if not of the expected cpu (Joe Jin) [orabug 13492670] - drm/i915: Rephrase pwrite bounds checking to avoid any potential overflow (Chris Wilson) [CVE-2010-296] - x2apic: Enable the bios request for x2apic optout (Suresh Siddha) [orabug 13565303] - fuse: split queues to scale I/O throughput (Srinivas Eeda) [orabug 10004611] - fuse: break fc spinlock (Srinivas Eeda) [orabug 10004611]
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27914
Title:
oval:org.mitre.oval:def:27914: ELSA-2012-2003 -- Unbreakable Enterprise kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:27914
Severity:
Low
Description:
[2.6.32-300.11.1.el6uek] - [fs] xfs: Fix possible memory corruption in xfs_readlink (Carlos Maiolino) {CVE-2011-4077} - [scsi] increase qla2xxx firmware ready time-out (Joe Jin) - [scsi] qla2xxx: Module parameter to control use of async or sync port login (Joe Jin) - [net] tg3: Fix single-vector MSI-X code (Joe Jin) - [net] qlge: fix size of external list for TX address descriptors (Joe Jin) - [net] e1000e: Avoid wrong check on TX hang (Joe Jin) - crypto: ghash - Avoid null pointer dereference if no key is set (Nick Bowler) {CVE-2011-4081} - jbd/jbd2: validate sb->s_first in journal_get_superblock() (Eryu Guan) {CVE-2011-4132} - KVM: Device assignment permission checks (Joe Jin) {CVE-2011-4347} - KVM: x86: Prevent starting PIT timers in the absence of irqchip support (Jan Kiszka) {CVE-2011-4622} - xfs: validate acl count (Joe Jin) {CVE-2012-0038} - KVM: x86: fix missing checks in syscall emulation (Joe Jin) {CVE-2012-0045} - KVM: x86: extend 'struct x86_emulate_ops' with 'get_cpuid' (Joe Jin) {CVE-2012-0045} - igmp: Avoid zero delay when receiving odd mixture of IGMP queries (Ben Hutchings) {CVE-2012-0207} - ipv4: correct IGMP behavior on v3 query during v2-compatibility mode (David Stevens) - fuse: fix fuse request unique id (Srinivas Eeda) [orabug 13816349]
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27793
Title:
oval:org.mitre.oval:def:27793: ELSA-2011-2016 -- Unbreakable Enterprise kernel security fix update
Type:
Software
Bulletins:
MITRE:27793
Severity:
Low
Description:
A [2.6.32-100.28.17.el6] - [net] Extend prot->slab size when add sock extend fields. [2.6.32-100.28.16.el6] - kernel: Fix unlimited socket backlog DoS {CVE-2010-4251} - RDS: Fix congestion issues for loopback - rds: prevent BUG_ON triggering on congestion map updates {CVE-2011-1023} - epoll: prevent creating circular epoll structures {CVE-2011-1082} - fs: fix corrupted OSF partition table parsing {CVE-2011-1163} - fs: Increase OSF partition limit from 8 to 18 {CVE-2011-1163} - netfilter: arp_tables: fix infoleak to userspace {CVE-2011-1170} - netfilter: ip_tables: fix infoleak to userspace {CVE-2011-1171} - ipv6: netfilter: ip6_tables: fix infoleak to userspace {CVE-2011-1172} - [SCSI] mpt2sas: prevent heap overflows and unchecked reads {CVE-2011-1494, CVE-2011-1495}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27425
Title:
oval:org.mitre.oval:def:27425: ELSA-2013-1166-1 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:27425
Severity:
Low
Description:
kernel [2.6.18-348.16.1.0.1] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]
Applies to:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
ocfs2
oracleasm
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27141
Title:
oval:org.mitre.oval:def:27141: ELSA-2014-0889 -- java-1.7.0-openjdk security update
Type:
Software
Bulletins:
MITRE:27141
Severity:
Low
Description:
[1.7.0.65-2.5.1.2.0.1.el6_5] - Update DISTRO_NAME in specfile [1.7.0.65-2.5.1.2] - added and applied fix for samrtcard io patch405, pr1864_smartcardIO.patch - Resolves: rhbz#1115874 [1.7.0.65-2.5.1.1.el6] - updated to security patched icedtea7-forest 2.5.1 - Resolves: rhbz#1115874 [1.7.0.60-2.5.0.1.el6] - update to icedtea7-forest 2.5.0 - Resolves: rhbz#1115874
Applies to:
java-1.7.0-openjdk
Created:
2014-11-05
Updated:
2015-08-10

ID:
MITRE:27029
Title:
oval:org.mitre.oval:def:27029: ELSA-2014-0685 -- java-1.6.0-openjdk security update
Type:
Software
Bulletins:
MITRE:27029
Severity:
Low
Description:
[1:1.6.0.1-6.1.13.3] - updated to icedtea 1.13.3 - updated to openjdk-6-src-b31-15_apr_2014 - renmoved upstreamed patch7, 1.13_fixes.patch - renmoved upstreamed patch9, 1051245.patch - Resolves: rhbz#1099563
Applies to:
java-1.6.0-openjdk
Created:
2014-11-05
Updated:
2015-02-23

ID:
MITRE:27060
Title:
oval:org.mitre.oval:def:27060: ELSA-2014-0920 -- httpd security update
Type:
Web
Bulletins:
MITRE:27060
Severity:
Low
Description:
[2.2.15-31.0.1.el6_5] - replace index.html with Oracle's index page oracle_index.html - update vstring in specfile [2.2.15-31] - mod_cgid: add security fix for CVE-2014-0231 - mod_deflate: add security fix for CVE-2014-0118 - mod_status: add security fix for CVE-2014-0226
Applies to:
httpd
Created:
2014-11-05
Updated:
2015-08-10

ID:
MITRE:27629
Title:
oval:org.mitre.oval:def:27629: ELSA-2012-2048 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27629
Severity:
Low
Description:
[2.6.32-300.39.2] - ext4: fix undefined behavior in ext4_fill_flex_info() (Xi Wang) [orabug 16020245] {CVE-2012-2100} - Divide by zero in TCP congestion control Algorithm (Jesper Dangaard Brouer) [orabug 16020447] {CVE-2012-4565} - ipv6: discard overlapping fragment (Luis Henriques) [orabug 16021354] {CVE-2012-4444}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:26512
Title:
oval:org.mitre.oval:def:26512: ELSA-2013-2542 -- unbreakable enterprise kernel security update
Type:
Software
Bulletins:
MITRE:26512
Severity:
Low
Description:
kernel-uek [2.6.32-400.29.3uek] - block: do not pass disk names as format strings (Jerry Snitselaar) [Orabug: 17230124] {CVE-2013-2851} - af_key: initialize satype in key_notify_policy_flush() (Nicolas Dichtel) [Orabug: 17370765] {CVE-2013-2237} - Bluetooth: L2CAP - Fix info leak via getsockname() (Mathias Krause) [Orabug: 17371054] {CVE-2012-6544} - Bluetooth: HCI - Fix info leak in getsockopt(HCI_FILTER) (Mathias Krause) [Orabug: 17371072] {CVE-2012-6544} - ipv6: ip6_sk_dst_check() must not assume ipv6 dst (Eric Dumazet) [Orabug: 17371079] {CVE-2013-2232} - sctp: Use correct sideffect command in duplicate cookie handling (Vlad Yasevich) [Orabug: 17371121] {CVE-2013-2206} - sctp: deal with multiple COOKIE_ECHO chunks (Max Matveev) [Orabug: 17372129] {CVE-2013-2206}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27352
Title:
oval:org.mitre.oval:def:27352: ELSA-2014-3041 -- unbreakable enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27352
Severity:
Low
Description:
kernel-uek [3.8.13-35.1.2.el6uek] - floppy: don't write kernel-only members to FDRAWCMD ioctl output (Matthew Daley) [Orabug: 19028443] {CVE-2014-1738} - floppy: ignore kernel-only members in FDRAWCMD ioctl input (Matthew Daley) [Orabug: 19028436] {CVE-2014-1737}
Applies to:
dtrace-modules
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27316
Title:
oval:org.mitre.oval:def:27316: ELSA-2014-3037 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27316
Severity:
Low
Description:
kernel-uek [3.8.13-35.1.1.el6uek] - futex: Make lookup_pi_state more robust (Thomas Gleixner) [Orabug: 18918552] {CVE-2014-3153} - futex: Always cleanup owner tid in unlock_pi (Thomas Gleixner) [Orabug: 18918552] {CVE-2014-3153} - futex: Validate atomic acquisition in futex_lock_pi_atomic() (Thomas Gleixner) [Orabug: 18918552] {CVE-2014-3153} - futex: Forbid uaddr == uaddr2 in futex_requeue(..., requeue_pi=1) (Thomas Gleixner) [Orabug: 18918552] {CVE-2014-3153} {CVE-2014-3153}
Applies to:
dtrace-modules
dtrace-modules-headers
dtrace-modules-provider-headers
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27433
Title:
oval:org.mitre.oval:def:27433: ELSA-2013-2537 -- unbreakable enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27433
Severity:
Low
Description:
kernel-uek [2.6.32-400.29.2uek] - Bluetooth: RFCOMM - Fix missing msg_namelen update in rfcomm_sock_recvmsg() (Mathias Krause) [Orabug: 17173824] {CVE-2013-3225} - Bluetooth: fix possible info leak in bt_sock_recvmsg() (Mathias Krause) [Orabug: 17173824] {CVE-2013-3224} - atm: update msg_namelen in vcc_recvmsg() (Mathias Krause) [Orabug: 17173824] {CVE-2013-3222} - dcbnl: fix various netlink info leaks (Mathias Krause) [Orabug: 17173824] {CVE-2013-2634} - udf: avoid info leak on export (Mathias Krause) [Orabug: 17173824] {CVE-2012-6548} - b43: stop format string leaking into error msgs (Kees Cook) [Orabug: 17173824] {CVE-2013-2852} - signal: always clear sa_restorer on execve (Kees Cook) [Orabug: 17173824] {CVE-2013-0914}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:28038
Title:
oval:org.mitre.oval:def:28038: ELSA-2011-2024 -- Oracle Linux 6 Unbreakable Enterprise kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:28038
Severity:
Low
Description:
[2.6.32-200.16.1.el6uek] - Revert change to restore DEFAULTKERNEL
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27735
Title:
oval:org.mitre.oval:def:27735: ELSA-2012-2026 -- Unbreakable Enterprise kernel Security update
Type:
Software
Bulletins:
MITRE:27735
Severity:
Low
Description:
[2.6.32-300.29.2] - epoll: epoll_wait() should not use timespec_add_ns() (Eric Dumazet) - epoll: clear the tfile_check_list on -ELOOP (Joe Jin) {CVE-2012-3375} - Don't limit non-nested epoll paths (Jason Baron) - epoll: kabi fixups for epoll limit wakeup paths (Joe Jin) {CVE-2011-1083} - epoll: limit paths (Jason Baron) {CVE-2011-1083} - eventpoll: fix comment typo 'evenpoll' (Paul Bolle) - epoll: fix compiler warning and optimize the non-blocking path (Shawn Bohrer) - epoll: move ready event check into proper inline (Davide Libenzi) - epoll: make epoll_wait() use the hrtimer range feature (Shawn Bohrer) - select: rename estimate_accuracy() to select_estimate_accuracy() (Andrew Morton) - cred: copy_process() should clear child->replacement_session_keyring (Oleg Nesterov) {CVE-2012-2745}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27092
Title:
oval:org.mitre.oval:def:27092: ELSA-2014-3023 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27092
Severity:
Low
Description:
kernel-uek [2.6.32-400.34.5uek] - aacraid: missing capable() check in compat ioctl (Dan Carpenter) [Orabug: 18723276] {CVE-2013-6383}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27227
Title:
oval:org.mitre.oval:def:27227: ELSA-2014-3083 -- Unbreakable Enterprise kernel Security update
Type:
Software
Bulletins:
MITRE:27227
Severity:
Low
Description:
kernel-uek [2.6.32-400.36.9uek] - ALSA: control: Don't access controls outside of protected regions (Lars-Peter Clausen) [Orabug: 19817787] {CVE-2014-4653} {CVE-2014-4654} {CVE-2014-4655} - ALSA: control: Fix replacing user controls (Lars-Peter Clausen) [Orabug: 19817749] {CVE-2014-4653} {CVE-2014-4654} {CVE-2014-4655} - mm: try_to_unmap_cluster() should lock_page() before mlocking (Vlastimil Babka) [Orabug: 19817324] {CVE-2014-3122} - vm: convert fb_mmap to vm_iomap_memory() helper (Linus Torvalds) [Orabug: 19816564] {CVE-2013-2596} - vm: add vm_iomap_memory() helper function (Linus Torvalds) [Orabug: 19816564] {CVE-2013-2596} - net: sctp: inherit auth_capable on INIT collisions (Daniel Borkmann) [Orabug: 19816069] {CVE-2014-5077}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27381
Title:
oval:org.mitre.oval:def:27381: ELSA-2013-1449-1 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:27381
Severity:
Low
Description:
kernel [2.6.18-371.1.2.0.1] - i386: fix MTRR code (Zhenzhong Duan) [orabug 15862649] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]
Applies to:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
ocfs2
oracleasm
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27688
Title:
oval:org.mitre.oval:def:27688: ELSA-2012-1323-1 -- kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:27688
Severity:
Low
Description:
kernel [2.6.18-308.16.1.0.1.el5] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [net] bonding: fix carrier detect when bond is down [orabug 12377284] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printks when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346]
Applies to:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
ocfs2
oracleasm
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27955
Title:
oval:org.mitre.oval:def:27955: ELSA-2011-2038 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:27955
Severity:
Low
Description:
kernel-uek [2.6.32-300.4.1.el6uek] - [pci] intel-iommu: Default to non-coherent for domains unattached to iommus (Joe Jin) - [dm] do not forward ioctls from logical volumes to the underlying device (Joe Jin) {CVE-2011-4127} - [block] fail SCSI passthrough ioctls on partition devices (Joe Jin) {CVE-2011-4127} - [block] add and use scsi_blk_cmd_ioctl (Joe Jin) {CVE-2011-4127} - [net] gro: reset vlan_tci on reuse (Dan Carpenter) {CVE-2011-1576} - [net] rose: Add length checks to CALL_REQUEST parsing (Ben Hutchings) {CVE-2011-1493} - [net] rose_loopback_timer sets VC number <= ROSE_DEFAULT_MAXVC (Bernard Pidoux F6BVP) {CVE-2011-1493}
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:28092
Title:
oval:org.mitre.oval:def:28092: ELSA-2011-2033 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:28092
Severity:
Low
Description:
[2.6.32-200.23.1.el6uek] - net: Remove atmclip.h to prevent break kabi check. - KConfig: add CONFIG_UEK5=n to ol6/config-generic [2.6.32-200.22.1.el6uek] - ipv6: make fragment identifications less predictable (Joe Jin) {CVE-2011-2699} - vlan: fix panic when handling priority tagged frames (Joe Jin) {CVE-2011-3593} - ipv6: udp: fix the wrong headroom check (Maxim Uvarov) {CVE-2011-4326} - b43: allocate receive buffers big enough for max frame len + offset (Maxim Uvarov) {CVE-2011-3359} - fuse: check size of FUSE_NOTIFY_INVAL_ENTRY message (Maxim Uvarov) {CVE-2011-3353} - cifs: fix possible memory corruption in CIFSFindNext (Maxim Uvarov) {CVE-2011-3191} - crypto: md5 - Add export support (Maxim Uvarov) {CVE-2011-2699} - fs/partitions/efi.c: corrupted GUID partition tables can cause kernel oops (Maxim Uvarov) {CVE-2011-1577} - block: use struct parsed_partitions *state universally in partition check code (Maxim Uvarov) - net: Compute protocol sequence numbers and fragment IDs using MD5. (Maxim Uvarov) {CVE-2011-3188} - crypto: Move md5_transform to lib/md5.c (Maxim Uvarov) {CVE-2011-3188} - perf tools: do not look at ./config for configuration (Maxim Uvarov) {CVE-2011-2905} - Make TASKSTATS require root access (Maxim Uvarov) {CVE-2011-2494} - TPM: Zero buffer after copying to userspace (Maxim Uvarov) {CVE-2011-1162} - TPM: Call tpm_transmit with correct size (Maxim Uvarov){CVE-2011-1161} - fnic: fix panic while booting in fnic(Xiaowei Hu) - Revert 'PCI hotplug: acpiphp: set current_state to D0 in register_slot' (Guru Anbalagane) - xen: drop xen_sched_clock in favour of using plain wallclock time (Jeremy Fitzhardinge) [2.6.32-200.21.1.el6uek] - PCI: Set device power state to PCI_D0 for device without native PM support (Ajaykumar Hotchandani) [orabug 13033435]
Applies to:
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
MITRE:27702
Title:
oval:org.mitre.oval:def:27702: ELSA-2010-2011 -- Unbreakable enterprise kernel security and bug fix update
Type:
Software
Bulletins:
MITRE:27702
Severity:
Low
Description:
Following Security fixes are included in this unbreakable enterprise kernel errata: CVE-2010-3432 The sctp_packet_config function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial of service (panic) via a certain sequence of SCTP traffic. CVE-2010-2962 drivers/gpu/drm/i915/i915_gem.c in the Graphics Execution Manager (GEM) in the Intel i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via crafted use of the ioctl interface, related to (1) pwrite and (2) pread operations. CVE-2010-2955 The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users to leverage an off-by-one error in the ioctl_standard_iw_point function in net/wireless/wext-core.c, and obtain potentially sensitive information from kernel heap memory, via vectors involving an SIOCGIWESSID ioctl call that specifies a large buffer size. CVE-2010-3705 The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux kernel before 2.6.36 does not properly validate the hmac_ids array of an SCTP peer, which allows remote attackers to cause a denial of service (memory corruption and panic) via a crafted value in the last element of this array. CVE-2010-3084 Buffer overflow in the niu_get_ethtool_tcam_all function in drivers/net/niu.c in the Linux kernel before 2.6.36-rc4 allows local users to cause a denial of service or possibly have unspecified other impact via the ETHTOOL_GRXCLSRLALL ethtool command. CVE-2010-3437 Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and system crash) via a crafted index value in a PKT_CTRL_CMD_STATUS ioctl call. CVE-2010-3079 kernel/trace/ftrace.c in the Linux kernel before 2.6.35.5, when debugfs is enabled, does not properly handle interaction between mutex possession and llseek operations, which allows local users to cause a denial of service (NULL pointer dereference and outage of all function tracing files) via an lseek call on a file descriptor associated with the set_ftrace_filter file. CVE-2010-3698 The KVM implementation in the Linux kernel before 2.6.36 does not properly reload the FS and GS segment registers, which allows host OS users to cause a denial of service (host OS crash) via a KVM_RUN ioctl call in conjunction with a modified Local Descriptor Table (LDT). CVE-2010-3442 Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) SNDRV_CTL_IOCTL_ELEM_ADD or (2) SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl call.
Applies to:
kernel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-firmware
kernel-headers
ofa
Created:
2014-11-05
Updated:
2015-03-16

ID:
CVE-2014-3366
Title:
SQL injection vulnerability in the administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to execute arbitrary SQL commands via a crafted response, aka Bug ID CSCup88089.
Type:
Hardware
Bulletins:
CVE-2014-3366
SFBID70855
Severity:
Medium
Description:
SQL injection vulnerability in the administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to execute arbitrary SQL commands via a crafted response, aka Bug ID CSCup88089.
Applies to:
Unified Communications Manager
Created:
2014-10-31
Updated:
2017-07-05

ID:
CVE-2014-3372
Title:
Multiple cross-site scripting (XSS) vulnerabilities in the CCM reports interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuq90589.
Type:
Hardware
Bulletins:
CVE-2014-3372
SFBID70846
Severity:
Medium
Description:
Multiple cross-site scripting (XSS) vulnerabilities in the CCM reports interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuq90589.
Applies to:
Unified Communications Manager
Created:
2014-10-31
Updated:
2017-07-05

ID:
CVE-2014-3373
Title:
Multiple cross-site scripting (XSS) vulnerabilities in the CCM Dialed Number Analyzer interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug...
Type:
Hardware
Bulletins:
CVE-2014-3373
SFBID70848
Severity:
Medium
Description:
Multiple cross-site scripting (XSS) vulnerabilities in the CCM Dialed Number Analyzer interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCup92550.
Applies to:
Unified Communications Manager
Created:
2014-10-31
Updated:
2017-07-05

ID:
CVE-2014-3374
Title:
Multiple cross-site scripting (XSS) vulnerabilities in the CCM admin interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuq90582.
Type:
Hardware
Bulletins:
CVE-2014-3374
SFBID70849
Severity:
Medium
Description:
Multiple cross-site scripting (XSS) vulnerabilities in the CCM admin interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuq90582.
Applies to:
Unified Communications Manager
Created:
2014-10-31
Updated:
2017-07-05

ID:
CVE-2014-3375
Title:
Multiple cross-site scripting (XSS) vulnerabilities in the CCM Service interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuq90597.
Type:
Hardware
Bulletins:
CVE-2014-3375
SFBID70850
Severity:
Medium
Description:
Multiple cross-site scripting (XSS) vulnerabilities in the CCM Service interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuq90597.
Applies to:
Unified Communications Manager
Created:
2014-10-31
Updated:
2017-07-05

ID:
MITRE:27220
Title:
oval:org.mitre.oval:def:27220: RHSA-2013:1353 -- sudo security and bug fix update
Type:
Software
Bulletins:
MITRE:27220
Severity:
Low
Description:
The sudo (superuser do) utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the way sudo handled time stamp files. An attacker able to run code as a local user and with the ability to control the system clock could possibly gain additional privileges by running commands that the victim user was allowed to run via sudo, without knowing the victim's password. (CVE-2013-1775) It was found that sudo did not properly validate the controlling terminal device when the tty_tickets option was enabled in the /etc/sudoers file. An attacker able to run code as a local user could possibly gain additional privileges by running commands that the victim user was allowed to run via sudo, without knowing the victim's password. (CVE-2013-1776, CVE-2013-2776) This update also fixes the following bugs: * Due to a bug in the cycle detection algorithm of the visudo utility, visudo incorrectly evaluated certain alias definitions in the /etc/sudoers file as cycles. Consequently, a warning message about undefined aliases appeared. This bug has been fixed, /etc/sudoers is now parsed correctly by visudo and the warning message no longer appears. (BZ#849679) * Previously, the 'sudo -l' command did not parse the /etc/sudoers file correctly if it contained an Active Directory (AD) group. The file was parsed only up to the first AD group information and then the parsing failed with the following message: sudo: unable to cache group ADDOM\admingroup, already exists With this update, the underlying code has been modified and 'sudo -l' now parses /etc/sudoers containing AD groups correctly. (BZ#855836) * Previously, the sudo utility did not escape the backslash characters contained in user names properly. Consequently, if a system used sudo integrated with LDAP or Active Directory (AD) as the primary authentication mechanism, users were not able to authenticate on that system. With this update, sudo has been modified to process LDAP and AD names correctly and the authentication process now works as expected. (BZ#869287) * Prior to this update, the 'visudo -s (strict)' command incorrectly parsed certain alias definitions. Consequently, an error message was issued. The bug has been fixed, and parsing errors no longer occur when using 'visudo -s'. (BZ#905624) All sudo users are advised to upgrade to this updated package, which contains backported patches to correct these issues.
Applies to:
sudo
Created:
2014-10-28
Updated:
2015-02-23

ID:
MITRE:27022
Title:
oval:org.mitre.oval:def:27022: RHSA-2014:1669 -- qemu-kvm security and bug fix update
Type:
Software
Bulletins:
MITRE:27022
Severity:
Low
Description:
KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. An information leak flaw was found in the way QEMU's VGA emulator accessed frame buffer memory for high resolution displays. A privileged guest user could use this flaw to leak memory contents of the host to the guest by setting the display to use a high resolution in the guest. (CVE-2014-3615) This issue was discovered by Laszlo Ersek of Red Hat. This update also fixes the following bug: * This update fixes a regression in the scsi_block_new_request() function, which caused all read requests to through SG_IO if the host cache was not used. (BZ#1141189) All qemu-kvm users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.
Applies to:
qemu-kvm
Created:
2014-10-28
Updated:
2015-02-23

