Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в ядре Linux
Опубликовано:18 января 2015 г.
Источник:
SecurityVulns ID:14217
Тип:библиотека
Уровень опасности:
8/10
Описание:Обход защиты, DoS, повышение привилегий.
Затронутые продукты:LINUX : kernel 3.18
CVE:CVE-2014-9588
 CVE-2014-9585 (The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the end of a PMD.)
 CVE-2014-9529 (Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that trigger access to a key structure member during garbage collection of a key.)
 CVE-2014-9420 (The rock_continue function in fs/isofs/rock.c in the Linux kernel through 3.18.1 does not restrict the number of Rock Ridge continuation entries, which allows local users to cause a denial of service (infinite loop, and system crash or hang) via a crafted iso9660 image.)
 CVE-2014-9419 (The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage (TLS) descriptors are loaded before proceeding with other steps, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application that reads a TLS base address.)
 CVE-2014-9322 (arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.)
 CVE-2014-8133 (arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation in the Linux kernel through 3.18.1 allows local users to bypass the espfix protection mechanism, and consequently makes it easier for local users to bypass the ASLR protection mechanism, via a crafted application that makes a set_thread_area system call and later reads a 16-bit value.)
 CVE-2013-6885 (The microcode on AMD 16h 00h through 0Fh processors does not properly handle the interaction between locked instructions and write-combined memory types, which allows local users to cause a denial of service (system hang) via a crafted application, aka the errata 793 issue.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2015:027 ] kernel (18.01.2015)

DoS против libvirt / qemu
Опубликовано:18 января 2015 г.
Источник:
SecurityVulns ID:14218
Тип:библиотека
Уровень опасности:
5/10
Описание:Мертвая блокировка.
Затронутые продукты:LIBVIRT : libvirt 1.2
CVE:CVE-2014-8136 (The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2015:023 ] libvirt (18.01.2015)

Уязвимости безопасности в различных приложениях под iOS / Android
дополнено с 18 января 2015 г.
Опубликовано:25 января 2015 г.
Источник:
SecurityVulns ID:14216
Тип:удаленная
Уровень опасности:
5/10
Описание:Утечка информации, выполнение кода, обхода защиты и т.п.
Затронутые продукты:FOXIT : MobilePDF 4.4
 VERYPHOTO : VeryPhoto 3.0
 WIFIFILEBROWSER : WiFi File Browser Pro 2.0
 REMOTEDESKTOP : Remote Desktop 0.9
 PHOTOSYNC : PhotoSync 1.1
 FILEMINIPRO : File Pro Mini 5.2
Оригинальный текстdocumentVulnerability Lab, PhotoSync v1.1.3 Android - Command Inject Vulnerability (25.01.2015)
 documentVulnerability Lab, Remote Desktop v0.9.4 Android - Multiple Vulnerabilities (25.01.2015)
 documentVulnerability Lab, PhotoSync 1.1.3 Android - Command Inject Vulnerability (25.01.2015)
 documentVulnerability Lab, WiFi File Browser Pro v2.0.8 - Code Execution Vulnerability (18.01.2015)
 documentVulnerability Lab, Foxit MobilePDF v4.4.0 iOS - Multiple Web Vulnerabilities (18.01.2015)
 documentVulnerability Lab, VeryPhoto v3.0 iOS - Command Injection Vulnerability (18.01.2015)
 documentVulnerability Lab, File Pro Mini v5.2 iOS - Multiple Web Vulnerabilities (18.01.2015)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород