Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2014.0910.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2014:0910-1)
Summary:The remote host is missing an update for the 'Linux kernel' package(s) announced via the SUSE-SU-2014:0910-1 advisory.
Description:Summary:
The remote host is missing an update for the 'Linux kernel' package(s) announced via the SUSE-SU-2014:0910-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to fix various bugs and security issues.

The following security bugs have been fixed:

*

CVE-2012-2372: The rds_ib_xmit function in net/rds/ib_send.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel 3.7.4 and earlier allows local users to cause a denial of service
(BUG_ON and kernel panic) by establishing an RDS connection with the source IP address equal to the IPoIB interfaces own IP address, as demonstrated by rds-ping. (bnc#767610)

*

CVE-2013-2929: The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a crafted application, related to kernel/ptrace.c and arch/ia64/include/asm/processor.h. (bnc#847652)

*

CVE-2013-4299: Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device. (bnc#846404)

*

CVE-2013-4579: The ath9k_htc_set_bssid_mask function in drivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel through 3.12 uses a BSSID masking approach to determine the set of MAC addresses on which a Wi-Fi device is listening, which allows remote attackers to discover the original MAC address after spoofing by sending a series of packets to MAC addresses with certain bit manipulations. (bnc#851426)

*

CVE-2013-6382: Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified
other impact by leveraging the CAP_SYS_ADMIN capability for a (1)
XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value, related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c. (bnc#852553)

*

CVE-2013-7339: The rds_ib_laddr_check function in net/rds/ib.c in the Linux kernel before 3.12.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports. (bnc#869563)

*

CVE-2014-0055: The get_rx_bufs function in drivers/vhost/net.c in the vhost-net subsystem in the Linux kernel package before 2.6.32-431.11.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly handle vhost_get_vq_desc errors, which allows guest OS users to cause a denial of service (host OS crash) via unspecified vectors. (bnc#870173)

*

CVE-2014-0077: drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable buffers are disabled, does not properly validate packet lengths, whic... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'Linux kernel' package(s) on SUSE Linux Enterprise Server 11 SP3, SUSE Linux Enterprise High Availability Extension 11 SP3, SUSE Linux Enterprise Desktop 11 SP3, SLE 11

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-2372
BugTraq ID: 54062
http://www.securityfocus.com/bid/54062
HPdes Security Advisory: HPSBGN02970
http://marc.info/?l=bugtraq&m=139447903326211&w=2
RedHat Security Advisories: RHSA-2012:0743
http://rhn.redhat.com/errata/RHSA-2012-0743.html
RedHat Security Advisories: RHSA-2012:1540
http://rhn.redhat.com/errata/RHSA-2012-1540.html
SuSE Security Announcement: SUSE-SU-2012:1679 (Google Search)
https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html
http://ubuntu.com/usn/usn-1529-1
http://www.ubuntu.com/usn/USN-1555-1
http://www.ubuntu.com/usn/USN-1556-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-2929
BugTraq ID: 64111
http://www.securityfocus.com/bid/64111
RedHat Security Advisories: RHSA-2014:0100
http://rhn.redhat.com/errata/RHSA-2014-0100.html
RedHat Security Advisories: RHSA-2014:0159
http://rhn.redhat.com/errata/RHSA-2014-0159.html
RedHat Security Advisories: RHSA-2014:0285
http://rhn.redhat.com/errata/RHSA-2014-0285.html
RedHat Security Advisories: RHSA-2018:1252
https://access.redhat.com/errata/RHSA-2018:1252
SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
http://www.ubuntu.com/usn/USN-2070-1
http://www.ubuntu.com/usn/USN-2075-1
http://www.ubuntu.com/usn/USN-2109-1
http://www.ubuntu.com/usn/USN-2110-1
http://www.ubuntu.com/usn/USN-2111-1
http://www.ubuntu.com/usn/USN-2112-1
http://www.ubuntu.com/usn/USN-2114-1
http://www.ubuntu.com/usn/USN-2115-1
http://www.ubuntu.com/usn/USN-2116-1
http://www.ubuntu.com/usn/USN-2128-1
http://www.ubuntu.com/usn/USN-2129-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-4299
RedHat Security Advisories: RHSA-2013:1436
http://rhn.redhat.com/errata/RHSA-2013-1436.html
RedHat Security Advisories: RHSA-2013:1449
http://rhn.redhat.com/errata/RHSA-2013-1449.html
RedHat Security Advisories: RHSA-2013:1450
http://rhn.redhat.com/errata/RHSA-2013-1450.html
RedHat Security Advisories: RHSA-2013:1460
http://rhn.redhat.com/errata/RHSA-2013-1460.html
RedHat Security Advisories: RHSA-2013:1490
http://rhn.redhat.com/errata/RHSA-2013-1490.html
RedHat Security Advisories: RHSA-2013:1519
http://rhn.redhat.com/errata/RHSA-2013-1519.html
RedHat Security Advisories: RHSA-2013:1520
http://rhn.redhat.com/errata/RHSA-2013-1520.html
RedHat Security Advisories: RHSA-2013:1783
http://rhn.redhat.com/errata/RHSA-2013-1783.html
RedHat Security Advisories: RHSA-2013:1860
http://rhn.redhat.com/errata/RHSA-2013-1860.html
SuSE Security Announcement: SUSE-SU-2015:0652 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html
SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
http://www.ubuntu.com/usn/USN-2015-1
http://www.ubuntu.com/usn/USN-2016-1
http://www.ubuntu.com/usn/USN-2040-1
http://www.ubuntu.com/usn/USN-2041-1
http://www.ubuntu.com/usn/USN-2042-1
http://www.ubuntu.com/usn/USN-2043-1
http://www.ubuntu.com/usn/USN-2044-1
http://www.ubuntu.com/usn/USN-2045-1
http://www.ubuntu.com/usn/USN-2046-1
http://www.ubuntu.com/usn/USN-2049-1
http://www.ubuntu.com/usn/USN-2050-1
http://www.ubuntu.com/usn/USN-2066-1
http://www.ubuntu.com/usn/USN-2067-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-4579
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729573
http://www.mathyvanhoef.com/2013/11/unmasking-spoofed-mac-address.html
https://lists.ath9k.org/pipermail/ath9k-devel/2013-November/012215.html
http://www.openwall.com/lists/oss-security/2013/11/15/3
http://www.ubuntu.com/usn/USN-2113-1
http://www.ubuntu.com/usn/USN-2117-1
http://www.ubuntu.com/usn/USN-2133-1
http://www.ubuntu.com/usn/USN-2134-1
http://www.ubuntu.com/usn/USN-2135-1
http://www.ubuntu.com/usn/USN-2136-1
http://www.ubuntu.com/usn/USN-2138-1
http://www.ubuntu.com/usn/USN-2139-1
http://www.ubuntu.com/usn/USN-2141-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-6382
BugTraq ID: 63889
http://www.securityfocus.com/bid/63889
http://www.openwall.com/lists/oss-security/2013/11/22/5
http://www.spinics.net/lists/xfs/msg23343.html
http://www.ubuntu.com/usn/USN-2158-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-7339
BugTraq ID: 66351
http://www.securityfocus.com/bid/66351
http://www.openwall.com/lists/oss-security/2014/03/20/14
http://secunia.com/advisories/59386
Common Vulnerability Exposure (CVE) ID: CVE-2014-0055
BugTraq ID: 66441
http://www.securityfocus.com/bid/66441
RedHat Security Advisories: RHSA-2014:0328
http://rhn.redhat.com/errata/RHSA-2014-0328.html
RedHat Security Advisories: RHSA-2014:0339
http://rhn.redhat.com/errata/RHSA-2014-0339.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-0077
BugTraq ID: 66678
http://www.securityfocus.com/bid/66678
http://secunia.com/advisories/59599
Common Vulnerability Exposure (CVE) ID: CVE-2014-0101
BugTraq ID: 65943
http://www.securityfocus.com/bid/65943
http://www.openwall.com/lists/oss-security/2014/03/04/6
RedHat Security Advisories: RHSA-2014:0419
http://rhn.redhat.com/errata/RHSA-2014-0419.html
RedHat Security Advisories: RHSA-2014:0432
http://rhn.redhat.com/errata/RHSA-2014-0432.html
http://secunia.com/advisories/59216
http://www.ubuntu.com/usn/USN-2173-1
http://www.ubuntu.com/usn/USN-2174-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-0131
http://www.spinics.net/lists/netdev/msg274250.html
http://www.spinics.net/lists/netdev/msg274316.html
http://www.openwall.com/lists/oss-security/2014/03/10/4
Common Vulnerability Exposure (CVE) ID: CVE-2014-0155
http://www.openwall.com/lists/oss-security/2014/04/07/2
Common Vulnerability Exposure (CVE) ID: CVE-2014-1444
BugTraq ID: 64952
http://www.securityfocus.com/bid/64952
http://www.openwall.com/lists/oss-security/2014/01/15/3
XForce ISS Database: linux-kernel-cve20141444-info-disc(90443)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90443
Common Vulnerability Exposure (CVE) ID: CVE-2014-1445
BugTraq ID: 64953
http://www.securityfocus.com/bid/64953
XForce ISS Database: linux-kernel-cve20141445-info-disc(90444)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90444
Common Vulnerability Exposure (CVE) ID: CVE-2014-1446
BugTraq ID: 64954
http://www.securityfocus.com/bid/64954
http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126874.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126858.html
http://www.mandriva.com/security/advisories?name=MDVSA-2014:038
XForce ISS Database: linux-kernel-cve20141446-info-disc(90445)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90445
Common Vulnerability Exposure (CVE) ID: CVE-2014-1874
BugTraq ID: 65459
http://www.securityfocus.com/bid/65459
http://www.openwall.com/lists/oss-security/2014/02/07/2
http://secunia.com/advisories/59262
http://secunia.com/advisories/59309
http://secunia.com/advisories/59406
http://www.ubuntu.com/usn/USN-2137-1
http://www.ubuntu.com/usn/USN-2140-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-2309
BugTraq ID: 66095
http://www.securityfocus.com/bid/66095
http://www.openwall.com/lists/oss-security/2014/03/08/1
http://www.securitytracker.com/id/1029894
http://secunia.com/advisories/57250
Common Vulnerability Exposure (CVE) ID: CVE-2014-2523
BugTraq ID: 66279
http://www.securityfocus.com/bid/66279
http://twitter.com/grsecurity/statuses/445496197399461888
http://www.openwall.com/lists/oss-security/2014/03/17/7
http://www.securitytracker.com/id/1029945
http://secunia.com/advisories/57446
XForce ISS Database: linux-kernel-cve20142523-code-exec(91910)
https://exchange.xforce.ibmcloud.com/vulnerabilities/91910
Common Vulnerability Exposure (CVE) ID: CVE-2014-2678
BugTraq ID: 66543
http://www.securityfocus.com/bid/66543
http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131276.html
https://lkml.org/lkml/2014/3/29/188
http://www.openwall.com/lists/oss-security/2014/03/31/10
http://secunia.com/advisories/60130
http://secunia.com/advisories/60471
Common Vulnerability Exposure (CVE) ID: CVE-2014-2851
BugTraq ID: 66779
http://www.securityfocus.com/bid/66779
Debian Security Information: DSA-2926 (Google Search)
http://www.debian.org/security/2014/dsa-2926
https://lkml.org/lkml/2014/4/10/736
http://www.openwall.com/lists/oss-security/2014/04/11/4
http://www.securitytracker.com/id/1030769
Common Vulnerability Exposure (CVE) ID: CVE-2014-3122
BugTraq ID: 67162