ID:
MITRE:27070
Title:
oval:org.mitre.oval:def:27070: RHSA-2013:0519 -- openssh security, bug fix and enhancement update
Type:
Services
Bulletins:
MITRE:27070
Severity:
Low
Description:
OpenSSH is OpenBSD's Secure Shell (SSH) protocol implementation. These packages include the core files necessary for the OpenSSH client and server. Due to the way the pam_ssh_agent_auth PAM module was built in Red Hat Enterprise Linux 6, the glibc's error() function was called rather than the intended error() function in pam_ssh_agent_auth to report errors. As these two functions expect different arguments, it was possible for an attacker to cause an application using pam_ssh_agent_auth to crash, disclose portions of its memory or, potentially, execute arbitrary code. (CVE-2012-5536) Note that the pam_ssh_agent_auth module is not used in Red Hat Enterprise Linux 6 by default. This update also fixes the following bugs: * All possible options for the new RequiredAuthentications directive were not documented in the sshd_config man page. This update improves the man page to document all the possible options. (BZ#821641) * When stopping one instance of the SSH daemon (sshd), the sshd init script (/etc/rc.d/init.d/sshd) stopped all sshd processes regardless of the PID of the processes. This update improves the init script so that it only kills processes with the relevant PID. As a result, the init script now works more reliably in a multi-instance environment. (BZ#826720) * Due to a regression, the ssh-copy-id command returned an exit status code of zero even if there was an error in copying the key to a remote host. With this update, a patch has been applied and ssh-copy-id now returns a non-zero exit code if there is an error in copying the SSH certificate to a remote host. (BZ#836650) * When SELinux was disabled on the system, no on-disk policy was installed, a user account was used for a connection, and no "~/.ssh" configuration was present in that user's home directory, the SSH client terminated unexpectedly with a segmentation fault when attempting to connect to another system. A patch has been provided to address this issue and the crashes no longer occur in the described scenario. (BZ#836655) * The "HOWTO" document /usr/share/doc/openssh-ldap-5.3p1/HOWTO.ldap-keys incorrectly documented the use of the AuthorizedKeysCommand directive. This update corrects the document. (BZ#857760) This update also adds the following enhancements: * When attempting to enable SSH for use with a Common Access Card (CAC), the ssh-agent utility read all the certificates in the card even though only the ID certificate was needed. Consequently, if a user entered their PIN incorrectly, then the CAC was locked, as a match for the PIN was attempted against all three certificates. With this update, ssh-add does not try the same PIN for every certificate if the PIN fails for the first one. As a result, the CAC will not be disabled if a user enters their PIN incorrectly. (BZ#782912) * This update adds a "netcat mode" to SSH. The "ssh -W host:port ..." command connects standard input and output (stdio) on a client to a single port on a server. As a result, SSH can be used to route connections via intermediate servers. (BZ#860809) * Due to a bug, arguments for the RequiredAuthentications2 directive were not stored in a Match block. Consequently, parsing of the config file was not in accordance with the man sshd_config documentation. This update fixes the bug and users can now use the required authentication feature to specify a list of authentication methods as expected according to the man page. (BZ#869903) All users of openssh are advised to upgrade to these updated packages, which fix these issues and add these enhancements. After installing this update, the OpenSSH server daemon (sshd) will be restarted automatically.
Applies to:
openssh
Created:
2014-10-28
Updated:
2015-02-23

ID:
CVE-2014-3409
Title:
The Ethernet Connectivity Fault Management (CFM) handling feature in Cisco IOS 12.2(33)SRE9a and earlier and IOS XE 3.13S and earlier allows remote attackers to cause a denial of service (device reload) via malformed CFM packets, aka Bug ID CSCuq93406.
Type:
Hardware
Bulletins:
CVE-2014-3409
SFBID70715
Severity:
Medium
Description:
The Ethernet Connectivity Fault Management (CFM) handling feature in Cisco IOS 12.2(33)SRE9a and earlier and IOS XE 3.13S and earlier allows remote attackers to cause a denial of service (device reload) via malformed CFM packets, aka Bug ID CSCuq93406.
Applies to:
Created:
2014-10-25
Updated:
2017-07-05

ID:
CVE-2014-4448
Title:
House Arrest in Apple iOS before 8.1 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information from a Documents directory by obtaining this UID.
Type:
Mobile Devices
Bulletins:
CVE-2014-4448
SFBID70661
Severity:
Low
Description:
House Arrest in Apple iOS before 8.1 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information from a Documents directory by obtaining this UID.
Applies to:
Created:
2014-10-22
Updated:
2017-07-05

ID:
CVE-2014-4449
Title:
iCloud Data Access in Apple iOS before 8.1 does not verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Type:
Mobile Devices
Bulletins:
CVE-2014-4449
SFBID70659
Severity:
Medium
Description:
iCloud Data Access in Apple iOS before 8.1 does not verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Applies to:
Created:
2014-10-22
Updated:
2017-07-05

ID:
CVE-2014-4450
Title:
The QuickType feature in the Keyboards subsystem in Apple iOS before 8.1 collects typing-prediction data from fields with an off autocomplete attribute, which makes it easier for attackers to discover credentials by reading...
Type:
Mobile Devices
Bulletins:
CVE-2014-4450
SFBID70660
Severity:
Low
Description:
The QuickType feature in the Keyboards subsystem in Apple iOS before 8.1 collects typing-prediction data from fields with an off autocomplete attribute, which makes it easier for attackers to discover credentials by reading credential values within unintended DOM input elements.
Applies to:
Created:
2014-10-22
Updated:
2017-07-05

ID:
MITRE:26915
Title:
oval:org.mitre.oval:def:26915: RHSA-2014:1657: java-1.7.0-oracle security update
Type:
Software
Bulletins:
MITRE:26915
Severity:
Low
Description:
Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2014-4288, CVE-2014-6456, CVE-2014-6457, CVE-2014-6458, CVE-2014-6476, CVE-2014-6492, CVE-2014-6493, CVE-2014-6502, CVE-2014-6503, CVE-2014-6504, CVE-2014-6506, CVE-2014-6511, CVE-2014-6512, CVE-2014-6515, CVE-2014-6517, CVE-2014-6519, CVE-2014-6527, CVE-2014-6531, CVE-2014-6532, CVE-2014-6558) The CVE-2014-6512 issue was discovered by Florian Weimer of Red Hat Product Security. All users of java-1.7.0-oracle are advised to upgrade to these updated packages, which provide Oracle Java 7 Update 72 and resolve these issues. All running instances of Oracle Java must be restarted for the update to take effect.
Applies to:
java-1.7.0-oracle
Created:
2014-10-17
Updated:
2015-08-03

ID:
MITRE:26927
Title:
oval:org.mitre.oval:def:26927: RHSA-2014:1507: trousers security, bug fix, and enhancement update
Type:
Software
Bulletins:
MITRE:26927
Severity:
Low
Description:
TrouSerS is an implementation of the Trusted Computing Group's Software Stack (TSS) specification. You can use TrouSerS to write applications that make use of your TPM hardware. TPM hardware can create, store and use RSA keys securely (without ever being exposed in memory), verify a platform's software state using cryptographic hashes and more. A flaw was found in the way tcsd, the daemon that manages Trusted Computing resources, processed incoming TCP packets. A remote attacker could send a specially crafted TCP packet that, when processed by tcsd, could cause the daemon to crash. Note that by default tcsd accepts requests on localhost only. (CVE-2012-0698) Red Hat would like to thank Andrew Lutomirski for reporting this issue. The trousers package has been upgraded to upstream version 0.3.13, which provides a number of bug fixes and enhancements over the previous version, including corrected internal symbol names to avoid collisions with other applications, fixed memory leaks, added IPv6 support, fixed buffer handling in tcsd, as well as changed the license to BSD. (BZ#633584, BZ#1074634) All trousers users are advised to upgrade to these updated packages, which correct these issues and add these enhancements.
Applies to:
trousers
Created:
2014-10-17
Updated:
2015-04-13

ID:
MITRE:27085
Title:
oval:org.mitre.oval:def:27085: ELSA-2014-1552 -- openssh security, bug fix, and enhancement update
Type:
Services
Bulletins:
MITRE:27085
Severity:
Low
Description:
[5.3p1-104] - ignore SIGXFSZ in postauth monitor child (#1133906) [5.3p1-103] - don't try to generate DSA keys in the init script in FIPS mode (#1118735) [5.3p1-102] - ignore SIGPIPE in ssh-keyscan (#1108836) [5.3p1-101] - ssh-add: fix fatal exit when removing card (#1042519) [5.3p1-100] - fix race in backported ControlPersist patch (#953088) [5.3p1-99.2] - skip requesting smartcard PIN when removing keys from agent (#1042519) [5.3p1-98] - add possibility to autocreate only RSA key into initscript (#1111568) - fix several issues reported by coverity [5.3p1-97] - x11 forwarding - be less restrictive when can't bind to one of available addresses (#1027197) - better fork error detection in audit patch (#1028643) - fix openssh-5.3p1-x11.patch for non-linux platforms (#1100913) [5.3p1-96] - prevent a server from skipping SSHFP lookup (#1081338) CVE-2014-2653 - ignore environment variables with embedded '=' or '\0' characters CVE-2014-2532 - backport ControlPersist option (#953088) - log when a client requests an interactive session and only sftp is allowed (#997377) - don't try to load RSA1 host key in FIPS mode (#1009959) - restore Linux oom_adj setting when handling SIGHUP to maintain behaviour over restart (#1010429) - ssh-keygen -V - relative-specified certificate expiry time should be relative to current time (#1022459) [5.3p1-95] - adjust the key echange DH groups and ssh-keygen according to SP800-131A (#993580) - log failed integrity test if /etc/system-fips exists (#1020803) - backport ECDSA and ECDH support (#1028335)
Applies to:
openssh
Created:
2014-10-17
Updated:
2015-02-23

ID:
MITRE:26805
Title:
oval:org.mitre.oval:def:26805: RHSA-2014:1552: openssh security, bug fix, and enhancement update
Type:
Services
Bulletins:
MITRE:26805
Severity:
Low
Description:
OpenSSH is OpenBSD's SSH (Secure Shell) protocol implementation. These packages include the core files necessary for both the OpenSSH client and server. It was discovered that OpenSSH clients did not correctly verify DNS SSHFP records. A malicious server could use this flaw to force a connecting client to skip the DNS SSHFP record check and require the user to perform manual host verification of the DNS SSHFP record. (CVE-2014-2653) It was found that OpenSSH did not properly handle certain AcceptEnv parameter values with wildcard characters. A remote attacker could use this flaw to bypass intended environment variable restrictions. (CVE-2014-2532) This update also fixes the following bugs: * Based on the SP800-131A information security standard, the generation of a digital signature using the Digital Signature Algorithm (DSA) with the key size of 1024 bits and RSA with the key size of less than 2048 bits is disallowed after the year 2013. After this update, ssh-keygen no longer generates keys with less than 2048 bits in FIPS mode. However, the sshd service accepts keys of size 1024 bits as well as larger keys for compatibility reasons. (BZ#993580) * Previously, the openssh utility incorrectly set the oom_adj value to -17 for all of its children processes. This behavior was incorrect because the children processes were supposed to have this value set to 0. This update applies a patch to fix this bug and oom_adj is now properly set to 0 for all children processes as expected. (BZ#1010429) * Previously, if the sshd service failed to verify the checksum of an installed FIPS module using the fipscheck library, the information about this failure was only provided at the standard error output of sshd. As a consequence, the user could not notice this message and be uninformed when a system had not been properly configured for FIPS mode. To fix this bug, this behavior has been changed and sshd now sends such messages via the syslog service. (BZ#1020803) * When keys provided by the pkcs11 library were removed from the ssh agent using the "ssh-add -e" command, the user was prompted to enter a PIN. With this update, a patch has been applied to allow the user to remove the keys provided by pkcs11 without the PIN. (BZ#1042519) In addition, this update adds the following enhancements: * With this update, ControlPersist has been added to OpenSSH. The option in conjunction with the ControlMaster configuration directive specifies that the master connection remains open in the background after the initial client connection has been closed. (BZ#953088) * When the sshd daemon is configured to force the internal SFTP session, and the user attempts to use a connection other than SFTP, the appropriate message is logged to the /var/log/secure file. (BZ#997377) * Support for Elliptic Curve Cryptography modes for key exchange (ECDH) and host user keys (ECDSA) as specified by RFC5656 has been added to the openssh packages. However, they are not enabled by default and the user has to enable them manually. For more information on how to configure ECDSA and ECDH with OpenSSH, see: https://access.redhat.com/solutions/711953 (BZ#1028335) All openssh users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.
Applies to:
openssh
Created:
2014-10-17
Updated:
2015-04-13

ID:
MITRE:26605
Title:
oval:org.mitre.oval:def:26605: RHSA-2014:1391: glibc security, bug fix, and enhancement update
Type:
Miscellaneous
Bulletins:
MITRE:26605
Severity:
Low
Description:
The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. An out-of-bounds write flaw was found in the way the glibc's readdir_r() function handled file system entries longer than the NAME_MAX character constant. A remote attacker could provide a specially crafted NTFS or CIFS file system that, when processed by an application using readdir_r(), would cause that application to crash or, potentially, allow the attacker to execute arbitrary code with the privileges of the user running the application. (CVE-2013-4237) It was found that getaddrinfo() did not limit the amount of stack memory used during name resolution. An attacker able to make an application resolve an attacker-controlled hostname or IP address could possibly cause the application to exhaust all stack memory and crash. (CVE-2013-4458) These updated glibc packages also include several bug fixes and two enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.6 Technical Notes, linked to in the References section, for information on the most significant of these changes. All glibc users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.
Applies to:
glibc
Created:
2014-10-17
Updated:
2015-04-13

ID:
MITRE:27086
Title:
oval:org.mitre.oval:def:27086: RHSA-2014:1392: kernel security, bug fix, and enhancement update
Type:
Software
Bulletins:
MITRE:27086
Severity:
Low
Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system. (CVE-2014-5077, Important) * An integer overflow flaw was found in the way the Linux kernel's Frame Buffer device implementation mapped kernel memory to user space via the mmap syscall. A local user able to access a frame buffer device file (/dev/fb*) could possibly use this flaw to escalate their privileges on the system. (CVE-2013-2596, Important) * A flaw was found in the way the ipc_rcu_putref() function in the Linux kernel's IPC implementation handled reference counter decrementing. A local, unprivileged user could use this flaw to trigger an Out of Memory (OOM) condition and, potentially, crash the system. (CVE-2013-4483, Moderate) * It was found that the permission checks performed by the Linux kernel when a netlink message was received were not sufficient. A local, unprivileged user could potentially bypass these restrictions by passing a netlink socket as stdout or stderr to a more privileged process and altering the output of this process. (CVE-2014-0181, Moderate) * It was found that the try_to_unmap_cluster() function in the Linux kernel's Memory Managment subsystem did not properly handle page locking in certain cases, which could potentially trigger the BUG_ON() macro in the mlock_vma_page() function. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-3122, Moderate) * A flaw was found in the way the Linux kernel's kvm_iommu_map_pages() function handled IOMMU mapping failures. A privileged user in a guest with an assigned host device could use this flaw to crash the host. (CVE-2014-3601, Moderate) * Multiple use-after-free flaws were found in the way the Linux kernel's Advanced Linux Sound Architecture (ALSA) implementation handled user controls. A local, privileged user could use either of these flaws to crash the system. (CVE-2014-4653, CVE-2014-4654, CVE-2014-4655, Moderate) * A flaw was found in the way the Linux kernel's VFS subsystem handled reference counting when performing unmount operations on symbolic links. A local, unprivileged user could use this flaw to exhaust all available memory on the system or, potentially, trigger a use-after-free error, resulting in a system crash or privilege escalation. (CVE-2014-5045, Moderate) * An integer overflow flaw was found in the way the lzo1x_decompress_safe() function of the Linux kernel's LZO implementation processed Literal Runs. A local attacker could, in extremely rare cases, use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-4608, Low) Red Hat would like to thank Vladimir Davydov of Parallels for reporting CVE-2013-4483, Jack Morgenstein of Mellanox for reporting CVE-2014-3601, Vasily Averin of Parallels for reporting CVE-2014-5045, and Don A. Bailey from Lab Mouse Security for reporting CVE-2014-4608. The security impact of the CVE-2014-3601 issue was discovered by Michael Tsirkin of Red Hat. This update also fixes several hundred bugs and adds numerous enhancements. Refer to the Red Hat Enterprise Linux 6.6 Release Notes for information on the most significant of these changes, and the Technical Notes for further information, both linked to in the References. All Red Hat Enterprise Linux 6 users are advised to install these updated packages, which correct these issues, and fix the bugs and add the enhancements noted in the Red Hat Enterprise Linux 6.6 Release Notes and Technical Notes. The system must be rebooted for this update to take effect.
Applies to:
kernel
Created:
2014-10-17
Updated:
2015-04-13

ID:
MITRE:26917
Title:
oval:org.mitre.oval:def:26917: RHSA-2014:1389: krb5 security and bug fix update
Type:
Services
Bulletins:
MITRE:26917
Severity:
Low
Description:
Kerberos is a networked authentication system which allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos KDC. It was found that if a KDC served multiple realms, certain requests could cause the setup_server_realm() function to dereference a NULL pointer. A remote, unauthenticated attacker could use this flaw to crash the KDC using a specially crafted request. (CVE-2013-1418, CVE-2013-6800) A NULL pointer dereference flaw was found in the MIT Kerberos SPNEGO acceptor for continuation tokens. A remote, unauthenticated attacker could use this flaw to crash a GSSAPI-enabled server application. (CVE-2014-4344) A buffer overflow was found in the KADM5 administration server (kadmind) when it was used with an LDAP back end for the KDC database. A remote, authenticated attacker could potentially use this flaw to execute arbitrary code on the system running kadmind. (CVE-2014-4345) Two buffer over-read flaws were found in the way MIT Kerberos handled certain requests. A remote, unauthenticated attacker who is able to inject packets into a client or server application's GSSAPI session could use either of these flaws to crash the application. (CVE-2014-4341, CVE-2014-4342) A double-free flaw was found in the MIT Kerberos SPNEGO initiators. An attacker able to spoof packets to appear as though they are from an GSSAPI acceptor could use this flaw to crash a client application that uses MIT Kerberos. (CVE-2014-4343) These updated krb5 packages also include several bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.6 Technical Notes, linked to in the References section, for information on the most significant of these changes. All krb5 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
Applies to:
krb5
Created:
2014-10-17
Updated:
2015-04-13

ID:
MITRE:26796
Title:
oval:org.mitre.oval:def:26796: ELSA-2014-1633 -- java-1.7.0-openjdk security and bug fix update
Type:
Software
Bulletins:
MITRE:26796
Severity:
Low
Description:
[1:1.7.0.71-2.5.3.1.0.1.el5_11] - Add oracle-enterprise.patch - Fix DISTRO_NAME to 'Enterprise Linux' [1:1.7.0.71-2.5.3.1] - Bump to 2.5.3 with security updates. - Remove obsolete patches which are now included upstream. - Disable LCMS via environment variables rather than maintaining a patch. - Resolves: rhbz#1148890
Applies to:
java-1.7.0-openjdk
Created:
2014-10-17
Updated:
2015-08-10

ID:
MITRE:26390
Title:
oval:org.mitre.oval:def:26390: RHSA-2014:1390: luci security, bug fix, and enhancement update
Type:
Software
Bulletins:
MITRE:26390
Severity:
Low
Description:
Luci is a web-based high availability administration application. It was discovered that luci used eval() on inputs containing strings from the cluster configuration file when generating its web pages. An attacker with privileges to create or edit the cluster configuration could use this flaw to execute arbitrary code as the luci user on a host running luci. (CVE-2014-3593) This issue was discovered by Jan PokornГЅ of Red Hat. These updated luci packages also include several bug fixes and multiple enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.6 Technical Notes, linked to in the References section, for information on the most significant of these changes. All luci users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.
Applies to:
luci
Created:
2014-10-17
Updated:
2015-04-13

ID:
MITRE:27084
Title:
oval:org.mitre.oval:def:27084: ELSA-2014-1652 -- openssl security update
Type:
Web
Bulletins:
MITRE:27084
Severity:
Low
Description:
[1.0.1e-30.2] - fix CVE-2014-3567 - memory leak when handling session tickets - fix CVE-2014-3513 - memory leak in srtp support - add support for fallback SCSV to partially mitigate CVE-2014-3566 (padding attack on SSL3) [1.0.1e-30] - add ECC TLS extensions to DTLS (#1119800) [1.0.1e-29] - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix CVE-2014-3507 - avoid memory leak in DTLS - fix CVE-2014-3508 - fix OID handling to avoid information leak - fix CVE-2014-3509 - fix race condition when parsing server hello - fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS - fix CVE-2014-3511 - disallow protocol downgrade via fragmentation [1.0.1e-28] - fix CVE-2014-0224 fix that broke EAP-FAST session resumption support [1.0.1e-26] - drop EXPORT, RC2, and DES from the default cipher list (#1057520) - print ephemeral key size negotiated in TLS handshake (#1057715) - do not include ECC ciphersuites in SSLv2 client hello (#1090952) - properly detect encryption failure in BIO (#1100819) - fail on hmac integrity check if the .hmac file is empty (#1105567) - FIPS mode: make the limitations on DSA, DH, and RSA keygen length enforced only if OPENSSL_ENFORCE_MODULUS_BITS environment variable is set [1.0.1e-25] - fix CVE-2010-5298 - possible use of memory after free - fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment - fix CVE-2014-0198 - possible NULL pointer dereference - fix CVE-2014-0221 - DoS from invalid DTLS handshake packet - fix CVE-2014-0224 - SSL/TLS MITM vulnerability - fix CVE-2014-3470 - client-side DoS when using anonymous ECDH [1.0.1e-24] - add back support for secp521r1 EC curve [1.0.1e-23] - fix CVE-2014-0160 - information disclosure in TLS heartbeat extension [1.0.1e-22] - use 2048 bit RSA key in FIPS selftests [1.0.1e-21] - add DH_compute_key_padded needed for FIPS CAVS testing - make 3des strength to be 128 bits instead of 168 (#1056616) - FIPS mode: do not generate DSA keys and DH parameters < 2048 bits - FIPS mode: use approved RSA keygen (allows only 2048 and 3072 bit keys) - FIPS mode: add DH selftest - FIPS mode: reseed DRBG properly on RAND_add() - FIPS mode: add RSA encrypt/decrypt selftest - FIPS mode: add hard limit for 2^32 GCM block encryptions with the same key - use the key length from configuration file if req -newkey rsa is invoked [1.0.1e-20] - fix CVE-2013-4353 - Invalid TLS handshake crash [1.0.1e-19] - fix CVE-2013-6450 - possible MiTM attack on DTLS1 [1.0.1e-18] - fix CVE-2013-6449 - crash when version in SSL structure is incorrect [1.0.1e-17] - add back some no-op symbols that were inadvertently dropped
Applies to:
openssl
openssl-devel
openssl-libs
openssl-perl
openssl-static
Created:
2014-10-17
Updated:
2015-02-23

ID:
MITRE:26179
Title:
oval:org.mitre.oval:def:26179: ELSA-2014-1634 -- java-1.6.0-openjdk security and bug fix update
Type:
Software
Bulletins:
MITRE:26179
Severity:
Low
Description:
[1:1.6.0.33-1.13.5.0] - Update to IcedTea 1.13.5 - Remove upstreamed patches. - Regenerate add-final-location-rpaths patch against new release. - Change versioning to match java-1.7.0-openjdk so revisions work. - Use xz for tarballs to reduce file size. - No need to explicitly disable system LCMS any more (bug fixed upstream). - Add icedteasnapshot to setup lines so they work with pre-release tarballs. - Resolves: rhbz#1148901
Applies to:
java-1.6.0-openjdk
Created:
2014-10-17
Updated:
2015-08-10

ID:
MITRE:26947
Title:
oval:org.mitre.oval:def:26947: RHSA-2014:1636: java-1.8.0-openjdk security update
Type:
Software
Bulletins:
MITRE:26947
Severity:
Low
Description:
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. It was discovered that the Libraries component in OpenJDK failed to properly handle ZIP archives that contain entries with a NUL byte used in the file names. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2014-6562) Multiple flaws were discovered in the Libraries, 2D, and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-6506, CVE-2014-6531, CVE-2014-6502, CVE-2014-6511, CVE-2014-6504, CVE-2014-6519) It was discovered that the StAX XML parser in the JAXP component in OpenJDK performed expansion of external parameter entities even when external entity substitution was disabled. A remote attacker could use this flaw to perform XML eXternal Entity (XXE) attack against applications using the StAX parser to parse untrusted XML documents. (CVE-2014-6517) It was discovered that the Hotspot component in OpenJDK failed to properly handle malformed Shared Archive files. A local attacker able to modify a Shared Archive file used by a virtual machine of a different user could possibly use this flaw to escalate their privileges. (CVE-2014-6468) It was discovered that the DatagramSocket implementation in OpenJDK failed to perform source address checks for packets received on a connected socket. A remote attacker could use this flaw to have their packets processed as if they were received from the expected source. (CVE-2014-6512) It was discovered that the TLS/SSL implementation in the JSSE component in OpenJDK failed to properly verify the server identity during the renegotiation following session resumption, making it possible for malicious TLS/SSL servers to perform a Triple Handshake attack against clients using JSSE and client certificate authentication. (CVE-2014-6457) It was discovered that the CipherInputStream class implementation in OpenJDK did not properly handle certain exceptions. This could possibly allow an attacker to affect the integrity of an encrypted stream handled by this class. (CVE-2014-6558) The CVE-2014-6512 was discovered by Florian Weimer of Red Hat Product Security. All users of java-1.8.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
Applies to:
java-1.8.0-openjdk
Created:
2014-10-17
Updated:
2015-04-13

ID:
MITRE:27149
Title:
oval:org.mitre.oval:def:27149: RHSA-2014:1655: libxml2 security update
Type:
Miscellaneous
Bulletins:
MITRE:27149
Severity:
Low
Description:
The libxml2 library is a development toolbox providing the implementation of various XML standards. A denial of service flaw was found in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption (denial of service) based on excessive entity substitutions, even if entity substitution was disabled, which is the parser default behavior. (CVE-2014-3660) All libxml2 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted (log out, then log back in) for this update to take effect.
Applies to:
libxml2
Created:
2014-10-17
Updated:
2015-04-13

