RHEL 6 : MRG (RHSA-2014:1318)

This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

Updated Red Hat Enterprise MRG Realtime packages that fix multiple
security issues and add one enhancement are now available for Red Hat
Enterprise MRG 2.5.

Red Hat Product Security has rated this update as having Moderate
security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

Red Hat Enterprise MRG (Messaging, Realtime, and Grid) is a
next-generation IT infrastructure for enterprise computing. MRG offers
increased performance, reliability, interoperability, and faster
computing for enterprise customers.

MRG Realtime provides the highest levels of predictability for
consistent low-latency response times to meet the needs of
time-sensitive workloads. MRG Realtime also provides new levels of
determinism by optimizing lengthy kernel code paths to ensure that
they do not become bottlenecks. This allows for better prioritization
of applications, resulting in consistent, predictable response times
for high-priority applications.

* An out-of-bounds write flaw was found in the way the
Apple Magic Mouse/Trackpad multi-touch driver handled
Human Interface Device (HID) reports with an invalid
size. An attacker with physical access to the system
could use this flaw to crash the system or, potentially,
escalate their privileges on the system. (CVE-2014-3181,
Moderate)

* A memory corruption flaw was found in the way the USB
ConnectTech WhiteHEAT serial driver processed completion
commands sent via USB Request Blocks buffers. An
attacker with physical access to the system could use
this flaw to crash the system or, potentially, escalate
their privileges on the system. (CVE-2014-3185,
Moderate)

* A race condition flaw was found in the way the Linux
kernel's mmap(2), madvise(2), and fallocate(2) system
calls interacted with each other while operating on
virtual memory file system files. A local user could use
this flaw to cause a denial of service. (CVE-2014-4171,
Moderate)

* A stack overflow flaw caused by infinite recursion was
found in the way the Linux kernel's Universal Disk
Format (UDF) file system implementation processed
indirect Information Control Blocks (ICBs). An attacker
with physical access to the system could use a specially
crafted UDF image to crash the system. (CVE-2014-6410,
Low)

* An out-of-bounds read flaw was found in the way the
Logitech Unifying receiver driver handled HID reports
with an invalid device_index value. An attacker with
physical access to the system could use this flaw to
crash the system or, potentially, escalate their
privileges on the system. (CVE-2014-3182, Low)

* Multiple out-of-bounds write flaws were found in the
way the Cherry Cymotion keyboard driver, KYE/Genius
device drivers, Logitech device drivers, Monterey
Genius KB29E keyboard driver, Petalynx Maxter remote
control driver, and Sunplus wireless desktop driver
handled HID reports with an invalid report descriptor
size. An attacker with physical access to the system
could use either of these flaws to write data past an
allocated memory buffer. (CVE-2014-3184, Low)

* It was found that the parse_rock_ridge_inode_internal()
function of the Linux kernel's ISOFS implementation did
not correctly check relocated directories when
processing Rock Ridge child link (CL) tags. An attacker
with physical access to the system could use a specially
crafted ISO image to crash the system or, potentially,
escalate their privileges on the system. (CVE-2014-5471,
CVE-2014-5472, Low)

This update also adds the following enhancement :

* The Solarflare SFC9120 10GBE Ethernet NICs were not
supported by the MRG Realtime kernel. With this update,
the drivers have been updated to enable the Solarflare
SFC9120 cards on the Realtime kernel. (BZ#1086945)

All Red Hat Enterprise MRG Realtime users are advised to upgrade to
these updated packages, which contain backported patches to correct
these issues and add this enhancement.

See also :

https://www.redhat.com/security/data/cve/CVE-2014-3181.html
https://www.redhat.com/security/data/cve/CVE-2014-3182.html
https://www.redhat.com/security/data/cve/CVE-2014-3184.html
https://www.redhat.com/security/data/cve/CVE-2014-3185.html
https://www.redhat.com/security/data/cve/CVE-2014-4171.html
https://www.redhat.com/security/data/cve/CVE-2014-5471.html
https://www.redhat.com/security/data/cve/CVE-2014-5472.html
https://www.redhat.com/security/data/cve/CVE-2014-6410.html
http://rhn.redhat.com/errata/RHSA-2014-1318.html

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 6.9
(CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 5.1
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now