Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.1.4.2012.0736.1 |
Categoría: | SuSE Local Security Checks |
Título: | SUSE: Security Advisory (SUSE-SU-2012:0736-1) |
Resumen: | The remote host is missing an update for the 'Linux kernel' package(s) announced via the SUSE-SU-2012:0736-1 advisory. |
Descripción: | Summary: The remote host is missing an update for the 'Linux kernel' package(s) announced via the SUSE-SU-2012:0736-1 advisory. Vulnerability Insight: This Linux kernel update fixes various security issues and bugs in the SUSE Linux Enterprise 10 SP4 kernel. The following security issues have been fixed: * CVE-2012-2319: A memory corruption when mounting a hfsplus filesystem was fixed that could be used by local attackers able to mount filesystem to crash the system. * CVE-2012-2313: The dl2k network card driver lacked permission handling for some ethtool ioctls, which could allow local attackers to start/stop the network card. * CVE-2011-2928: The befs_follow_linkl function in fs/befs/linuxvfs.c in the Linux kernel did not validate the lenght attribute of long symlinsk, which allowed local users to cause a denial of service (incorrect pointer dereference and Ooops) by accessing a long symlink on a malformed Be filesystem. * CVE-2011-4077: Fixed a memory corruption possibility in xfs readlink, which could be used by local attackers to crash the system or potentially execute code by mounting a prepared xfs filesystem image. * CVE-2011-4324: A BUG() error report in the nfs4xdr routines on a NFSv4 mount was fixed that could happen during mknod. * CVE-2011-4330: Mounting a corrupted hfs filesystem could lead to a buffer overflow. The following non-security issues have been fixed: * kernel: pfault task state race (bnc#764128,LTC#81724). * ap: Toleration for ap bus devices with device type 10 (bnc#761389). * hugetlb, numa: fix interleave mpol reference count (bnc#762111). * cciss: fixup kdump (bnc#730200). * kdump: Avoid allocating bootmem map over crash reserved region (bnc#749168, bnc#722400, bnc#742881). * qeth: Improve OSA Express 4 blkt defaults (bnc#754964,LTC#80325). * zcrypt: Fix parameter checking for ZSECSENDCPRB ioctl (bnc#754964,LTC#80378). * virtio: add names to virtqueue struct, mapping from devices to queues (bnc#742148). * virtio: find_vqs/del_vqs virtio operations (bnc#742148). * virtio_pci: optional MSI-X support (bnc#742148). * virtio_pci: split up vp_interrupt (bnc#742148). * knfsd: nfsd4: fix laundromat shutdown race (752556). * driver core: Check for valid device in bus_find_device() (bnc#729685). * VMware detection backport from mainline (bnc#671124, bnc#747381). * net: adding memory barrier to the poll and receive callbacks (bnc#746397 bnc#750928). * qla2xxx: drop reference before wait for completion (bnc#744592). * qla2xxx: drop reference before wait for completion (bnc#744592). * ixgbe driver sets all WOL flags upon initialization so that machine is powered on as soon at it is switched off (bnc#693639) * Properly release MSI(X) vector(s) when MSI(X) gets disabled (bnc#723294, bnc#721869). * scsi: Always retry internal target error (bnc#745640). * cxgb4: fix parent device access in netdev_printk (bnc#733155). * lcs: lcs offline failure (bnc#752486,LTC#79788). * qeth: add missing wake_up call (bnc#752486,LTC#79899). * NFSD: Fill in WCC data for ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'Linux kernel' package(s) on SLE SDK 10 SP4, SUSE Linux Enterprise Desktop 10 SP4, SUSE Linux Enterprise Server 10 SP4. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C |
Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-2928 BugTraq ID: 49256 http://www.securityfocus.com/bid/49256 Bugtraq: 20110819 [PRE-SA-2011-06] Linux kernel: ZERO_SIZE_PTR dereference for long symlinks in Be FS (Google Search) http://www.securityfocus.com/archive/1/519387/100/0/threaded http://www.pre-cert.de/advisories/PRE-SA-2011-06.txt http://www.openwall.com/lists/oss-security/2011/08/19/1 http://www.openwall.com/lists/oss-security/2011/08/19/5 http://securityreason.com/securityalert/8360 XForce ISS Database: linux-kernel-be-dos(69343) https://exchange.xforce.ibmcloud.com/vulnerabilities/69343 Common Vulnerability Exposure (CVE) ID: CVE-2011-4077 HPdes Security Advisory: HPSBGN02970 http://marc.info/?l=bugtraq&m=139447903326211&w=2 http://xorl.wordpress.com/2011/12/07/cve-2011-4077-linux-kernel-xfs-readlink-memory-corruption/ http://www.openwall.com/lists/oss-security/2011/10/26/1 http://www.openwall.com/lists/oss-security/2011/10/26/3 http://oss.sgi.com/archives/xfs/2011-10/msg00345.html http://secunia.com/advisories/48964 Common Vulnerability Exposure (CVE) ID: CVE-2011-4324 http://www.openwall.com/lists/oss-security/2012/02/06/3 Common Vulnerability Exposure (CVE) ID: CVE-2011-4330 BugTraq ID: 50750 http://www.securityfocus.com/bid/50750 https://lkml.org/lkml/2011/11/9/303 http://www.openwall.com/lists/oss-security/2011/11/21/14 http://www.openwall.com/lists/oss-security/2011/11/21/5 Common Vulnerability Exposure (CVE) ID: CVE-2012-2313 BugTraq ID: 53965 http://www.securityfocus.com/bid/53965 http://www.openwall.com/lists/oss-security/2012/05/04/8 RedHat Security Advisories: RHSA-2012:1174 http://rhn.redhat.com/errata/RHSA-2012-1174.html RedHat Security Advisories: RHSA-2012:1481 http://rhn.redhat.com/errata/RHSA-2012-1481.html RedHat Security Advisories: RHSA-2012:1541 http://rhn.redhat.com/errata/RHSA-2012-1541.html RedHat Security Advisories: RHSA-2012:1589 http://rhn.redhat.com/errata/RHSA-2012-1589.html SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html Common Vulnerability Exposure (CVE) ID: CVE-2012-2319 http://www.openwall.com/lists/oss-security/2012/05/07/11 RedHat Security Advisories: RHSA-2012:1323 http://rhn.redhat.com/errata/RHSA-2012-1323.html RedHat Security Advisories: RHSA-2012:1347 http://rhn.redhat.com/errata/RHSA-2012-1347.html http://secunia.com/advisories/50811 |
Copyright | Copyright (C) 2021 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |