Guest

Preview Tool

Cisco Bug: CSCus20856 - CUCM: Important: kernel security and bug fix update RHSA-2014:1997-01

Last Modified

Aug 06, 2018

Products (1)

  • Cisco Unified Communications Manager (CallManager)

Known Affected Releases

10.5(1.98000.499)

Description (partial)

Symptom:
Cisco Unified Communications Manager (UCM) includes a version of the Linux Kernel that may be affected by the vulnerabilities identified by the
following Common Vulnerability and Exposures (CVE) IDs: 

CVE-2012-6657: The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5.7 does not ensure that a keepalive action is
associated with a stream socket, which allows local users to cause a denial of service (system crash) by leveraging the ability to create a raw
socket. This has been classified by the vendor as having a CVSSv2 score of 4.9 (AV:L/AC:L/AU:N/C:N/I:N/A:C)

CVE-2014-3673: The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via
a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c. This has been classified by the vendor as having a
CVSSv2 score of 7.8 (AV:N/AC:L/AU:N/C:N/I:N/A:C)

CVE-2014-3687: The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2
allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect
interpreter. This has been classified by the vendor as having a CVSSv2 score of 7.8 (AV:N/AC:L/AU:N/C:N/I:N/A:C)

CVE-2014-3688: The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service (memory
consumption) by triggering a large number of chunks in an association's output queue, as demonstrated by ASCONF probes, related to
net/sctp/inqueue.c and net/sctp/sm_statefuns.c. This has been classified by the vendor as having a CVSSv2 score of 5.0 (AV:N/AC:L/AU:N/C:N/I:N/A:P)

CVE-2014-5471: Stack consumption vulnerability in the parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through
3.16.1 allows local users to cause a denial of service (uncontrolled recursion, and system crash or reboot) via a crafted iso9660 image with a CL
entry referring to a directory entry that has a CL entry. This has been classified by the vendor as having a CVSSv2 score of 4.0
(AV:L/AC:H/AU:N/C:N/I:N/A:C)

CVE-2014-5472: The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a
denial of service (unkillable mount process) via a crafted iso9660 image with a self-referential CL entry. This has been classified by the vendor
as having a CVSSv2 score of 4.0 (AV:L/AC:H/AU:N/C:N/I:N/A:C)

CVE-2014-6410: The __udf_read_inode function in fs/udf/inode.c in the Linux kernel through 3.16.3 does not restrict the amount of ICB
indirection, which allows physically proximate attackers to cause a denial of service (infinite loop or stack consumption) via a UDF filesystem
with a crafted inode. This has been classified by the vendor as having a CVSSv2 score of 4.7 (AV:L/AC:M/AU:N/C:N/I:N/A:C)

CVE-2014-9322: arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment
(SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address
from the wrong space. This has been classified by the vendor as having a CVSSv2 score of 7.2 (AV:L/AC:L/AU:N/C:C/I:C/A:C)

Cisco has analyzed these vulnerabilities and concluded that the product is not impacted

Conditions:
Not applicable
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.