CVE-2014-1444

Name of the Vulnerable Software and Affected Versions SUSE Linux Enterprise kernel-ec2-devel (affected versions not specified) SUSE Linux Enterprise kernel-pae-devel (affected versions not specified) SUSE Linux Enterprise kernel-xen-devel (affected versions not specified) Linux kernel versions prior to 3.11.7 SUSE Linux Enterprise gfs2-kmp-xen (affected versions not specified)

Description The issue concerns multiple vulnerabilities in various packages of the SUSE Linux Enterprise operating system, including kernel-ec2-devel, kernel-pae-devel, kernel-xen-devel, and gfs2-kmp-xen. These vulnerabilities can be exploited remotely and may lead to a breach of confidentiality, integrity, and availability of protected information. A specific vulnerability in the Linux kernel before version 3.11.7 involves the fst get iface function in drivers/net/wan/farsync.c, which does not properly initialize a certain data structure. This allows local users with the CAP NET ADMIN capability to obtain sensitive information from kernel memory by leveraging an SIOCWANDEV ioctl call.

Recommendations For SUSE Linux Enterprise kernel-ec2-devel, consider disabling vulnerable functions until a patch is available. For SUSE Linux Enterprise kernel-pae-devel, restrict access to vulnerable modules to minimize the risk of exploitation. For SUSE Linux Enterprise kernel-xen-devel, avoid using vulnerable parameters in affected API endpoints until the issue is resolved. For Linux kernel versions prior to 3.11.7, update to version 3.11.7 or later to resolve the issue. For SUSE Linux Enterprise gfs2-kmp-xen, consider disabling the vulnerable gfs2-kmp-xen module until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability in some of the affected packages.