Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.1.2.2019.1480
Kategorie:Huawei EulerOS Local Security Checks
Titel:Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1480)
Zusammenfassung:The remote host is missing an update for the Huawei EulerOS 'kernel' package(s) announced via the EulerOS-SA-2019-1480 advisory.
Beschreibung:Summary:
The remote host is missing an update for the Huawei EulerOS 'kernel' package(s) announced via the EulerOS-SA-2019-1480 advisory.

Vulnerability Insight:
A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance (PI) futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system.(CVE-2014-3153)

An out-of-bounds write flaw was found in the way the Apple Magic Mouse/Trackpad multi-touch driver handled Human Interface Device (HID) reports with an invalid size. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system.(CVE-2014-3181)

An out-of-bounds read flaw was found in the way the Logitech Unifying receiver driver handled HID reports with an invalid device_index value. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system.(CVE-2014-3182)

Multiple out-of-bounds write flaws were found in the way the Cherry Cymotion keyboard driver, KYE/Genius device drivers, Logitech device drivers, Monterey Genius KB29E keyboard driver, Petalynx Maxter remote control driver, and Sunplus wireless desktop driver handled HID reports with an invalid report descriptor size. An attacker with physical access to the system could use either of these flaws to write data past an allocated memory buffer.(CVE-2014-3184)

A memory corruption flaw was found in the way the USB ConnectTech WhiteHEAT serial driver processed completion commands sent via USB Request Blocks buffers. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system.(CVE-2014-3185)

It was found that Linux kernel's ptrace subsystem did not properly sanitize the address-space-control bits when the program-status word (PSW) was being set. On IBM S/390 systems, a local, unprivileged user could use this flaw to set address-space-control bits to the kernel space, and thus gain read and write access to kernel memory.(CVE-2014-3534)

A flaw was found in the way the Linux kernel's kvm_iommu_map_pages() function handled IOMMU mapping failures. A privileged user in a guest with an assigned host device could use this flaw to crash the host.(CVE-2014-3601)

It was found that KVM's Write to Model Specific Register (WRMSR) instruction emulation would write non-canonical values passed in by the guest to certain MSRs in the host's context. A privileged guest user could use this flaw to crash the host.(CVE-2014-3610)

A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT (Programmable Interval Timer) emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host.(CVE-2014-3611)

A flaw was found in the way the Linux kernel's keys subsystem handled the termination condition in the associative array garbage collection functionality. A local, unprivileged user could use this flaw to ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'kernel' package(s) on Huawei EulerOS Virtualization 3.0.1.0.

