Multiple vulnerabilities in Linux kernel
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2014-0203 CVE-2013-4588 |
| CWE-ID | CWE-416 CWE-119 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Linux kernel Operating systems & Components / Operating system |
| Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Use-after-free
EUVDB-ID: #VU41532
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2014-0203
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local authenticated user to perform a denial of service (DoS) attack.
The __do_follow_link function in fs/namei.c in the Linux kernel before 2.6.33 does not properly handle the last pathname component during use of certain filesystems, which allows local users to cause a denial of service (incorrect free operations and system crash) via an open system call.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: 2.6.0 - 2.6.32.58
External linkshttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=86acdca1b63e6890540fa19495cfc708beff3d8b
http://linux.oracle.com/errata/ELSA-2014-0771.html
http://linux.oracle.com/errata/ELSA-2014-3043.html
http://mirror.linux.org.au/linux/kernel/v2.6/ChangeLog-2.6.33
http://secunia.com/advisories/59262
http://secunia.com/advisories/59309
http://secunia.com/advisories/59406
http://secunia.com/advisories/59560
http://www.securityfocus.com/bid/68125
http://bugzilla.redhat.com/show_bug.cgi?id=1094363
http://github.com/torvalds/linux/commit/86acdca1b63e6890540fa19495cfc708beff3d8b
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Buffer overflow
EUVDB-ID: #VU42352
Risk: Low
CVSSv3.1: 6.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2013-4588
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local authenticated user to execute arbitrary code.
Multiple stack-based buffer overflows in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 2.6.33, when CONFIG_IP_VS is used, allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability for (1) a getsockopt system call, related to the do_ip_vs_get_ctl function, or (2) a setsockopt system call, related to the do_ip_vs_set_ctl function.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: 2.6.0 - 2.6.32.58
External linkshttp://ftp.linux.org.uk/pub/linux/linux-2.6/ChangeLog-2.6.33
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=04bcef2a83f40c6db24222b27a52892cba39dffb
http://www.openwall.com/lists/oss-security/2013/11/15/12
http://www.securityfocus.com/bid/63744
http://www.ubuntu.com/usn/USN-2064-1
http://www.ubuntu.com/usn/USN-2065-1
http://bugzilla.redhat.com/show_bug.cgi?id=1030800
http://github.com/torvalds/linux/commit/04bcef2a83f40c6db24222b27a52892cba39dffb
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
