CVE-2014-7284
Publication date 13 October 2014
Last updated 24 July 2024
Ubuntu priority
The net_get_random_once implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended slow-path operation to initialize random seeds, which makes it easier for remote attackers to spoof or disrupt IP communication by leveraging the predictability of TCP sequence numbers, TCP and UDP port numbers, and IP ID values.
From the Ubuntu Security Team
Tuomas Räsänen reported the Linux kernel on certain Intel processors does not properly initialize random seeds for network operations, causing TCP sequence numbers, TCP and UDP port numbers and IP ID values to be predictable. A remote attacker could exploit this flaw to spoof or disrupt IP communication.
Status
Package | Ubuntu Release | Status |
---|---|---|
linux | ||
14.04 LTS trusty |
Fixed 3.13.0-32.57
|
|
linux-armadaxp | ||
14.04 LTS trusty | Not in release | |
linux-ec2 | ||
14.04 LTS trusty | Not in release | |
linux-flo | ||
14.04 LTS trusty | Not in release | |
linux-fsl-imx51 | ||
14.04 LTS trusty | Not in release | |
linux-goldfish | ||
14.04 LTS trusty | Not in release | |
linux-grouper | ||
14.04 LTS trusty | Not in release | |
linux-linaro-omap | ||
14.04 LTS trusty | Not in release | |
linux-linaro-shared | ||
14.04 LTS trusty | Not in release | |
linux-linaro-vexpress | ||
14.04 LTS trusty | Not in release | |
linux-lts-quantal | ||
14.04 LTS trusty | Not in release | |
linux-lts-raring | ||
14.04 LTS trusty | Not in release | |
linux-lts-saucy | ||
14.04 LTS trusty | Not in release | |
linux-lts-trusty | ||
14.04 LTS trusty | Not in release | |
linux-lts-utopic | ||
14.04 LTS trusty | Not in release | |
linux-lts-vivid | ||
14.04 LTS trusty | Not in release | |
linux-maguro | ||
14.04 LTS trusty | Not in release | |
linux-mako | ||
14.04 LTS trusty | Not in release | |
linux-manta | ||
14.04 LTS trusty | Not in release | |
linux-mvl-dove | ||
14.04 LTS trusty | Not in release | |
linux-qcm-msm | ||
14.04 LTS trusty | Not in release | |
linux-raspi2 | ||
14.04 LTS trusty | Not in release | |
linux-ti-omap4 | ||
14.04 LTS trusty | Not in release | |
Notes
jdstrand
android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support per apw, this was fixed in passing in 3.13.0-39.66~precise1, part of https://ubuntu.com/security/notices/USN-2394-1, but not documented in the changelog or the USN.
References
Related Ubuntu Security Notices (USN)
- USN-2288-1
- Linux kernel (Trusty HWE) vulnerabilities
- 17 July 2014
- USN-2290-1
- Linux kernel vulnerabilities
- 17 July 2014