A new series of vulnerabilities in Linux Kernel allows an attacker to
lead DoS and privilege escalation attack, Debian urges upgrades for
Linux users.
CVE-2014-3144 / CVE-2014-3145
A local user can cause a denial of service (system crash) via
crafted BPF instructions.
CVE-2014-3153
Pinkie Pie discovered an issue in the futex subsystem that allows a
local user to gain ring 0 control via the futex syscall. An
unprivileged user could use this flaw to crash the kernel (resulting
in denial of service) or for privilege escalation.
sources:
http://securityaffairs.co/wordpress/25572/hacking/new-linux-kernel-bugs.html
https://lists.debian.org/debian-security-announce/2014/msg00130.html
--
Registered Linux user #545296
_______________________________________________
Indian Libre User Group Cochin Mailing List
http://www.ilug-cochin.org/mailing-list/
http://ilug-cochin.org/mailman/listinfo/mailinglist_ilug-cochin.org
#[email protected]
