Rapid7 Vulnerability & Exploit Database

USN-2336-1: Linux kernel (Trusty HWE) vulnerabilities

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

USN-2336-1: Linux kernel (Trusty HWE) vulnerabilities

Severity

CVSS

(AV:L/AC:H/Au:N/C:C/I:C/A:C)

Published

07/03/2014

Created

07/25/2018

Added

09/19/2014

Modified

08/17/2020

Description

The mountpoint_last function in fs/namei.c in the Linux kernel before 3.15.8 does not properly maintain a certain reference count during attempts to use the umount system call in conjunction with a symlink, which allows local users to cause a denial of service (memory consumption or use-after-free) or possibly have unspecified other impact via the umount program.

Solution(s)

ubuntu-upgrade-linux-image-3-13-0-35-generic
ubuntu-upgrade-linux-image-3-13-0-35-generic-lpae

References

https://attackerkb.com/topics/cve-2014-0155
68157
68162
68164
68224
CVE - 2014-0155
CVE - 2014-0181
CVE - 2014-0206
CVE - 2014-4014
CVE - 2014-4027
CVE - 2014-4171
CVE - 2014-4508
CVE - 2014-4652
CVE - 2014-4653
CVE - 2014-4654
CVE - 2014-4655
CVE - 2014-4656
CVE - 2014-4667
CVE - 2014-5045
DSA-2992
RHSA-2014:1083
RHSA-2014:1318
RHSA-2014:1959
RHSA-2015:0062
RHSA-2015:0087
RHSA-2015:0102
USN-2336-1
94412

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;