Búsqueda de    
Vulnerabilidad   
    Buscar 211766 Descripciones CVE y
97459 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.1.4.2018.2907.1
Categoría:SuSE Local Security Checks
Título:SUSE: Security Advisory (SUSE-SU-2018:2907-1)
Resumen:The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2018:2907-1 advisory.
Descripción:Summary:
The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2018:2907-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise 11 SP3 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:
CVE-2018-14634: Prevent integer overflow in create_elf_tables that
allowed a local attacker to exploit this vulnerability via a SUID-root
binary and obtain full root privileges (bsc#1108912).

CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local
attackers to use a incorrect bounds check in the CDROM driver
CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)

CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status
that could have been used by local attackers to read kernel memory
(bnc#1107689)

CVE-2018-6555: The irda_setsockopt function allowed local users to cause
a denial of service (ias_object use-after-free and system crash) or
possibly have unspecified other impact via an AF_IRDA socket
(bnc#1106511)

CVE-2018-6554: Prevent memory leak in the irda_bind function that
allowed local users to cause a denial of service (memory consumption) by
repeatedly binding an AF_IRDA socket (bnc#1106509)

CVE-2018-15572: The spectre_v2_select_mitigation function did not always
fill RSB upon a context switch, which made it easier for attackers to
conduct userspace-userspace spectreRSB attacks (bnc#1102517)

CVE-2018-10902: Protect against concurrent access to prevent double
realloc (double free) in snd_rawmidi_input_params() and
snd_rawmidi_output_status(). A malicious local attacker could have used
this for privilege escalation (bnc#1105322).

CVE-2018-14734: ucma_leave_multicast accessed a certain data structure
after a cleanup step in ucma_process_join, which allowed attackers to
cause a denial
of service (use-after-free) (bsc#1103119).

The following non-security bugs were fixed:
KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state'
(bsc#1106369).

KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).

KVM: x86: Free vmx_msr_bitmap_longmode while kvm_init failed
(bsc#1104367).

Refresh patches.xen/xen3-x86-l1tf-04-protect-PROT_NONE-ptes.patch
(bsc#1105100).

kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+
(bnc#1105536).

kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+
(bnc#1105536).

ptrace: fix PTRACE_LISTEN race corrupting task->state (bnc#1107001).

rpm/kernel-docs.spec.in: Expand kernel tree directly from sources
(bsc#1057199)

x86, l1tf: Protect PROT_NONE PTEs against speculation fixup
(bnc#1104684, bnc#1104818).

x86/speculation/l1tf: Fix off-by-one error when warning that system has
too much RAM (bnc#1105536).

x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit
(bnc#1087081).

x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+
(bnc#1105536).

x86/speculation/l1tf: Suggest what to do on systems with too much RAM
(bnc#1105536).

xen x86/speculation/l1tf: Fix off-by-one error when wa... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'Linux Kernel' package(s) on SUSE Linux Enterprise Server 11-SP3, SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP3

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2018-6554
BugTraq ID: 105302
http://www.securityfocus.com/bid/105302
Debian Security Information: DSA-4308 (Google Search)
https://www.debian.org/security/2018/dsa-4308
https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html
https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html
https://www.spinics.net/lists/stable/msg255030.html
https://www.spinics.net/lists/stable/msg255034.html
https://usn.ubuntu.com/3775-1/
https://usn.ubuntu.com/3775-2/
https://usn.ubuntu.com/3776-1/
https://usn.ubuntu.com/3776-2/
https://usn.ubuntu.com/3777-1/
https://usn.ubuntu.com/3777-2/
https://usn.ubuntu.com/3777-3/
Common Vulnerability Exposure (CVE) ID: CVE-2018-6555
BugTraq ID: 105304
http://www.securityfocus.com/bid/105304
https://www.spinics.net/lists/stable/msg255031.html
https://www.spinics.net/lists/stable/msg255035.html
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 97459 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2021 E-Soft Inc. Todos los derechos reservados.