Rapid7 Vulnerability & Exploit Database

USN-2515-2: Linux kernel (Trusty HWE) vulnerabilities regression

Back to Search

USN-2515-2: Linux kernel (Trusty HWE) vulnerabilities regression



USN-2515-1 fixed vulnerabilities in the Linux kernel. There was an unrelatedregression in the use of the virtual counter (CNTVCT) on arm64 architectures.This update fixes the problem. We apologize for the inconvenience. Original advisory details: A flaw was discovered in the Kernel Virtual Machine's (KVM) emulation ofthe SYSTENTER instruction when the guest OS does not initialize theSYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial ofservice of the guest OS (crash) or potentially gain privileges on the guestOS. (CVE-2015-0239) Andy Lutomirski discovered an information leak in the Linux kernel's ThreadLocal Storage (TLS) implementation allowing users to bypass the espfix toobtain information that could be used to bypass the Address Space LayoutRandomization (ASLR) protection mechanism. A local user could exploit thisflaw to obtain potentially sensitive information from kernel memory.(CVE-2014-8133) A restriction bypass was discovered in iptables when conntrack rules arespecified and the conntrack protocol handler module is not loaded into theLinux kernel. This flaw can cause the firewall rules on the system to bebypassed when conntrack rules are used. (CVE-2014-8160) A flaw was discovered with file renaming in the linux kernel. A local usercould exploit this flaw to cause a denial of service (deadlock and systemhang). (CVE-2014-8559) A flaw was discovered in how supplemental group memberships are handled incertain namespace scenarios. A local user could exploit this flaw to bypassfile permission restrictions. (CVE-2014-8989) A flaw was discovered in how Thread Local Storage (TLS) is handled by thetask switching function in the Linux kernel for x86_64 based machines. Alocal user could exploit this flaw to bypass the Address Space LayoutRadomization (ASLR) protection mechanism. (CVE-2014-9419) Prasad J Pandit reported a flaw in the rock_continue function of the Linuxkernel's ISO 9660 CDROM file system. A local user could exploit this flawto cause a denial of service (system crash or hang). (CVE-2014-9420) A flaw was discovered in the fragment handling of the B.A.T.M.A.N. AdvancedMeshing Protocol in the Linux kernel. A remote attacker could exploit thisflaw to cause a denial of service (mesh-node system crash) via fragmentedpackets. (CVE-2014-9428) A race condition was discovered in the Linux kernel's key ring. A localuser could cause a denial of service (memory corruption or panic) orpossibly have unspecified impact via the keyctl commands. (CVE-2014-9529) A memory leak was discovered in the ISO 9660 CDROM file system when parsingrock ridge ER records. A local user could exploit this flaw to obtainsensitive information from kernel memory via a crafted iso9660 image.(CVE-2014-9584) A flaw was discovered in the Address Space Layout Randomization (ASLR) ofthe Virtual Dynamically linked Shared Objects (vDSO) location. This flawmakes it easier for a local user to bypass the ASLR protection mechanism.(CVE-2014-9585) Dmitry Chernenkov discovered a buffer overflow in eCryptfs' encrypted filename decoding. A local unprivileged user could exploit this flaw to cause adenial of service (system crash) or potentially gain administrativeprivileges. (CVE-2014-9683) The problem can be corrected by updating your system to the following package version: To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need to reboot your computer to makeall the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed. Ifyou use linux-restricted-modules, you have to update that package aswell to get modules which work with the new kernel version. Unless youmanually uninstalled the standard kernel metapackages (e.g. linux-generic,linux-server, linux-powerpc), a standard system upgrade will automaticallyperform this as well. LP: 1427297


  • ubuntu-upgrade-linux-image-3-13-0-46-generic
  • ubuntu-upgrade-linux-image-3-13-0-46-generic-lpae

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center