Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2014.0536.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2014:0536-1)
Summary:The remote host is missing an update for the 'Linux kernel' package(s) announced via the SUSE-SU-2014:0536-1 advisory.
Description:Summary:
The remote host is missing an update for the 'Linux kernel' package(s) announced via the SUSE-SU-2014:0536-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise Server 10 Service Pack 4 LTSS kernel has been updated to fix various security issues and several bugs.

The following security issues have been addressed:

*

CVE-2011-2492: The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the l2cap_sock_getsockopt_old function in net/bluetooth/l2cap_sock.c and (2) the rfcomm_sock_getsockopt_old function in net/bluetooth/rfcomm/sock.c. (bnc#702014)

*

CVE-2011-2494: kernel/taskstats.c in the Linux kernel before 3.1 allows local users to obtain sensitive I/O statistics by sending taskstats commands to a netlink socket, as demonstrated by discovering the length of another user's password. (bnc#703156)

*

CVE-2012-6537: net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not initialize certain structures,
which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability. (bnc#809889)

*

CVE-2012-6539: The dev_ifconf function in net/socket.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. (bnc#809891)

*

CVE-2012-6540: The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. (bnc#809892)

*

CVE-2012-6541: The ccid3_hc_tx_getsockopt function in net/dccp/ccids/ccid3.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. (bnc#809893)

*

CVE-2012-6542: The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that leverages an uninitialized pointer argument. (bnc#809894)

*

CVE-2012-6544: The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the (1) L2CAP or (2) HCI implementation. (bnc#809898)

*

CVE-2012-6545: The Bluetooth RFCOMM implementation in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application. (bnc#809899)

*

CVE-2012-6546: The ATM implementation in the Linux kernel before 3... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'Linux kernel' package(s) on SUSE Linux Enterprise Server 10 SP4

Solution:
Please install the updated package(s).

CVSS Score:
6.9

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-2492
HPdes Security Advisory: HPSBGN02970
http://marc.info/?l=bugtraq&m=139447903326211&w=2
http://permalink.gmane.org/gmane.linux.bluez.kernel/12909
http://www.openwall.com/lists/oss-security/2011/06/24/2
http://www.openwall.com/lists/oss-security/2011/06/24/3
RedHat Security Advisories: RHSA-2011:0927
http://rhn.redhat.com/errata/RHSA-2011-0927.html
http://securitytracker.com/id?1025778
Common Vulnerability Exposure (CVE) ID: CVE-2011-2494
http://www.openwall.com/lists/oss-security/2011/06/27/1
http://secunia.com/advisories/48898
SuSE Security Announcement: SUSE-SU-2012:0554 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html
Common Vulnerability Exposure (CVE) ID: CVE-2012-6537
http://www.openwall.com/lists/oss-security/2013/03/05/13
RedHat Security Advisories: RHSA-2013:0744
http://rhn.redhat.com/errata/RHSA-2013-0744.html
http://www.ubuntu.com/usn/USN-1792-1
http://www.ubuntu.com/usn/USN-1798-1
Common Vulnerability Exposure (CVE) ID: CVE-2012-6539
Common Vulnerability Exposure (CVE) ID: CVE-2012-6540
Common Vulnerability Exposure (CVE) ID: CVE-2012-6541
Common Vulnerability Exposure (CVE) ID: CVE-2012-6542
RedHat Security Advisories: RHSA-2013:1645
http://rhn.redhat.com/errata/RHSA-2013-1645.html
http://www.ubuntu.com/usn/USN-1805-1
http://www.ubuntu.com/usn/USN-1808-1
Common Vulnerability Exposure (CVE) ID: CVE-2012-6544
RedHat Security Advisories: RHSA-2013:1173
http://rhn.redhat.com/errata/RHSA-2013-1173.html
Common Vulnerability Exposure (CVE) ID: CVE-2012-6545
Common Vulnerability Exposure (CVE) ID: CVE-2012-6546
Common Vulnerability Exposure (CVE) ID: CVE-2012-6547
http://www.mandriva.com/security/advisories?name=MDVSA-2013:176
Common Vulnerability Exposure (CVE) ID: CVE-2012-6549
SuSE Security Announcement: openSUSE-SU-2013:1187 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html
http://www.ubuntu.com/usn/USN-1809-1
http://www.ubuntu.com/usn/USN-1811-1
http://www.ubuntu.com/usn/USN-1812-1
http://www.ubuntu.com/usn/USN-1813-1
http://www.ubuntu.com/usn/USN-1814-1
http://www.ubuntu.com/usn/USN-1829-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-0343
http://openwall.com/lists/oss-security/2012/12/05/4
http://openwall.com/lists/oss-security/2013/01/16/7
http://openwall.com/lists/oss-security/2013/01/21/11
http://www.openwall.com/lists/oss-security/2013/02/22/6
RedHat Security Advisories: RHSA-2013:1449
http://rhn.redhat.com/errata/RHSA-2013-1449.html
RedHat Security Advisories: RHSA-2013:1490
http://rhn.redhat.com/errata/RHSA-2013-1490.html
SuSE Security Announcement: openSUSE-SU-2014:0204 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html
http://www.ubuntu.com/usn/USN-1976-1
http://www.ubuntu.com/usn/USN-1977-1
http://www.ubuntu.com/usn/USN-2019-1
http://www.ubuntu.com/usn/USN-2020-1
http://www.ubuntu.com/usn/USN-2021-1
http://www.ubuntu.com/usn/USN-2022-1
http://www.ubuntu.com/usn/USN-2023-1
http://www.ubuntu.com/usn/USN-2024-1
http://www.ubuntu.com/usn/USN-2038-1
http://www.ubuntu.com/usn/USN-2039-1
http://www.ubuntu.com/usn/USN-2050-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-0914
http://www.openwall.com/lists/oss-security/2013/03/11/8
RedHat Security Advisories: RHSA-2013:1051
http://rhn.redhat.com/errata/RHSA-2013-1051.html
SuSE Security Announcement: openSUSE-SU-2013:1971 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html
http://www.ubuntu.com/usn/USN-1787-1
http://www.ubuntu.com/usn/USN-1788-1
http://www.ubuntu.com/usn/USN-1793-1
http://www.ubuntu.com/usn/USN-1794-1
http://www.ubuntu.com/usn/USN-1795-1
http://www.ubuntu.com/usn/USN-1796-1
http://www.ubuntu.com/usn/USN-1797-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-1827
http://www.openwall.com/lists/oss-security/2013/03/07/2
Common Vulnerability Exposure (CVE) ID: CVE-2013-2141
Debian Security Information: DSA-2766 (Google Search)
http://www.debian.org/security/2013/dsa-2766
http://www.openwall.com/lists/oss-security/2013/06/04/10
RedHat Security Advisories: RHSA-2013:1801
http://rhn.redhat.com/errata/RHSA-2013-1801.html
http://secunia.com/advisories/55055
http://www.ubuntu.com/usn/USN-1899-1
http://www.ubuntu.com/usn/USN-1900-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-2164
http://www.openwall.com/lists/oss-security/2013/06/10/9
RedHat Security Advisories: RHSA-2013:1166
http://rhn.redhat.com/errata/RHSA-2013-1166.html
SuSE Security Announcement: SUSE-SU-2013:1473 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.html
SuSE Security Announcement: SUSE-SU-2013:1474 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00004.html
http://www.ubuntu.com/usn/USN-1912-1
http://www.ubuntu.com/usn/USN-1913-1
http://www.ubuntu.com/usn/USN-1941-1
http://www.ubuntu.com/usn/USN-1942-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-2206
http://www.openwall.com/lists/oss-security/2013/06/21/1
SuSE Security Announcement: SUSE-SU-2013:1744 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00020.html
SuSE Security Announcement: SUSE-SU-2013:1748 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00021.html
SuSE Security Announcement: SUSE-SU-2013:1749 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00023.html
SuSE Security Announcement: SUSE-SU-2013:1750 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00024.html
http://www.ubuntu.com/usn/USN-1939-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-2232
http://www.openwall.com/lists/oss-security/2013/07/02/5
http://www.ubuntu.com/usn/USN-1938-1
http://www.ubuntu.com/usn/USN-1943-1
http://www.ubuntu.com/usn/USN-1944-1
http://www.ubuntu.com/usn/USN-1945-1
http://www.ubuntu.com/usn/USN-1946-1
http://www.ubuntu.com/usn/USN-1947-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-2234
http://www.openwall.com/lists/oss-security/2013/07/02/7