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2014-3153
BugTraq ID: 67906
http://www.securityfocus.com/bid/67906
Debian Security Information: DSA-2949 (Google Search)
http://www.debian.org/security/2014/dsa-2949
http://www.exploit-db.com/exploits/35370
https://elongl.github.io/exploitation/2021/01/08/cve-2014-3153.html
https://github.com/elongl/CVE-2014-3153
https://www.openwall.com/lists/oss-security/2021/02/01/4
http://www.openwall.com/lists/oss-security/2014/06/05/22
http://openwall.com/lists/oss-security/2014/06/05/24
http://openwall.com/lists/oss-security/2014/06/06/20
http://www.openwall.com/lists/oss-security/2021/02/01/4
RedHat Security Advisories: RHSA-2014:0800
http://rhn.redhat.com/errata/RHSA-2014-0800.html
http://www.securitytracker.com/id/1030451
http://secunia.com/advisories/58500
http://secunia.com/advisories/58990
http://secunia.com/advisories/59029
http://secunia.com/advisories/59092
http://secunia.com/advisories/59153
http://secunia.com/advisories/59262
http://secunia.com/advisories/59309
http://secunia.com/advisories/59386
http://secunia.com/advisories/59599
SuSE Security Announcement: SUSE-SU-2014:0775 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00014.html
SuSE Security Announcement: SUSE-SU-2014:0796 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00018.html
SuSE Security Announcement: SUSE-SU-2014:0837 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00025.html
SuSE Security Announcement: SUSE-SU-2014:1316 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html
SuSE Security Announcement: SUSE-SU-2014:1319 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html
SuSE Security Announcement: openSUSE-SU-2014:0878 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00006.html
http://www.ubuntu.com/usn/USN-2237-1
http://www.ubuntu.com/usn/USN-2240-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-3181
BugTraq ID: 69779
http://www.securityfocus.com/bid/69779
https://code.google.com/p/google-security-research/issues/detail?id=100
http://www.openwall.com/lists/oss-security/2014/09/11/21
RedHat Security Advisories: RHSA-2014:1318
http://rhn.redhat.com/errata/RHSA-2014-1318.html
SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
http://www.ubuntu.com/usn/USN-2376-1
http://www.ubuntu.com/usn/USN-2377-1
http://www.ubuntu.com/usn/USN-2378-1
http://www.ubuntu.com/usn/USN-2379-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-3182
BugTraq ID: 69770
http://www.securityfocus.com/bid/69770
https://code.google.com/p/google-security-research/issues/detail?id=89
Common Vulnerability Exposure (CVE) ID: CVE-2014-3184
BugTraq ID: 69768
http://www.securityfocus.com/bid/69768
https://code.google.com/p/google-security-research/issues/detail?id=91
RedHat Security Advisories: RHSA-2015:1272
http://rhn.redhat.com/errata/RHSA-2015-1272.html
SuSE Security Announcement: SUSE-SU-2015:0652 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html
SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
http://www.ubuntu.com/usn/USN-2374-1
http://www.ubuntu.com/usn/USN-2375-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-3185
BugTraq ID: 69781
http://www.securityfocus.com/bid/69781
https://code.google.com/p/google-security-research/issues/detail?id=98
RedHat Security Advisories: RHSA-2015:0284
http://rhn.redhat.com/errata/RHSA-2015-0284.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-3534
BugTraq ID: 68940
http://www.securityfocus.com/bid/68940
Debian Security Information: DSA-2992 (Google Search)
http://www.debian.org/security/2014/dsa-2992
http://www.osvdb.org/109546
http://www.securitytracker.com/id/1030683
http://secunia.com/advisories/59790
http://secunia.com/advisories/60351
XForce ISS Database: linux-cve20143534-priv-esc(95069)
https://exchange.xforce.ibmcloud.com/vulnerabilities/95069
Common Vulnerability Exposure (CVE) ID: CVE-2014-3601
BugTraq ID: 69489
http://www.securityfocus.com/bid/69489
http://secunia.com/advisories/60830
SuSE Security Announcement: SUSE-SU-2015:0736 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html
http://www.ubuntu.com/usn/USN-2356-1
http://www.ubuntu.com/usn/USN-2357-1
http://www.ubuntu.com/usn/USN-2358-1
http://www.ubuntu.com/usn/USN-2359-1