ID:
MITRE:26570
Title:
oval:org.mitre.oval:def:26570: ELSA-2014-1388 -- cups security and bug fix update
Type:
Services
Bulletins:
MITRE:26570
Severity:
Low
Description:
[1:1.4.2-67] - Revert change to whitelist /rss/ resources, as this was not used upstream. [1:1.4.2-66] - More STR #4461 fixes from upstream: make rss feeds world-readable, but cachedir private. - Fix icon display in web interface during server restart (STR #4475). [1:1.4.2-65] - Fixes for upstream patch for STR #4461: allow /rss/ requests for files we created. [1:1.4.2-64] - Use upstream patch for STR #4461. [1:1.4.2-63] - Applied upstream patch to fix CVE-2014-5029 (bug #1122600), CVE-2014-5030 (bug #1128764), CVE-2014-5031 (bug #1128767). - Fix conf/log file reading for authenticated users (STR #4461). [1:1.4.2-62] - Fix CGI handling (STR #4454, bug #1120419). [1:1.4.2-61] - fix patch for CVE-2014-3537 (bug #1117794) [1:1.4.2-60] - CVE-2014-2856: cross-site scripting flaw (bug #1117798) - CVE-2014-3537: insufficient checking leads to privilege escalation (bug #1117794) [1:1.4.2-59] - Removed package description changes. [1:1.4.2-58] - Applied patch to fix 'Bad request' errors as a result of adding in httpSetTimeout (STR #4440, also part of svn revision 9967). [1:1.4.2-57] - Fixed timeout issue with cupsd reading when there is no data ready (bug #1110045). [1:1.4.2-56] - Fixed synconclose patch to avoid 'too many arguments for format' warning. - Fixed settimeout patch to include math.h for fmod declaration. [1:1.4.2-55] - Fixed typo preventing web interface from changing driver (bug #1104483, STR #3601). - Fixed SyncOnClose patch (bug #984883). [1:1.4.2-54] - Use upstream patch to avoid replaying GSS credentials (bug #1040293). [1:1.4.2-53] - Prevent BrowsePoll problems across suspend/resume (bug #769292): - Eliminate indefinite wait for response (svn revision 9688). - Backported httpSetTimeout API function from CUPS 1.5 and use it in the ipp backend so that we wait indefinitely until the printer responds, we get a hard error, or the job is cancelled. - cups-polld: reconnect on error. - Added new SyncOnClose directive to use fsync() after altering configuration files: defaults to 'Yes'. Adjust in cupsd.conf (bug #984883). - Fix cupsctl man page typo (bug #1011076). - Use more portable rpm specfile syntax for conditional php building (bug #988598). - Fix SetEnv directive in cupsd.conf (bug #986495). - Fix 'collection' attribute sending (bug #978387). - Prevent format_log segfault (bug #971079). - Prevent stringpool corruption (bug #884851). - Don't crash when job queued for printer that times out (bug #855431). - Upstream patch for broken multipart handling (bug #852846). - Install /etc/cron.daily/cups with correct permissions (bug #1012482).
Applies to:
cups
cups-devel
cups-libs
cups-lpd
cups-php
Created:
2014-10-17
Updated:
2015-02-23

ID:
MITRE:26716
Title:
oval:org.mitre.oval:def:26716: ELSA-2014-1620 -- java-1.7.0-openjdk security and bug fix update
Type:
Software
Bulletins:
MITRE:26716
Severity:
Low
Description:
[1:1.7.0.65-2.5.3.1.0.1.el7_0] - Update DISTRO_NAME in specfile [1:1.7.0.65-2.5.3.1] - Bump to 2.5.3 for latest security fixes. - Remove obsolete patches. - Add hsbootstrap option to pre-build HotSpot when required. - Resolves: rhbz#1148893
Applies to:
java-1.7.0-openjdk
Created:
2014-10-17
Updated:
2015-08-10

ID:
MITRE:27101
Title:
oval:org.mitre.oval:def:27101: RHSA-2014:1606: file security and bug fix update
Type:
Software
Bulletins:
MITRE:27101
Severity:
Low
Description:
The "file" command is used to identify a particular file according to the type of data contained in the file. The command can identify various file types, including ELF binaries, system libraries, RPM packages, and different graphics formats. Multiple denial of service flaws were found in the way file parsed certain Composite Document Format (CDF) files. A remote attacker could use either of these flaws to crash file, or an application using file, via a specially crafted CDF file. (CVE-2014-0237, CVE-2014-0238, CVE-2014-3479, CVE-2014-3480, CVE-2012-1571) Two denial of service flaws were found in the way file handled indirect and search rules. A remote attacker could use either of these flaws to cause file, or an application using file, to crash or consume an excessive amount of CPU. (CVE-2014-1943, CVE-2014-2270) This update also fixes the following bugs: * Previously, the output of the "file" command contained redundant white spaces. With this update, the new STRING_TRIM flag has been introduced to remove the unnecessary white spaces. (BZ#664513) * Due to a bug, the "file" command could incorrectly identify an XML document as a LaTex document. The underlying source code has been modified to fix this bug and the command now works as expected. (BZ#849621) * Previously, the "file" command could not recognize .JPG files and incorrectly labeled them as "Minix filesystem". This bug has been fixed and the command now properly detects .JPG files. (BZ#873997) * Under certain circumstances, the "file" command incorrectly detected NETpbm files as "x86 boot sector". This update applies a patch to fix this bug and the command now detects NETpbm files as expected. (BZ#884396) * Previously, the "file" command incorrectly identified ASCII text files as a .PIC image file. With this update, a patch has been provided to address this bug and the command now correctly recognizes ASCII text files. (BZ#980941) * On 32-bit PowerPC systems, the "from" field was missing from the output of the "file" command. The underlying source code has been modified to fix this bug and "file" output now contains the "from" field as expected. (BZ#1037279) * The "file" command incorrectly detected text files as "RRDTool DB version ool - Round Robin Database Tool". This update applies a patch to fix this bug and the command now correctly detects text files. (BZ#1064463) * Previously, the "file" command supported only version 1 and 2 of the QCOW format. As a consequence, file was unable to detect a "qcow2 compat=1.1" file created on Red Hat Enterprise Linux 7. With this update, support for QCOW version 3 has been added so that the command now detects such files as expected. (BZ#1067771) All file users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
Applies to:
file
Created:
2014-10-17
Updated:
2015-04-13

ID:
MITRE:26767
Title:
oval:org.mitre.oval:def:26767: RHSA-2014:1654: rsyslog7 security update
Type:
Software
Bulletins:
MITRE:26767
Severity:
Low
Description:
The rsyslog7 packages provide an enhanced, multi-threaded syslog daemon that supports writing to relational databases, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grained output format control. A flaw was found in the way rsyslog handled invalid log message priority values. In certain configurations, a local attacker, or a remote attacker able to connect to the rsyslog port, could use this flaw to crash the rsyslog daemon or, potentially, execute arbitrary code as the user running the rsyslog daemon. (CVE-2014-3634) Red Hat would like to thank Rainer Gerhards of rsyslog upstream for reporting this issue. All rsyslog7 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the rsyslog service will be restarted automatically.
Applies to:
rsyslog7
Created:
2014-10-17
Updated:
2015-04-13

ID:
MITRE:27056
Title:
oval:org.mitre.oval:def:27056: RHSA-2014:1388: cups security and bug fix update
Type:
Services
Bulletins:
MITRE:27056
Severity:
Low
Description:
CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. A cross-site scripting (XSS) flaw was found in the CUPS web interface. An attacker could use this flaw to perform a cross-site scripting attack against users of the CUPS web interface. (CVE-2014-2856) It was discovered that CUPS allowed certain users to create symbolic links in certain directories under /var/cache/cups/. A local user with the 'lp' group privileges could use this flaw to read the contents of arbitrary files on the system or, potentially, escalate their privileges on the system. (CVE-2014-3537, CVE-2014-5029, CVE-2014-5030, CVE-2014-5031) The CVE-2014-3537 issue was discovered by Francisco Alonso of Red Hat Product Security. These updated cups packages also include several bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.6 Technical Notes, linked to in the References section, for information on the most significant of these changes. All cups users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the cupsd daemon will be restarted automatically.
Applies to:
cups
Created:
2014-10-17
Updated:
2015-04-13

ID:
MITRE:27068
Title:
oval:org.mitre.oval:def:27068: RHSA-2014:1658: java-1.6.0-sun security update
Type:
Software
Bulletins:
MITRE:27068
Severity:
Low
Description:
Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2014-4288, CVE-2014-6457, CVE-2014-6458, CVE-2014-6492, CVE-2014-6493, CVE-2014-6502, CVE-2014-6503, CVE-2014-6504, CVE-2014-6506, CVE-2014-6511, CVE-2014-6512, CVE-2014-6515, CVE-2014-6517, CVE-2014-6531, CVE-2014-6532, CVE-2014-6558) The CVE-2014-6512 issue was discovered by Florian Weimer of Red Hat Product Security. All users of java-1.6.0-sun are advised to upgrade to these updated packages, which provide Oracle Java 6 Update 85 and resolve these issues. All running instances of Oracle Java must be restarted for the update to take effect.
Applies to:
java-1.6.0-sun
Created:
2014-10-17
Updated:
2015-08-03

ID:
MITRE:26759
Title:
oval:org.mitre.oval:def:26759: RHSA-2014:1436: X11 client libraries security, bug fix, and enhancement update
Type:
Software
Bulletins:
MITRE:26759
Severity:
Low
Description:
The X11 (Xorg) libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an X11 server via a malicious X11 client could use either of these flaws to potentially escalate their privileges on the system. (CVE-2013-1981, CVE-2013-1982, CVE-2013-1983, CVE-2013-1984, CVE-2013-1985, CVE-2013-1986, CVE-2013-1987, CVE-2013-1988, CVE-2013-1989, CVE-2013-1990, CVE-2013-1991, CVE-2013-2003, CVE-2013-2062, CVE-2013-2064) Multiple array index errors, leading to heap-based buffer out-of-bounds write flaws, were found in the way various X11 client libraries handled data returned from an X11 server. A malicious X11 server could possibly use this flaw to execute arbitrary code with the privileges of the user running an X11 client. (CVE-2013-1997, CVE-2013-1998, CVE-2013-1999, CVE-2013-2000, CVE-2013-2001, CVE-2013-2002, CVE-2013-2066) A buffer overflow flaw was found in the way the XListInputDevices() function of X.Org X11's libXi runtime library handled signed numbers. A malicious X11 server could possibly use this flaw to execute arbitrary code with the privileges of the user running an X11 client. (CVE-2013-1995) A flaw was found in the way the X.Org X11 libXt runtime library used uninitialized pointers. A malicious X11 server could possibly use this flaw to execute arbitrary code with the privileges of the user running an X11 client. (CVE-2013-2005) Two stack-based buffer overflow flaws were found in the way libX11, the Core X11 protocol client library, processed certain user-specified files. A malicious X11 server could possibly use this flaw to crash an X11 client via a specially crafted file. (CVE-2013-2004) The xkeyboard-config package has been upgraded to upstream version 2.11, which provides a number of bug fixes and enhancements over the previous version. (BZ#1077471) This update also fixes the following bugs: * Previously, updating the mesa-libGL package did not update the libX11 package, although it was listed as a dependency of mesa-libGL. This bug has been fixed and updating mesa-libGL now updates all dependent packages as expected. (BZ#1054614) * Previously, closing a customer application could occasionally cause the X Server to terminate unexpectedly. After this update, the X Server no longer hangs when a user closes a customer application. (BZ#971626) All X11 client libraries users are advised to upgrade to these updated packages, which correct these issues and add these enhancements.
Applies to:
libX11
libXcursor
libXext
libXfixes
libXi
libXinerama
libXp
libXrandr
libXrender
libXres
libXt
libXtst
libXv
libXvMC
libXxf86dga
libXxf86vm
libdmx
libxcb
xcb-proto
xkeyboard-config
xorg-x11-proto-devel
xorg-x11-xtrans-devel
Created:
2014-10-17
Updated:
2015-04-13

ID:
MITRE:26757
Title:
oval:org.mitre.oval:def:26757: .NET Framework remote code execution vulnerability
Type:
Software
Bulletins:
MITRE:26757
CVE-2014-4121
Severity:
Low
Description:
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly parse internationalized resource identifiers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted request to a .NET web application, aka ".NET Framework Remote Code Execution Vulnerability."
Applies to:
Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 4.0
Microsoft .NET Framework 4.5
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.2
Created:
2014-10-17
Updated:
2015-12-22

ID:
MITRE:26910
Title:
oval:org.mitre.oval:def:26910: .NET ClickOnce elevation of privilege vulnerability
Type:
Software
Bulletins:
MITRE:26910
CVE-2014-4073
Severity:
Low
Description:
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 processes unverified data during interaction with the ClickOnce installer, which allows remote attackers to gain privileges via vectors involving Internet Explorer, aka ".NET ClickOnce Elevation of Privilege Vulnerability."
Applies to:
Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 4.0
Microsoft .NET Framework 4.5
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.2
Created:
2014-10-17
Updated:
2015-12-22

ID:
CVE-2014-3566
Title:
POODLE: SSLv3 vulnerability
Type:
Web
Bulletins:
CVE-2014-3566
Severity:
High
Description:
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
Applies to:
Created:
2014-10-16
Updated:
2014-10-16

ID:
CVE-2014-3818
Title:
Juniper Junos OS 9.1 through 11.4 before 11.4R11, 12.1 before R10, 12.1X44 before D40, 12.1X46 before D30, 12.1X47 before D11 and 12.147-D15, 12.1X48 before D41 and D62, 12.2 before R8, 12.2X50 before D70, 12.3 before R6, 13.1 before R4-S2, 13.1X49...
Type:
Hardware
Bulletins:
CVE-2014-3818
Severity:
High
Description:
Juniper Junos OS 9.1 through 11.4 before 11.4R11, 12.1 before R10, 12.1X44 before D40, 12.1X46 before D30, 12.1X47 before D11 and 12.147-D15, 12.1X48 before D41 and D62, 12.2 before R8, 12.2X50 before D70, 12.3 before R6, 13.1 before R4-S2, 13.1X49 before D49, 13.1X50 before 30, 13.2 before R4, 13.2X50 before D20, 13.2X51 before D25, 13.2X52 before D15, 13.3 before R2, and 14.1 before R1, when supporting 4-byte AS numbers and a BGP peer does not, allows remote attackers to cause a denial of service (memory corruption and RDP routing process crash and restart) via crafted transitive attributes in a BGP UPDATE.
Applies to:
Created:
2014-10-14
Updated:
2017-07-05

ID:
CVE-2014-3825
Title:
The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10, when an Application Layer Gateway (ALG) is enabled, allows remote...
Type:
Hardware
Bulletins:
CVE-2014-3825
Severity:
Medium
Description:
The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10, when an Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted packet.
Applies to:
Juniper SRX100
Juniper SRX110
Juniper SRX1400
Juniper SRX210
Juniper SRX220
Juniper SRX240
Juniper SRX3400
Juniper SRX3600
Juniper SRX550
Juniper SRX5600
Juniper SRX5800
Juniper SRX650
Created:
2014-10-14
Updated:
2017-07-05

ID:
CVE-2014-6378
Title:
Juniper Junos 11.4 before R12-S4, 12.1X44 before D35, 12.1X45 before D30, 12.1X46 before D25, 12.1X47 before D10, 12.2 before R9, 12.2X50 before D70, 12.3 before R7, 13.1 before R4 before S3, 13.1X49 before D55, 13.1X50 before D30, 13.2 before R5,...
Type:
Hardware
Bulletins:
CVE-2014-6378
SFBID70363
Severity:
High
Description:
Juniper Junos 11.4 before R12-S4, 12.1X44 before D35, 12.1X45 before D30, 12.1X46 before D25, 12.1X47 before D10, 12.2 before R9, 12.2X50 before D70, 12.3 before R7, 13.1 before R4 before S3, 13.1X49 before D55, 13.1X50 before D30, 13.2 before R5, 13.2X50 before D20, 13.2X51 before D26 and D30, 13.2X52 before D15, 13.3 before R3, and 14.1 before R1 allows remote attackers to cause a denial of service (router protocol daemon crash) via a crafted RSVP PATH message.
Applies to:
Created:
2014-10-14
Updated:
2017-07-05

ID:
CVE-2014-6379
Title:
Juniper Junos 11.4 before R12, 12.1 before R10, 12.1X44 before D35, 12.1X45 before D25, 12.1X46 before D20, 12.1X47 before D10, 12.2 before R8, 12.2X50 before D70, 12.3 before R6, 13.1 before R4-S3, 13.1X49 before D55, 13.1X50 before D30, 13.2...
Type:
Hardware
Bulletins:
CVE-2014-6379
SFBID70365
Severity:
High
Description:
Juniper Junos 11.4 before R12, 12.1 before R10, 12.1X44 before D35, 12.1X45 before D25, 12.1X46 before D20, 12.1X47 before D10, 12.2 before R8, 12.2X50 before D70, 12.3 before R6, 13.1 before R4-S3, 13.1X49 before D55, 13.1X50 before D30, 13.2 before R4, 13.2X50 before D20, 13.2X51 before D26 and D30, 13.2X52 before D15, 13.3 before R2, and 14.1 before R1, when a RADIUS accounting server is configured as [system accounting destination radius], creates an entry in /var/etc/pam_radius.conf, which might allow remote attackers to bypass authentication via unspecified vectors.
Applies to:
Created:
2014-10-14
Updated:
2017-07-05

ID:
CVE-2014-6380
Title:
Juniper Junos 11.4 before R11, 12.1 before R9, 12.1X44 before D30, 12.1X45 before D20, 12.1X46 before D15, 12.1X47 before D10, 12.2 before R8, 12.2X50 before D70, 12.3 before R6, 13.1 before R4, 13.1X49 before D55, 13.1X50 before D30, 13.2 before...
Type:
Hardware
Bulletins:
CVE-2014-6380
SFBID70369
Severity:
High
Description:
Juniper Junos 11.4 before R11, 12.1 before R9, 12.1X44 before D30, 12.1X45 before D20, 12.1X46 before D15, 12.1X47 before D10, 12.2 before R8, 12.2X50 before D70, 12.3 before R6, 13.1 before R4, 13.1X49 before D55, 13.1X50 before D30, 13.2 before R4, 13.2X50 before D20, 13.2X51 before D15, 13.2X52 before D15, 13.3 before R1, when using an em interface to connect to a certain internal network, allows remote attackers to cause a denial of service (em driver bock and FPC reset or "go offline") via a series of crafted (1) CLNP fragmented packets, when clns-routing or ESIS is configured, or (2) IPv4 or (3) IPv6 fragmented packets.
Applies to:
Created:
2014-10-14
Updated:
2017-07-05

ID:
CVE-2014-3403
Title:
The Autonomic Networking Infrastructure (ANI) component in Cisco IOS XE does not properly validate certificates, which allows remote attackers to spoof devices via crafted messages, aka Bug ID CSCuq22647.
Type:
Hardware
Bulletins:
CVE-2014-3403
Severity:
Medium
Description:
The Autonomic Networking Infrastructure (ANI) component in Cisco IOS XE does not properly validate certificates, which allows remote attackers to spoof devices via crafted messages, aka Bug ID CSCuq22647.
Applies to:
Created:
2014-10-09
Updated:
2017-07-05

ID:
CVE-2014-3404
Title:
The Autonomic Networking Infrastructure (ANI) component in Cisco IOS XE does not properly validate certificates, which allows remote attackers to trigger acceptance of an invalid message via crafted messages, aka Bug ID CSCuq22677.
Type:
Hardware
Bulletins:
CVE-2014-3404
Severity:
Medium
Description:
The Autonomic Networking Infrastructure (ANI) component in Cisco IOS XE does not properly validate certificates, which allows remote attackers to trigger acceptance of an invalid message via crafted messages, aka Bug ID CSCuq22677.
Applies to:
Created:
2014-10-09
Updated:
2017-07-05

ID:
CVE-2014-3405
Title:
Cisco IOS XE enables the IPv6 Routing Protocol for Low-Power and Lossy Networks (aka RPL) on both the Autonomic Control Plane (ACP) and external Autonomic Networking Infrastructure (ANI) interfaces, which allows remote attackers to conduct...
Type:
Hardware
Bulletins:
CVE-2014-3405
Severity:
Medium
Description:
Cisco IOS XE enables the IPv6 Routing Protocol for Low-Power and Lossy Networks (aka RPL) on both the Autonomic Control Plane (ACP) and external Autonomic Networking Infrastructure (ANI) interfaces, which allows remote attackers to conduct route-injection attacks via crafted RPL advertisements on an ANI interface, aka Bug ID CSCuq22673.
Applies to:
Created:
2014-10-09
Updated:
2017-07-05

ID:
CVE-2014-3187
Title:
Google Chrome before 37.0.2062.60 and 38.x before 38.0.2125.59 on iOS does not properly restrict processing of (1) facetime:// and (2) facetime-audio:// URLs, which allows remote attackers to obtain video and audio data from a device...
Type:
Mobile Devices
Bulletins:
CVE-2014-3187
Severity:
Medium
Description:
Google Chrome before 37.0.2062.60 and 38.x before 38.0.2125.59 on iOS does not properly restrict processing of (1) facetime:// and (2) facetime-audio:// URLs, which allows remote attackers to obtain video and audio data from a device via a crafted web site.
Applies to:
Created:
2014-10-08
Updated:
2017-07-05

ID:
MITRE:26970
Title:
oval:org.mitre.oval:def:26970: ELSA-2014-1244 -- bind97 security and bug fix update
Type:
Software
Bulletins:
MITRE:26970
Severity:
Low
Description:
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. It contains a DNS server (named), a resolver library with routines for applications to use when interfacing with DNS, and tools for verifying that the DNS server is operating correctly. These packages contain version 9.7 of the BIND suite. A denial of service flaw was found in the way BIND handled queries for NSEC3-signed zones. A remote attacker could use this flaw against an authoritative name server that served NCES3-signed zones by sending a specially crafted query, which, when processed, would cause named to crash. (CVE-2014-0591) Note: The CVE-2014-0591 issue does not directly affect the version of bind97 shipped in Red Hat Enterprise Linux 5. This issue is being addressed however to assure it is not introduced in future builds of bind97 (possibly built with a different compiler or C library optimization). This update also fixes the following bug: * Previously, the bind97 initscript did not check for the existence of the ROOTDIR variable when shutting down the named daemon. As a consequence, some parts of the file system that are mounted when using bind97 in a chroot environment were unmounted on daemon shut down, even if bind97 was not running in a chroot environment. With this update, the initscript has been fixed to check for the existence of the ROOTDIR variable when unmounting some parts of the file system on named daemon shut down. Now, when shutting down bind97 that is not running in a chroot environment, no parts of the file system are unmounted. (BZ#1059118) All bind97 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
Applies to:
bind97
Created:
2014-10-01
Updated:
2015-02-23

ID:
MITRE:26644
Title:
oval:org.mitre.oval:def:26644: ELSA-2014-1147 -- squid security update
Type:
Web
Bulletins:
MITRE:26644
Severity:
Low
Description:
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. A flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2014-3609) Red Hat would like to thank the Squid project for reporting this issue. Upstream acknowledges Matthew Daley as the original reporter. All Squid users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the squid service will be restarted automatically.
Applies to:
squid
Created:
2014-10-01
Updated:
2015-02-23

ID:
MITRE:27050
Title:
oval:org.mitre.oval:def:27050: ELSA-2014-1166 -- jakarta-commons-httpclient security update
Type:
Software
Bulletins:
MITRE:27050
Severity:
Low
Description:
Jakarta Commons HTTPClient implements the client side of HTTP standards. It was discovered that the HTTPClient incorrectly extracted host name from an X.509 certificate subject's Common Name (CN) field. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate. (CVE-2014-3577) For additional information on this flaw, refer to the Knowledgebase article in the References section. All jakarta-commons-httpclient users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.
Applies to:
jakarta-commons-httpclient
Created:
2014-10-01
Updated:
2015-02-23

ID:
MITRE:26806
Title:
oval:org.mitre.oval:def:26806: ELSA-2014-3072 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:26806
Severity:
Low
Description:
kernel-uek [3.8.13-44.1.1.el7uek] - auditsc: audit_krule mask accesses need bounds checking (Andy Lutomirski) [Orabug: 19590596] {CVE-2014-3917}
Applies to:
kernel-uek
Created:
2014-10-01
Updated:
2015-03-16

ID:
MITRE:26892
Title:
oval:org.mitre.oval:def:26892: ELSA-2014-1148 -- squid security update
Type:
Web
Bulletins:
MITRE:26892
Severity:
Low
Description:
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. A flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2014-3609) A buffer overflow flaw was found in Squid's DNS lookup module. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2013-4115) Red Hat would like to thank the Squid project for reporting the CVE-2014-3609 issue. Upstream acknowledges Matthew Daley as the original reporter. All Squid users are advised to upgrade to this updated package, which contains backported patches to correct these issues. After installing this update, the squid service will be restarted automatically.
Applies to:
squid
Created:
2014-10-01
Updated:
2015-08-10

