English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.2.2019.1492
Category:Huawei EulerOS Local Security Checks
Title:Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1492)
Summary:The remote host is missing an update for the Huawei EulerOS 'kernel' package(s) announced via the EulerOS-SA-2019-1492 advisory.
Description:Summary:
The remote host is missing an update for the Huawei EulerOS 'kernel' package(s) announced via the EulerOS-SA-2019-1492 advisory.

Vulnerability Insight:
The snd_timer_interrupt function in sound/core/timer.c in the Linux kernel before 4.4.1 does not properly maintain a certain linked list, which allows local users to cause a denial of service (race condition and system crash) via a crafted ioctl call.(CVE-2016-2545)

sound/core/timer.c in the Linux kernel before 4.4.1 uses an incorrect type of mutex, which allows local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call.(CVE-2016-2546)

sound/core/timer.c in the Linux kernel before 4.4.1 employs a locking approach that does not consider slave timer instances, which allows local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call.(CVE-2016-2547)

sound/core/timer.c in the Linux kernel before 4.4.1 retains certain linked lists after a close or stop action, which allows local users to cause a denial of service (system crash) via a crafted ioctl call, related to the (1) snd_timer_close and (2) _snd_timer_stop functions.(CVE-2016-2548)

sound/core/hrtimer.c in the Linux kernel before 4.4.1 does not prevent recursive callback access, which allows local users to cause a denial of service (deadlock) via a crafted ioctl call.(CVE-2016-2549)

A resource-exhaustion vulnerability was found in the kernel, where an unprivileged process could allocate and accumulate far more file descriptors than the process' limit. A local, unauthenticated user could exploit this flaw by sending file descriptors over a Unix socket and then closing them to keep the process' fd count low, thereby creating kernel-memory or file-descriptors exhaustion (denial of service).(CVE-2016-2550)

It is possible for a single process to cause an OOM condition by filling large pipes with data that are never read. A typical process filling 4096 pipes with 1 MB of data will use 4 GB of memory and there can be multiple such processes, up to a per-user-limit.(CVE-2016-2847)

A security flaw was found in the Linux kernel that an attempt to move page mapped by AIO ring buffer to the other node triggers NULL pointer dereference at trace_writeback_dirty_page(), because aio_fs_backing_dev_info.dev is 0.(CVE-2016-3070)

A security flaw was found in the Linux kernel in the mark_source_chains() function in 'net/ipv4/netfilter/ip_tables.c'. It is possible for a user-supplied 'ipt_entry' structure to have a large 'next_offset' field. This field is not bounds checked prior to writing to a counter value at the supplied offset.(CVE-2016-3134)

An integer overflow vulnerability was found in the Linux kernel in xt_alloc_table_info, which on 32-bit systems can lead to small structure allocation and a copy_from_user based heap corruption.(CVE-2016-3135)

The mct_u232_msr_to_state function in drivers/usb/serial/mct_u232.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'kernel' package(s) on Huawei EulerOS Virtualization 3.0.1.0.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2016-2545
BugTraq ID: 83381
http://www.securityfocus.com/bid/83381
Debian Security Information: DSA-3503 (Google Search)
http://www.debian.org/security/2016/dsa-3503
http://www.openwall.com/lists/oss-security/2016/01/19/1
http://www.securitytracker.com/id/1035296
SuSE Security Announcement: SUSE-SU-2016:0911 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html
SuSE Security Announcement: SUSE-SU-2016:1102 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html
SuSE Security Announcement: SUSE-SU-2016:2074 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html
http://www.ubuntu.com/usn/USN-2929-1
http://www.ubuntu.com/usn/USN-2929-2
http://www.ubuntu.com/usn/USN-2930-1
http://www.ubuntu.com/usn/USN-2930-2
http://www.ubuntu.com/usn/USN-2930-3
http://www.ubuntu.com/usn/USN-2931-1
http://www.ubuntu.com/usn/USN-2932-1
http://www.ubuntu.com/usn/USN-2967-1
http://www.ubuntu.com/usn/USN-2967-2
Common Vulnerability Exposure (CVE) ID: CVE-2016-2546
BugTraq ID: 83384
http://www.securityfocus.com/bid/83384
http://www.securitytracker.com/id/1035301
Common Vulnerability Exposure (CVE) ID: CVE-2016-2547
BugTraq ID: 83378
http://www.securityfocus.com/bid/83378
http://www.securitytracker.com/id/1035298
Common Vulnerability Exposure (CVE) ID: CVE-2016-2548
BugTraq ID: 83383
http://www.securityfocus.com/bid/83383
http://www.securitytracker.com/id/1035306
Common Vulnerability Exposure (CVE) ID: CVE-2016-2549
BugTraq ID: 83382
http://www.securityfocus.com/bid/83382
Common Vulnerability Exposure (CVE) ID: CVE-2016-2550
http://www.openwall.com/lists/oss-security/2016/02/23/2
http://www.ubuntu.com/usn/USN-2946-1
http://www.ubuntu.com/usn/USN-2946-2
http://www.ubuntu.com/usn/USN-2947-1
http://www.ubuntu.com/usn/USN-2947-2
http://www.ubuntu.com/usn/USN-2947-3
http://www.ubuntu.com/usn/USN-2948-1
http://www.ubuntu.com/usn/USN-2948-2
http://www.ubuntu.com/usn/USN-2949-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-2847
BugTraq ID: 83870
http://www.securityfocus.com/bid/83870
http://www.openwall.com/lists/oss-security/2016/03/01/3
RedHat Security Advisories: RHSA-2016:2574
http://rhn.redhat.com/errata/RHSA-2016-2574.html
RedHat Security Advisories: RHSA-2016:2584
http://rhn.redhat.com/errata/RHSA-2016-2584.html
RedHat Security Advisories: RHSA-2017:0217
http://rhn.redhat.com/errata/RHSA-2017-0217.html
SuSE Security Announcement: SUSE-SU-2016:1672 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html
SuSE Security Announcement: SUSE-SU-2016:1690 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html
SuSE Security Announcement: SUSE-SU-2016:1696 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html
SuSE Security Announcement: SUSE-SU-2016:1707 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html
SuSE Security Announcement: SUSE-SU-2016:1937 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html
SuSE Security Announcement: openSUSE-SU-2016:1382 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-3070
BugTraq ID: 90518
http://www.securityfocus.com/bid/90518
Debian Security Information: DSA-3607 (Google Search)
http://www.debian.org/security/2016/dsa-3607
http://www.ubuntu.com/usn/USN-3034-1
http://www.ubuntu.com/usn/USN-3034-2
http://www.ubuntu.com/usn/USN-3035-1
http://www.ubuntu.com/usn/USN-3035-2
http://www.ubuntu.com/usn/USN-3035-3
http://www.ubuntu.com/usn/USN-3036-1
http://www.ubuntu.com/usn/USN-3037-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-3134
BugTraq ID: 84305
http://www.securityfocus.com/bid/84305
https://code.google.com/p/google-security-research/issues/detail?id=758
RedHat Security Advisories: RHSA-2016:1847
http://rhn.redhat.com/errata/RHSA-2016-1847.html
RedHat Security Advisories: RHSA-2016:1875
http://rhn.redhat.com/errata/RHSA-2016-1875.html
RedHat Security Advisories: RHSA-2016:1883
http://rhn.redhat.com/errata/RHSA-2016-1883.html
http://www.securitytracker.com/id/1036763
SuSE Security Announcement: SUSE-SU-2016:1764 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html
SuSE Security Announcement: SUSE-SU-2016:1961 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html
