Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2014.1138.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2014:1138-1)
Summary:The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2014:1138-1 advisory.
Description:Summary:
The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2014:1138-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise Server 11 SP1 LTSS received a roll up update to fix several security and non-security issues.

The following security issues have been fixed:

* CVE-2013-1860: Heap-based buffer overflow in the wdm_in_callback
function in drivers/usb/class/cdc-wdm.c in the Linux kernel before
3.8.4 allows physically proximate attackers to cause a denial of
service (system crash) or possibly execute arbitrary code via a
crafted cdc-wdm USB device. (bnc#806431)
* CVE-2013-4162: The udp_v6_push_pending_frames function in
net/ipv6/udp.c in the IPv6 implementation in the Linux kernel
through 3.10.3 makes an incorrect function call for pending data,
which allows local users to cause a denial of service (BUG and
system crash) via a crafted application that uses the UDP_CORK
option in a setsockopt system call. (bnc#831058)
* CVE-2014-0203: The __do_follow_link function in fs/namei.c in the
Linux kernel before 2.6.33 does not properly handle the last
pathname component during use of certain filesystems, which allows
local users to cause a denial of service (incorrect free operations
and system crash) via an open system call. (bnc#883526)
* CVE-2014-3144: The (1) BPF_S_ANC_NLATTR and (2)
BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter
function in net/core/filter.c in the Linux kernel through 3.14.3 do
not check whether a certain length value is sufficiently large,
which allows local users to cause a denial of service (integer
underflow and system crash) via crafted BPF instructions. NOTE: the
affected code was moved to the __skb_get_nlattr and
__skb_get_nlattr_nest functions before the vulnerability was
announced. (bnc#877257)
* CVE-2014-3145: The BPF_S_ANC_NLATTR_NEST extension implementation in
the sk_run_filter function in net/core/filter.c in the Linux kernel
through 3.14.3 uses the reverse order in a certain subtraction,
which allows local users to cause a denial of service (over-read and
system crash) via crafted BPF instructions. NOTE: the affected code
was moved to the __skb_get_nlattr_nest function before the
vulnerability was announced. (bnc#877257)
* CVE-2014-3917: kernel/auditsc.c in the Linux kernel through 3.14.5,
when CONFIG_AUDITSYSCALL is enabled with certain syscall rules,
allows local users to obtain potentially sensitive single-bit values
from kernel memory or cause a denial of service (OOPS) via a large
value of a syscall number. (bnc#880484)
* CVE-2014-4508: arch/x86/kernel/entry_32.S in the Linux kernel
through 3.15.1 on 32-bit x86 platforms, when syscall auditing is
enabled and the sep CPU feature flag is set, allows local users to
cause a denial
of service (OOPS and system crash) via an invalid syscall number, as demonstrated by number 1000. (bnc#883724)
* CVE-2014-4652: Race condition in the tlv handler functionality in
the snd_ctl_elem_user_tlv function in sound/core/control.c in the... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'Linux Kernel' package(s) on SUSE Linux Enterprise Server 11 SP1, SLE 11

Solution:
Please install the updated package(s).

CVSS Score:
7.1

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-1860
BugTraq ID: 58510
http://www.securityfocus.com/bid/58510
http://www.mandriva.com/security/advisories?name=MDVSA-2013:176
http://www.openwall.com/lists/oss-security/2013/03/15/3
RedHat Security Advisories: RHSA-2014:0328
http://rhn.redhat.com/errata/RHSA-2014-0328.html
RedHat Security Advisories: RHSA-2014:0339
http://rhn.redhat.com/errata/RHSA-2014-0339.html
http://www.ubuntu.com/usn/USN-1809-1
http://www.ubuntu.com/usn/USN-1811-1
http://www.ubuntu.com/usn/USN-1812-1
http://www.ubuntu.com/usn/USN-1813-1
http://www.ubuntu.com/usn/USN-1814-1
http://www.ubuntu.com/usn/USN-1829-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-4162
BugTraq ID: 61411
http://www.securityfocus.com/bid/61411
http://www.openwall.com/lists/oss-security/2013/07/23/9
RedHat Security Advisories: RHSA-2013:1436
http://rhn.redhat.com/errata/RHSA-2013-1436.html
RedHat Security Advisories: RHSA-2013:1460
http://rhn.redhat.com/errata/RHSA-2013-1460.html
RedHat Security Advisories: RHSA-2013:1520
http://rhn.redhat.com/errata/RHSA-2013-1520.html
http://secunia.com/advisories/54148
http://secunia.com/advisories/55055
SuSE Security Announcement: SUSE-SU-2013:1473 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.html
SuSE Security Announcement: SUSE-SU-2013:1474 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00004.html
SuSE Security Announcement: openSUSE-SU-2013:1971 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html
http://www.ubuntu.com/usn/USN-1938-1
http://www.ubuntu.com/usn/USN-1939-1
http://www.ubuntu.com/usn/USN-1941-1
http://www.ubuntu.com/usn/USN-1942-1
http://www.ubuntu.com/usn/USN-1943-1
http://www.ubuntu.com/usn/USN-1944-1
http://www.ubuntu.com/usn/USN-1945-1
http://www.ubuntu.com/usn/USN-1946-1
http://www.ubuntu.com/usn/USN-1947-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-7266
http://www.openwall.com/lists/oss-security/2013/12/31/7
http://secunia.com/advisories/55882
http://secunia.com/advisories/56036
http://www.ubuntu.com/usn/USN-2109-1
http://www.ubuntu.com/usn/USN-2110-1
http://www.ubuntu.com/usn/USN-2113-1
http://www.ubuntu.com/usn/USN-2117-1
http://www.ubuntu.com/usn/USN-2128-1
http://www.ubuntu.com/usn/USN-2129-1
http://www.ubuntu.com/usn/USN-2135-1
http://www.ubuntu.com/usn/USN-2136-1
http://www.ubuntu.com/usn/USN-2138-1
http://www.ubuntu.com/usn/USN-2139-1
http://www.ubuntu.com/usn/USN-2141-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-7267
Common Vulnerability Exposure (CVE) ID: CVE-2013-7268
Common Vulnerability Exposure (CVE) ID: CVE-2013-7269
BugTraq ID: 64742
http://www.securityfocus.com/bid/64742
XForce ISS Database: linux-kernel-cve20137269-info-disc(90130)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90130
Common Vulnerability Exposure (CVE) ID: CVE-2013-7270
BugTraq ID: 64744
http://www.securityfocus.com/bid/64744
XForce ISS Database: linux-kernel-cve20137270-info-disc(90131)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90131
Common Vulnerability Exposure (CVE) ID: CVE-2013-7271
BugTraq ID: 64746
http://www.securityfocus.com/bid/64746
XForce ISS Database: linux-kernel-cve20137271-info-disc(90132)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90132
Common Vulnerability Exposure (CVE) ID: CVE-2014-0203
BugTraq ID: 68125
http://www.securityfocus.com/bid/68125
http://secunia.com/advisories/59262
http://secunia.com/advisories/59309
http://secunia.com/advisories/59406
http://secunia.com/advisories/59560
Common Vulnerability Exposure (CVE) ID: CVE-2014-3144
BugTraq ID: 67309
http://www.securityfocus.com/bid/67309
Debian Security Information: DSA-2949 (Google Search)
http://www.debian.org/security/2014/dsa-2949
http://www.openwall.com/lists/oss-security/2014/05/09/6
http://secunia.com/advisories/58990
http://secunia.com/advisories/59311
http://secunia.com/advisories/59597
http://secunia.com/advisories/60613
http://www.ubuntu.com/usn/USN-2251-1
http://www.ubuntu.com/usn/USN-2252-1
http://www.ubuntu.com/usn/USN-2259-1
http://www.ubuntu.com/usn/USN-2261-1
http://www.ubuntu.com/usn/USN-2262-1
http://www.ubuntu.com/usn/USN-2263-1
http://www.ubuntu.com/usn/USN-2264-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-3145
BugTraq ID: 67321
http://www.securityfocus.com/bid/67321
http://www.securitytracker.com/id/1038201
Common Vulnerability Exposure (CVE) ID: CVE-2014-3917
http://article.gmane.org/gmane.linux.kernel/1713179
http://www.openwall.com/lists/oss-security/2014/05/29/5
RedHat Security Advisories: RHSA-2014:1143
http://rhn.redhat.com/errata/RHSA-2014-1143.html
RedHat Security Advisories: RHSA-2014:1281
http://rhn.redhat.com/errata/RHSA-2014-1281.html
http://secunia.com/advisories/59777
http://secunia.com/advisories/60011
http://secunia.com/advisories/60564
SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
http://www.ubuntu.com/usn/USN-2334-1
http://www.ubuntu.com/usn/USN-2335-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-4508
BugTraq ID: 68126
http://www.securityfocus.com/bid/68126
http://article.gmane.org/gmane.linux.kernel/1726110
http://openwall.com/lists/oss-security/2014/06/20/1
http://www.openwall.com/lists/oss-security/2014/06/20/10
http://www.openwall.com/lists/oss-security/2020/11/12/3
http://secunia.com/advisories/58964
SuSE Security Announcement: SUSE-SU-2014:1316 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html
SuSE Security Announcement: SUSE-SU-2014:1319 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html
SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-4652
http://www.openwall.com/lists/oss-security/2014/06/26/6
RedHat Security Advisories: RHSA-2014:1083
http://rhn.redhat.com/errata/RHSA-2014-1083.html
RedHat Security Advisories: RHSA-2015:1272
http://rhn.redhat.com/errata/RHSA-2015-1272.html
http://secunia.com/advisories/59434
http://secunia.com/advisories/60545
XForce ISS Database: linux-kernel-cve20144652-info-disc(94412)
https://exchange.xforce.ibmcloud.com/vulnerabilities/94412
Common Vulnerability Exposure (CVE) ID: CVE-2014-4653
BugTraq ID: 68164
http://www.securityfocus.com/bid/68164
Common Vulnerability Exposure (CVE) ID: CVE-2014-4654
BugTraq ID: 68162
http://www.securityfocus.com/bid/68162
Common Vulnerability Exposure (CVE) ID: CVE-2014-4655
http://www.securitytracker.com/id/1036763
Common Vulnerability Exposure (CVE) ID: CVE-2014-4656
RedHat Security Advisories: RHSA-2015:0087
http://rhn.redhat.com/errata/RHSA-2015-0087.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-4667
BugTraq ID: 68224
http://www.securityfocus.com/bid/68224
Debian Security Information: DSA-2992 (Google Search)
http://www.debian.org/security/2014/dsa-2992
http://www.openwall.com/lists/oss-security/2014/06/27/11
http://secunia.com/advisories/59790
http://secunia.com/advisories/60596
Common Vulnerability Exposure (CVE) ID: CVE-2014-4699
Debian Security Information: DSA-2972 (Google Search)
http://www.debian.org/security/2014/dsa-2972
http://www.exploit-db.com/exploits/34134
http://packetstormsecurity.com/files/127573/Linux-Kernel-ptrace-sysret-Local-Privilege-Escalation.html
http://www.openwall.com/lists/oss-security/2014/07/04/4
http://openwall.com/lists/oss-security/2014/07/05/4
http://openwall.com/lists/oss-security/2014/07/08/16
http://openwall.com/lists/oss-security/2014/07/08/5
http://www.osvdb.org/108754
http://secunia.com/advisories/59633
http://secunia.com/advisories/59639
http://secunia.com/advisories/59654
http://secunia.com/advisories/60220
http://secunia.com/advisories/60380
http://secunia.com/advisories/60393
http://www.ubuntu.com/usn/USN-2266-1
http://www.ubuntu.com/usn/USN-2267-1
http://www.ubuntu.com/usn/USN-2268-1
http://www.ubuntu.com/usn/USN-2269-1
http://www.ubuntu.com/usn/USN-2270-1
http://www.ubuntu.com/usn/USN-2271-1
http://www.ubuntu.com/usn/USN-2272-1
http://www.ubuntu.com/usn/USN-2273-1
http://www.ubuntu.com/usn/USN-2274-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-4943
http://www.exploit-db.com/exploits/36267
http://openwall.com/lists/oss-security/2014/07/17/1
http://osvdb.org/show/osvdb/109277
RedHat Security Advisories: RHSA-2014:1025
http://rhn.redhat.com/errata/RHSA-2014-1025.html
http://www.securitytracker.com/id/1030610
http://secunia.com/advisories/60071
SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
XForce ISS Database: linux-kernel-cve20144943-priv-esc(94665)
https://exchange.xforce.ibmcloud.com/vulnerabilities/94665
Common Vulnerability Exposure (CVE) ID: CVE-2014-5077
BugTraq ID: 68881
http://www.securityfocus.com/bid/68881
http://www.openwall.com/lists/oss-security/2014/07/26/1
RedHat Security Advisories: RHSA-2014:1668
http://rhn.redhat.com/errata/RHSA-2014-1668.html
RedHat Security Advisories: RHSA-2014:1763
http://rhn.redhat.com/errata/RHSA-2014-1763.html
http://www.securitytracker.com/id/1030681
http://secunia.com/advisories/60430
http://secunia.com/advisories/60744
http://secunia.com/advisories/62563
http://www.ubuntu.com/usn/USN-2358-1
http://www.ubuntu.com/usn/USN-2359-1
XForce ISS Database: linux-kernel-cve20145077-dos(95134)
https://exchange.xforce.ibmcloud.com/vulnerabilities/95134
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.