ID:
MITRE:26189
Title:
oval:org.mitre.oval:def:26189: ELSA-2014-3073 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:26189
Severity:
Low
Description:
kernel-uek [2.6.32-400.36.8.el6uek] - auditsc: audit_krule mask accesses need bounds checking (Andy Lutomirski) [Orabug: 19590638] {CVE-2014-3917} - futex: Fix errors in nested key ref-counting (Darren Hart) [Orabug: 19590443] {CVE-2014-0205}
Applies to:
kernel-uek
Created:
2014-10-01
Updated:
2015-03-16

ID:
MITRE:26919
Title:
oval:org.mitre.oval:def:26919: ELSA-2014-3018 -- Unbreakable Enterprise kernel security update
Type:
Software
Bulletins:
MITRE:26919
Severity:
Low
Description:
[3.8.13-26.2.3.el6uek] - net: ipv4: current group_info should be put after using. (Wang, Xiaoming) [Orabug: 18603523] {CVE-2014-2851}
Applies to:
kernel-uek
Created:
2014-09-29
Updated:
2015-03-16

ID:
MITRE:26777
Title:
oval:org.mitre.oval:def:26777: RHSA-2014:1245: krb5 security and bug fix update
Type:
Services
Bulletins:
MITRE:26777
Severity:
Low
Description:
Kerberos is an authentication system which allows clients and services to authenticate to each other with the help of a trusted third party, a Kerberos Key Distribution Center (KDC). It was found that if a KDC served multiple realms, certain requests could cause the setup_server_realm() function to dereference a NULL pointer. A remote, unauthenticated attacker could use this flaw to crash the KDC using a specially crafted request. (CVE-2013-1418, CVE-2013-6800) A NULL pointer dereference flaw was found in the MIT Kerberos SPNEGO acceptor for continuation tokens. A remote, unauthenticated attacker could use this flaw to crash a GSSAPI-enabled server application. (CVE-2014-4344) A buffer over-read flaw was found in the way MIT Kerberos handled certain requests. A man-in-the-middle attacker with a valid Kerberos ticket who is able to inject packets into a client or server application's GSSAPI session could use this flaw to crash the application. (CVE-2014-4341) This update also fixes the following bugs: * Prior to this update, the libkrb5 library occasionally attempted to free already freed memory when encrypting credentials. As a consequence, the calling process terminated unexpectedly with a segmentation fault. With this update, libkrb5 frees memory correctly, which allows the credentials to be encrypted appropriately and thus prevents the mentioned crash. (BZ#1004632) * Previously, when the krb5 client library was waiting for a response from a server, the timeout variable in certain cases became a negative number. Consequently, the client could enter a loop while checking for responses. With this update, the client logic has been modified and the described error no longer occurs. (BZ#1089732) All krb5 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the krb5kdc daemon will be restarted automatically.
Applies to:
krb5
Created:
2014-09-26
Updated:
2015-04-13

ID:
MITRE:26451
Title:
oval:org.mitre.oval:def:26451: RHSA-2014:1246: nss and nspr security, bug fix, and enhancement update
Type:
Miscellaneous
Bulletins:
MITRE:26451
Severity:
Low
Description:
Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. A flaw was found in the way TLS False Start was implemented in NSS. An attacker could use this flaw to potentially return unencrypted information from the server. (CVE-2013-1740) A race condition was found in the way NSS implemented session ticket handling as specified by RFC 5077. An attacker could use this flaw to crash an application using NSS or, in rare cases, execute arbitrary code with the privileges of the user running that application. (CVE-2014-1490) It was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE) parameters. This could possibly lead to weak encryption being used in communication between the client and the server. (CVE-2014-1491) An out-of-bounds write flaw was found in NSPR. A remote attacker could potentially use this flaw to crash an application using NSPR or, possibly, execute arbitrary code with the privileges of the user running that application. This NSPR flaw was not exposed to web content in any shipped version of Firefox. (CVE-2014-1545) It was found that the implementation of Internationalizing Domain Names in Applications (IDNA) hostname matching in NSS did not follow the RFC 6125 recommendations. This could lead to certain invalid certificates with international characters to be accepted as valid. (CVE-2014-1492) Red Hat would like to thank the Mozilla project for reporting the CVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues. Upstream acknowledges Brian Smith as the original reporter of CVE-2014-1490, Antoine Delignat-Lavaud and Karthikeyan Bhargavan as the original reporters of CVE-2014-1491, and Abhishek Arya as the original reporter of CVE-2014-1545. The nss and nspr packages have been upgraded to upstream version 3.16.1 and 4.10.6 respectively, which provide a number of bug fixes and enhancements over the previous versions. (BZ#1110857, BZ#1110860) This update also fixes the following bugs: * Previously, when the output.log file was not present on the system, the shell in the Network Security Services (NSS) specification handled test failures incorrectly as false positive test results. Consequently, certain utilities, such as "grep", could not handle failures properly. This update improves error detection in the specification file, and "grep" and other utilities now handle missing files or crashes as intended. (BZ#1035281) * Prior to this update, a subordinate Certificate Authority (CA) of the ANSSI agency incorrectly issued an intermediate certificate installed on a network monitoring device. As a consequence, the monitoring device was enabled to act as an MITM (Man in the Middle) proxy performing traffic management of domain names or IP addresses that the certificate holder did not own or control. The trust in the intermediate certificate to issue the certificate for an MITM device has been revoked, and such a device can no longer be used for MITM attacks. (BZ#1042684) * Due to a regression, MD5 certificates were rejected by default because Network Security Services (NSS) did not trust MD5 certificates. With this update, MD5 certificates are supported in Red Hat Enterprise Linux 5. (BZ#11015864) Users of nss and nspr are advised to upgrade to these updated packages, which correct these issues and add these enhancements.
Applies to:
nss
Created:
2014-09-26
Updated:
2015-04-13

ID:
MITRE:26718
Title:
oval:org.mitre.oval:def:26718: RHSA-2014:1255: krb5 security update
Type:
Services
Bulletins:
MITRE:26718
Severity:
Low
Description:
Kerberos is an authentication system which allows clients and services to authenticate to each other with the help of a trusted third party, a Kerberos Key Distribution Center (KDC). A buffer overflow was found in the KADM5 administration server (kadmind) when it was used with an LDAP back end for the KDC database. A remote, authenticated attacker could potentially use this flaw to execute arbitrary code on the system running kadmind. (CVE-2014-4345) All krb5 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the krb5kdc and kadmind daemons will be restarted automatically.
Applies to:
krb5
Created:
2014-09-26
Updated:
2015-04-13

ID:
MITRE:26030
Title:
oval:org.mitre.oval:def:26030: RHSA-2014:1244: bind97 security and bug fix update
Type:
Software
Bulletins:
MITRE:26030
Severity:
Low
Description:
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. It contains a DNS server (named), a resolver library with routines for applications to use when interfacing with DNS, and tools for verifying that the DNS server is operating correctly. These packages contain version 9.7 of the BIND suite. A denial of service flaw was found in the way BIND handled queries for NSEC3-signed zones. A remote attacker could use this flaw against an authoritative name server that served NCES3-signed zones by sending a specially crafted query, which, when processed, would cause named to crash. (CVE-2014-0591) Note: The CVE-2014-0591 issue does not directly affect the version of bind97 shipped in Red Hat Enterprise Linux 5. This issue is being addressed however to assure it is not introduced in future builds of bind97 (possibly built with a different compiler or C library optimization).
Applies to:
bind97
Created:
2014-09-26
Updated:
2015-04-13

ID:
MITRE:26851
Title:
oval:org.mitre.oval:def:26851: RHSA-2014:1194: conga security and bug fix update
Type:
Software
Bulletins:
MITRE:26851
Severity:
Low
Description:
The Conga project is a management system for remote workstations. It consists of luci, which is a secure web-based front end, and ricci, which is a secure daemon that dispatches incoming messages to underlying management modules. It was discovered that Plone, included as a part of luci, did not properly protect the administrator interface (control panel). A remote attacker could use this flaw to inject a specially crafted Python statement or script into Plone's restricted Python sandbox that, when the administrator interface was accessed, would be executed with the privileges of that administrator user. (CVE-2012-5485) It was discovered that Plone, included as a part of luci, did not properly sanitize HTTP headers provided within certain URL requests. A remote attacker could use a specially crafted URL that, when processed, would cause the injected HTTP headers to be returned as a part of the Plone HTTP response, potentially allowing the attacker to perform other more advanced attacks. (CVE-2012-5486) Multiple information leak flaws were found in the way conga processed luci site extension-related URL requests. A remote, unauthenticated attacker could issue a specially crafted HTTP request that, when processed, would result in unauthorized information disclosure. (CVE-2013-6496) It was discovered that various components in the luci site extension-related URLs were not properly restricted to administrative users. A remote, authenticated attacker could escalate their privileges to perform certain actions that should be restricted to administrative users, such as adding users and systems, and viewing log data. (CVE-2014-3521) It was discovered that Plone, included as a part of luci, did not properly protect the privilege of running RestrictedPython scripts. A remote attacker could use a specially crafted URL that, when processed, would allow the attacker to submit and perform expensive computations or, in conjunction with other attacks, be able to access or alter privileged information. (CVE-2012-5488) It was discovered that Plone, included as a part of luci, did not properly enforce permissions checks on the membership database. A remote attacker could use a specially crafted URL that, when processed, could allow the attacker to enumerate user account names. (CVE-2012-5497) It was discovered that Plone, included as a part of luci, did not properly handle the processing of requests for certain collections. A remote attacker could use a specially crafted URL that, when processed, would lead to excessive I/O and/or cache resource consumption. (CVE-2012-5498) It was discovered that Plone, included as a part of luci, did not properly handle the processing of very large values passed to an internal utility function. A remote attacker could use a specially crafted URL that, when processed, would lead to excessive memory consumption. (CVE-2012-5499) It was discovered that Plone, included as a part of luci, allowed a remote anonymous user to change titles of content items due to improper permissions checks. (CVE-2012-5500) The CVE-2014-3521 issue was discovered by Radek Steiger of Red Hat, and the CVE-2013-6496 issue was discovered by Jan Pokorny of Red Hat. In addition, these updated conga packages include several bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 5.11 Technical Notes, linked to in the References section, for information on the most significant of these changes All conga users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the luci and ricci services will be restarted automatically.
Applies to:
conga
Created:
2014-09-26
Updated:
2015-04-13

ID:
MITRE:26641
Title:
oval:org.mitre.oval:def:26641: RHSA-2014:1243: automake security update
Type:
Software
Bulletins:
MITRE:26641
Severity:
Low
Description:
Automake is a tool for automatically generating Makefile.in files compliant with the GNU Coding Standards. It was found that the distcheck rule in Automake-generated Makefiles made a directory world-writable when preparing source archives. If a malicious, local user could access this directory, they could execute arbitrary code with the privileges of the user running "make distcheck". (CVE-2012-3386) Red Hat would like to thank Jim Meyering for reporting this issue. Upstream acknowledges Stefano Lattarini as the original reporter. All automake users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
Applies to:
automake
Created:
2014-09-26
Updated:
2015-04-13

ID:
CVE-2014-6271
Title:
Bash environment variables code injection
Type:
Miscellaneous
Bulletins:
CVE-2014-6271
Severity:
High
Description:
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution.
Applies to:
GNU Bash
Created:
2014-09-25
Updated:
2014-09-25

ID:
CVE-2014-7169
Title:
Bash environment variables code injection
Type:
Miscellaneous
Bulletins:
CVE-2014-7169
Severity:
High
Description:
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.
Applies to:
GNU Bash
Created:
2014-09-25
Updated:
2014-09-25

ID:
CVE-2014-3355
Title:
The metadata flow feature in Cisco IOS 15.1 through 15.3 and IOS XE 3.3.xXO before 3.3.1XO, 3.6.xS and 3.7.xS before 3.7.6S, and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allows remote attackers to cause a denial of service (device reload) via...
Type:
Hardware
Bulletins:
CVE-2014-3355
SFBID70130
Severity:
High
Description:
The metadata flow feature in Cisco IOS 15.1 through 15.3 and IOS XE 3.3.xXO before 3.3.1XO, 3.6.xS and 3.7.xS before 3.7.6S, and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allows remote attackers to cause a denial of service (device reload) via malformed RSVP packets, aka Bug ID CSCug75942.
Applies to:
Created:
2014-09-25
Updated:
2017-07-05

ID:
CVE-2014-3356
Title:
The metadata flow feature in Cisco IOS 15.1 through 15.3 and IOS XE 3.3.xXO before 3.3.1XO, 3.6.xS and 3.7.xS before 3.7.6S, and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allows remote attackers to cause a denial of service (device reload) via...
Type:
Hardware
Bulletins:
CVE-2014-3356
SFBID70135
Severity:
High
Description:
The metadata flow feature in Cisco IOS 15.1 through 15.3 and IOS XE 3.3.xXO before 3.3.1XO, 3.6.xS and 3.7.xS before 3.7.6S, and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allows remote attackers to cause a denial of service (device reload) via malformed RSVP packets, aka Bug ID CSCue22753.
Applies to:
Created:
2014-09-25
Updated:
2017-07-05

ID:
CVE-2014-3354
Title:
Cisco IOS 12.0, 12.2, 12.4, 15.0, 15.1, 15.2, and 15.3 and IOS XE 2.x and 3.x before 3.7.4S; 3.2.xSE and 3.3.xSE before 3.3.2SE; 3.3.xSG and 3.4.xSG before 3.4.4SG; and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allow remote attackers to cause a...
Type:
Hardware
Bulletins:
CVE-2014-3354
SFBID70131
Severity:
High
Description:
Cisco IOS 12.0, 12.2, 12.4, 15.0, 15.1, 15.2, and 15.3 and IOS XE 2.x and 3.x before 3.7.4S; 3.2.xSE and 3.3.xSE before 3.3.2SE; 3.3.xSG and 3.4.xSG before 3.4.4SG; and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allow remote attackers to cause a denial of service (device reload) via malformed RSVP packets, aka Bug ID CSCui11547.
Applies to:
Created:
2014-09-25
Updated:
2017-07-05

ID:
CVE-2014-3357
Title:
Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allow remote attackers to cause a denial of service (device reload) via malformed mDNS packets, aka Bug...
Type:
Hardware
Bulletins:
CVE-2014-3357
SFBID70132
Severity:
High
Description:
Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allow remote attackers to cause a denial of service (device reload) via malformed mDNS packets, aka Bug ID CSCul90866.
Applies to:
Created:
2014-09-25
Updated:
2017-07-05

ID:
CVE-2014-3358
Title:
Memory leak in Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allows remote attackers to cause a denial of service (memory consumption, and interface...
Type:
Hardware
Bulletins:
CVE-2014-3358
SFBID70139
Severity:
High
Description:
Memory leak in Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allows remote attackers to cause a denial of service (memory consumption, and interface queue wedge or device reload) via malformed mDNS packets, aka Bug ID CSCuj58950.
Applies to:
Created:
2014-09-25
Updated:
2017-07-05

ID:
CVE-2014-3359
Title:
Memory leak in Cisco IOS 15.1 through 15.4 and IOS XE 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S; and 3.11.xS before 3.12S allows remote attackers to cause a denial of service (memory consumption or...
Type:
Hardware
Bulletins:
CVE-2014-3359
SFBID70140
Severity:
High
Description:
Memory leak in Cisco IOS 15.1 through 15.4 and IOS XE 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S; and 3.11.xS before 3.12S allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed DHCPv6 packets, aka Bug ID CSCum90081.
Applies to:
Created:
2014-09-25
Updated:
2017-07-05

ID:
CVE-2014-3360
Title:
Cisco IOS 12.4 and 15.0 through 15.4 and IOS XE 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S; and 3.11.xS before 3.12S allow remote attackers to cause a denial of service...
Type:
Hardware
Bulletins:
CVE-2014-3360
SFBID70141
Severity:
High
Description:
Cisco IOS 12.4 and 15.0 through 15.4 and IOS XE 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S; and 3.11.xS before 3.12S allow remote attackers to cause a denial of service (device reload) via a crafted SIP message, aka Bug ID CSCul46586.
Applies to:
Created:
2014-09-25
Updated:
2017-07-05

ID:
CVE-2014-3361
Title:
The ALG module in Cisco IOS 15.0 through 15.4 does not properly implement SIP over NAT, which allows remote attackers to cause a denial of service (device reload) via multipart SDP IPv4 traffic, aka Bug ID CSCun54071.
Type:
Hardware
Bulletins:
CVE-2014-3361
SFBID70129
Severity:
High
Description:
The ALG module in Cisco IOS 15.0 through 15.4 does not properly implement SIP over NAT, which allows remote attackers to cause a denial of service (device reload) via multipart SDP IPv4 traffic, aka Bug ID CSCun54071.
Applies to:
Created:
2014-09-25
Updated:
2017-07-05

ID:
CVE-2014-3376
Title:
Cisco IOS XR 5.1 and earlier allows remote attackers to cause a denial of service (process reload) via a malformed RSVP packet, aka Bug ID CSCuq12031.
Type:
Hardware
Bulletins:
CVE-2014-3376
SFBID69956
Severity:
Medium
Description:
Cisco IOS XR 5.1 and earlier allows remote attackers to cause a denial of service (process reload) via a malformed RSVP packet, aka Bug ID CSCuq12031.
Applies to:
Created:
2014-09-20
Updated:
2017-07-05

ID:
CVE-2014-3377
Title:
snmpd in Cisco IOS XR 5.1 and earlier allows remote authenticated users to cause a denial of service (process reload) via a malformed SNMPv2 packet, aka Bug ID CSCun67791.
Type:
Hardware
Bulletins:
CVE-2014-3377
SFBID69959
Severity:
Medium
Description:
snmpd in Cisco IOS XR 5.1 and earlier allows remote authenticated users to cause a denial of service (process reload) via a malformed SNMPv2 packet, aka Bug ID CSCun67791.
Applies to:
Created:
2014-09-20
Updated:
2017-07-05

ID:
CVE-2014-3378
Title:
tacacsd in Cisco IOS XR 5.1 and earlier allows remote attackers to cause a denial of service (process reload) via a malformed TACACS+ packet, aka Bug ID CSCum00468.
Type:
Hardware
Bulletins:
CVE-2014-3378
SFBID69957
Severity:
Medium
Description:
tacacsd in Cisco IOS XR 5.1 and earlier allows remote attackers to cause a denial of service (process reload) via a malformed TACACS+ packet, aka Bug ID CSCum00468.
Applies to:
Created:
2014-09-20
Updated:
2017-07-05

ID:
CVE-2014-4352
Title:
Address Book in Apple iOS before 8 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information by obtaining this UID.
Type:
Mobile Devices
Bulletins:
CVE-2014-4352
SFBID69882
Severity:
Low
Description:
Address Book in Apple iOS before 8 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information by obtaining this UID.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4353
Title:
Race condition in iMessage in Apple iOS before 8 allows attackers to obtain sensitive information by leveraging the presence of an attachment after the deletion of its parent (1) iMessage or (2) MMS.
Type:
Mobile Devices
Bulletins:
CVE-2014-4353
SFBID69882
Severity:
Medium
Description:
Race condition in iMessage in Apple iOS before 8 allows attackers to obtain sensitive information by leveraging the presence of an attachment after the deletion of its parent (1) iMessage or (2) MMS.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4354
Title:
Apple iOS before 8 enables Bluetooth during all upgrade actions, which makes it easier for remote attackers to bypass intended access restrictions via a Bluetooth session.
Type:
Mobile Devices
Bulletins:
CVE-2014-4354
SFBID69882
Severity:
Medium
Description:
Apple iOS before 8 enables Bluetooth during all upgrade actions, which makes it easier for remote attackers to bypass intended access restrictions via a Bluetooth session.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4356
Title:
Apple iOS before 8 does not follow the intended configuration setting for text-message preview on the lock screen, which allows physically proximate attackers to obtain sensitive information by reading this screen.
Type:
Mobile Devices
Bulletins:
CVE-2014-4356
SFBID69882
Severity:
Low
Description:
Apple iOS before 8 does not follow the intended configuration setting for text-message preview on the lock screen, which allows physically proximate attackers to obtain sensitive information by reading this screen.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4357
Title:
Accounts Framework in Apple iOS before 8 and Apple TV before 7 allows attackers to obtain sensitive information by reading log data that was not intended to be present in a log.
Type:
Mobile Devices
Bulletins:
CVE-2014-4357
SFBID69882
Severity:
Low
Description:
Accounts Framework in Apple iOS before 8 and Apple TV before 7 allows attackers to obtain sensitive information by reading log data that was not intended to be present in a log.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4361
Title:
The Home & Lock Screen subsystem in Apple iOS before 8 does not properly restrict the private API for app prominence, which allows attackers to determine the frontmost app by leveraging access to a crafted background app.
Type:
Mobile Devices
Bulletins:
CVE-2014-4361
SFBID69882
Severity:
Medium
Description:
The Home & Lock Screen subsystem in Apple iOS before 8 does not properly restrict the private API for app prominence, which allows attackers to determine the frontmost app by leveraging access to a crafted background app.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4362
Title:
The Sandbox Profiles implementation in Apple iOS before 8 does not properly restrict the third-party app sandbox profile, which allows attackers to obtain sensitive Apple ID information via a crafted app.
Type:
Mobile Devices
Bulletins:
CVE-2014-4362
SFBID69882
Severity:
Medium
Description:
The Sandbox Profiles implementation in Apple iOS before 8 does not properly restrict the third-party app sandbox profile, which allows attackers to obtain sensitive Apple ID information via a crafted app.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4363
Title:
Safari in Apple iOS before 8 does not properly restrict the autofilling of passwords in forms, which allows remote attackers to obtain sensitive information via (1) an http web site, (2) an https web site with an unacceptable X.509...
Type:
Mobile Devices
Bulletins:
CVE-2014-4363
SFBID69882
Severity:
Medium
Description:
Safari in Apple iOS before 8 does not properly restrict the autofilling of passwords in forms, which allows remote attackers to obtain sensitive information via (1) an http web site, (2) an https web site with an unacceptable X.509 certificate, or (3) an IFRAME element.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4364
Title:
The 802.1X subsystem in Apple iOS before 8 and Apple TV before 7 does not require strong authentication methods, which allows remote attackers to calculate credentials by offering LEAP authentication from a crafted Wi-Fi AP and then...
Type:
Mobile Devices
Bulletins:
CVE-2014-4364
SFBID69882
Severity:
Low
Description:
The 802.1X subsystem in Apple iOS before 8 and Apple TV before 7 does not require strong authentication methods, which allows remote attackers to calculate credentials by offering LEAP authentication from a crafted Wi-Fi AP and then performing a cryptographic attack against the MS-CHAPv1 hash.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4366
Title:
Mail in Apple iOS before 8 does not prevent sending a LOGIN command to a LOGINDISABLED IMAP server, which allows remote attackers to obtain sensitive cleartext information by sniffing the network.
Type:
Mobile Devices
Bulletins:
CVE-2014-4366
SFBID69882
Severity:
Medium
Description:
Mail in Apple iOS before 8 does not prevent sending a LOGIN command to a LOGINDISABLED IMAP server, which allows remote attackers to obtain sensitive cleartext information by sniffing the network.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4367
Title:
Apple iOS before 8 enables Voice Dial during all upgrade actions, which makes it easier for physically proximate attackers to launch unintended calls by speaking a telephone number.
Type:
Mobile Devices
Bulletins:
CVE-2014-4367
SFBID69882
Severity:
Low
Description:
Apple iOS before 8 enables Voice Dial during all upgrade actions, which makes it easier for physically proximate attackers to launch unintended calls by speaking a telephone number.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4368
Title:
The Accessibility subsystem in Apple iOS before 8 allows attackers to interfere with screen locking via vectors related to AssistiveTouch events.
Type:
Mobile Devices
Bulletins:
CVE-2014-4368
SFBID69882
Severity:
Medium
Description:
The Accessibility subsystem in Apple iOS before 8 allows attackers to interfere with screen locking via vectors related to AssistiveTouch events.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4369
Title:
The IOAcceleratorFamily API implementation in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device crash) via an application that uses crafted arguments.
Type:
Mobile Devices
Bulletins:
CVE-2014-4369
SFBID69882
Severity:
High
Description:
The IOAcceleratorFamily API implementation in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device crash) via an application that uses crafted arguments.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4371
Title:
The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted...
Type:
Mobile Devices
Bulletins:
CVE-2014-4371
SFBID69882
Severity:
Low
Description:
The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4419, CVE-2014-4420, and CVE-2014-4421.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4372
Title:
syslogd in the syslog subsystem in Apple iOS before 8 and Apple TV before 7 allows local users to change the permissions of arbitrary files via a symlink attack on an unspecified file.
Type:
Mobile Devices
Bulletins:
CVE-2014-4372
SFBID69882
Severity:
Low
Description:
syslogd in the syslog subsystem in Apple iOS before 8 and Apple TV before 7 allows local users to change the permissions of arbitrary files via a symlink attack on an unspecified file.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4373
Title:
The IntelAccelerator driver in the IOAcceleratorFamily subsystem in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted application.
Type:
Mobile Devices
Bulletins:
CVE-2014-4373
SFBID69882
Severity:
High
Description:
The IntelAccelerator driver in the IOAcceleratorFamily subsystem in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted application.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4374
Title:
NSXMLParser in Foundation in Apple iOS before 8 allows attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Type:
Mobile Devices
Bulletins:
CVE-2014-4374
SFBID69882
Severity:
Medium
Description:
NSXMLParser in Foundation in Apple iOS before 8 allows attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4375
Title:
Double free vulnerability in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (device crash) via vectors related to Mach ports.
Type:
Mobile Devices
Bulletins:
CVE-2014-4375
SFBID69882
Severity:
High
Description:
Double free vulnerability in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (device crash) via vectors related to Mach ports.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4377
Title:
Integer overflow in CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.
Type:
Mobile Devices
Bulletins:
CVE-2014-4377
SFBID69882
Severity:
Medium
Description:
Integer overflow in CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4378
Title:
CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted PDF document.
Type:
Mobile Devices
Bulletins:
CVE-2014-4378
SFBID69882
Severity:
Medium
Description:
CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted PDF document.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4379
Title:
An unspecified IOHIDFamily function in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking to prevent reading of kernel pointers, which allows attackers to bypass the ASLR protection mechanism via a crafted application.
Type:
Mobile Devices
Bulletins:
CVE-2014-4379
SFBID69882
Severity:
High
Description:
An unspecified IOHIDFamily function in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking to prevent reading of kernel pointers, which allows attackers to bypass the ASLR protection mechanism via a crafted application.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4380
Title:
The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code in the kernel's context via a crafted application.
Type:
Mobile Devices
Bulletins:
CVE-2014-4380
SFBID69882
Severity:
High
Description:
The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code in the kernel's context via a crafted application.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4381
Title:
Libnotify in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code as root via a crafted application.
Type:
Mobile Devices
Bulletins:
CVE-2014-4381
SFBID69882
Severity:
High
Description:
Libnotify in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code as root via a crafted application.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4383
Title:
The Assets subsystem in Apple iOS before 8 and Apple TV before 7 allows man-in-the-middle attackers to spoof a device's update status via a crafted Last-Modified HTTP response header.
Type:
Mobile Devices
Bulletins:
CVE-2014-4383
SFBID69882
Severity:
Medium
Description:
The Assets subsystem in Apple iOS before 8 and Apple TV before 7 allows man-in-the-middle attackers to spoof a device's update status via a crafted Last-Modified HTTP response header.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4384
Title:
Directory traversal vulnerability in the App Installation feature in Apple iOS before 8 allows local users to install unverified apps by triggering code-signature validation of an unintended bundle.
Type:
Mobile Devices
Bulletins:
CVE-2014-4384
SFBID69882
Severity:
Low
Description:
Directory traversal vulnerability in the App Installation feature in Apple iOS before 8 allows local users to install unverified apps by triggering code-signature validation of an unintended bundle.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4386
Title:
Race condition in the App Installation feature in Apple iOS before 8 allows local users to gain privileges and install unverified apps by leveraging /tmp write access.
Type:
Mobile Devices
Bulletins:
CVE-2014-4386
SFBID69882
Severity:
Low
Description:
Race condition in the App Installation feature in Apple iOS before 8 allows local users to gain privileges and install unverified apps by leveraging /tmp write access.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4388
Title:
IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in...
Type:
Mobile Devices
Bulletins:
CVE-2014-4388
SFBID69882
Severity:
High
Description:
IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than CVE-2014-4418.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4389
Title:
Integer overflow in IOKit in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted API arguments.
Type:
Mobile Devices
Bulletins:
CVE-2014-4389
SFBID69882
Severity:
High
Description:
Integer overflow in IOKit in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted API arguments.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4404
Title:
Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted key-mapping properties.
Type:
Mobile Devices
Bulletins:
CVE-2014-4404
SFBID69882
Severity:
High
Description:
Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted key-mapping properties.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4405
Title:
IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted key-mapping...
Type:
Mobile Devices
Bulletins:
CVE-2014-4405
SFBID69882
Severity:
High
Description:
IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted key-mapping properties.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4407
Title:
IOKit in Apple iOS before 8 and Apple TV before 7 does not properly initialize kernel memory, which allows attackers to obtain sensitive memory-content information via an application that makes crafted IOKit function calls.
Type:
Mobile Devices
Bulletins:
CVE-2014-4407
SFBID69882
Severity:
Medium
Description:
IOKit in Apple iOS before 8 and Apple TV before 7 does not properly initialize kernel memory, which allows attackers to obtain sensitive memory-content information via an application that makes crafted IOKit function calls.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4408
Title:
The rt_setgate function in the kernel in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (out-of-bounds read and device crash) via a crafted call.
Type:
Mobile Devices
Bulletins:
CVE-2014-4408
SFBID69882
Severity:
Medium
Description:
The rt_setgate function in the kernel in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (out-of-bounds read and device crash) via a crafted call.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4409
Title:
WebKit in Apple iOS before 8 makes it easier for remote attackers to track users during private browsing via a crafted web site that reads HTML5 application-cache data that had been stored during normal browsing.
Type:
Mobile Devices
Bulletins:
CVE-2014-4409
SFBID69882
Severity:
Medium
Description:
WebKit in Apple iOS before 8 makes it easier for remote attackers to track users during private browsing via a crafted web site that reads HTML5 application-cache data that had been stored during normal browsing.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4410
Title:
WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability...
Type:
Mobile Devices
Bulletins:
CVE-2014-4410
SFBID69881
Severity:
Medium
Description:
WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4411
Title:
WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability...
Type:
Mobile Devices
Bulletins:
CVE-2014-4411
SFBID69881
Severity:
Medium
Description:
WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4412
Title:
WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability...
Type:
Mobile Devices
Bulletins:
CVE-2014-4412
SFBID69881
Severity:
Medium
Description:
WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4413
Title:
WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability...
Type:
Mobile Devices
Bulletins:
CVE-2014-4413
SFBID69881
Severity:
Medium
Description:
WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4414
Title:
WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability...
Type:
Mobile Devices
Bulletins:
CVE-2014-4414
SFBID69881
Severity:
Medium
Description:
WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4415
Title:
WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability...
Type:
Mobile Devices
Bulletins:
CVE-2014-4415
SFBID69881
Severity:
Medium
Description:
WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4418
Title:
IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in...
Type:
Mobile Devices
Bulletins:
CVE-2014-4418
SFBID69882
Severity:
High
Description:
IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than CVE-2014-4388.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4419
Title:
The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted...
Type:
Mobile Devices
Bulletins:
CVE-2014-4419
SFBID69882
Severity:
Low
Description:
The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4420, and CVE-2014-4421.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4420
Title:
The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted...
Type:
Mobile Devices
Bulletins:
CVE-2014-4420
SFBID69882
Severity:
Low
Description:
The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4421.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4421
Title:
The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted...
Type:
Mobile Devices
Bulletins:
CVE-2014-4421
SFBID69882
Severity:
Low
Description:
The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4420.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4422
Title:
The kernel in Apple iOS before 8 and Apple TV before 7 uses a predictable random number generator during the early portion of the boot process, which allows attackers to bypass certain kernel-hardening protection mechanisms by using...
Type:
Mobile Devices
Bulletins:
CVE-2014-4422
SFBID69882
Severity:
Medium
Description:
The kernel in Apple iOS before 8 and Apple TV before 7 uses a predictable random number generator during the early portion of the boot process, which allows attackers to bypass certain kernel-hardening protection mechanisms by using a user-space process to observe data related to the random numbers.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
CVE-2014-4423
Title:
The Accounts subsystem in Apple iOS before 8 allows attackers to bypass a sandbox protection mechanism and obtain an active iCloud account's Apple ID and metadata via a crafted application.
Type:
Mobile Devices
Bulletins:
CVE-2014-4423
SFBID69882
Severity:
Medium
Description:
The Accounts subsystem in Apple iOS before 8 allows attackers to bypass a sandbox protection mechanism and obtain an active iCloud account's Apple ID and metadata via a crafted application.
Applies to:
Created:
2014-09-18
Updated:
2017-07-05

ID:
MITRE:26312
Title:
oval:org.mitre.oval:def:26312: Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows, Adobe AIR before 15.0.0.249 on Windows allow attackers to execute arbitrary code or cause a denial of service
Type:
Software
Bulletins:
MITRE:26312
CVE-2014-0550
Severity:
Low
Description:
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0551, CVE-2014-0552, and CVE-2014-0555.
Applies to:
ActiveX Control
Adobe AIR
Adobe Flash Player
Created:
2014-09-17
Updated:
2015-08-03

ID:
MITRE:26668
Title:
oval:org.mitre.oval:def:26668: Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows, Adobe AIR before 15.0.0.249 on Windows allows allow attackers to bypass intended access restrictions
Type:
Software
Bulletins:
MITRE:26668
CVE-2014-0554
Severity:
Low
Description:
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to bypass intended access restrictions via unspecified vectors.
Applies to:
ActiveX Control
Adobe AIR
Adobe Flash Player
Created:
2014-09-17
Updated:
2015-08-03

ID:
MITRE:26551
Title:
oval:org.mitre.oval:def:26551: Use-after-free vulnerability in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows, Adobe AIR before 15.0.0.249 on Windows allows attackers to execute arbitrary code via unspecified vectors
Type:
Software
Bulletins:
MITRE:26551
CVE-2014-0553
Severity:
Low
Description:
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allows attackers to execute arbitrary code via unspecified vectors.
Applies to:
ActiveX Control
Adobe AIR
Adobe Flash Player
Created:
2014-09-17
Updated:
2015-08-03

ID:
MITRE:26807
Title:
oval:org.mitre.oval:def:26807: Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows, Adobe AIR before 15.0.0.249 on Windows allow remote attackers to bypass the Same Origin Policy
Type:
Software
Bulletins:
MITRE:26807
CVE-2014-0548
Severity:
Low
Description:
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow remote attackers to bypass the Same Origin Policy via unspecified vectors.
Applies to:
ActiveX Control
Adobe AIR
Adobe Flash Player
Created:
2014-09-17
Updated:
2015-08-03

ID:
MITRE:26708
Title:
oval:org.mitre.oval:def:26708: Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows, Adobe AIR before 15.0.0.249 on Windows allow attackers to execute arbitrary code or cause a denial of service
Type:
Software
Bulletins:
MITRE:26708
CVE-2014-0551
Severity:
Low
Description:
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0552, and CVE-2014-0555.
Applies to:
ActiveX Control
Adobe AIR
Adobe Flash Player
Created:
2014-09-17
Updated:
2015-08-03

ID:
MITRE:26301
Title:
oval:org.mitre.oval:def:26301: Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows, Adobe AIR before 15.0.0.249 on Windows allow attackers to execute arbitrary code or cause a denial of service
Type:
Software
Bulletins:
MITRE:26301
CVE-2014-0552
Severity:
Low
Description:
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, and CVE-2014-0555.
Applies to:
ActiveX Control
Adobe AIR
Adobe Flash Player
Created:
2014-09-17
Updated:
2015-08-03

ID:
MITRE:26758
Title:
oval:org.mitre.oval:def:26758: Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows, Adobe AIR before 15.0.0.249 on Windows do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection...
Type:
Software
Bulletins:
MITRE:26758
CVE-2014-0557
Severity:
Low
Description:
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors.
Applies to:
ActiveX Control
Adobe AIR
Adobe Flash Player
Created:
2014-09-17
Updated:
2015-08-03

ID:
MITRE:26813
Title:
oval:org.mitre.oval:def:26813: Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows, Adobe AIR before 15.0.0.249 on Windows allows allow attackers to bypass intended access restrictions
Type:
Software
Bulletins:
MITRE:26813
CVE-2014-0556
Severity:
Low
Description:
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0559.
Applies to:
ActiveX Control
Adobe AIR
Adobe Flash Player
Created:
2014-09-17
Updated:
2015-08-03

ID:
MITRE:26434
Title:
oval:org.mitre.oval:def:26434: Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows, Adobe AIR before 15.0.0.249 on Windows allow attackers to execute arbitrary code or cause a denial of service
Type:
Software
Bulletins:
MITRE:26434
CVE-2014-0547
Severity:
Low
Description:
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, and CVE-2014-0555.
Applies to:
ActiveX Control
Adobe AIR
Adobe Flash Player
Created:
2014-09-17
Updated:
2015-08-03

ID:
MITRE:26616
Title:
oval:org.mitre.oval:def:26616: Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows, Adobe AIR before 15.0.0.249 on Windows allows attackers to execute arbitrary code
Type:
Software
Bulletins:
MITRE:26616
CVE-2014-0559
Severity:
Low
Description:
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0556.
Applies to:
ActiveX Control
Adobe AIR
Adobe Flash Player
Created:
2014-09-17
Updated:
2015-08-03

ID:
MITRE:26603
Title:
oval:org.mitre.oval:def:26603: Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows, Adobe AIR before 15.0.0.249 on Windows allows allow attackers to bypass intended access restrictions
Type:
Software
Bulletins:
MITRE:26603
CVE-2014-0555
Severity:
Low
Description:
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, and CVE-2014-0552.
Applies to:
ActiveX Control
Adobe AIR
Adobe Flash Player
Created:
2014-09-17
Updated:
2015-08-03

ID:
MITRE:26818
Title:
oval:org.mitre.oval:def:26818: Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows, Adobe AIR before 15.0.0.249 on Windows allow attackers to execute arbitrary code or cause a denial of service
Type:
Software
Bulletins:
MITRE:26818
CVE-2014-0549
Severity:
Low
Description:
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, and CVE-2014-0555.
Applies to:
ActiveX Control
Adobe AIR
Adobe Flash Player
Created:
2014-09-17
Updated:
2015-08-03

ID:
MITRE:26601
Title:
oval:org.mitre.oval:def:26601: .NET framework denial of service vulnerability
Type:
Software
Bulletins:
MITRE:26601
CVE-2014-4072
Severity:
Low
Description:
Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly use a hash table for request data, which allows remote attackers to cause a denial of service (resource consumption and ASP.NET performance degradation) via crafted requests, aka ".NET Framework Denial of Service Vulnerability."
Applies to:
Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.0
Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 4.0
Microsoft .NET Framework 4.5
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.2
Created:
2014-09-12
Updated:
2015-12-22

ID:
CVE-2014-3342
Title:
The CLI in Cisco IOS XR allows remote authenticated users to obtain sensitive information via unspecified commands, aka Bug IDs CSCuq42336, CSCuq76853, CSCuq76873, and CSCuq45383.
Type:
Hardware
Bulletins:
CVE-2014-3342
SFBID69735
Severity:
Medium
Description:
The CLI in Cisco IOS XR allows remote authenticated users to obtain sensitive information via unspecified commands, aka Bug IDs CSCuq42336, CSCuq76853, CSCuq76873, and CSCuq45383.
Applies to:
Created:
2014-09-11
Updated:
2017-07-05

ID:
CVE-2014-3363
Title:
Cross-site scripting (XSS) vulnerability in the web framework in Cisco Unified Communications Manager (UCM) 9.1(2.10000.28) allows remote authenticated users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuq68443.
Type:
Hardware
Bulletins:
CVE-2014-3363
SFBID69739
Severity:
Low
Description:
Cross-site scripting (XSS) vulnerability in the web framework in Cisco Unified Communications Manager (UCM) 9.1(2.10000.28) allows remote authenticated users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuq68443.
Applies to:
Unified Communications Manager
Created:
2014-09-11
Updated:
2017-07-05

ID:
CVE-2014-3343
Title:
Cisco IOS XR 5.1 allows remote attackers to cause a denial of service (DHCPv6 daemon crash) via a malformed DHCPv6 packet, aka Bug ID CSCuo59052.
Type:
Hardware
Bulletins:
CVE-2014-3343
SFBID69667
Severity:
Medium
Description:
Cisco IOS XR 5.1 allows remote attackers to cause a denial of service (DHCPv6 daemon crash) via a malformed DHCPv6 packet, aka Bug ID CSCuo59052.
Applies to:
Created:
2014-09-10
Updated:
2017-07-05

ID:
CVE-2014-3353
Title:
Cisco IOS XR 4.3(.2) and earlier, as used in Cisco Carrier Routing System (CRS), allows remote attackers to cause a denial of service (CPU consumption and IPv6 packet drops) via a malformed IPv6 packet, aka Bug ID CSCuo95165.
Type:
Hardware
Bulletins:
CVE-2014-3353
SFBID69506
Severity:
High
Description:
Cisco IOS XR 4.3(.2) and earlier, as used in Cisco Carrier Routing System (CRS), allows remote attackers to cause a denial of service (CPU consumption and IPv6 packet drops) via a malformed IPv6 packet, aka Bug ID CSCuo95165.
Applies to:
Created:
2014-09-04
Updated:
2017-07-05

ID:
MITRE:25633
Title:
oval:org.mitre.oval:def:25633: Arbitrary code executing via unknown vectors.
Type:
Web
Bulletins:
MITRE:25633
CVE-2011-1346
Severity:
Low
Description:
Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors, as demonstrated by Stephen Fewer as the second of three chained vulnerabilities during a Pwn2Own competition at CanSecWest 2011.
Applies to:
Microsoft Internet Explorer 8
Created:
2014-09-03
Updated:
2015-08-10

ID:
MITRE:26532
Title:
oval:org.mitre.oval:def:26532: Heap-based buffer overflow in KMPlayer 3.0.0.1441
Type:
Software
Bulletins:
MITRE:26532
CVE-2011-2594
Severity:
Low
Description:
Heap-based buffer overflow in KMPlayer 3.0.0.1441, and possibly other versions, allows remote attackers to execute arbitrary code via a playlist (.KPL) file with a long Title field.
Applies to:
KMPlayer
Created:
2014-09-03
Updated:
2015-08-10

ID:
MITRE:26378
Title:
oval:org.mitre.oval:def:26378: Unspecified vulnerability allows remote attackers to bypass Protected Mode
Type:
Web
Bulletins:
MITRE:26378
CVE-2011-1347
Severity:
Low
Description:
Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to bypass Protected Mode and create arbitrary files by leveraging access to a Low integrity process, as demonstrated by Stephen Fewer as the third of three chained vulnerabilities during a Pwn2Own competition at CanSecWest 2011.
Applies to:
Microsoft Internet Explorer 8
Created:
2014-09-03
Updated:
2015-08-10

ID:
MITRE:26362
Title:
oval:org.mitre.oval:def:26362: Apache Subversion vulnerability Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials
Type:
Software
Bulletins:
MITRE:26362
CVE-2014-3528
Severity:
Low
Description:
Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm.
Applies to:
VisualSVN Server
Created:
2014-08-29
Updated:
2015-05-04

ID:
MITRE:25808
Title:
oval:org.mitre.oval:def:25808: Apache Subversion vulnerability 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate
Type:
Software
Bulletins:
MITRE:25808
CVE-2014-3522
Severity:
Low
Description:
The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.
Applies to:
VisualSVN Server
Created:
2014-08-29
Updated:
2015-05-04

ID:
MITRE:26275
Title:
oval:org.mitre.oval:def:26275: CSyncBasePlayer use after free vulnerability
Type:
Software
Bulletins:
MITRE:26275
CVE-2014-4060
Severity:
Low
Description:
Use-after-free vulnerability in MCPlayer.dll in Microsoft Windows Media Center TV Pack for Windows Vista, Windows 7 SP1, and Windows Media Center for Windows 8 and 8.1 allows remote attackers to execute arbitrary code via a crafted Office document that triggers deletion of a CSyncBasePlayer object, aka "CSyncBasePlayer Use After Free Vulnerability."
Applies to:
Microsoft Windows Media Center
Created:
2014-08-19
Updated:
2015-08-10

ID:
MITRE:26154
Title:
oval:org.mitre.oval:def:26154: Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows, Adobe AIR before 14.0.0.178 on Windows do not properly restrict discovery of memory addresses
Type:
Software
Bulletins:
MITRE:26154
CVE-2014-0544
Severity:
Low
Description:
Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2014-0540, CVE-2014-0542, CVE-2014-0543, and CVE-2014-0545.
Applies to:
Adobe AIR
Adobe Flash Player
Created:
2014-08-18
Updated:
2015-08-03

ID:
MITRE:25856
Title:
oval:org.mitre.oval:def:25856: Use-after-free vulnerability in Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows, Adobe AIR before 14.0.0.178 on Windows allows attackers to execute arbitrary code
Type:
Software
Bulletins:
MITRE:25856
CVE-2014-0546
Severity:
Low
Description:
Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 on Windows allow attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via unspecified vectors.
Applies to:
Adobe AIR
Adobe Flash Player
Created:
2014-08-18
Updated:
2015-08-03

ID:
MITRE:26134
Title:
oval:org.mitre.oval:def:26134: Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows, Adobe AIR before 14.0.0.178 on Windows do not properly restrict discovery of memory addresses
Type:
Software
Bulletins:
MITRE:26134
CVE-2014-0545
Severity:
Low
Description:
Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2014-0540, CVE-2014-0542, CVE-2014-0543, and CVE-2014-0544.
Applies to:
Adobe AIR
Adobe Flash Player
Created:
2014-08-18
Updated:
2015-08-03

ID:
MITRE:26161
Title:
oval:org.mitre.oval:def:26161: Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows, Adobe AIR before 14.0.0.178 on Windows do not properly restrict discovery of memory addresses
Type:
Software
Bulletins:
MITRE:26161
CVE-2014-0542
Severity:
Low
Description:
Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2014-0540, CVE-2014-0543, CVE-2014-0544, and CVE-2014-0545.
Applies to:
Adobe AIR
Adobe Flash Player
Created:
2014-08-18
Updated:
2015-08-03

ID:
MITRE:26337
Title:
oval:org.mitre.oval:def:26337: Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows, Adobe AIR before 14.0.0.178 on Windows do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism
Type:
Software
Bulletins:
MITRE:26337
CVE-2014-0540
Severity:
Low
Description:
Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2014-0542, CVE-2014-0543, CVE-2014-0544, and CVE-2014-0545.
Applies to:
Adobe AIR
Adobe Flash Player
Created:
2014-08-18
Updated:
2015-08-03

ID:
MITRE:26316
Title:
oval:org.mitre.oval:def:26316: Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows, Adobe AIR before 14.0.0.178 on Windows do not properly restrict discovery of memory addresses
Type:
Software
Bulletins:
MITRE:26316
CVE-2014-0543
Severity:
Low
Description:
Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2014-0540, CVE-2014-0542, CVE-2014-0544, and CVE-2014-0545.
Applies to:
Adobe AIR
Adobe Flash Player
Created:
2014-08-18
Updated:
2015-08-03

ID:
CVE-2014-3338
Title:
The CTIManager module in Cisco Unified Communications Manager (CM) 10.0(1), when single sign-on is enabled, does not properly validate Kerberos SSO tokens, which allows remote authenticated users to gain privileges and execute arbitrary commands via...
Type:
Hardware
Bulletins:
CVE-2014-3338
SFBID69176
Severity:
High
Description:
The CTIManager module in Cisco Unified Communications Manager (CM) 10.0(1), when single sign-on is enabled, does not properly validate Kerberos SSO tokens, which allows remote authenticated users to gain privileges and execute arbitrary commands via crafted token data, aka Bug ID CSCum95491.
Applies to:
Unified Communications Manager
Created:
2014-08-12
Updated:
2017-07-05

ID:
CVE-2014-3327
Title:
The EnergyWise module in Cisco IOS 12.2, 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.2.xXO, 3.3.xSG, 3.4.xSG, and 3.5.xE before 3.5.3E allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCup52101.
Type:
Hardware
Bulletins:
CVE-2014-3327
SFBID69066
Severity:
High
Description:
The EnergyWise module in Cisco IOS 12.2, 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.2.xXO, 3.3.xSG, 3.4.xSG, and 3.5.xE before 3.5.3E allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCup52101.
Applies to:
Created:
2014-08-11
Updated:
2017-07-05

ID:
CVE-2014-3332
Title:
Cisco Unified Communications Manager (CM) 8.6(.2) and earlier has an incorrect CLI restrictions setting, which allows remote authenticated users to establish undetected concurrent logins via unspecified vectors, aka Bug ID CSCup98029.
Type:
Hardware
Bulletins:
CVE-2014-3332
SFBID69068
Severity:
Medium
Description:
Cisco Unified Communications Manager (CM) 8.6(.2) and earlier has an incorrect CLI restrictions setting, which allows remote authenticated users to establish undetected concurrent logins via unspecified vectors, aka Bug ID CSCup98029.
Applies to:
Unified Communications Manager
Created:
2014-08-11
Updated:
2017-07-05

ID:
MITRE:26284
Title:
oval:org.mitre.oval:def:26284: SUSE-SU-2014:0905-1 -- Security update for Mozilla Firefox
Type:
Web
Bulletins:
MITRE:26284
Severity:
Low
Description:
Mozilla Firefox has been updated to 24.6.0 to fix the security issues.
Applies to:
Mozilla Firefox
Created:
2014-08-06
Updated:
2015-03-16

ID:
MITRE:26186
Title:
oval:org.mitre.oval:def:26186: RHSA-2014:1004: yum-updatesd security update
Type:
Software
Bulletins:
MITRE:26186
Severity:
Low
Description:
The yum-updatesd package provides a daemon which checks for available updates and can notify you when they are available via email, syslog, or dbus. It was discovered that yum-updatesd did not properly perform RPM package signature checks. When yum-updatesd was configured to automatically install updates, a remote attacker could use this flaw to install a malicious update on the target system using an unsigned RPM or an RPM signed with an untrusted key. (CVE-2014-0022) All yum-updatesd users are advised to upgrade to this updated package, which contains a backported patch to correct this issue. After installing this update, the yum-updatesd service will be restarted automatically.
Applies to:
yum-updatesd
Created:
2014-08-05
Updated:
2015-04-13

