CVE-2014-3145

Name of the Vulnerable Software and Affected Versions Linux kernel versions through 3.14.3 SUSE Linux Enterprise kernel-pae-devel (affected versions not specified) SUSE Linux Enterprise kernel-xen-devel (affected versions not specified) SUSE Linux Enterprise gfs2-kmp-xen (affected versions not specified) SUSE Linux Enterprise kernel-ec2-devel (affected versions not specified)

Description The issue allows local users to cause a denial of service (over-read and system crash) via crafted BPF instructions. The BPF S ANC NLATTR NEST extension implementation in the sk run filter function in net/core/filter.c uses the reverse order in a certain subtraction. Additionally, multiple vulnerabilities in SUSE Linux Enterprise packages may lead to disruption of confidentiality, integrity, and availability of protected information, and can be exploited remotely.

Recommendations For Linux kernel versions through 3.14.3: Update to a version later than 3.14.3 to resolve the issue. For SUSE Linux Enterprise kernel-pae-devel: At the moment, there is no information about a newer version that contains a fix for this vulnerability. For SUSE Linux Enterprise kernel-xen-devel: At the moment, there is no information about a newer version that contains a fix for this vulnerability. For SUSE Linux Enterprise gfs2-kmp-xen: At the moment, there is no information about a newer version that contains a fix for this vulnerability. For SUSE Linux Enterprise kernel-ec2-devel: At the moment, there is no information about a newer version that contains a fix for this vulnerability.