Adobe has released Flash Player 126.96.36.1990 for Linux to correct the following flaws:
* These updates resolve memory leakage vulnerabilities that could be used to bypass memory address randomization (CVE-2014-0540, CVE-2014-0542, CVE-2014-0543, CVE-2014-0544, CVE-2014-0545).
* These updates resolve a security bypass vulnerability (CVE-2014-0541).
* These updates resolve a use-after-free vulnerability that could lead to code execution (CVE-2014-0538).
This issue has been addressed in following products:
Supplementary for Red Hat Enterprise Linux 5
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2014:1051 https://rhn.redhat.com/errata/RHSA-2014-1051.html
Common Vulnerabilities and Exposures assigned an identifier CVE-2014-5333 to
the following vulnerability:
Adobe Flash Player before 188.8.131.52 and 14.x before 184.108.40.206 on
Windows and OS X and before 220.127.116.110 on Linux, Adobe AIR before
18.104.22.168 on Windows and OS X and before 22.214.171.124 on Android, Adobe
AIR SDK before 126.96.36.199, and Adobe AIR SDK & Compiler before
188.8.131.52 do not properly restrict the SWF file format, which allows
remote attackers to conduct cross-site request forgery (CSRF) attacks
against JSONP endpoints, and obtain sensitive information, via a
crafted OBJECT element with SWF content satisfying the character-set
requirements of a callback API, in conjunction with a manipulation
involving a '$' (dollar sign) or '(' (open parenthesis) character.
NOTE: this issue exists because of an incomplete fix for
(NOTE: we have no way to prove the authenticity of this claim, however MITRE has assigned this CVE and indicates it is due to an incomplete fix for a CVE that was fixed in the prior flash-plugin for Linux, so the assumption that the incomplete fix was in 184.108.40.2064 and corrected in 220.127.116.110 (shipped with this erratum) makes sense. It is, however, not noted on Adobe's advisory page, nor is the author of the referenced blog post credited by Adobe on the advisory page.)
APSB14-18 has been updated to note:
These updates include a new validation check to handle specially crafted SWF content that can bypass restrictions introduced in version 18.104.22.168. The new restrictions in 22.214.171.124 prevent Flash Player from being used for cross-site request forgery attacks on JSONP endpoints (CVE-2014-5333).