ID:
MITRE:26244
Title:
oval:org.mitre.oval:def:26244: RHSA-2013-1605: glibc security, bug fix, and enhancement update
Type:
Miscellaneous
Bulletins:
MITRE:26244
Severity:
Low
Description:
Updated glibc packages that fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6.
Applies to:
glibc
Created:
2014-08-05
Updated:
2015-03-09

ID:
MITRE:26218
Title:
oval:org.mitre.oval:def:26218: RHSA-2012:0884: openssh security, bug fix, and enhancement update
Type:
Services
Bulletins:
MITRE:26218
Severity:
Low
Description:
The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
Applies to:
openssh
Created:
2014-08-05
Updated:
2015-03-09

ID:
MITRE:25091
Title:
oval:org.mitre.oval:def:25091: RHSA-2014:0927: qemu-kvm security and bug fix update
Type:
Software
Bulletins:
MITRE:25091
Severity:
Low
Description:
KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Two integer overflow flaws were found in the QEMU block driver for QCOW version 1 disk images. A user able to alter the QEMU disk image files loaded by a guest could use either of these flaws to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0222, CVE-2014-0223) Multiple buffer overflow, input validation, and out-of-bounds write flaws were found in the way virtio, virtio-net, virtio-scsi, usb, and hpet drivers of QEMU handled state loading after migration. A user able to alter the savevm data (either on the disk or over the wire during migration) could use either of these flaws to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2013-4148, CVE-2013-4149, CVE-2013-4150, CVE-2013-4151, CVE-2013-4527, CVE-2013-4529, CVE-2013-4535, CVE-2013-4536, CVE-2013-4541, CVE-2013-4542, CVE-2013-6399, CVE-2014-0182, CVE-2014-3461) These issues were discovered by Michael S. Tsirkin, Anthony Liguori and Michael Roth of Red Hat: CVE-2013-4148, CVE-2013-4149, CVE-2013-4150, CVE-2013-4151, CVE-2013-4527, CVE-2013-4529, CVE-2013-4535, CVE-2013-4536, CVE-2013-4541, CVE-2013-4542, CVE-2013-6399, CVE-2014-0182, and CVE-2014-3461.
Applies to:
qemu-kvm
Created:
2014-07-28
Updated:
2015-04-13

ID:
MITRE:25160
Title:
oval:org.mitre.oval:def:25160: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability
Type:
Software
Bulletins:
MITRE:25160
CVE-2014-4216
Severity:
Low
Description:
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Applies to:
Java Development Kit
Java Runtime Environment
Created:
2014-07-28
Updated:
2015-03-23

ID:
MITRE:24828
Title:
oval:org.mitre.oval:def:24828: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect integrity
Type:
Software
Bulletins:
MITRE:24828
CVE-2014-4218
Severity:
Low
Description:
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect integrity via unknown vectors related to Libraries.
Applies to:
Java Development Kit
Java Runtime Environment
Created:
2014-07-28
Updated:
2015-03-23

ID:
MITRE:25273
Title:
oval:org.mitre.oval:def:25273: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality
Type:
Software
Bulletins:
MITRE:25273
CVE-2014-4252
Severity:
Low
Description:
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Security.
Applies to:
Java Development Kit
Java Runtime Environment
Created:
2014-07-28
Updated:
2015-03-23

ID:
MITRE:24806
Title:
oval:org.mitre.oval:def:24806: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability
Type:
Software
Bulletins:
MITRE:24806
CVE-2014-4262
Severity:
Low
Description:
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Applies to:
Java Development Kit
Java Runtime Environment
Created:
2014-07-28
Updated:
2015-03-23

ID:
MITRE:25066
Title:
oval:org.mitre.oval:def:25066: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity
Type:
Software
Bulletins:
MITRE:25066
CVE-2014-4263
Severity:
Low
Description:
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to "Diffie-Hellman key agreement."
Applies to:
Java Development Kit
Java Runtime Environment
Created:
2014-07-28
Updated:
2015-03-23

ID:
MITRE:25224
Title:
oval:org.mitre.oval:def:25224: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity
Type:
Software
Bulletins:
MITRE:25224
CVE-2014-4244
Severity:
Low
Description:
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.
Applies to:
Java Development Kit
Java Runtime Environment
Created:
2014-07-28
Updated:
2015-03-23

ID:
MITRE:25136
Title:
oval:org.mitre.oval:def:25136: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality and integrity
Type:
Software
Bulletins:
MITRE:25136
CVE-2014-4209
Severity:
Low
Description:
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality and integrity via vectors related to JMX.
Applies to:
Java Development Kit
Java Runtime Environment
Created:
2014-07-28
Updated:
2015-03-23

ID:
MITRE:24827
Title:
oval:org.mitre.oval:def:24827: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality
Type:
Software
Bulletins:
MITRE:24827
CVE-2014-4268
Severity:
Low
Description:
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Swing.
Applies to:
Java Development Kit
Java Runtime Environment
Created:
2014-07-28
Updated:
2015-03-23

ID:
MITRE:26212
Title:
oval:org.mitre.oval:def:26212: SUSE-SU-2013:0471-1 -- Security update for Mozilla Firefox
Type:
Web
Bulletins:
MITRE:26212
Severity:
Low
Description:
MozillaFirefox has been updated to the 17.0.4ESR release. Besides the major version update from the 10ESR stable release line to the 17ESR stable release line, this update brings critical security and bugfixes.
Applies to:
Mozilla Firefox
Created:
2014-07-15
Updated:
2015-03-16

ID:
MITRE:25815
Title:
oval:org.mitre.oval:def:25815: SUSE-SU-2013:0306-1 -- Security update for Mozilla Firefox
Type:
Web
Bulletins:
MITRE:25815
Severity:
Low
Description:
Mozilla Firefox is updated to the 10.0.12ESR version. This is a roll-up update for LTSS. It fixes a lot of security issues and bugs.
Applies to:
Mozilla Firefox
Created:
2014-07-15
Updated:
2015-03-16

ID:
MITRE:25341
Title:
oval:org.mitre.oval:def:25341: SUSE-SU-2014:0665-2 -- Security update for Mozilla Firefox
Type:
Web
Bulletins:
MITRE:25341
Severity:
Low
Description:
This Mozilla Firefox update provides several security and non-security fixes. Mozilla Firefox has been updated to the 24.5.0esr version, which fixes the following issues: * MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards * MFSA 2014-37/CVE-2014-1523 Out of bounds read while decoding JPG images * MFSA 2014-38/CVE-2014-1524 Buffer overflow when using non-XBL object as XBL * MFSA 2014-42/CVE-2014-1529 Privilege escalation through Web Notification API * MFSA 2014-43/CVE-2014-1530 Cross-site scripting (XSS) using history navigations * MFSA 2014-44/CVE-2014-1531 Use-after-free in imgLoader while resizing images * MFSA 2014-46/CVE-2014-1532 Use-after-free in nsHostResolver Mozilla NSS has been updated to version 3.16 * required for Firefox 29 * CVE-2014-1492_ In a wildcard certificate, the wildcard character should not be embedded within the U-label of an internationalized domain name. See the last bullet point in RFC 6125, Section 7.2. * Update of root certificates.
Applies to:
Mozilla Firefox
Created:
2014-07-15
Updated:
2015-03-16

ID:
MITRE:25898
Title:
oval:org.mitre.oval:def:25898: SUSE-RU-2013:0703-2 -- Recommended update for ksh
Type:
Miscellaneous
Bulletins:
MITRE:25898
Severity:
Low
Description:
This update to Korn Shell 93u+ provides fixes for many issues, including: * Fix segmentation fault on typeset on ENV variable. (bnc#803613) * Do not free data which is used later on in the hash tree of reloaded shell functions. (bnc#795324) * Make sure that tty is closed even if an interrupt arrived during close. (bnc#790315) * Fix truncation of variables when TMOUT is used. (bnc#808956) * Fix syntax error on command substitution in here-document. (bnc#804998) * Make Shift_JIS patch more reliable as requested by upstream. For a comprehensive list of fixes please refer to the package's change log.
Applies to:
ksh
Created:
2014-07-15
Updated:
2015-03-16

ID:
MITRE:25231
Title:
oval:org.mitre.oval:def:25231: SUSE-RU-2013:0634-1 -- Recommended update for Xorg
Type:
Software
Bulletins:
MITRE:25231
Severity:
Low
Description:
This update for xorg-x11 provides fixes for the following issues: * 743810: Xnest to remote machine displays black screen * 805590: Xvnc server crashes while launching Java Swing application.
Applies to:
Xorg
Created:
2014-07-15
Updated:
2015-03-16

ID:
MITRE:25349
Title:
oval:org.mitre.oval:def:25349: SUSE-SU-2014:0727-1 -- Security update for Mozilla Firefox
Type:
Web
Bulletins:
MITRE:25349
Severity:
Low
Description:
This Mozilla Firefox update provides several security and non-security fixes. MozillaFirefox has been updated to 24.5.0esr, which fixes the following issues: * MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards * MFSA 2014-37/CVE-2014-1523 Out of bounds read while decoding JPG images * MFSA 2014-38/CVE-2014-1524 Buffer overflow when using non-XBL object as XBL * MFSA 2014-42/CVE-2014-1529 Privilege escalation through Web Notification API * MFSA 2014-43/CVE-2014-1530 Cross-site scripting (XSS) using history navigations * MFSA 2014-44/CVE-2014-1531 Use-after-free in imgLoader while resizing images * MFSA 2014-46/CVE-2014-1532 Use-after-free in nsHostResolver Mozilla NSS has been updated to 3.16 * required for Firefox 29 * CVE-2014-1492_ In a wildcard certificate, the wildcard character should not be embedded within the U-label of an internationalized domain name. See the last bullet point in RFC 6125, Section 7.2. * Update of root certificates.
Applies to:
Mozilla Firefox
Created:
2014-07-15
Updated:
2015-03-16

ID:
MITRE:25916
Title:
oval:org.mitre.oval:def:25916: SUSE-SU-2013:1183-1 -- Security update for xorg-x11
Type:
Software
Bulletins:
MITRE:25916
Severity:
Low
Description:
This update of xorg-x11 fixes several security vulnerabilities. * Bug 815451- X.Org Security Advisory: May 23, 2013 * Bug 821664 - libX11 * Bug 821671 - libXv * Bug 821670 - libXt * Bug 821669 - libXrender * Bug 821668 - libXp * Bug 821667 - libXfixes * Bug 821665 - libXext * Bug 821663 - libFS, libXcursor, libXi, libXinerama, libXRes, libXtst, libXvMC, libXxf86dga, libXxf86vm, libdmx
Applies to:
xorg-x11
Created:
2014-07-15
Updated:
2015-03-16

ID:
CVE-2014-3317
Title:
Directory traversal vulnerability in the Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager 10.0(1) allows remote authenticated users to delete arbitrary files via a crafted URL, aka Bug ID CSCup76314.
Type:
Hardware
Bulletins:
CVE-2014-3317
SFBID68481
Severity:
Medium
Description:
Directory traversal vulnerability in the Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager 10.0(1) allows remote authenticated users to delete arbitrary files via a crafted URL, aka Bug ID CSCup76314.
Applies to:
Unified Communications Manager
Created:
2014-07-14
Updated:
2017-07-05

ID:
CVE-2014-3319
Title:
Directory traversal vulnerability in the Real-Time Monitoring Tool (RTMT) in Cisco Unified Communications Manager (CM) 10.0(1) allows remote authenticated users to read arbitrary files via a crafted URL, aka Bug ID CSCup57676.
Type:
Hardware
Bulletins:
CVE-2014-3319
Severity:
Medium
Description:
Directory traversal vulnerability in the Real-Time Monitoring Tool (RTMT) in Cisco Unified Communications Manager (CM) 10.0(1) allows remote authenticated users to read arbitrary files via a crafted URL, aka Bug ID CSCup57676.
Applies to:
Unified Communications Manager
Created:
2014-07-14
Updated:
2017-07-05

ID:
MITRE:24871
Title:
oval:org.mitre.oval:def:24871: Windows journal remote code execution vulnerability
Type:
Software
Bulletins:
MITRE:24871
CVE-2014-1824
Severity:
Low
Description:
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted Journal (aka .JNT) file, aka "Windows Journal Remote Code Execution Vulnerability."
Applies to:
Created:
2014-07-11
Updated:
2015-02-23

ID:
CVE-2014-3815
Title:
Juniper Junos 12.1X46 before 12.1X46-D20 and 12.1X47 before 12.1X47-D10 on SRX Series devices allows remote attackers to cause a denial of service (flowd crash) via a crafted SIP packet.
Type:
Hardware
Bulletins:
CVE-2014-3815
SFBID68551
Severity:
High
Description:
Juniper Junos 12.1X46 before 12.1X46-D20 and 12.1X47 before 12.1X47-D10 on SRX Series devices allows remote attackers to cause a denial of service (flowd crash) via a crafted SIP packet.
Applies to:
Juniper SRX100
Juniper SRX110
Juniper SRX1400
Juniper SRX210
Juniper SRX220
Juniper SRX240
Juniper SRX3400
Juniper SRX3600
Juniper SRX550
Juniper SRX5600
Juniper SRX5800
Juniper SRX650
Created:
2014-07-11
Updated:
2017-07-05

ID:
CVE-2014-3816
Title:
Juniper Junos 11.4 before 11.4R12, 12.1 before 12.1R11, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D20, 12.1X47 before 12.1X47-D10, 12.2 before 12.2R8-S2, 12.3 before 12.3R7, 13.1 before 13.1R4-S2, 13.2 before...
Type:
Hardware
Bulletins:
CVE-2014-3816
Severity:
High
Description:
Juniper Junos 11.4 before 11.4R12, 12.1 before 12.1R11, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D20, 12.1X47 before 12.1X47-D10, 12.2 before 12.2R8-S2, 12.3 before 12.3R7, 13.1 before 13.1R4-S2, 13.2 before 13.2R5, 13.3 before 13.3R2-S2, and 14.1 before 14.1R1 allows remote authenticated users to gain privileges via unspecified combinations of CLI commands and arguments.
Applies to:
Created:
2014-07-11
Updated:
2017-07-05

ID:
CVE-2014-3817
Title:
Juniper Junos 11.4 before 11.4R12, 12.1X44 before 12.1X44-D32, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, and 12.1X47 before 12.1X47-D10 on SRX Series devices, when NAT protocol translation from IPv4 to IPv6 is enabled, allows remote...
Type:
Hardware
Bulletins:
CVE-2014-3817
SFBID68545
Severity:
High
Description:
Juniper Junos 11.4 before 11.4R12, 12.1X44 before 12.1X44-D32, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, and 12.1X47 before 12.1X47-D10 on SRX Series devices, when NAT protocol translation from IPv4 to IPv6 is enabled, allows remote attackers to cause a denial of service (flowd hang or crash) via a crafted packet.
Applies to:
Juniper SRX100
Juniper SRX110
Juniper SRX1400
Juniper SRX210
Juniper SRX220
Juniper SRX240
Juniper SRX3400
Juniper SRX3600
Juniper SRX550
Juniper SRX5600
Juniper SRX5800
Juniper SRX650
Created:
2014-07-11
Updated:
2017-07-05

ID:
CVE-2014-3819
Title:
Juniper Junos 11.4 before 11.4R12, 12.1 before 12.1R10, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, 12.1X47 before 12.1X47-D10, 12.2 before 12.2R8, 12.3 before 12.3R7, 13.1 before 13.1R4, 13.2 before 13.2R4,...
Type:
Hardware
Bulletins:
CVE-2014-3819
SFBID68539
Severity:
High
Description:
Juniper Junos 11.4 before 11.4R12, 12.1 before 12.1R10, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, 12.1X47 before 12.1X47-D10, 12.2 before 12.2R8, 12.3 before 12.3R7, 13.1 before 13.1R4, 13.2 before 13.2R4, 13.3 before 13.3R2, and 14.1 before 14.1R1, when Auto-RP is enabled, allows remote attackers to cause a denial of service (RDP routing process crash and restart) via a malformed PIM packet.
Applies to:
Created:
2014-07-11
Updated:
2017-07-05

ID:
CVE-2014-3821
Title:
Cross-site scripting (XSS) vulnerability in SRX Web Authentication (webauth) in Juniper Junos 11.4 before 11.4R11, 12.1X44 before 12.1X44-D34, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, and 12.1X47 before 12.1X47-D10 allows remote...
Type:
Hardware
Bulletins:
CVE-2014-3821
SFBID68548
Severity:
Medium
Description:
Cross-site scripting (XSS) vulnerability in SRX Web Authentication (webauth) in Juniper Junos 11.4 before 11.4R11, 12.1X44 before 12.1X44-D34, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, and 12.1X47 before 12.1X47-D10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Applies to:
Created:
2014-07-11
Updated:
2017-07-05

ID:
CVE-2014-3822
Title:
Juniper Junos 11.4 before 11.4R8, 12.1 before 12.1R5, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X45-D15, 12.1X46 before 12.1X46-D10, and 12.1X47 before 12.1X47-D10 on SRX Series devices, allows remote attackers to cause a denial of service...
Type:
Hardware
Bulletins:
CVE-2014-3822
Severity:
Medium
Description:
Juniper Junos 11.4 before 11.4R8, 12.1 before 12.1R5, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X45-D15, 12.1X46 before 12.1X46-D10, and 12.1X47 before 12.1X47-D10 on SRX Series devices, allows remote attackers to cause a denial of service (flowd crash) via a malformed packet, related to translating IPv6 to IPv4.
Applies to:
Juniper SRX100
Juniper SRX110
Juniper SRX1400
Juniper SRX210
Juniper SRX220
Juniper SRX240
Juniper SRX3400
Juniper SRX3600
Juniper SRX550
Juniper SRX5600
Juniper SRX5800
Juniper SRX650
Created:
2014-07-11
Updated:
2017-07-05

ID:
CVE-2014-3315
Title:
Cross-site scripting (XSS) vulnerability in viewfilecontents.do in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka...
Type:
Hardware
Bulletins:
CVE-2014-3315
SFBID68477
Severity:
Medium
Description:
Cross-site scripting (XSS) vulnerability in viewfilecontents.do in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCup76308.
Applies to:
Unified Communications Manager
Created:
2014-07-10
Updated:
2017-07-05

ID:
CVE-2014-3316
Title:
The Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to bypass intended upload restrictions via a crafted parameter, aka Bug ID CSCup76297.
Type:
Hardware
Bulletins:
CVE-2014-3316
SFBID68479
Severity:
Medium
Description:
The Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to bypass intended upload restrictions via a crafted parameter, aka Bug ID CSCup76297.
Applies to:
Unified Communications Manager
Created:
2014-07-10
Updated:
2017-07-05

ID:
CVE-2014-3318
Title:
Directory traversal vulnerability in dna/viewfilecontents.do in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via a crafted URL, aka Bug ID CSCup76318.
Type:
Hardware
Bulletins:
CVE-2014-3318
SFBID68482
Severity:
Medium
Description:
Directory traversal vulnerability in dna/viewfilecontents.do in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via a crafted URL, aka Bug ID CSCup76318.
Applies to:
Unified Communications Manager
Created:
2014-07-10
Updated:
2017-07-05

ID:
MITRE:24783
Title:
oval:org.mitre.oval:def:24783: Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK and Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via unspecified vectors
Type:
Web
Bulletins:
MITRE:24783
CVE-2014-0539
Severity:
Low
Description:
Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0537.
Applies to:
Adobe AIR
Adobe Flash Player
Created:
2014-07-09
Updated:
2015-08-03

ID:
MITRE:24931
Title:
oval:org.mitre.oval:def:24931: Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK and Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via unspecified vectors
Type:
Web
Bulletins:
MITRE:24931
CVE-2014-0537
Severity:
Low
Description:
Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0539.
Applies to:
Adobe AIR
Adobe Flash Player
Created:
2014-07-09
Updated:
2015-08-03

ID:
MITRE:25191
Title:
oval:org.mitre.oval:def:25191: Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK and Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via unspecified vectors
Type:
Web
Bulletins:
MITRE:25191
CVE-2014-4671
Severity:
Low
Description:
Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 do not properly restrict the SWF file format, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks against JSONP endpoints, and obtain sensitive information, via a crafted OBJECT element with SWF content satisfying the character-set requirements of a callback API.
Applies to:
Adobe AIR
Adobe Flash Player
Created:
2014-07-09
Updated:
2015-08-03

ID:
CVE-2014-3309
Title:
The NTP implementation in Cisco IOS and IOS XE does not properly support use of the access-group command for a "deny all" configuration, which allows remote attackers to bypass intended restrictions on time synchronization via a standard query, aka...
Type:
Hardware
Bulletins:
CVE-2014-3309
SFBID68463
Severity:
Medium
Description:
The NTP implementation in Cisco IOS and IOS XE does not properly support use of the access-group command for a "deny all" configuration, which allows remote attackers to bypass intended restrictions on time synchronization via a standard query, aka Bug ID CSCuj66318.
Applies to:
Created:
2014-07-09
Updated:
2017-07-05

ID:
CVE-2014-3100
Title:
Stack-based buffer overflow in the encode_key function in /system/bin/keystore in the KeyStore service in Android 4.3 allows attackers to execute arbitrary code, and consequently obtain sensitive key information or bypass intended...
Type:
Mobile Devices
Bulletins:
CVE-2014-3100
SFBID68152
Severity:
Medium
Description:
Stack-based buffer overflow in the encode_key function in /system/bin/keystore in the KeyStore service in Android 4.3 allows attackers to execute arbitrary code, and consequently obtain sensitive key information or bypass intended restrictions on cryptographic operations, via a long key name.
Applies to:
Created:
2014-07-02
Updated:
2017-07-05

ID:
CVE-2014-1325
Title:
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
Type:
Mobile Devices
Bulletins:
CVE-2014-1325
Severity:
Medium
Description:
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.
Applies to:
Created:
2014-07-01
Updated:
2017-07-05

ID:
CVE-2014-1345
Title:
WebKit in Apple iOS before 7.1.2 and Apple Safari before 6.1.5 and 7.x before 7.0.5 does not properly encode domain names in URLs, which allows remote attackers to spoof the address bar via a crafted web site.
Type:
Mobile Devices
Bulletins:
CVE-2014-1345
SFBID68276
Severity:
Medium
Description:
WebKit in Apple iOS before 7.1.2 and Apple Safari before 6.1.5 and 7.x before 7.0.5 does not properly encode domain names in URLs, which allows remote attackers to spoof the address bar via a crafted web site.
Applies to:
Created:
2014-07-01
Updated:
2017-07-05

ID:
CVE-2014-1348
Title:
Mail in Apple iOS before 7.1.2 advertises the availability of data protection for attachments but stores cleartext attachments under mobile/Library/Mail/, which makes it easier for physically proximate attackers to obtain sensitive...
Type:
Mobile Devices
Bulletins:
CVE-2014-1348
SFBID67263
Severity:
Low
Description:
Mail in Apple iOS before 7.1.2 advertises the availability of data protection for attachments but stores cleartext attachments under mobile/Library/Mail/, which makes it easier for physically proximate attackers to obtain sensitive information by mounting the data partition.
Applies to:
Created:
2014-07-01
Updated:
2017-07-05

ID:
CVE-2014-1349
Title:
Use-after-free vulnerability in Safari in Apple iOS before 7.1.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an invalid URL.
Type:
Mobile Devices
Bulletins:
CVE-2014-1349
SFBID68276
Severity:
Medium
Description:
Use-after-free vulnerability in Safari in Apple iOS before 7.1.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an invalid URL.
Applies to:
Created:
2014-07-01
Updated:
2017-07-05

ID:
CVE-2014-1350
Title:
Settings in Apple iOS before 7.1.2 allows physically proximate attackers to bypass an intended iCloud password requirement, and turn off the Find My iPhone service, by leveraging incorrect state management.
Type:
Mobile Devices
Bulletins:
CVE-2014-1350
SFBID68276
Severity:
Medium
Description:
Settings in Apple iOS before 7.1.2 allows physically proximate attackers to bypass an intended iCloud password requirement, and turn off the Find My iPhone service, by leveraging incorrect state management.
Applies to:
Created:
2014-07-01
Updated:
2017-07-05

ID:
CVE-2014-1351
Title:
Siri in Apple iOS before 7.1.2 allows physically proximate attackers to bypass an intended lock-screen passcode requirement, and read a contact list, via a Siri request that refers to a contact ambiguously.
Type:
Mobile Devices
Bulletins:
CVE-2014-1351
SFBID68276
Severity:
Low
Description:
Siri in Apple iOS before 7.1.2 allows physically proximate attackers to bypass an intended lock-screen passcode requirement, and read a contact list, via a Siri request that refers to a contact ambiguously.
Applies to:
Created:
2014-07-01
Updated:
2017-07-05

ID:
CVE-2014-1352
Title:
Lock Screen in Apple iOS before 7.1.2 does not properly enforce the limit on failed passcode attempts, which makes it easier for physically proximate attackers to conduct brute-force passcode-guessing attacks via unspecified vectors.
Type:
Mobile Devices
Bulletins:
CVE-2014-1352
SFBID68276
Severity:
Low
Description:
Lock Screen in Apple iOS before 7.1.2 does not properly enforce the limit on failed passcode attempts, which makes it easier for physically proximate attackers to conduct brute-force passcode-guessing attacks via unspecified vectors.
Applies to:
Created:
2014-07-01
Updated:
2017-07-05

ID:
CVE-2014-1364
Title:
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
Type:
Mobile Devices
Bulletins:
CVE-2014-1364
Severity:
Medium
Description:
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.
Applies to:
Created:
2014-07-01
Updated:
2017-07-05

ID:
CVE-2014-1365
Title:
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
Type:
Mobile Devices
Bulletins:
CVE-2014-1365
Severity:
Medium
Description:
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.
Applies to:
Created:
2014-07-01
Updated:
2017-07-05

ID:
CVE-2014-1366
Title:
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
Type:
Mobile Devices
Bulletins:
CVE-2014-1366
Severity:
Medium
Description:
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.
Applies to:
Created:
2014-07-01
Updated:
2017-07-05

ID:
CVE-2014-1367
Title:
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
Type:
Mobile Devices
Bulletins:
CVE-2014-1367
Severity:
Medium
Description:
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.
Applies to:
Created:
2014-07-01
Updated:
2017-07-05

ID:
CVE-2014-1368
Title:
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
Type:
Mobile Devices
Bulletins:
CVE-2014-1368
Severity:
Medium
Description:
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.
Applies to:
Created:
2014-07-01
Updated:
2017-07-05

ID:
CVE-2014-1382
Title:
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
Type:
Mobile Devices
Bulletins:
CVE-2014-1382
Severity:
Medium
Description:
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.
Applies to:
Created:
2014-07-01
Updated:
2017-07-05

ID:
CVE-2014-1353
Title:
Lock Screen in Apple iOS before 7.1.2 does not properly manage the telephony state in Airplane Mode, which allows physically proximate attackers to bypass the lock protection mechanism, and access a certain foreground application,...
Type:
Mobile Devices
Bulletins:
CVE-2014-1353
SFBID68276
Severity:
Low
Description:
Lock Screen in Apple iOS before 7.1.2 does not properly manage the telephony state in Airplane Mode, which allows physically proximate attackers to bypass the lock protection mechanism, and access a certain foreground application, via unspecified vectors.
Applies to:
Created:
2014-07-01
Updated:
2017-07-05

ID:
CVE-2014-1354
Title:
CoreGraphics in Apple iOS before 7.1.2 does not properly restrict allocation of stack memory for processing of XBM images, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via...
Type:
Mobile Devices
Bulletins:
CVE-2014-1354
SFBID68276
Severity:
Medium
Description:
CoreGraphics in Apple iOS before 7.1.2 does not properly restrict allocation of stack memory for processing of XBM images, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted image data.
Applies to:
Created:
2014-07-01
Updated:
2017-07-05

ID:
CVE-2014-1355
Title:
The IOKit implementation in the kernel in Apple iOS before 7.1.2 and Apple TV before 6.1.2, and in IOReporting in Apple OS X before 10.9.4, allows local users to cause a denial of service (NULL pointer dereference and reboot) via...
Type:
Mobile Devices
Bulletins:
CVE-2014-1355
Severity:
Medium
Description:
The IOKit implementation in the kernel in Apple iOS before 7.1.2 and Apple TV before 6.1.2, and in IOReporting in Apple OS X before 10.9.4, allows local users to cause a denial of service (NULL pointer dereference and reboot) via crafted API arguments.
Applies to:
Created:
2014-07-01
Updated:
2017-07-05

ID:
CVE-2014-1356
Title:
Heap-based buffer overflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application that sends IPC messages.
Type:
Mobile Devices
Bulletins:
CVE-2014-1356
Severity:
High
Description:
Heap-based buffer overflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application that sends IPC messages.
Applies to:
Created:
2014-07-01
Updated:
2017-07-05

ID:
CVE-2014-1357
Title:
Heap-based buffer overflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application that generates log messages.
Type:
Mobile Devices
Bulletins:
CVE-2014-1357
Severity:
High
Description:
Heap-based buffer overflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application that generates log messages.
Applies to:
Created:
2014-07-01
Updated:
2017-07-05

ID:
CVE-2014-1358
Title:
Integer overflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application.
Type:
Mobile Devices
Bulletins:
CVE-2014-1358
Severity:
High
Description:
Integer overflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application.
Applies to:
Created:
2014-07-01
Updated:
2017-07-05

ID:
CVE-2014-1359
Title:
Integer underflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application.
Type:
Mobile Devices
Bulletins:
CVE-2014-1359
Severity:
High
Description:
Integer underflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application.
Applies to:
Created:
2014-07-01
Updated:
2017-07-05

ID:
CVE-2014-1360
Title:
Lockdown in Apple iOS before 7.1.2 does not properly verify data from activation servers, which makes it easier for physically proximate attackers to bypass the Activation Lock protection mechanism via unspecified vectors.
Type:
Mobile Devices
Bulletins:
CVE-2014-1360
SFBID68276
Severity:
Low
Description:
Lockdown in Apple iOS before 7.1.2 does not properly verify data from activation servers, which makes it easier for physically proximate attackers to bypass the Activation Lock protection mechanism via unspecified vectors.
Applies to:
Created:
2014-07-01
Updated:
2017-07-05

ID:
CVE-2014-1361
Title:
Secure Transport in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 does not ensure that a DTLS message is accepted only for a DTLS connection, which allows remote attackers to obtain potentially sensitive...
Type:
Mobile Devices
Bulletins:
CVE-2014-1361
Severity:
Medium
Description:
Secure Transport in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 does not ensure that a DTLS message is accepted only for a DTLS connection, which allows remote attackers to obtain potentially sensitive information from uninitialized process memory by providing a DTLS message within a TLS connection.
Applies to:
Created:
2014-07-01
Updated:
2017-07-05

ID:
CVE-2014-1362
Title:
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
Type:
Mobile Devices
Bulletins:
CVE-2014-1362
Severity:
Medium
Description:
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.
Applies to:
Created:
2014-07-01
Updated:
2017-07-05

ID:
CVE-2014-1363
Title:
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
Type:
Mobile Devices
Bulletins:
CVE-2014-1363
Severity:
Medium
Description:
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.
Applies to:
Created:
2014-07-01
Updated:
2017-07-05

ID:
CVE-2014-3299
Title:
Cisco IOS allows remote authenticated users to cause a denial of service (device reload) via malformed IPsec packets, aka Bug ID CSCui79745.
Type:
Hardware
Bulletins:
CVE-2014-3299
SFBID68177
Severity:
Medium
Description:
Cisco IOS allows remote authenticated users to cause a denial of service (device reload) via malformed IPsec packets, aka Bug ID CSCui79745.
Applies to:
Created:
2014-06-25
Updated:
2017-07-05

ID:
MITRE:24929
Title:
oval:org.mitre.oval:def:24929: Unspecified vulnerability in Adobe Flash Player 9.0.48.0 and earlier might allow remote attackers to execute arbitrary code via unknown vectors, related to "input validation errors."
Type:
Web
Bulletins:
MITRE:24929
CVE-2007-6242
Severity:
Low
Description:
Unspecified vulnerability in Adobe Flash Player 9.0.48.0 and earlier might allow remote attackers to execute arbitrary code via unknown vectors, related to "input validation errors."
Applies to:
Adobe Flash Player
Created:
2014-06-16
Updated:
2015-08-03

ID:
MITRE:24682
Title:
oval:org.mitre.oval:def:24682: Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player allow remote attackers to inject arbitrary web script or HTML via a crafted SWF file
Type:
Web
Bulletins:
MITRE:24682
CVE-2007-6637
Severity:
Low
Description:
Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player allow remote attackers to inject arbitrary web script or HTML via a crafted SWF file, related to "pre-generated SWF files" and Adobe Dreamweaver CS3 or Adobe Acrobat Connect. NOTE: the asfunction: vector is already covered by CVE-2007-6244.1.
Applies to:
Adobe Flash Player
Created:
2014-06-16
Updated:
2015-08-03

ID:
MITRE:24909
Title:
oval:org.mitre.oval:def:24909: Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 does not sufficiently restrict the interpretation and usage of cross-domain policy files, which makes it easier for remote attackers to conduct...
Type:
Web
Bulletins:
MITRE:24909
CVE-2007-6243
Severity:
Low
Description:
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 does not sufficiently restrict the interpretation and usage of cross-domain policy files, which makes it easier for remote attackers to conduct cross-domain and cross-site scripting (XSS) attacks.
Applies to:
Adobe Flash Player
Created:
2014-06-16
Updated:
2015-08-03

ID:
MITRE:24621
Title:
oval:org.mitre.oval:def:24621: Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 allows remote attackers to modify HTTP headers for client requests and conduct HTTP Request Splitting attacks.
Type:
Web
Bulletins:
MITRE:24621
CVE-2007-6245
Severity:
Low
Description:
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 allows remote attackers to modify HTTP headers for client requests and conduct HTTP Request Splitting attacks.
Applies to:
Adobe Flash Player
Created:
2014-06-16
Updated:
2015-08-03

ID:
MITRE:24920
Title:
oval:org.mitre.oval:def:24920: Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet
Type:
Web
Bulletins:
MITRE:24920
CVE-2007-2022
Severity:
Low
Description:
Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet.
Applies to:
Adobe Flash Player
Created:
2014-06-16
Updated:
2015-08-03

ID:
MITRE:24854
Title:
oval:org.mitre.oval:def:24854: ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0, and other versions and other 9.0.124.0 and earlier versions, allows remote attackers to bypass the Security Sandbox Model, obtain sensitive information, and port scan arbitrary hosts...
Type:
Web
Bulletins:
MITRE:24854
CVE-2007-4324
Severity:
Low
Description:
ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0, and other versions and other 9.0.124.0 and earlier versions, allows remote attackers to bypass the Security Sandbox Model, obtain sensitive information, and port scan arbitrary hosts via a Flash (SWF) movie that specifies a connection to make, then uses timing discrepancies from the SecurityErrorEvent error to determine whether a port is open or not. NOTE: 9.0.115.0 introduces support for a workaround, but does not fix the vulnerability.
Applies to:
Adobe Flash Player
Created:
2014-06-16
Updated:
2015-08-03

ID:
MITRE:24545
Title:
oval:org.mitre.oval:def:24545: Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player 9.x up to 9.0.48.0 and 8.x up to 8.0.35.0 allow remote attackers to inject arbitrary web script or HTML via (1) a SWF file that uses the asfunction: protocol or...
Type:
Web
Bulletins:
MITRE:24545
CVE-2007-6244
Severity:
Low
Description:
Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player 9.x up to 9.0.48.0 and 8.x up to 8.0.35.0 allow remote attackers to inject arbitrary web script or HTML via (1) a SWF file that uses the asfunction: protocol or (2) the navigateToURL function when used with the Flash Player ActiveX Control in Internet Explorer.
Applies to:
Adobe Flash Player
Created:
2014-06-16
Updated:
2015-08-03

ID:
CVE-2014-3290
Title:
The mDNS implementation in Cisco IOS XE 3.12S does not properly interact with autonomic networking, which allows remote attackers to obtain sensitive networking-services information by sniffing the network or overwrite networking-services data via a...
Type:
Hardware
Bulletins:
CVE-2014-3290
SFBID68021
Severity:
Medium
Description:
The mDNS implementation in Cisco IOS XE 3.12S does not properly interact with autonomic networking, which allows remote attackers to obtain sensitive networking-services information by sniffing the network or overwrite networking-services data via a crafted mDNS response, aka Bug ID CSCun64867.
Applies to:
Created:
2014-06-14
Updated:
2017-07-05

ID:
CVE-2014-3295
Title:
The HSRP implementation in Cisco NX-OS 6.2(2a) and earlier allows remote attackers to bypass authentication and cause a denial of service (group-member state modification and traffic blackholing) via malformed HSRP packets, aka Bug ID CSCup11309.
Type:
Hardware
Bulletins:
CVE-2014-3295
SFBID67983
Severity:
Medium
Description:
The HSRP implementation in Cisco NX-OS 6.2(2a) and earlier allows remote attackers to bypass authentication and cause a denial of service (group-member state modification and traffic blackholing) via malformed HSRP packets, aka Bug ID CSCup11309.
Applies to:
Created:
2014-06-14
Updated:
2017-07-05

ID:
CVE-2014-3813
Title:
Unspecified vulnerability in the Juniper Networks NetScreen Firewall products with ScreenOS before 6.3r17, when configured to use the internal DNS lookup client, allows remote attackers to cause a denial of service (crash and reboot) via vectors...
Type:
Hardware
Bulletins:
CVE-2014-3813
Severity:
High
Description:
Unspecified vulnerability in the Juniper Networks NetScreen Firewall products with ScreenOS before 6.3r17, when configured to use the internal DNS lookup client, allows remote attackers to cause a denial of service (crash and reboot) via vectors related to a DNS lookup.
Applies to:
Created:
2014-06-13
Updated:
2017-07-05

ID:
CVE-2014-3814
Title:
The Juniper Networks NetScreen Firewall devices with ScreenOS before 6.3r17, when configured to use the internal DNS lookup client, allows remote attackers to cause a denial of service (crash and reboot) via a sequence of malformed packets to the...
Type:
Hardware
Bulletins:
CVE-2014-3814
Severity:
High
Description:
The Juniper Networks NetScreen Firewall devices with ScreenOS before 6.3r17, when configured to use the internal DNS lookup client, allows remote attackers to cause a denial of service (crash and reboot) via a sequence of malformed packets to the device IP.
Applies to:
Created:
2014-06-13
Updated:
2017-07-05

ID:
CVE-2014-3287
Title:
SQL injection vulnerability in BulkViewFileContentsAction.java in the Java interface in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to execute arbitrary SQL commands via crafted filename parameters in a URL,...
Type:
Hardware
Bulletins:
CVE-2014-3287
SFBID68000
Severity:
Medium
Description:
SQL injection vulnerability in BulkViewFileContentsAction.java in the Java interface in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to execute arbitrary SQL commands via crafted filename parameters in a URL, aka Bug ID CSCuo17337.
Applies to:
Unified Communications Manager
Created:
2014-06-10
Updated:
2017-07-05

ID:
CVE-2014-3292
Title:
The Real Time Monitoring Tool (RTMT) implementation in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to (1) read or (2) delete arbitrary files via a crafted URL, aka Bug IDs CSCuo17302 and CSCuo17199.
Type:
Hardware
Bulletins:
CVE-2014-3292
Severity:
Medium
Description:
The Real Time Monitoring Tool (RTMT) implementation in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to (1) read or (2) delete arbitrary files via a crafted URL, aka Bug IDs CSCuo17302 and CSCuo17199.
Applies to:
Unified Communications Manager
Created:
2014-06-10
Updated:
2017-07-05

ID:
CVE-2014-3291
Title:
Cisco Wireless LAN Controller (WLC) devices allow remote attackers to cause a denial of service (NULL pointer dereference and device restart) via a zero value in Cisco Discovery Protocol packet data that is not properly handled during SNMP polling,...
Type:
Hardware
Bulletins:
CVE-2014-3291
SFBID67926
Severity:
Medium
Description:
Cisco Wireless LAN Controller (WLC) devices allow remote attackers to cause a denial of service (NULL pointer dereference and device restart) via a zero value in Cisco Discovery Protocol packet data that is not properly handled during SNMP polling, aka Bug ID CSCuo12321.
Applies to:
Created:
2014-06-08
Updated:
2017-07-05

ID:
MITRE:24567
Title:
oval:org.mitre.oval:def:24567: SharePoint Page Content Vulnerabilities () - MS14-022
Type:
Software
Bulletins:
MITRE:24567
CVE-2014-0251
Severity:
Low
Description:
Microsoft Windows SharePoint Services 3.0 SP3; SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 Gold and SP1; SharePoint Foundation 2010 SP1 and SP2 and 2013 Gold and SP1; Project Server 2010 SP1 and SP2 and 2013 Gold and SP1; Web Applications 2010 SP1 and SP2; Office Web Apps Server 2013 Gold and SP1; SharePoint Server 2013 Client Components SDK; and SharePoint Designer 2007 SP3, 2010 SP1 and SP2, and 2013 Gold and SP1 allow remote authenticated users to execute arbitrary code via crafted page content, aka "SharePoint Page Content Vulnerability."
Applies to:
Microsoft Office Web Apps 2010
Microsoft SharePoint Foundation 2010
Microsoft SharePoint Foundation 2013
Microsoft SharePoint Server 2007
Microsoft SharePoint Server 2010
Microsoft SharePoint Server 2013
Microsoft SharePoint Services 3.0
Created:
2014-05-26
Updated:
2015-05-11

ID:
CVE-2013-1191
Title:
Cisco NX-OS 6.1 before 6.1(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via crafted SSH key data in an SSH session to a management...
Type:
Hardware
Bulletins:
CVE-2013-1191
Severity:
High
Description:
Cisco NX-OS 6.1 before 6.1(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via crafted SSH key data in an SSH session to a management interface, aka Bug ID CSCud88400.
Applies to:
Cisco Nexus 7000
Cisco Nexus 7000-9slot
Cisco Nexus 7010
Cisco Nexus 7018
Created:
2014-05-25
Updated:
2017-07-05

ID:
CVE-2014-2200
Title:
Cisco NX-OS 5.0 before 5.0(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via an SSH session to a management interface, aka Bug ID...
Type:
Hardware
Bulletins:
CVE-2014-2200
Severity:
High
Description:
Cisco NX-OS 5.0 before 5.0(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via an SSH session to a management interface, aka Bug ID CSCti11629.
Applies to:
Created:
2014-05-25
Updated:
2017-07-05

ID:
CVE-2014-3284
Title:
Cisco IOS XE on ASR1000 devices, when PPPoE termination is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed PPPoE packet, aka Bug ID CSCuo55180.
Type:
Hardware
Bulletins:
CVE-2014-3284
SFBID67603
Severity:
Medium
Description:
Cisco IOS XE on ASR1000 devices, when PPPoE termination is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed PPPoE packet, aka Bug ID CSCuo55180.
Applies to:
Created:
2014-05-25
Updated:
2017-07-05

ID:
CVE-2013-6975
Title:
Directory traversal vulnerability in the command-line interface in Cisco NX-OS 6.2(2a) and earlier allows local users to read arbitrary files via unspecified input, aka Bug ID CSCul05217.
Type:
Hardware
Bulletins:
CVE-2013-6975
SFBID67426
Severity:
Medium
Description:
Directory traversal vulnerability in the command-line interface in Cisco NX-OS 6.2(2a) and earlier allows local users to read arbitrary files via unspecified input, aka Bug ID CSCul05217.
Applies to:
Created:
2014-05-20
Updated:
2017-07-05

ID:
CVE-2014-3269
Title:
The SNMP module in Cisco IOS XE 3.5E allows remote authenticated users to cause a denial of service (device reload) by polling frequently, aka Bug ID CSCug65204.
Type:
Hardware
Bulletins:
CVE-2014-3269
Severity:
Medium
Description:
The SNMP module in Cisco IOS XE 3.5E allows remote authenticated users to cause a denial of service (device reload) by polling frequently, aka Bug ID CSCug65204.
Applies to:
Created:
2014-05-20
Updated:
2017-07-05

ID:
CVE-2014-3270
Title:
The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (process hang) via a malformed packet, aka Bug ID CSCul80924.
Type:
Hardware
Bulletins:
CVE-2014-3270
Severity:
Medium
Description:
The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (process hang) via a malformed packet, aka Bug ID CSCul80924.
Applies to:
Created:
2014-05-20
Updated:
2017-07-05

ID:
CVE-2014-3271
Title:
The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (device crash) via a malformed packet, aka Bug IDs CSCum85558, CSCum20949, CSCul61849, and CSCul71149.
Type:
Hardware
Bulletins:
CVE-2014-3271
Severity:
Medium
Description:
The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (device crash) via a malformed packet, aka Bug IDs CSCum85558, CSCum20949, CSCul61849, and CSCul71149.
Applies to:
Created:
2014-05-20
Updated:
2017-07-05

ID:
CVE-2014-3273
Title:
The LLDP implementation in Cisco IOS allows remote attackers to cause a denial of service (device reload) via a malformed packet, aka Bug ID CSCum96282.
Type:
Hardware
Bulletins:
CVE-2014-3273
Severity:
Medium
Description:
The LLDP implementation in Cisco IOS allows remote attackers to cause a denial of service (device reload) via a malformed packet, aka Bug ID CSCum96282.
Applies to:
Created:
2014-05-20
Updated:
2017-07-05

ID:
CVE-2014-3262
Title:
The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.3(3)S and earlier and IOS XE does not properly validate parameters in ITR control messages, which allows remote attackers to cause a denial of service (CEF outage and packet...
Type:
Hardware
Bulletins:
CVE-2014-3262
Severity:
Medium
Description:
The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.3(3)S and earlier and IOS XE does not properly validate parameters in ITR control messages, which allows remote attackers to cause a denial of service (CEF outage and packet drops) via malformed messages, aka Bug ID CSCun73782.
Applies to:
Created:
2014-05-16
Updated:
2017-07-05

ID:
CVE-2014-3263
Title:
The ScanSafe module in Cisco IOS 15.3(3)M allows remote attackers to cause a denial of service (device reload) via HTTPS packets that require tower processing, aka Bug ID CSCum97038.
Type:
Hardware
Bulletins:
CVE-2014-3263
Severity:
Medium
Description:
The ScanSafe module in Cisco IOS 15.3(3)M allows remote attackers to cause a denial of service (device reload) via HTTPS packets that require tower processing, aka Bug ID CSCum97038.
Applies to:
Created:
2014-05-16
Updated:
2017-07-05

ID:
MITRE:24420
Title:
oval:org.mitre.oval:def:24420: Adobe Flash Player before 13.0.0.214 on Windows, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK and Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions
Type:
Web
Bulletins:
MITRE:24420
CVE-2014-0519
Severity:
Low
Description:
Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0517, CVE-2014-0518, and CVE-2014-0520.
Applies to:
Adobe AIR
Adobe Flash Player
Created:
2014-05-15
Updated:
2015-08-03

ID:
MITRE:24298
Title:
oval:org.mitre.oval:def:24298: Heap-based buffer overflow in Adobe Flash Player 12.0.0.77 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism
Type:
Web
Bulletins:
MITRE:24298
CVE-2014-0510
Severity:
Low
Description:
Heap-based buffer overflow in Adobe Flash Player 12.0.0.77 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Zeguang Zhao and Liang Chen during a Pwn2Own competition at CanSecWest 2014.
Applies to:
Adobe Flash Player
Created:
2014-05-15
Updated:
2015-08-03

ID:
MITRE:24319
Title:
oval:org.mitre.oval:def:24319: Adobe Flash Player before 13.0.0.214 on Windows, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK and Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions
Type:
Web
Bulletins:
MITRE:24319
CVE-2014-0520
Severity:
Low
Description:
Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0517, CVE-2014-0518, and CVE-2014-0519.
Applies to:
Adobe AIR
Adobe Flash Player
Created:
2014-05-15
Updated:
2015-08-03

ID:
MITRE:24605
Title:
oval:org.mitre.oval:def:24605: Adobe Flash Player before 13.0.0.214 on Windows, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK and Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions
Type:
Web
Bulletins:
MITRE:24605
CVE-2014-0517
Severity:
Low
Description:
Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0518, CVE-2014-0519, and CVE-2014-0520.
Applies to:
Adobe AIR
Adobe Flash Player
Created:
2014-05-15
Updated:
2015-08-03

ID:
MITRE:24644
Title:
oval:org.mitre.oval:def:24644: Adobe Flash Player before 13.0.0.214 on Windows, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK and Compiler before 13.0.0.111 allow remote attackers to bypass the Same Origin Policy
Type:
Web
Bulletins:
MITRE:24644
CVE-2014-0516
Severity:
Low
Description:
Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow remote attackers to bypass the Same Origin Policy via unspecified vectors.
Applies to:
Adobe AIR
Adobe Flash Player
Created:
2014-05-15
Updated:
2015-08-03

ID:
MITRE:24595
Title:
oval:org.mitre.oval:def:24595: Adobe Flash Player before 13.0.0.214 on Windows, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK and Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions
Type:
Web
Bulletins:
MITRE:24595
CVE-2014-0518
Severity:
Low
Description:
Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0517, CVE-2014-0519, and CVE-2014-0520.
Applies to:
Adobe AIR
Adobe Flash Player
Created:
2014-05-15
Updated:
2015-08-03

ID:
CVE-2010-4832
Title:
Android OS before 2.2 does not display the correct SSL certificate in certain cases, which might allow remote attackers to spoof trusted web sites via a web page containing references to external sources in which (1) the certificate...
Type:
Mobile Devices
Bulletins:
CVE-2010-4832
Severity:
Medium
Description:
Android OS before 2.2 does not display the correct SSL certificate in certain cases, which might allow remote attackers to spoof trusted web sites via a web page containing references to external sources in which (1) the certificate of the last loaded resource is checked, instead of for the main page, or (2) later certificates are not checked when the HTTPS connection is reused.
Applies to:
Created:
2014-05-13
Updated:
2017-07-05

