Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-5403

Kernel update [RHEL6.5 2.6.32-431.23.3.el6]

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Minor
    • Lustre 2.7.0, Lustre 2.5.3
    • None
    • None
    • 3
    • 15037

    Description

      • It was found that the Linux kernel's ptrace subsystem allowed a traced
        process' instruction pointer to be set to a non-canonical memory address
        without forcing the non-sysret code path when returning to user space.
        A local, unprivileged user could use this flaw to crash the system or,
        potentially, escalate their privileges on the system. (CVE-2014-4699,
        Important)

      Note: The CVE-2014-4699 issue only affected systems using an Intel CPU.

      • A flaw was found in the way the pppol2tp_setsockopt() and
        pppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP
        implementation handled requests with a non-SOL_PPPOL2TP socket option
        level. A local, unprivileged user could use this flaw to escalate their
        privileges on the system. (CVE-2014-4943, Important)

      Bugs fixed (https://bugzilla.redhat.com/):

      1115927 - CVE-2014-4699 kernel: x86_64: ptrace: sysret to non-canonical address
      1119458 - CVE-2014-4943 kernel: net: pppol2tp: level handling in pppol2tp_[s,g]etsockopt()

      Attachments

        Activity

          People

            ys Yang Sheng
            ys Yang Sheng
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: