CVE-2014-7284
Bug #1377339 reported by
John Johansen
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
linux (Ubuntu) |
Invalid
|
Medium
|
Unassigned | |||
Precise |
Invalid
|
Medium
|
Unassigned | |||
Trusty |
Fix Released
|
Medium
|
Unassigned | |||
Vivid |
Invalid
|
Medium
|
Unassigned | |||
Wily |
Invalid
|
Medium
|
Unassigned | |||
Xenial |
Invalid
|
Medium
|
Unassigned | |||
linux-armadaxp (Ubuntu) |
Invalid
|
Medium
|
Unassigned | |||
Precise |
Invalid
|
Medium
|
Unassigned | |||
Trusty |
Invalid
|
Medium
|
Unassigned | |||
Vivid |
Invalid
|
Medium
|
Unassigned | |||
Wily |
Invalid
|
Medium
|
Unassigned | |||
Xenial |
Invalid
|
Medium
|
Unassigned | |||
linux-ec2 (Ubuntu) |
Invalid
|
Medium
|
Unassigned | |||
Precise |
Invalid
|
Medium
|
Unassigned | |||
Trusty |
Invalid
|
Medium
|
Unassigned | |||
Vivid |
Invalid
|
Medium
|
Unassigned | |||
Wily |
Invalid
|
Medium
|
Unassigned | |||
Xenial |
Invalid
|
Medium
|
Unassigned | |||
linux-flo (Ubuntu) |
Invalid
|
Medium
|
Unassigned | |||
Precise |
Invalid
|
Medium
|
Unassigned | |||
Vivid |
Invalid
|
Medium
|
Unassigned | |||
Wily |
Invalid
|
Medium
|
Unassigned | |||
Xenial |
Invalid
|
Medium
|
Unassigned | |||
linux-fsl-imx51 (Ubuntu) |
Invalid
|
Medium
|
Unassigned | |||
Precise |
Invalid
|
Medium
|
Unassigned | |||
Trusty |
Invalid
|
Medium
|
Unassigned | |||
Vivid |
Invalid
|
Medium
|
Unassigned | |||
Wily |
Invalid
|
Medium
|
Unassigned | |||
Xenial |
Invalid
|
Medium
|
Unassigned | |||
linux-goldfish (Ubuntu) |
Invalid
|
Medium
|
Unassigned | |||
Precise |
Invalid
|
Medium
|
Unassigned | |||
Vivid |
Invalid
|
Medium
|
Unassigned | |||
Wily |
Invalid
|
Medium
|
Unassigned | |||
Xenial |
Invalid
|
Medium
|
Unassigned | |||
linux-lts-backport-maverick (Ubuntu) |
New
|
Undecided
|
Unassigned | |||
Lucid |
Won't Fix
|
Undecided
|
Unassigned | |||
Precise |
Won't Fix
|
Undecided
|
Unassigned | |||
Trusty |
New
|
Undecided
|
Unassigned | |||
Utopic |
Won't Fix
|
Undecided
|
Unassigned | |||
Vivid |
New
|
Undecided
|
Unassigned | |||
Wily |
New
|
Undecided
|
Unassigned | |||
Xenial |
New
|
Undecided
|
Unassigned | |||
linux-lts-backport-natty (Ubuntu) |
New
|
Undecided
|
Unassigned | |||
Lucid |
Won't Fix
|
Undecided
|
Unassigned | |||
Precise |
Won't Fix
|
Undecided
|
Unassigned | |||
Trusty |
New
|
Undecided
|
Unassigned | |||
Utopic |
Won't Fix
|
Undecided
|
Unassigned | |||
Vivid |
New
|
Undecided
|
Unassigned | |||
Wily |
New
|
Undecided
|
Unassigned | |||
Xenial |
New
|
Undecided
|
Unassigned | |||
linux-lts-quantal (Ubuntu) |
Invalid
|
Medium
|
Unassigned | |||
Precise |
Invalid
|
Medium
|
Unassigned | |||
Trusty |
Invalid
|
Medium
|
Unassigned | |||
Vivid |
Invalid
|
Medium
|
Unassigned | |||
Wily |
Invalid
|
Medium
|
Unassigned | |||
Xenial |
Invalid
|
Medium
|
Unassigned | |||
linux-lts-raring (Ubuntu) |
Invalid
|
Medium
|
Unassigned | |||
Precise |
Invalid
|
Medium
|
Unassigned | |||
Trusty |
Invalid
|
Medium
|
Unassigned | |||
Vivid |
Invalid
|
Medium
|
Unassigned | |||
Wily |
Invalid
|
Medium
|
Unassigned | |||
Xenial |
Invalid
|
Medium
|
Unassigned | |||
linux-lts-saucy (Ubuntu) |
Invalid
|
Medium
|
Unassigned | |||
Precise |
Invalid
|
Medium
|
Unassigned | |||
Trusty |
Invalid
|
Medium
|
Unassigned | |||
Vivid |
Invalid
|
Medium
|
Unassigned | |||
Wily |
Invalid
|
Medium
|
Unassigned | |||
Xenial |
Invalid
|
Medium
|
Unassigned | |||
linux-lts-trusty (Ubuntu) | ||||||
Precise |
Fix Released
|
Medium
|
Unassigned | |||
linux-lts-utopic (Ubuntu) |
Invalid
|
Medium
|
Unassigned | |||
Precise |
Invalid
|
Medium
|
Unassigned | |||
Vivid |
Invalid
|
Medium
|
Unassigned | |||
Wily |
Invalid
|
Medium
|
Unassigned | |||
Xenial |
Invalid
|
Medium
|
Unassigned | |||
linux-lts-vivid (Ubuntu) |
Invalid
|
Medium
|
Unassigned | |||
Precise |
Invalid
|
Medium
|
Unassigned | |||
Vivid |
Invalid
|
Medium
|
Unassigned | |||
Wily |
Invalid
|
Medium
|
Unassigned | |||
Xenial |
Invalid
|
Medium
|
Unassigned | |||
linux-mako (Ubuntu) |
Invalid
|
Medium
|
Unassigned | |||
Precise |
Invalid
|
Medium
|
Unassigned | |||
Vivid |
Invalid
|
Medium
|
Unassigned | |||
Wily |
Invalid
|
Medium
|
Unassigned | |||
Xenial |
Invalid
|
Medium
|
Unassigned | |||
linux-manta (Ubuntu) |
Invalid
|
Medium
|
Unassigned | |||
Precise |
Invalid
|
Medium
|
Unassigned | |||
Vivid |
Invalid
|
Medium
|
Unassigned | |||
Wily |
Invalid
|
Medium
|
Unassigned | |||
Xenial |
Invalid
|
Medium
|
Unassigned | |||
linux-mvl-dove (Ubuntu) |
Invalid
|
Medium
|
Unassigned | |||
Precise |
Invalid
|
Medium
|
Unassigned | |||
Trusty |
Invalid
|
Medium
|
Unassigned | |||
Vivid |
Invalid
|
Medium
|
Unassigned | |||
Wily |
Invalid
|
Medium
|
Unassigned | |||
Xenial |
Invalid
|
Medium
|
Unassigned | |||
linux-raspi2 (Ubuntu) |
New
|
Medium
|
Unassigned | |||
Precise |
Invalid
|
Medium
|
Unassigned | |||
Vivid |
Invalid
|
Medium
|
Unassigned | |||
Wily |
New
|
Medium
|
Unassigned | |||
Xenial |
New
|
Medium
|
Unassigned | |||
linux-ti-omap4 (Ubuntu) |
Invalid
|
Medium
|
Unassigned | |||
Precise |
Invalid
|
Medium
|
Unassigned | |||
Trusty |
Invalid
|
Medium
|
Unassigned | |||
Vivid |
Invalid
|
Medium
|
Unassigned | |||
Wily |
Invalid
|
Medium
|
Unassigned | |||
Xenial |
Invalid
|
Medium
|
Unassigned |
Bug Description
The net_get_random_once implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended slow-path operation to initialize random seeds, which makes it easier for remote attackers to spoof or disrupt IP communication by leveraging the predictability of TCP sequence numbers, TCP and UDP port numbers, and IP ID values.