ID:
CVE-2014-0684
Title:
Cisco NX-OS 6.2(2) on Nexus 7000 switches allows local users to cause a denial of service via crafted sed input, aka Bug ID CSCui56136.
Type:
Hardware
Bulletins:
CVE-2014-0684
Severity:
Medium
Description:
Cisco NX-OS 6.2(2) on Nexus 7000 switches allows local users to cause a denial of service via crafted sed input, aka Bug ID CSCui56136.
Applies to:
Cisco Nexus 7000
Cisco Nexus 7000-9slot
Cisco Nexus 7010
Cisco Nexus 7018
Created:
2014-05-07
Updated:
2017-07-05

ID:
MITRE:24683
Title:
oval:org.mitre.oval:def:24683: Buffer overflow in Adobe Flash Player before 11.7.700.279 and 11.8.x through 13.0.x before 13.0.0.206 on Windows allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in April 2014.
Type:
Web
Bulletins:
MITRE:24683
CVE-2014-0515
Severity:
Low
Description:
Buffer overflow in Adobe Flash Player before 11.7.700.279 and 11.8.x through 13.0.x before 13.0.0.206 on Windows and OS X, and before 11.2.202.356 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in April 2014.
Applies to:
Adobe Flash Player
Created:
2014-04-30
Updated:
2015-08-03

ID:
CVE-2013-7373
Title:
Android before 4.4 does not properly arrange for seeding of the OpenSSL PRNG, which makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging use of the PRNG within multiple applications.
Type:
Mobile Devices
Bulletins:
CVE-2013-7373
Severity:
High
Description:
Android before 4.4 does not properly arrange for seeding of the OpenSSL PRNG, which makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging use of the PRNG within multiple applications.
Applies to:
Created:
2014-04-29
Updated:
2017-07-05

ID:
CVE-2014-2183
Title:
The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 routers allows remote authenticated users to cause a denial of service (ESP card reload) via a malformed L2TP packet, aka Bug ID CSCun09973.
Type:
Hardware
Bulletins:
CVE-2014-2183
Severity:
Medium
Description:
The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 routers allows remote authenticated users to cause a denial of service (ESP card reload) via a malformed L2TP packet, aka Bug ID CSCun09973.
Applies to:
Created:
2014-04-29
Updated:
2017-07-05

ID:
CVE-2014-2184
Title:
The IP Manager Assistant (IPMA) component in Cisco Unified Communications Manager (Unified CM) allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCun74352.
Type:
Hardware
Bulletins:
CVE-2014-2184
Severity:
Medium
Description:
The IP Manager Assistant (IPMA) component in Cisco Unified Communications Manager (Unified CM) allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCun74352.
Applies to:
Unified Communications Manager
Created:
2014-04-29
Updated:
2017-07-05

ID:
CVE-2014-2185
Title:
The Call Detail Records (CDR) Management component in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to obtain sensitive information by reading extraneous fields in an HTML document, aka Bug ID CSCun74374.
Type:
Hardware
Bulletins:
CVE-2014-2185
Severity:
Medium
Description:
The Call Detail Records (CDR) Management component in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to obtain sensitive information by reading extraneous fields in an HTML document, aka Bug ID CSCun74374.
Applies to:
Unified Communications Manager
Created:
2014-04-29
Updated:
2017-07-05

ID:
CVE-2012-3946
Title:
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the...
Type:
Hardware
Bulletins:
CVE-2012-3946
Severity:
Medium
Description:
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682.
Applies to:
Created:
2014-04-24
Updated:
2017-07-05

ID:
CVE-2012-5723
Title:
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.
Type:
Hardware
Bulletins:
CVE-2012-5723
Severity:
Medium
Description:
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.
Applies to:
Created:
2014-04-24
Updated:
2017-07-05

ID:
CVE-2012-5014
Title:
Cisco IOS before 15.1(2)SY allows remote authenticated users to cause a denial of service (device crash) by establishing an SSH session from a client and then placing this client into a (1) slow or (2) idle state, aka Bug ID CSCto87436.
Type:
Hardware
Bulletins:
CVE-2012-5014
Severity:
Medium
Description:
Cisco IOS before 15.1(2)SY allows remote authenticated users to cause a denial of service (device crash) by establishing an SSH session from a client and then placing this client into a (1) slow or (2) idle state, aka Bug ID CSCto87436.
Applies to:
Created:
2014-04-23
Updated:
2017-07-05

ID:
CVE-2012-5017
Title:
Cisco IOS before 15.1(1)SY1 allows remote authenticated users to cause a denial of service (device reload) by establishing a VPN session and then sending malformed IKEv2 packets, aka Bug ID CSCub39268.
Type:
Hardware
Bulletins:
CVE-2012-5017
Severity:
Medium
Description:
Cisco IOS before 15.1(1)SY1 allows remote authenticated users to cause a denial of service (device reload) by establishing a VPN session and then sending malformed IKEv2 packets, aka Bug ID CSCub39268.
Applies to:
Created:
2014-04-23
Updated:
2017-07-05

ID:
CVE-2012-5032
Title:
The Flex-VPN load-balancing feature in the ipsec-ikev2 implementation in Cisco IOS before 15.1(1)SY3 does not require authentication, which allows remote attackers to trigger the forwarding of VPN traffic to an attacker-controlled destination, or...
Type:
Hardware
Bulletins:
CVE-2012-5032
Severity:
Medium
Description:
The Flex-VPN load-balancing feature in the ipsec-ikev2 implementation in Cisco IOS before 15.1(1)SY3 does not require authentication, which allows remote attackers to trigger the forwarding of VPN traffic to an attacker-controlled destination, or the discarding of this traffic, by arranging for an arbitrary device to become a cluster member, aka Bug ID CSCub93641.
Applies to:
Created:
2014-04-23
Updated:
2017-07-05

ID:
CVE-2012-5036
Title:
Cisco IOS before 12.2(50)SY1 allows remote authenticated users to cause a denial of service (memory consumption) via a sequence of VTY management sessions (aka exec sessions), aka Bug ID CSCtn43662.
Type:
Hardware
Bulletins:
CVE-2012-5036
Severity:
Medium
Description:
Cisco IOS before 12.2(50)SY1 allows remote authenticated users to cause a denial of service (memory consumption) via a sequence of VTY management sessions (aka exec sessions), aka Bug ID CSCtn43662.
Applies to:
Created:
2014-04-23
Updated:
2017-07-05

ID:
CVE-2012-5037
Title:
The ACL implementation in Cisco IOS before 15.1(1)SY on Catalyst 6500 and 7600 devices allows local users to cause a denial of service (device reload) via a "no object-group" command followed by an object-group command, aka Bug ID CSCts16133.
Type:
Hardware
Bulletins:
CVE-2012-5037
Severity:
Medium
Description:
The ACL implementation in Cisco IOS before 15.1(1)SY on Catalyst 6500 and 7600 devices allows local users to cause a denial of service (device reload) via a "no object-group" command followed by an object-group command, aka Bug ID CSCts16133.
Applies to:
Cisco Catalyst 6500 Series Switches
Cisco Catalyst 7600
Created:
2014-04-23
Updated:
2017-07-05

ID:
CVE-2012-5039
Title:
The BGP Router process in Cisco IOS before 12.2(50)SY1 allows remote attackers to cause a denial of service (memory consumption) via vectors involving BGP path attributes, aka Bug ID CSCsw63003.
Type:
Hardware
Bulletins:
CVE-2012-5039
Severity:
Medium
Description:
The BGP Router process in Cisco IOS before 12.2(50)SY1 allows remote attackers to cause a denial of service (memory consumption) via vectors involving BGP path attributes, aka Bug ID CSCsw63003.
Applies to:
Created:
2014-04-23
Updated:
2017-07-05

ID:
CVE-2012-5044
Title:
Cisco IOS before 15.3(1)T, when media flow-around is not used, allows remote attackers to cause a denial of service (media loops and stack memory corruption) via VoIP traffic, aka Bug ID CSCub45809.
Type:
Hardware
Bulletins:
CVE-2012-5044
Severity:
Medium
Description:
Cisco IOS before 15.3(1)T, when media flow-around is not used, allows remote attackers to cause a denial of service (media loops and stack memory corruption) via VoIP traffic, aka Bug ID CSCub45809.
Applies to:
Created:
2014-04-23
Updated:
2017-07-05

ID:
CVE-2012-5427
Title:
Cisco IOS Unified Border Element (CUBE) in Cisco IOS before 15.3(2)T allows remote authenticated users to cause a denial of service (input queue wedge) via a crafted series of RTCP packets, aka Bug ID CSCuc42518.
Type:
Hardware
Bulletins:
CVE-2012-5427
Severity:
Medium
Description:
Cisco IOS Unified Border Element (CUBE) in Cisco IOS before 15.3(2)T allows remote authenticated users to cause a denial of service (input queue wedge) via a crafted series of RTCP packets, aka Bug ID CSCuc42518.
Applies to:
Created:
2014-04-23
Updated:
2017-07-05

ID:
CVE-2014-1295
Title:
Secure Transport in Apple iOS before 7.1.1, Apple OS X 10.8.x and 10.9.x through 10.9.2, and Apple TV before 6.1.1 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation,...
Type:
Mobile Devices
Bulletins:
CVE-2014-1295
Severity:
Medium
Description:
Secure Transport in Apple iOS before 7.1.1, Apple OS X 10.8.x and 10.9.x through 10.9.2, and Apple TV before 6.1.1 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-the-middle attackers to obtain sensitive information or modify TLS session data via a "triple handshake attack."
Applies to:
Created:
2014-04-23
Updated:
2017-07-05

ID:
CVE-2014-1296
Title:
CFNetwork in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 does not ensure that a Set-Cookie HTTP header is complete before interpreting the header's value, which allows remote attackers to bypass...
Type:
Mobile Devices
Bulletins:
CVE-2014-1296
Severity:
Medium
Description:
CFNetwork in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 does not ensure that a Set-Cookie HTTP header is complete before interpreting the header's value, which allows remote attackers to bypass intended access restrictions by triggering the closing of a TCP connection during transmission of a header, as demonstrated by an HTTPOnly restriction.
Applies to:
Created:
2014-04-23
Updated:
2017-07-05

ID:
CVE-2012-0360
Title:
Memory leak in Cisco IOS before 15.1(1)SY, when IKEv2 debugging is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCtn22376.
Type:
Hardware
Bulletins:
CVE-2012-0360
Severity:
Medium
Description:
Memory leak in Cisco IOS before 15.1(1)SY, when IKEv2 debugging is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCtn22376.
Applies to:
Created:
2014-04-23
Updated:
2017-07-05

ID:
CVE-2012-1317
Title:
The multicast implementation in Cisco IOS before 15.1(1)SY allows remote attackers to cause a denial of service (Route Processor crash) by sending packets at a high rate, aka Bug ID CSCts37717.
Type:
Hardware
Bulletins:
CVE-2012-1317
Severity:
Medium
Description:
The multicast implementation in Cisco IOS before 15.1(1)SY allows remote attackers to cause a denial of service (Route Processor crash) by sending packets at a high rate, aka Bug ID CSCts37717.
Applies to:
Created:
2014-04-23
Updated:
2017-07-05

ID:
CVE-2012-1366
Title:
Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544.
Type:
Hardware
Bulletins:
CVE-2012-1366
Severity:
Medium
Description:
Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544.
Applies to:
Created:
2014-04-23
Updated:
2017-07-05

ID:
CVE-2012-3062
Title:
Cisco IOS before 15.1(1)SY, when Multicast Listener Discovery (MLD) snooping is enabled, allows remote attackers to cause a denial of service (CPU consumption or device crash) via MLD packets on a network that contains many IPv6 hosts, aka Bug ID...
Type:
Hardware
Bulletins:
CVE-2012-3062
Severity:
Medium
Description:
Cisco IOS before 15.1(1)SY, when Multicast Listener Discovery (MLD) snooping is enabled, allows remote attackers to cause a denial of service (CPU consumption or device crash) via MLD packets on a network that contains many IPv6 hosts, aka Bug ID CSCtr88193.
Applies to:
Created:
2014-04-23
Updated:
2017-07-05

ID:
CVE-2012-4638
Title:
Cisco IOS before 15.1(1)SY allows local users to cause a denial of service (device reload) by establishing an outbound SSH session, aka Bug ID CSCto00318.
Type:
Hardware
Bulletins:
CVE-2012-4638
Severity:
Medium
Description:
Cisco IOS before 15.1(1)SY allows local users to cause a denial of service (device reload) by establishing an outbound SSH session, aka Bug ID CSCto00318.
Applies to:
Created:
2014-04-23
Updated:
2017-07-05

ID:
CVE-2012-4651
Title:
Cisco IOS before 15.3(2)T, when scansafe is enabled, allows remote attackers to cause a denial of service (latency) via SYN packets that are not accompanied by SYN-ACK packets from the Scan Safe Tower, aka Bug ID CSCub85451.
Type:
Hardware
Bulletins:
CVE-2012-4651
Severity:
Medium
Description:
Cisco IOS before 15.3(2)T, when scansafe is enabled, allows remote attackers to cause a denial of service (latency) via SYN packets that are not accompanied by SYN-ACK packets from the Scan Safe Tower, aka Bug ID CSCub85451.
Applies to:
Created:
2014-04-23
Updated:
2017-07-05

ID:
CVE-2012-4658
Title:
The ios-authproxy implementation in Cisco IOS before 15.1(1)SY3 allows remote attackers to cause a denial of service (webauth and HTTP service outage) via vectors that trigger incorrectly terminated HTTP sessions, aka Bug ID CSCtz99447.
Type:
Hardware
Bulletins:
CVE-2012-4658
Severity:
Medium
Description:
The ios-authproxy implementation in Cisco IOS before 15.1(1)SY3 allows remote attackers to cause a denial of service (webauth and HTTP service outage) via vectors that trigger incorrectly terminated HTTP sessions, aka Bug ID CSCtz99447.
Applies to:
Created:
2014-04-23
Updated:
2017-07-05

ID:
CVE-2014-1320
Title:
IOKit in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 places kernel pointers into an object data structure, which makes it easier for local users to bypass the ASLR protection mechanism by reading...
Type:
Mobile Devices
Bulletins:
CVE-2014-1320
Severity:
Medium
Description:
IOKit in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 places kernel pointers into an object data structure, which makes it easier for local users to bypass the ASLR protection mechanism by reading unspecified attributes of the object.
Applies to:
Created:
2014-04-23
Updated:
2017-07-05

ID:
MITRE:24520
Title:
oval:org.mitre.oval:def:24520: Unspecified vulnerability in Oracle Java SE 5.0u61, SE 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries
Type:
Software
Bulletins:
MITRE:24520
CVE-2014-0457
Severity:
Low
Description:
Unspecified vulnerability in Oracle Java SE 5.0u61, SE 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Applies to:
JRockit
Java Runtime Environment
Created:
2014-04-21
Updated:
2015-03-23

ID:
MITRE:24510
Title:
oval:org.mitre.oval:def:24510: Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound
Type:
Software
Bulletins:
MITRE:24510
CVE-2014-2427
Severity:
Low
Description:
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound.
Applies to:
Java Runtime Environment
Created:
2014-04-21
Updated:
2015-03-23

ID:
MITRE:24709
Title:
oval:org.mitre.oval:def:24709: Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; allows remote attackers to affect confidentiality and integrity via vectors related to JNDI
Type:
Software
Bulletins:
MITRE:24709
CVE-2014-0460
Severity:
Low
Description:
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI.
Applies to:
JRockit
Java Runtime Environment
Created:
2014-04-21
Updated:
2015-03-23

ID:
MITRE:24672
Title:
oval:org.mitre.oval:def:24672: Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D
Type:
Software
Bulletins:
MITRE:24672
CVE-2014-0429
Severity:
Low
Description:
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Applies to:
JRockit
Java Runtime Environment
Created:
2014-04-21
Updated:
2015-03-23

ID:
MITRE:24523
Title:
oval:org.mitre.oval:def:24523: Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, SE 7u51, and 8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT
Type:
Software
Bulletins:
MITRE:24523
CVE-2014-2412
Severity:
Low
Description:
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, SE 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT, a different vulnerability than CVE-2014-0451.
Applies to:
Java Runtime Environment
Created:
2014-04-21
Updated:
2015-03-23

ID:
MITRE:24676
Title:
oval:org.mitre.oval:def:24676: Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT
Type:
Software
Bulletins:
MITRE:24676
CVE-2014-0451
Severity:
Low
Description:
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT, a different vulnerability than CVE-2014-2412.
Applies to:
Java Runtime Environment
Created:
2014-04-21
Updated:
2015-03-23

ID:
MITRE:24441
Title:
oval:org.mitre.oval:def:24441: Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security
Type:
Software
Bulletins:
MITRE:24441
CVE-2014-0453
Severity:
Low
Description:
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.
Applies to:
JRockit
Java Runtime Environment
Created:
2014-04-21
Updated:
2015-03-23

ID:
MITRE:24502
Title:
oval:org.mitre.oval:def:24502: Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries
Type:
Software
Bulletins:
MITRE:24502
CVE-2014-0446
Severity:
Low
Description:
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Applies to:
Java Runtime Environment
Created:
2014-04-21
Updated:
2015-03-23

ID:
MITRE:24712
Title:
oval:org.mitre.oval:def:24712: Vulnerability in Java SE 5.0u61, Java SE 6u71, Java SE 7u51, Java SE 8 allows successful unauthenticated network attacks via multiple protocols
Type:
Software
Bulletins:
MITRE:24712
CVE-2013-6629
Severity:
Low
Description:
The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.
Applies to:
Java Runtime Environment
Created:
2014-04-21
Updated:
2015-03-23

ID:
MITRE:23723
Title:
oval:org.mitre.oval:def:23723: The unpacker::redirect_stdio function in unpack.cpp in unpack200 in OpenJDK 6, 7, and 8; Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1 does not securely create temporary files when a log file cannot be opened,...
Type:
Software
Bulletins:
MITRE:23723
CVE-2014-1876
Severity:
Low
Description:
The unpacker::redirect_stdio function in unpack.cpp in unpack200 in OpenJDK 6, 7, and 8; Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 does not securely create temporary files when a log file cannot be opened, which allows local users to overwrite arbitrary files via a symlink attack on /tmp/unpack.log.
Applies to:
JRockit
Java Runtime Environment
Created:
2014-04-21
Updated:
2015-03-23

ID:
CVE-2014-2842
Title:
Juniper ScreenOS 6.3 and earlier allows remote attackers to cause a denial of service (crash and restart or failover) via a malformed SSL/TLS packet.
Type:
Hardware
Bulletins:
CVE-2014-2842
SFBID66802
Severity:
High
Description:
Juniper ScreenOS 6.3 and earlier allows remote attackers to cause a denial of service (crash and restart or failover) via a malformed SSL/TLS packet.
Applies to:
Created:
2014-04-15
Updated:
2017-07-05

ID:
CVE-2014-0612
Title:
Unspecified vulnerability in Juniper Junos before 11.4R10-S1, before 11.4R11, 12.1X44 before 12.1X44-D26, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, and 12.1X46 before 12.1X46-D10, when Dynamic IPsec VPN is configured, allows remote...
Type:
Hardware
Bulletins:
CVE-2014-0612
SFBID66759
Severity:
Medium
Description:
Unspecified vulnerability in Juniper Junos before 11.4R10-S1, before 11.4R11, 12.1X44 before 12.1X44-D26, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, and 12.1X46 before 12.1X46-D10, when Dynamic IPsec VPN is configured, allows remote attackers to cause a denial of service (new Dynamic VPN connection failures and CPU and disk consumption) via unknown vectors.
Applies to:
Juniper SRX100
Juniper SRX110
Juniper SRX210
Juniper SRX220
Juniper SRX240
Juniper SRX550
Juniper SRX650
Created:
2014-04-14
Updated:
2017-07-05

ID:
CVE-2014-0614
Title:
Juniper Junos 13.2 before 13.2R3 and 13.3 before 13.3R1, when PIM is enabled, allows remote attackers to cause a denial of service (kernel panic and crash) via a large number of crafted IGMP packets.
Type:
Hardware
Bulletins:
CVE-2014-0614
SFBID66762
Severity:
High
Description:
Juniper Junos 13.2 before 13.2R3 and 13.3 before 13.3R1, when PIM is enabled, allows remote attackers to cause a denial of service (kernel panic and crash) via a large number of crafted IGMP packets.
Applies to:
Created:
2014-04-14
Updated:
2017-07-05

ID:
CVE-2014-2711
Title:
Cross-site scripting (XSS) vulnerability in J-Web in Juniper Junos before 11.4R11, 11.4X27 before 11.4X27.62 (BBE), 12.1 before 12.1R9, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, 12.2 before 12.2R7, 12.3...
Type:
Hardware
Bulletins:
CVE-2014-2711
SFBID66770
Severity:
Medium
Description:
Cross-site scripting (XSS) vulnerability in J-Web in Juniper Junos before 11.4R11, 11.4X27 before 11.4X27.62 (BBE), 12.1 before 12.1R9, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, 12.2 before 12.2R7, 12.3 before 12.3R6, 13.1 before 13.1R4, 13.2 before 13.2R3, and 13.3 before 13.3R1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Applies to:
Created:
2014-04-14
Updated:
2017-07-05

ID:
CVE-2014-2712
Title:
Cross-site scripting (XSS) vulnerability in J-Web in Juniper Junos before 10.0S25, 10.4 before 10.4R10, 11.4 before 11.4R11, 12.1 before 12.1R9, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, and 12.2 before...
Type:
Hardware
Bulletins:
CVE-2014-2712
SFBID66767
Severity:
Medium
Description:
Cross-site scripting (XSS) vulnerability in J-Web in Juniper Junos before 10.0S25, 10.4 before 10.4R10, 11.4 before 11.4R11, 12.1 before 12.1R9, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, and 12.2 before 12.2R1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to index.php.
Applies to:
Created:
2014-04-14
Updated:
2017-07-05

ID:
CVE-2014-2713
Title:
Juniper Junos before 11.4R11, 12.1 before 12.1R9, 12.2 before 12.2R7, 12.3R4 before 12.3R4-S3, 13.1 before 13.1R4, 13.2 before 13.2R2, and 13.3 before 13.3R1, as used in MX Series and T4000 routers, allows remote attackers to cause a denial of...
Type:
Hardware
Bulletins:
CVE-2014-2713
SFBID66764
Severity:
Medium
Description:
Juniper Junos before 11.4R11, 12.1 before 12.1R9, 12.2 before 12.2R7, 12.3R4 before 12.3R4-S3, 13.1 before 13.1R4, 13.2 before 13.2R2, and 13.3 before 13.3R1, as used in MX Series and T4000 routers, allows remote attackers to cause a denial of service (PFE restart) via a crafted IP packet to certain (1) Trio or (2) Cassis-based Packet Forwarding Engine (PFE) modules.
Applies to:
Created:
2014-04-14
Updated:
2017-07-05

ID:
CVE-2014-2714
Title:
The Enhanced Web Filtering (EWF) in Juniper Junos before 10.4R15, 11.4 before 11.4R9, 12.1 before 12.1R7, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X45-D10, and 12.1X46 before 12.1X46-D10, as used in the SRX Series services gateways, allows...
Type:
Hardware
Bulletins:
CVE-2014-2714
SFBID66760
Severity:
High
Description:
The Enhanced Web Filtering (EWF) in Juniper Junos before 10.4R15, 11.4 before 11.4R9, 12.1 before 12.1R7, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X45-D10, and 12.1X46 before 12.1X46-D10, as used in the SRX Series services gateways, allows remote attackers to cause a denial of service (flow daemon crash and restart) via a crafted URL.
Applies to:
Created:
2014-04-14
Updated:
2017-07-05

ID:
MITRE:24439
Title:
oval:org.mitre.oval:def:24439: RHSA-2014:0380: flash-plugin security update
Type:
Software
Bulletins:
MITRE:24439
Severity:
Low
Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-09, listed in the References section. Two flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2014-0506, CVE-2014-0507) A flaw in flash-plugin could allow an attacker to obtain sensitive information if a victim were tricked into visiting a specially crafted web page. (CVE-2014-0508) A flaw in flash-plugin could allow an attacker to conduct cross-site scripting (XSS) attacks if a victim were tricked into visiting a specially crafted web page. (CVE-2014-0509) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.350.
Applies to:
flash-plugin
Created:
2014-04-11
Updated:
2015-08-03

ID:
MITRE:24718
Title:
oval:org.mitre.oval:def:24718: RHSA-2014:0376: openssl security update
Type:
Web
Bulletins:
MITRE:24718
Severity:
Low
Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys. (CVE-2014-0160) Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges Neel Mehta of Google Security as the original reporter. All OpenSSL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
Applies to:
openssl
Created:
2014-04-11
Updated:
2015-04-13

ID:
MITRE:24563
Title:
oval:org.mitre.oval:def:24563: Vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows
Type:
Web
Bulletins:
MITRE:24563
CVE-2014-0535
Severity:
Low
Description:
Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0534.
Applies to:
Adobe AIR
Adobe Flash Player
Created:
2014-04-11
Updated:
2015-08-03

ID:
MITRE:24613
Title:
oval:org.mitre.oval:def:24613: Buffer overflow vulnerability in Adobe Flas