SuSE Security Announcement: SUSE-SU-2016:1985 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html
SuSE Security Announcement: SUSE-SU-2016:1994 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html
SuSE Security Announcement: SUSE-SU-2016:1995 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html
SuSE Security Announcement: SUSE-SU-2016:2000 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html
SuSE Security Announcement: SUSE-SU-2016:2001 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html
SuSE Security Announcement: SUSE-SU-2016:2002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html
SuSE Security Announcement: SUSE-SU-2016:2005 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html
SuSE Security Announcement: SUSE-SU-2016:2006 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html
SuSE Security Announcement: SUSE-SU-2016:2007 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html
SuSE Security Announcement: SUSE-SU-2016:2009 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html
SuSE Security Announcement: SUSE-SU-2016:2010 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html
SuSE Security Announcement: SUSE-SU-2016:2014 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html
SuSE Security Announcement: openSUSE-SU-2016:1641 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html
http://www.ubuntu.com/usn/USN-3049-1
http://www.ubuntu.com/usn/USN-3050-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-3135
http://www.ubuntu.com/usn/USN-3054-1
http://www.ubuntu.com/usn/USN-3055-1
http://www.ubuntu.com/usn/USN-3056-1
http://www.ubuntu.com/usn/USN-3057-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-3136
BugTraq ID: 84299
http://www.securityfocus.com/bid/84299
https://www.exploit-db.com/exploits/39541/
http://www.openwall.com/lists/oss-security/2016/03/14/2
http://www.ubuntu.com/usn/USN-2968-1
http://www.ubuntu.com/usn/USN-2968-2
http://www.ubuntu.com/usn/USN-2970-1
http://www.ubuntu.com/usn/USN-2971-1
http://www.ubuntu.com/usn/USN-2971-2
http://www.ubuntu.com/usn/USN-2971-3
http://www.ubuntu.com/usn/USN-2996-1
http://www.ubuntu.com/usn/USN-2997-1
http://www.ubuntu.com/usn/USN-3000-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-3137
BugTraq ID: 84300
http://www.securityfocus.com/bid/84300
http://www.openwall.com/lists/oss-security/2016/03/14/3
Common Vulnerability Exposure (CVE) ID: CVE-2016-3138
http://www.openwall.com/lists/oss-security/2016/03/14/4
http://www.ubuntu.com/usn/USN-2969-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-3139
https://www.exploit-db.com/exploits/39538/
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=471d17148c8b4174ac5f5283a73316d12c4379bc
https://github.com/torvalds/linux/commit/471d17148c8b4174ac5f5283a73316d12c4379bc
SuSE Security Announcement: SUSE-SU-2016:1019 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-3140
BugTraq ID: 84304
http://www.securityfocus.com/bid/84304
https://www.exploit-db.com/exploits/39537/
http://www.openwall.com/lists/oss-security/2016/03/14/6
Common Vulnerability Exposure (CVE) ID: CVE-2016-3156
BugTraq ID: 84428
http://www.securityfocus.com/bid/84428
http://www.openwall.com/lists/oss-security/2016/03/15/3
Common Vulnerability Exposure (CVE) ID: CVE-2016-3672
BugTraq ID: 85884
http://www.securityfocus.com/bid/85884
Bugtraq: 20160406 CVE-2016-3672 - Unlimiting the stack not longer disables ASLR (Google Search)
http://www.securityfocus.com/archive/1/537996/100/0/threaded
https://www.exploit-db.com/exploits/39669/
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182524.html
http://seclists.org/fulldisclosure/2016/Apr/26
http://hmarco.org/bugs/CVE-2016-3672-Unlimiting-the-stack-not-longer-dis
http://hmarco.org/bugs/CVE-2016-3672-Unlimiting-the-stack-not-longer-disables-ASLR.html
RedHat Security Advisories: RHSA-2018:0676
https://access.redhat.com/errata/RHSA-2018:0676
RedHat Security Advisories: RHSA-2018:1062
https://access.redhat.com/errata/RHSA-2018:1062
http://www.securitytracker.com/id/1035506
SuSE Security Announcement: SUSE-SU-2016:2105 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html
SuSE Security Announcement: openSUSE-SU-2016:2184 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html
http://www.ubuntu.com/usn/USN-2989-1