Break-Fix: a48e42920ff38bc
CVE References
Changed in linux-armadaxp (Ubuntu Precise): | |
status: | New → Invalid |
Changed in linux-ec2 (Ubuntu Lucid): | |
status: | New → Invalid |
Changed in linux-lts-quantal (Ubuntu Precise): | |
status: | New → Invalid |
Changed in linux-lts-saucy (Ubuntu Precise): | |
status: | New → Invalid |
Changed in linux (Ubuntu Precise): | |
status: | New → Invalid |
Changed in linux (Ubuntu Lucid): | |
status: | New → Invalid |
Changed in linux (Ubuntu Utopic): | |
status: | New → Invalid |
Changed in linux (Ubuntu Trusty): | |
status: | New → Fix Committed |
Changed in linux-ti-omap4 (Ubuntu Precise): | |
status: | New → Invalid |
Changed in linux-lts-raring (Ubuntu Precise): | |
status: | New → Invalid |
description: | updated |
Changed in linux (Ubuntu Trusty): | |
status: | Fix Committed → Fix Released |
Changed in linux-lts-trusty (Ubuntu Precise): | |
status: | New → Fix Released |
no longer affects: | linux-lts-trusty (Ubuntu) |
no longer affects: | linux-lts-trusty (Ubuntu Utopic) |
no longer affects: | linux-lts-trusty (Ubuntu Lucid) |
no longer affects: | linux-lts-trusty (Ubuntu Trusty) |
no longer affects: | linux-armadaxp (Ubuntu Lucid) |
no longer affects: | linux-ec2 (Ubuntu Lucid) |
no longer affects: | linux-lts-saucy (Ubuntu Lucid) |
no longer affects: | linux-lts-quantal (Ubuntu Lucid) |
no longer affects: | linux-mvl-dove (Ubuntu Lucid) |
no longer affects: | linux (Ubuntu Lucid) |
no longer affects: | linux-fsl-imx51 (Ubuntu Lucid) |
no longer affects: | linux-ti-omap4 (Ubuntu Lucid) |
no longer affects: | linux-lts-raring (Ubuntu Lucid) |
Changed in linux-lts-trusty (Ubuntu Precise): | |
importance: | Undecided → Medium |
Changed in linux-lts-quantal (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-ti-omap4 (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-lts-raring (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-armadaxp (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-mvl-dove (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-lts-saucy (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-manta (Ubuntu Precise): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-manta (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-manta (Ubuntu Wily): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-ec2 (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-lts-vivid (Ubuntu Precise): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-lts-vivid (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-lts-vivid (Ubuntu Wily): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-mako (Ubuntu Precise): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-mako (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-mako (Ubuntu Wily): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-fsl-imx51 (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-lts-utopic (Ubuntu Precise): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-lts-utopic (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-lts-utopic (Ubuntu Wily): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-goldfish (Ubuntu Precise): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-goldfish (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-goldfish (Ubuntu Wily): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-flo (Ubuntu Precise): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-flo (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-flo (Ubuntu Wily): | |
status: | New → Invalid |
importance: | Undecided → Medium |
no longer affects: | linux-armadaxp (Ubuntu Utopic) |
no longer affects: | linux-ec2 (Ubuntu Utopic) |
no longer affects: | linux-lts-saucy (Ubuntu Utopic) |
no longer affects: | linux-lts-quantal (Ubuntu Utopic) |
no longer affects: | linux-mvl-dove (Ubuntu Utopic) |
no longer affects: | linux-ti-omap4 (Ubuntu Utopic) |
no longer affects: | linux (Ubuntu Utopic) |
no longer affects: | linux-fsl-imx51 (Ubuntu Utopic) |
no longer affects: | linux-lts-raring (Ubuntu Utopic) |
Changed in linux-raspi2 (Ubuntu Precise): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-raspi2 (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → Medium |
Changed in linux-raspi2 (Ubuntu Wily): | |
importance: | Undecided → Medium |
Changed in linux-raspi2 (Ubuntu Xenial): | |
importance: | Undecided → Medium |
Changed in linux-lts-backport-maverick (Ubuntu Utopic): | |
status: | New → Won't Fix |
Changed in linux-lts-backport-natty (Ubuntu Utopic): | |
status: | New → Won't Fix |
To post a comment you must log in.
CVE-2014-7284