Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash) via a large priority (PRI) value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3634.
Monthly Archives: November 2014
CVE-2014-3634
rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an out-of-bounds array access.
DSA-3063 quassel – security update
An out-of-bounds read vulnerability was discovered in Quassel-core, one
of the components of the distributed IRC client Quassel. An attacker can
send a crafted message that crash to component causing a denial of
services or disclosure of information from process memory.
CVE-2014-3615
The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.
CVE-2014-8582
FortiNet FortiADC-E with firmware 3.1.1 before 4.0.5 and Coyote Point Equalizer with firmware 10.2.0a allows remote attackers to obtain access to arbitrary subnets via unspecified vectors.
CVE-2014-6032
The Configuration utility in F5 BIG-IP LTM, ASM, GTM, and Link Controller 11.0 through 11.6.0 and 10.0.0 through 10.2.4, AAM 11.4.0 through 11.6.0, ARM 11.3.0 through 11.6.0, Analytics 11.0.0 through 11.6.0, APM and Edge Gateway 11.0.0 through 11.6.0 and 10.1.0 through 10.2.4, PEM 11.3.0 through 11.6.0, PSM 11.0.0 through 11.4.1 and 10.0.0 through 10.2.4, and WOM 11.0.0 through 11.3.0 and 10.0.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allows remote authenticated users to read arbitrary files and cause a denial of service via unspecified vectors, related to “XML Entity Injection” in “Multiple locations.”
USN-2396-1: Linux kernel vulnerabilities
Ubuntu Security Notice USN-2396-1
31st October, 2014
linux vulnerabilities
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 14.10
Summary
Several security issues were fixed in the kernel.
Software description
- linux
– Linux kernel
Details
Nadav Amit reported that the KVM (Kernel Virtual Machine) mishandles
noncanonical addresses when emulating instructions that change the rip
(Instruction Pointer). A guest user with access to I/O or the MMIO can use
this flaw to cause a denial of service (system crash) of the guest.
(CVE-2014-3647)
A flaw was discovered with the handling of the invept instruction in the
KVM (Kernel Virtual Machine) subsystem of the Linux kernel. An unprivileged
guest user could exploit this flaw to cause a denial of service (system
crash) on the guest. (CVE-2014-3646)
Lars Bull reported a race condition in the PIT (programmable interrupt
timer) emulation in the KVM (Kernel Virtual Machine) subsystem of the Linux
kernel. A local guest user with access to PIT i/o ports could exploit this
flaw to cause a denial of service (crash) on the host. (CVE-2014-3611)
Lars Bull and Nadav Amit reported a flaw in how KVM (the Kernel Virtual
Machine) handles noncanonical writes to certain MSR registers. A privileged
guest user can exploit this flaw to cause a denial of service (kernel
panic) on the host. (CVE-2014-3610)
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 14.10:
-
linux-image-3.16.0-24-powerpc-e500mc
3.16.0-24.32
-
linux-image-3.16.0-24-powerpc64-smp
3.16.0-24.32
-
linux-image-3.16.0-24-powerpc-smp
3.16.0-24.32
-
linux-image-3.16.0-24-powerpc64-emb
3.16.0-24.32
-
linux-image-3.16.0-24-lowlatency
3.16.0-24.32
-
linux-image-3.16.0-24-generic
3.16.0-24.32
-
linux-image-3.16.0-24-generic-lpae
3.16.0-24.32
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.
References
Fedora EPEL 7 Security Update: tnftp-20141031-1.el7
Fedora EPEL 6 Security Update: tnftp-20141031-1.el6
Three out of bounds access issues in ImageMagick (CVE-2014-8354, CVE-2014-8355, CVE-2014-8562)
Posted by Hanno Böck on Nov 01
Found this with the help of fuzzing / address sanitizer.
Nothing to worry about too much, unlikely to cause any severe issues,
but it’s interesting how many issues there are that can be trivially
found via fuzzing.
Please note also that imagemagick 6.8.9-9 fixes another issue that got
CVE-2014-8561:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=764872
CVE-2014-8354: ImageMagick – Out-of-bounds read / heap overflow in
resize code…