Anfälligkeitssuche        Suche in 211766 CVE Beschreibungen
und 97459 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:
Kategorie:SuSE Local Security Checks
Titel:SUSE: Security Advisory (SUSE-SU-2012:0554-1)
Zusammenfassung:The remote host is missing an update for the 'Linux kernel' package(s) announced via the SUSE-SU-2012:0554-1 advisory.
The remote host is missing an update for the 'Linux kernel' package(s) announced via the SUSE-SU-2012:0554-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise 11 SP2 kernel has been updated to 3.0.26, which fixes a lot of bugs and security issues.

The following security issues have been fixed:

* CVE-2012-1179: A locking problem in transparent hugepage support could be used by local attackers to potentially crash the host, or via kvm a privileged guest user could crash the kvm host system.
* CVE-2011-4127: A potential hypervisor escape by issuing SG_IO commands to partitiondevices was fixed by restricting access to these commands.
* CVE-2012-1146: A local attacker could oops the kernel using memory control groups and eventfds.
* CVE-2011-1083: Limit the path length users can build using epoll() to avoid local attackers consuming lots of kernel CPU time.
* CVE-2012-1097: The regset common infrastructure assumed that regsets would always have .get and .set methods, but necessarily .active methods. Unfortunately people have since written regsets without .set method, so NULL pointer dereference attacks were possible.
* CVE-2011-2494: Access to the /proc/pid/taskstats file requires root access to avoid side channel (timing keypresses etc.) attacks on other users.
* CVE-2011-4086: Fixed a oops in jbd/jbd2 that could be caused by specific filesystem access patterns.
* CVE-2011-4131: A malicious NFSv4 server could have caused a oops in the nfsv4 acl handling.
* CVE-2011-4132: Fixed a oops in jbd/jbd2 that could be caused by mounting a malicious prepared filesystem.

(Also included are all fixes from the 3.0.14 -> 3.0.25 stable kernel updates.)

The following non-security issues have been fixed:


* efivars: add missing parameter to efi_pstore_read().


* add a few error cleanups.
* btrfs: handle errors when excluding super extents
(FATE#306586 bnc#751015).
* btrfs: Fix missing goto in btrfs_ioctl_clone.
* btrfs: Fixed mishandled -EAGAIN error case from btrfs_split_item (bnc#750459).
* btrfs: disallow unequal data/metadata blocksize for mixed block groups (FATE#306586).
* btrfs: enhance superblock sanity checks (FATE#306586 bnc#749651).
* btrfs: update message levels (FATE#306586).
* btrfs 3.3-rc6 updates: o avoid setting ->d_op twice
(FATE#306586 bnc#731387). o btrfs: fix wrong information of the directory in the snapshot (FATE#306586). o btrfs: fix race in reada (FATE#306586). o btrfs: do not add both copies of DUP to reada extent tree (FATE#306586). o btrfs:
stop silently switching single chunks to raid0 on balance
(FATE#306586). o btrfs: fix locking issues in find_parent_nodes() (FATE#306586). o btrfs: fix casting error in scrub reada code (FATE#306586).
* btrfs sync with upstream up to 3.3-rc5 (FATE#306586)
* btrfs: Sector Size check during Mount
* btrfs: avoid positive number with ERR_PTR
* btrfs: return the internal error unchanged if btrfs_get_extent_fiemap() call failed for SEEK_DATA/SEEK_HOLE inquiry.
* btrfs: fix trim 0 bytes after a device delete
* btrfs: do not c... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'Linux kernel' package(s) on SUSE Linux Enterprise Server 11 SP2, SUSE Linux Enterprise High Availability Extension 11 SP2, SUSE Linux Enterprise Desktop 11 SP2, SLE 11

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2011-1083
RedHat Security Advisories: RHSA-2012:0862
SuSE Security Announcement: SUSE-SU-2012:0554 (Google Search)
SuSE Security Announcement: SUSE-SU-2012:0616 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2011-2494
Common Vulnerability Exposure (CVE) ID: CVE-2011-4086
Debian Security Information: DSA-2469 (Google Search)
RedHat Security Advisories: RHSA-2012:0571
RedHat Security Advisories: RHSA-2012:0670
Common Vulnerability Exposure (CVE) ID: CVE-2011-4127
SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2011-4131
RedHat Security Advisories: RHSA-2012:1541
SuSE Security Announcement: openSUSE-SU-2013:0925 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2011-4132
BugTraq ID: 50663
Common Vulnerability Exposure (CVE) ID: CVE-2012-1090
RedHat Security Advisories: RHSA-2012:0481
RedHat Security Advisories: RHSA-2012:0531
Common Vulnerability Exposure (CVE) ID: CVE-2012-1097
Common Vulnerability Exposure (CVE) ID: CVE-2012-1146
XForce ISS Database: kernel-memcg-dos(73711)
Common Vulnerability Exposure (CVE) ID: CVE-2012-1179
HPdes Security Advisory: HPSBGN02970
RedHat Security Advisories: RHSA-2012:0743
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

Dies ist nur einer von 97459 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

© 1998-2021 E-Soft Inc. Alle Rechte vorbehalten.