Búsqueda de    
Vulnerabilidad   
    Buscar 211766 Descripciones CVE y
97459 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.1.4.2014.1698.1
Categoría:SuSE Local Security Checks
Título:SUSE: Security Advisory (SUSE-SU-2014:1698-1)
Resumen:The remote host is missing an update for the 'Linux kernel' package(s) announced via the SUSE-SU-2014:1698-1 advisory.
Descripción:Summary:
The remote host is missing an update for the 'Linux kernel' package(s) announced via the SUSE-SU-2014:1698-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise 11 Service Pack 2 LTSS kernel has been updated to fix security issues on kernels on the x86_64 architecture.

The following security bugs have been fixed:

*

CVE-2014-9322: A local privilege escalation in the x86_64 32bit compatibility signal handling was fixed, which could have been used by local attackers to crash the machine or execute code.

*

CVE-2014-9090: The do_double_fault function in arch/x86/kernel/traps.c in the Linux kernel did not properly handle faults associated with the Stack Segment (SS) segment register, which allowed local users to cause a denial of service (panic) via a modify_ldt system call, as demonstrated by sigreturn_32 in the 1
-clock-tests test suite.

*

CVE-2014-8133: Insufficient validation of TLS register usage could have leaked information from the kernel stack to userspace.

Security Issues:

* CVE-2014-8133
* CVE-2014-9090
* CVE-2014-9322

Affected Software/OS:
'Linux kernel' package(s) on SUSE Linux Enterprise Server 11 SP2, SUSE Linux Enterprise Server 11 SP1, SLE 11

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2014-8133
BugTraq ID: 71684
http://www.securityfocus.com/bid/71684
Debian Security Information: DSA-3128 (Google Search)
http://www.debian.org/security/2015/dsa-3128
http://www.mandriva.com/security/advisories?name=MDVSA-2015:058
http://www.openwall.com/lists/oss-security/2014/12/15/6
RedHat Security Advisories: RHSA-2015:1272
http://rhn.redhat.com/errata/RHSA-2015-1272.html
http://secunia.com/advisories/62801
SuSE Security Announcement: SUSE-SU-2015:0736 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html
SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
http://www.ubuntu.com/usn/USN-2490-1
http://www.ubuntu.com/usn/USN-2491-1
http://www.ubuntu.com/usn/USN-2492-1
http://www.ubuntu.com/usn/USN-2493-1
http://www.ubuntu.com/usn/USN-2515-1
http://www.ubuntu.com/usn/USN-2516-1
http://www.ubuntu.com/usn/USN-2517-1
http://www.ubuntu.com/usn/USN-2518-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-9090
Debian Security Information: DSA-3093 (Google Search)
http://www.debian.org/security/2014/dsa-3093
http://www.openwall.com/lists/oss-security/2014/11/26/5
http://secunia.com/advisories/62336
SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-9322
http://www.exploit-db.com/exploits/36266
HPdes Security Advisory: HPSBGN03282
http://marc.info/?l=bugtraq&m=142722544401658&w=2
HPdes Security Advisory: HPSBGN03285
http://marc.info/?l=bugtraq&m=142722450701342&w=2
http://www.zerodayinitiative.com/advisories/ZDI-16-170
http://osvdb.org/show/osvdb/115919
RedHat Security Advisories: RHSA-2014:1998
http://rhn.redhat.com/errata/RHSA-2014-1998.html
RedHat Security Advisories: RHSA-2014:2008
http://rhn.redhat.com/errata/RHSA-2014-2008.html
RedHat Security Advisories: RHSA-2014:2028
http://rhn.redhat.com/errata/RHSA-2014-2028.html
RedHat Security Advisories: RHSA-2014:2031
http://rhn.redhat.com/errata/RHSA-2014-2031.html
RedHat Security Advisories: RHSA-2015:0009
http://rhn.redhat.com/errata/RHSA-2015-0009.html
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 97459 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2021 E-Soft Inc. Todos los derechos reservados.