Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.1.4.2018.2907.1
Kategorie:SuSE Local Security Checks
Titel:SUSE: Security Advisory (SUSE-SU-2018:2907-1)
Zusammenfassung:The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2018:2907-1 advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2018:2907-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise 11 SP3 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:
CVE-2018-14634: Prevent integer overflow in create_elf_tables that
allowed a local attacker to exploit this vulnerability via a SUID-root
binary and obtain full root privileges (bsc#1108912).

CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local
attackers to use a incorrect bounds check in the CDROM driver
CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)

CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status
that could have been used by local attackers to read kernel memory
(bnc#1107689)

CVE-2018-6555: The irda_setsockopt function allowed local users to cause
a denial of service (ias_object use-after-free and system crash) or
possibly have unspecified other impact via an AF_IRDA socket
(bnc#1106511)

CVE-2018-6554: Prevent memory leak in the irda_bind function that
allowed local users to cause a denial of service (memory consumption) by
repeatedly binding an AF_IRDA socket (bnc#1106509)

CVE-2018-15572: The spectre_v2_select_mitigation function did not always
fill RSB upon a context switch, which made it easier for attackers to
conduct userspace-userspace spectreRSB attacks (bnc#1102517)

CVE-2018-10902: Protect against concurrent access to prevent double
realloc (double free) in snd_rawmidi_input_params() and
snd_rawmidi_output_status(). A malicious local attacker could have used
this for privilege escalation (bnc#1105322).

CVE-2018-14734: ucma_leave_multicast accessed a certain data structure
after a cleanup step in ucma_process_join, which allowed attackers to
cause a denial
of service (use-after-free) (bsc#1103119).

The following non-security bugs were fixed:
KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state'
(bsc#1106369).

KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).

KVM: x86: Free vmx_msr_bitmap_longmode while kvm_init failed
(bsc#1104367).

Refresh patches.xen/xen3-x86-l1tf-04-protect-PROT_NONE-ptes.patch
(bsc#1105100).

kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+
(bnc#1105536).

kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+
(bnc#1105536).

ptrace: fix PTRACE_LISTEN race corrupting task->state (bnc#1107001).

rpm/kernel-docs.spec.in: Expand kernel tree directly from sources
(bsc#1057199)

x86, l1tf: Protect PROT_NONE PTEs against speculation fixup
(bnc#1104684, bnc#1104818).

x86/speculation/l1tf: Fix off-by-one error when warning that system has
too much RAM (bnc#1105536).

x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit
(bnc#1087081).

x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+
(bnc#1105536).

x86/speculation/l1tf: Suggest what to do on systems with too much RAM
(bnc#1105536).

xen x86/speculation/l1tf: Fix off-by-one error when ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'Linux Kernel' package(s) on SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Server 11-SP3.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2018-6554
BugTraq ID: 105302
http://www.securityfocus.com/bid/105302
Debian Security Information: DSA-4308 (Google Search)
https://www.debian.org/security/2018/dsa-4308
https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html
https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html
https://www.spinics.net/lists/stable/msg255030.html
https://www.spinics.net/lists/stable/msg255034.html
https://usn.ubuntu.com/3775-1/
https://usn.ubuntu.com/3775-2/
https://usn.ubuntu.com/3776-1/
https://usn.ubuntu.com/3776-2/
https://usn.ubuntu.com/3777-1/
https://usn.ubuntu.com/3777-2/
https://usn.ubuntu.com/3777-3/
Common Vulnerability Exposure (CVE) ID: CVE-2018-6555
BugTraq ID: 105304
http://www.securityfocus.com/bid/105304
https://www.spinics.net/lists/stable/msg255031.html
https://www.spinics.net/lists/stable/msg255035.html
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2021 E-Soft Inc. Alle Rechte vorbehalten.