http://www.securityfocus.com/bid/67162
http://www.openwall.com/lists/oss-security/2014/05/01/7
http://www.ubuntu.com/usn/USN-2240-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-3144
BugTraq ID: 67309
http://www.securityfocus.com/bid/67309
Debian Security Information: DSA-2949 (Google Search)
http://www.debian.org/security/2014/dsa-2949
http://www.openwall.com/lists/oss-security/2014/05/09/6
http://secunia.com/advisories/58990
http://secunia.com/advisories/59311
http://secunia.com/advisories/59597
http://secunia.com/advisories/60613
http://www.ubuntu.com/usn/USN-2251-1
http://www.ubuntu.com/usn/USN-2252-1
http://www.ubuntu.com/usn/USN-2259-1
http://www.ubuntu.com/usn/USN-2261-1
http://www.ubuntu.com/usn/USN-2262-1
http://www.ubuntu.com/usn/USN-2263-1
http://www.ubuntu.com/usn/USN-2264-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-3145
BugTraq ID: 67321
http://www.securityfocus.com/bid/67321
http://www.securitytracker.com/id/1038201
Common Vulnerability Exposure (CVE) ID: CVE-2014-3917
http://article.gmane.org/gmane.linux.kernel/1713179
http://www.openwall.com/lists/oss-security/2014/05/29/5
RedHat Security Advisories: RHSA-2014:1143
http://rhn.redhat.com/errata/RHSA-2014-1143.html
RedHat Security Advisories: RHSA-2014:1281
http://rhn.redhat.com/errata/RHSA-2014-1281.html
http://secunia.com/advisories/59777
http://secunia.com/advisories/60011
http://secunia.com/advisories/60564
http://www.ubuntu.com/usn/USN-2334-1
http://www.ubuntu.com/usn/USN-2335-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-4508
BugTraq ID: 68126
http://www.securityfocus.com/bid/68126
http://article.gmane.org/gmane.linux.kernel/1726110
http://openwall.com/lists/oss-security/2014/06/20/1
http://www.openwall.com/lists/oss-security/2014/06/20/10
http://www.openwall.com/lists/oss-security/2020/11/12/3
http://secunia.com/advisories/58964
SuSE Security Announcement: SUSE-SU-2014:1316 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html
SuSE Security Announcement: SUSE-SU-2014:1319 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-4652
http://www.openwall.com/lists/oss-security/2014/06/26/6
RedHat Security Advisories: RHSA-2014:1083
http://rhn.redhat.com/errata/RHSA-2014-1083.html
RedHat Security Advisories: RHSA-2015:1272
http://rhn.redhat.com/errata/RHSA-2015-1272.html
http://secunia.com/advisories/59434
http://secunia.com/advisories/60545
XForce ISS Database: linux-kernel-cve20144652-info-disc(94412)
https://exchange.xforce.ibmcloud.com/vulnerabilities/94412
Common Vulnerability Exposure (CVE) ID: CVE-2014-4653
BugTraq ID: 68164
http://www.securityfocus.com/bid/68164
Common Vulnerability Exposure (CVE) ID: CVE-2014-4654
BugTraq ID: 68162
http://www.securityfocus.com/bid/68162
Common Vulnerability Exposure (CVE) ID: CVE-2014-4655
http://www.securitytracker.com/id/1036763
Common Vulnerability Exposure (CVE) ID: CVE-2014-4656
RedHat Security Advisories: RHSA-2015:0087
http://rhn.redhat.com/errata/RHSA-2015-0087.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-4699
Debian Security Information: DSA-2972 (Google Search)
http://www.debian.org/security/2014/dsa-2972
http://www.exploit-db.com/exploits/34134
http://packetstormsecurity.com/files/127573/Linux-Kernel-ptrace-sysret-Local-Privilege-Escalation.html
http://www.openwall.com/lists/oss-security/2014/07/04/4
http://openwall.com/lists/oss-security/2014/07/05/4
http://openwall.com/lists/oss-security/2014/07/08/16
http://openwall.com/lists/oss-security/2014/07/08/5
http://www.osvdb.org/108754
http://secunia.com/advisories/59633
http://secunia.com/advisories/59639
http://secunia.com/advisories/59654
http://secunia.com/advisories/60220
http://secunia.com/advisories/60380
http://secunia.com/advisories/60393
http://www.ubuntu.com/usn/USN-2266-1
http://www.ubuntu.com/usn/USN-2267-1
http://www.ubuntu.com/usn/USN-2268-1
http://www.ubuntu.com/usn/USN-2269-1
http://www.ubuntu.com/usn/USN-2270-1
http://www.ubuntu.com/usn/USN-2271-1
http://www.ubuntu.com/usn/USN-2272-1
http://www.ubuntu.com/usn/USN-2273-1
http://www.ubuntu.com/usn/USN-2274-1
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.