http://www.ubuntu.com/usn/USN-2998-1
http://www.ubuntu.com/usn/USN-3001-1
http://www.ubuntu.com/usn/USN-3002-1
http://www.ubuntu.com/usn/USN-3003-1
http://www.ubuntu.com/usn/USN-3004-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-3689
http://www.openwall.com/lists/oss-security/2016/03/30/6
http://www.securitytracker.com/id/1035441
Common Vulnerability Exposure (CVE) ID: CVE-2016-3841
BugTraq ID: 92227
http://www.securityfocus.com/bid/92227
RedHat Security Advisories: RHSA-2016:0855
http://rhn.redhat.com/errata/RHSA-2016-0855.html
RedHat Security Advisories: RHSA-2016:2695
http://rhn.redhat.com/errata/RHSA-2016-2695.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-3955
BugTraq ID: 86534
http://www.securityfocus.com/bid/86534
http://www.openwall.com/lists/oss-security/2016/04/19/1
Common Vulnerability Exposure (CVE) ID: CVE-2016-4470
http://www.openwall.com/lists/oss-security/2016/06/15/11
RedHat Security Advisories: RHSA-2016:1532
http://rhn.redhat.com/errata/RHSA-2016-1532.html
RedHat Security Advisories: RHSA-2016:1539
http://rhn.redhat.com/errata/RHSA-2016-1539.html
RedHat Security Advisories: RHSA-2016:1541
http://rhn.redhat.com/errata/RHSA-2016-1541.html
RedHat Security Advisories: RHSA-2016:1657
http://rhn.redhat.com/errata/RHSA-2016-1657.html
RedHat Security Advisories: RHSA-2016:2006
http://rhn.redhat.com/errata/RHSA-2016-2006.html
RedHat Security Advisories: RHSA-2016:2074
http://rhn.redhat.com/errata/RHSA-2016-2074.html
RedHat Security Advisories: RHSA-2016:2076
http://rhn.redhat.com/errata/RHSA-2016-2076.html
RedHat Security Advisories: RHSA-2016:2128
http://rhn.redhat.com/errata/RHSA-2016-2128.html
RedHat Security Advisories: RHSA-2016:2133
http://rhn.redhat.com/errata/RHSA-2016-2133.html
SuSE Security Announcement: SUSE-SU-2016:1998 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00012.html
SuSE Security Announcement: SUSE-SU-2016:1999 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00013.html
SuSE Security Announcement: SUSE-SU-2016:2003 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html
SuSE Security Announcement: SUSE-SU-2016:2011 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html
SuSE Security Announcement: SUSE-SU-2016:2018 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html
http://www.ubuntu.com/usn/USN-3051-1
http://www.ubuntu.com/usn/USN-3052-1
http://www.ubuntu.com/usn/USN-3053-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-4482
BugTraq ID: 90029
http://www.securityfocus.com/bid/90029
http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184414.html
http://www.openwall.com/lists/oss-security/2016/05/04/2
http://www.ubuntu.com/usn/USN-3016-1
http://www.ubuntu.com/usn/USN-3016-2
http://www.ubuntu.com/usn/USN-3016-3
http://www.ubuntu.com/usn/USN-3016-4
http://www.ubuntu.com/usn/USN-3017-1
http://www.ubuntu.com/usn/USN-3017-2
http://www.ubuntu.com/usn/USN-3017-3
http://www.ubuntu.com/usn/USN-3018-1
http://www.ubuntu.com/usn/USN-3018-2
http://www.ubuntu.com/usn/USN-3019-1
http://www.ubuntu.com/usn/USN-3020-1
http://www.ubuntu.com/usn/USN-3021-1
http://www.ubuntu.com/usn/USN-3021-2
Common Vulnerability Exposure (CVE) ID: CVE-2016-4565
BugTraq ID: 90301
http://www.securityfocus.com/bid/90301
http://www.openwall.com/lists/oss-security/2016/05/07/1
RedHat Security Advisories: RHSA-2016:1277
https://access.redhat.com/errata/RHSA-2016:1277
RedHat Security Advisories: RHSA-2016:1301
https://access.redhat.com/errata/RHSA-2016:1301
RedHat Security Advisories: RHSA-2016:1341
https://access.redhat.com/errata/RHSA-2016:1341
RedHat Security Advisories: RHSA-2016:1406
https://access.redhat.com/errata/RHSA-2016:1406
RedHat Security Advisories: RHSA-2016:1489
http://rhn.redhat.com/errata/RHSA-2016-1489.html
RedHat Security Advisories: RHSA-2016:1581
http://rhn.redhat.com/errata/RHSA-2016-1581.html
RedHat Security Advisories: RHSA-2016:1617
http://rhn.redhat.com/errata/RHSA-2016-1617.html
RedHat Security Advisories: RHSA-2016:1640
http://rhn.redhat.com/errata/RHSA-2016-1640.html
RedHat Security Advisories: RHSA-2016:1814
http://rhn.redhat.com/errata/RHSA-2016-1814.html
http://www.ubuntu.com/usn/USN-3005-1
http://www.ubuntu.com/usn/USN-3006-1
http://www.ubuntu.com/usn/USN-3007-1
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2024 E-Soft Inc. All rights reserved.