Adobe has released Flash Player 18.104.22.1680 for Linux to correct the following flaws:
* These updates resolve memory leakage vulnerabilities that could be used to bypass memory address randomization (CVE-2014-0540, CVE-2014-0542, CVE-2014-0543, CVE-2014-0544, CVE-2014-0545).
* These updates resolve a security bypass vulnerability (CVE-2014-0541).
* These updates resolve a use-after-free vulnerability that could lead to code execution (CVE-2014-0538).
This issue has been addressed in following products:
Supplementary for Red Hat Enterprise Linux 5
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2014:1051 https://rhn.redhat.com/errata/RHSA-2014-1051.html
Common Vulnerabilities and Exposures assigned an identifier CVE-2014-5333 to
the following vulnerability:
Adobe Flash Player before 22.214.171.124 and 14.x before 126.96.36.199 on
Windows and OS X and before 188.8.131.520 on Linux, Adobe AIR before
184.108.40.206 on Windows and OS X and before 220.127.116.11 on Android, Adobe
AIR SDK before 18.104.22.168, and Adobe AIR SDK & Compiler before
22.214.171.124 do not properly restrict the SWF file format, which allows
remote attackers to conduct cross-site request forgery (CSRF) attacks
against JSONP endpoints, and obtain sensitive information, via a
crafted OBJECT element with SWF content satisfying the character-set
requirements of a callback API, in conjunction with a manipulation
involving a '$' (dollar sign) or '(' (open parenthesis) character.
NOTE: this issue exists because of an incomplete fix for
(NOTE: we have no way to prove the authenticity of this claim, however MITRE has assigned this CVE and indicates it is due to an incomplete fix for a CVE that was fixed in the prior flash-plugin for Linux, so the assumption that the incomplete fix was in 126.96.36.1994 and corrected in 188.8.131.520 (shipped with this erratum) makes sense. It is, however, not noted on Adobe's advisory page, nor is the author of the referenced blog post credited by Adobe on the advisory page.)
APSB14-18 has been updated to note:
These updates include a new validation check to handle specially crafted SWF content that can bypass restrictions introduced in version 184.108.40.206. The new restrictions in 220.127.116.11 prevent Flash Player from being used for cross-site request forgery attacks on JSONP endpoints (CVE-2014-5333).