Common Vulnerability Exposure (CVE) ID: CVE-2013-2237
http://www.openwall.com/lists/oss-security/2013/07/04/3
http://www.ubuntu.com/usn/USN-1970-1
http://www.ubuntu.com/usn/USN-1972-1
http://www.ubuntu.com/usn/USN-1973-1
http://www.ubuntu.com/usn/USN-1992-1
http://www.ubuntu.com/usn/USN-1993-1
http://www.ubuntu.com/usn/USN-1995-1
http://www.ubuntu.com/usn/USN-1998-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-2888
http://marc.info/?l=linux-input&m=137772180514608&w=1
http://openwall.com/lists/oss-security/2013/08/28/13
Common Vulnerability Exposure (CVE) ID: CVE-2013-2893
BugTraq ID: 62050
http://www.securityfocus.com/bid/62050
http://marc.info/?l=linux-input&m=137772186714627&w=1
SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
http://www.ubuntu.com/usn/USN-2015-1
http://www.ubuntu.com/usn/USN-2016-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-2897
BugTraq ID: 62044
http://www.securityfocus.com/bid/62044
http://marc.info/?l=linux-input&m=137772190214635&w=1
Common Vulnerability Exposure (CVE) ID: CVE-2013-3222
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103750.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104480.html
https://lkml.org/lkml/2013/4/14/107
http://www.openwall.com/lists/oss-security/2013/04/14/3
SuSE Security Announcement: SUSE-SU-2013:1182 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00016.html
http://www.ubuntu.com/usn/USN-1837-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-3223
Common Vulnerability Exposure (CVE) ID: CVE-2013-3224
Common Vulnerability Exposure (CVE) ID: CVE-2013-3228
Common Vulnerability Exposure (CVE) ID: CVE-2013-3229
Common Vulnerability Exposure (CVE) ID: CVE-2013-3231
Common Vulnerability Exposure (CVE) ID: CVE-2013-3232
Common Vulnerability Exposure (CVE) ID: CVE-2013-3234
Common Vulnerability Exposure (CVE) ID: CVE-2013-3235
Common Vulnerability Exposure (CVE) ID: CVE-2013-4162
BugTraq ID: 61411
http://www.securityfocus.com/bid/61411
http://www.openwall.com/lists/oss-security/2013/07/23/9
RedHat Security Advisories: RHSA-2013:1436
http://rhn.redhat.com/errata/RHSA-2013-1436.html
RedHat Security Advisories: RHSA-2013:1460
http://rhn.redhat.com/errata/RHSA-2013-1460.html
RedHat Security Advisories: RHSA-2013:1520
http://rhn.redhat.com/errata/RHSA-2013-1520.html
http://secunia.com/advisories/54148
Common Vulnerability Exposure (CVE) ID: CVE-2013-4387
http://www.openwall.com/lists/oss-security/2013/09/29/1
RedHat Security Advisories: RHSA-2014:0284
http://rhn.redhat.com/errata/RHSA-2014-0284.html
http://www.ubuntu.com/usn/USN-2041-1
http://www.ubuntu.com/usn/USN-2045-1
http://www.ubuntu.com/usn/USN-2049-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-4470
BugTraq ID: 63359
http://www.securityfocus.com/bid/63359
http://www.openwall.com/lists/oss-security/2013/10/25/5
RedHat Security Advisories: RHSA-2014:0100
http://rhn.redhat.com/errata/RHSA-2014-0100.html
SuSE Security Announcement: SUSE-SU-2014:0459 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html
http://www.ubuntu.com/usn/USN-2040-1
http://www.ubuntu.com/usn/USN-2042-1
http://www.ubuntu.com/usn/USN-2043-1
http://www.ubuntu.com/usn/USN-2044-1
http://www.ubuntu.com/usn/USN-2046-1
http://www.ubuntu.com/usn/USN-2066-1
http://www.ubuntu.com/usn/USN-2067-1
http://www.ubuntu.com/usn/USN-2069-1
http://www.ubuntu.com/usn/USN-2073-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-4483
http://www.openwall.com/lists/oss-security/2013/10/30/4
RedHat Security Advisories: RHSA-2014:0285
http://rhn.redhat.com/errata/RHSA-2014-0285.html
RedHat Security Advisories: RHSA-2015:0284
http://rhn.redhat.com/errata/RHSA-2015-0284.html
SuSE Security Announcement: openSUSE-SU-2014:0247 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-02/msg00045.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-4588
BugTraq ID: 63744
http://www.securityfocus.com/bid/63744
http://www.openwall.com/lists/oss-security/2013/11/15/12
http://www.ubuntu.com/usn/USN-2064-1
http://www.ubuntu.com/usn/USN-2065-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-6383
http://www.openwall.com/lists/oss-security/2013/11/22/5
http://www.ubuntu.com/usn/USN-2068-1
http://www.ubuntu.com/usn/USN-2070-1
http://www.ubuntu.com/usn/USN-2071-1
http://www.ubuntu.com/usn/USN-2072-1
http://www.ubuntu.com/usn/USN-2074-1
http://www.ubuntu.com/usn/USN-2075-1
http://www.ubuntu.com/usn/USN-2076-1
http://www.ubuntu.com/usn/USN-2107-1
http://www.ubuntu.com/usn/USN-2108-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-1444
BugTraq ID: 64952
http://www.securityfocus.com/bid/64952
http://www.openwall.com/lists/oss-security/2014/01/15/3
http://www.ubuntu.com/usn/USN-2128-1
http://www.ubuntu.com/usn/USN-2129-1
XForce ISS Database: linux-kernel-cve20141444-info-disc(90443)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90443
Common Vulnerability Exposure (CVE) ID: CVE-2014-1445
BugTraq ID: 64953
http://www.securityfocus.com/bid/64953
XForce ISS Database: linux-kernel-cve20141445-info-disc(90444)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90444
Common Vulnerability Exposure (CVE) ID: CVE-2014-1446
BugTraq ID: 64954
http://www.securityfocus.com/bid/64954
http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126874.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126858.html
http://www.mandriva.com/security/advisories?name=MDVSA-2014:038
http://www.ubuntu.com/usn/USN-2113-1
http://www.ubuntu.com/usn/USN-2117-1
http://www.ubuntu.com/usn/USN-2133-1
http://www.ubuntu.com/usn/USN-2134-1
http://www.ubuntu.com/usn/USN-2135-1
http://www.ubuntu.com/usn/USN-2136-1
http://www.ubuntu.com/usn/USN-2138-1
http://www.ubuntu.com/usn/USN-2139-1
http://www.ubuntu.com/usn/USN-2141-1
XForce ISS Database: linux-kernel-cve20141446-info-disc(90445)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90445
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.