vuln-list-alt/oval/c9f2/ALT-PU-2014-1703/definitions.json

{
  "Definition": [
    {
      "ID": "oval:org.altlinux.errata:def:20141703",
      "Version": "oval:org.altlinux.errata:def:20141703",
      "Class": "patch",
      "Metadata": {
        "Title": "ALT-PU-2014-1703: package `kernel-image-un-def` update to version 3.14.5-alt1",
        "AffectedList": [
          {
            "Family": "unix",
            "Platforms": [
              "ALT Linux branch c9f2"
            ],
            "Products": [
              "ALT SPWorkstation",
              "ALT SPServer"
            ]
          }
        ],
        "References": [
          {
            "RefID": "ALT-PU-2014-1703",
            "RefURL": "https://errata.altlinux.org/ALT-PU-2014-1703",
            "Source": "ALTPU"
          },
          {
            "RefID": "CVE-2014-7284",
            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2014-7284",
            "Source": "CVE"
          },
          {
            "RefID": "CVE-2014-9715",
            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2014-9715",
            "Source": "CVE"
          }
        ],
        "Description": "This update upgrades kernel-image-un-def to version 3.14.5-alt1. \nSecurity Fix(es):\n\n * CVE-2014-7284: The net_get_random_once implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended slow-path operation to initialize random seeds, which makes it easier for remote attackers to spoof or disrupt IP communication by leveraging the predictability of TCP sequence numbers, TCP and UDP port numbers, and IP ID values.\n\n * CVE-2014-9715: include/net/netfilter/nf_conntrack_extend.h in the netfilter subsystem in the Linux kernel before 3.14.5 uses an insufficiently large data type for certain extension data, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via outbound network traffic that triggers extension loading, as demonstrated by configuring a PPTP tunnel in a NAT environment.",
        "Advisory": {
          "From": "errata.altlinux.org",
          "Severity": "Low",
          "Rights": "Copyright 2024 BaseALT Ltd.",
          "Issued": {
            "Date": "2014-06-03"
          },
          "Updated": {
            "Date": "2014-06-03"
          },
          "BDUs": null,
          "CVEs": [
            {
              "ID": "CVE-2014-7284",
              "CVSS": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
              "CWE": "CWE-200",
              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2014-7284",
              "Impact": "Low",
              "Public": "20141013"
            },
            {
              "ID": "CVE-2014-9715",
              "CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
              "CWE": "NVD-CWE-Other",
              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2014-9715",
              "Impact": "Low",
              "Public": "20150527"
            }
          ],
          "AffectedCPEs": {
            "CPEs": [
              "cpe:/o:alt:spworkstation:8.4",
              "cpe:/o:alt:spserver:8.4"
            ]
          }
        }
      },
      "Criteria": {
        "Operator": "AND",
        "Criterions": [
          {
            "TestRef": "oval:org.altlinux.errata:tst:3001",
            "Comment": "ALT Linux must be installed"
          }
        ],
        "Criterias": [
          {
            "Operator": "OR",
            "Criterions": [
              {
                "TestRef": "oval:org.altlinux.errata:tst:20141703001",
                "Comment": "kernel-doc-un is earlier than 1:3.14.5-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20141703002",
                "Comment": "kernel-headers-modules-un-def is earlier than 1:3.14.5-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20141703003",
                "Comment": "kernel-headers-un-def is earlier than 1:3.14.5-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20141703004",
                "Comment": "kernel-image-domU-un-def is earlier than 1:3.14.5-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20141703005",
                "Comment": "kernel-image-un-def is earlier than 1:3.14.5-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20141703006",
                "Comment": "kernel-modules-drm-nouveau-un-def is earlier than 1:3.14.5-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20141703007",
                "Comment": "kernel-modules-drm-radeon-un-def is earlier than 1:3.14.5-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20141703008",
                "Comment": "kernel-modules-drm-un-def is earlier than 1:3.14.5-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20141703009",
                "Comment": "kernel-modules-ide-un-def is earlier than 1:3.14.5-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20141703010",
                "Comment": "kernel-modules-kvm-un-def is earlier than 1:3.14.5-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20141703011",
                "Comment": "kernel-modules-staging-un-def is earlier than 1:3.14.5-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20141703012",
                "Comment": "kernel-modules-v4l-un-def is earlier than 1:3.14.5-alt1"
              }
            ]
          }
        ]
      }
    }
  ]
}