XForce ISS Database: linux-kernel-cve20143601-dos(95689)
https://exchange.xforce.ibmcloud.com/vulnerabilities/95689
Common Vulnerability Exposure (CVE) ID: CVE-2014-3610
BugTraq ID: 70742
http://www.securityfocus.com/bid/70742
Debian Security Information: DSA-3060 (Google Search)
http://www.debian.org/security/2014/dsa-3060
http://www.openwall.com/lists/oss-security/2014/10/24/9
RedHat Security Advisories: RHSA-2015:0869
http://rhn.redhat.com/errata/RHSA-2015-0869.html
http://www.ubuntu.com/usn/USN-2394-1
http://www.ubuntu.com/usn/USN-2417-1
http://www.ubuntu.com/usn/USN-2418-1
http://www.ubuntu.com/usn/USN-2491-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-3611
RedHat Security Advisories: RHSA-2015:0126
http://rhn.redhat.com/errata/RHSA-2015-0126.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-3631
BugTraq ID: 70095
http://www.securityfocus.com/bid/70095
http://www.exploit-db.com/exploits/36268
http://osvdb.org/show/osvdb/111298
Common Vulnerability Exposure (CVE) ID: CVE-2014-3645
Common Vulnerability Exposure (CVE) ID: CVE-2014-3646
Common Vulnerability Exposure (CVE) ID: CVE-2014-3647
BugTraq ID: 70748
http://www.securityfocus.com/bid/70748
Common Vulnerability Exposure (CVE) ID: CVE-2014-3673
BugTraq ID: 70883
http://www.securityfocus.com/bid/70883
HPdes Security Advisory: HPSBGN03282
http://marc.info/?l=bugtraq&m=142722544401658&w=2
HPdes Security Advisory: HPSBGN03285
http://marc.info/?l=bugtraq&m=142722450701342&w=2
RedHat Security Advisories: RHSA-2015:0062
http://rhn.redhat.com/errata/RHSA-2015-0062.html
RedHat Security Advisories: RHSA-2015:0115
http://rhn.redhat.com/errata/RHSA-2015-0115.html
http://secunia.com/advisories/62428
SuSE Security Announcement: SUSE-SU-2015:0529 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-3687
BugTraq ID: 70766
http://www.securityfocus.com/bid/70766
SuSE Security Announcement: SUSE-SU-2015:0178 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html
SuSE Security Announcement: SUSE-SU-2015:1489 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-3688
http://www.openwall.com/lists/oss-security/2014/11/13/8
Common Vulnerability Exposure (CVE) ID: CVE-2014-3690
BugTraq ID: 70691
http://www.securityfocus.com/bid/70691
http://www.mandriva.com/security/advisories?name=MDVSA-2015:058
http://www.openwall.com/lists/oss-security/2014/10/21/4
http://www.openwall.com/lists/oss-security/2014/10/29/7
RedHat Security Advisories: RHSA-2015:0290
http://rhn.redhat.com/errata/RHSA-2015-0290.html
RedHat Security Advisories: RHSA-2015:0782
http://rhn.redhat.com/errata/RHSA-2015-0782.html
RedHat Security Advisories: RHSA-2015:0864
http://rhn.redhat.com/errata/RHSA-2015-0864.html
http://secunia.com/advisories/60174
http://www.ubuntu.com/usn/USN-2419-1
http://www.ubuntu.com/usn/USN-2420-1
http://www.ubuntu.com/usn/USN-2421-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-3917
http://article.gmane.org/gmane.linux.kernel/1713179
http://www.openwall.com/lists/oss-security/2014/05/29/5
RedHat Security Advisories: RHSA-2014:1143
http://rhn.redhat.com/errata/RHSA-2014-1143.html
RedHat Security Advisories: RHSA-2014:1281
http://rhn.redhat.com/errata/RHSA-2014-1281.html
http://secunia.com/advisories/59777
http://secunia.com/advisories/60011
http://secunia.com/advisories/60564
http://www.ubuntu.com/usn/USN-2334-1
http://www.ubuntu.com/usn/USN-2335-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-3940
BugTraq ID: 67786
http://www.securityfocus.com/bid/67786
https://lkml.org/lkml/2014/3/18/784
http://www.openwall.com/lists/oss-security/2014/06/02/5
http://secunia.com/advisories/59011
http://secunia.com/advisories/61310
Common Vulnerability Exposure (CVE) ID: CVE-2014-4014
BugTraq ID: 67988
http://www.securityfocus.com/bid/67988
http://www.exploit-db.com/exploits/33824
http://www.openwall.com/lists/oss-security/2014/06/10/4
http://www.securitytracker.com/id/1030394
http://secunia.com/advisories/59220
Common Vulnerability Exposure (CVE) ID: CVE-2014-4027
http://www.openwall.com/lists/oss-security/2014/06/11/1
http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618
http://secunia.com/advisories/59134
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.