Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2015.0481.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2015:0481-1)
Summary:The remote host is missing an update for the 'Linux kernel' package(s) announced via the SUSE-SU-2015:0481-1 advisory.
Description:Summary:
The remote host is missing an update for the 'Linux kernel' package(s) announced via the SUSE-SU-2015:0481-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise 11 Service Pack 2 LTSS kernel has been updated to fix security issues on kernels on the x86_64 architecture.

The following security bugs have been fixed:

* CVE-2012-4398: The __request_module function in kernel/kmod.c in the
Linux kernel before 3.4 did not set a certain killable attribute,
which allowed local users to cause a denial of service (memory
consumption) via a crafted application (bnc#779488).
* CVE-2013-2893: The Human Interface Device (HID) subsystem in the
Linux kernel through 3.11, when CONFIG_LOGITECH_FF,
CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled, allowed
physically proximate attackers to cause a denial of service
(heap-based out-of-bounds write) via a crafted device, related to
(1) drivers/hid/hid-lgff.c, (2) drivers/hid/hid-lg3ff.c, and (3)
drivers/hid/hid-lg4ff.c (bnc#835839).
* CVE-2013-2897: Multiple array index errors in
drivers/hid/hid-multitouch.c in the Human Interface Device (HID)
subsystem in the Linux kernel through 3.11, when
CONFIG_HID_MULTITOUCH is enabled, allowed physically proximate
attackers to cause a denial of service (heap memory corruption, or
NULL pointer dereference and OOPS) via a crafted device (bnc#835839).
* CVE-2013-2899: drivers/hid/hid-picolcd_core.c in the Human Interface
Device (HID) subsystem in the Linux kernel through 3.11, when
CONFIG_HID_PICOLCD is enabled, allowed physically proximate
attackers to cause a denial of service (NULL pointer dereference and
OOPS) via a crafted device (bnc#835839).
* CVE-2013-2929: The Linux kernel before 3.12.2 did not properly use
the get_dumpable function, which allowed local users to bypass
intended ptrace restrictions or obtain sensitive information from
IA64 scratch registers via a crafted application, related to
kernel/ptrace.c and arch/ia64/include/asm/processor.h (bnc#847652).
* CVE-2013-7263: The Linux kernel before 3.12.4 updates certain length
values before ensuring that associated data structures have been
initialized, which allowed local users to obtain sensitive
information from kernel stack memory via a (1) recvfrom, (2)
recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c,
net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c
(bnc#857643).
* CVE-2014-0131: Use-after-free vulnerability in the skb_segment
function in net/core/skbuff.c in the Linux kernel through 3.13.6
allowed attackers to obtain sensitive information from kernel memory
by leveraging the absence of a certain orphaning operation
(bnc#867723).
* CVE-2014-0181: The Netlink implementation in the Linux kernel
through 3.14.1 did not provide a mechanism for authorizing socket
operations based on the opener of a socket, which allowed local
users to bypass intended access restrictions and modify network
configurations by using a Netlink socket for the (1) stdout or (2)
stderr of a setuid program (bnc#875051).
... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'Linux kernel' package(s) on SUSE Linux Enterprise Server 11 SP2, SLE 11

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-5313
BugTraq ID: 71363
http://www.securityfocus.com/bid/71363
http://www.openwall.com/lists/oss-security/2014/11/13/7
RedHat Security Advisories: RHSA-2016:0855
http://rhn.redhat.com/errata/RHSA-2016-0855.html
SuSE Security Announcement: SUSE-SU-2015:0652 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html
Common Vulnerability Exposure (CVE) ID: CVE-2012-4398
BugTraq ID: 55361
http://www.securityfocus.com/bid/55361
http://lkml.indiana.edu/hypermail/linux/kernel/1202.0/03340.html
http://www.openwall.com/lists/oss-security/2012/09/02/3
RedHat Security Advisories: RHSA-2013:0223
http://rhn.redhat.com/errata/RHSA-2013-0223.html
RedHat Security Advisories: RHSA-2013:1348
http://rhn.redhat.com/errata/RHSA-2013-1348.html
http://secunia.com/advisories/55077
SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-2893
BugTraq ID: 62050
http://www.securityfocus.com/bid/62050
http://marc.info/?l=linux-input&m=137772186714627&w=1
http://openwall.com/lists/oss-security/2013/08/28/13
RedHat Security Advisories: RHSA-2013:1490
http://rhn.redhat.com/errata/RHSA-2013-1490.html
http://www.ubuntu.com/usn/USN-2015-1
http://www.ubuntu.com/usn/USN-2016-1
http://www.ubuntu.com/usn/USN-2019-1
http://www.ubuntu.com/usn/USN-2020-1
http://www.ubuntu.com/usn/USN-2021-1
http://www.ubuntu.com/usn/USN-2022-1
http://www.ubuntu.com/usn/USN-2023-1
http://www.ubuntu.com/usn/USN-2024-1
http://www.ubuntu.com/usn/USN-2038-1
http://www.ubuntu.com/usn/USN-2039-1
http://www.ubuntu.com/usn/USN-2050-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-2897
BugTraq ID: 62044
http://www.securityfocus.com/bid/62044
http://marc.info/?l=linux-input&m=137772190214635&w=1
Common Vulnerability Exposure (CVE) ID: CVE-2013-2899
http://marc.info/?l=linux-input&m=137772191714649&w=1
http://www.ubuntu.com/usn/USN-1995-1
http://www.ubuntu.com/usn/USN-1998-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-2929
BugTraq ID: 64111
http://www.securityfocus.com/bid/64111
RedHat Security Advisories: RHSA-2014:0100
http://rhn.redhat.com/errata/RHSA-2014-0100.html
RedHat Security Advisories: RHSA-2014:0159
http://rhn.redhat.com/errata/RHSA-2014-0159.html
RedHat Security Advisories: RHSA-2014:0285
http://rhn.redhat.com/errata/RHSA-2014-0285.html
RedHat Security Advisories: RHSA-2018:1252
https://access.redhat.com/errata/RHSA-2018:1252
http://www.ubuntu.com/usn/USN-2070-1
http://www.ubuntu.com/usn/USN-2075-1
http://www.ubuntu.com/usn/USN-2109-1
http://www.ubuntu.com/usn/USN-2110-1
http://www.ubuntu.com/usn/USN-2111-1
http://www.ubuntu.com/usn/USN-2112-1
http://www.ubuntu.com/usn/USN-2114-1
http://www.ubuntu.com/usn/USN-2115-1
http://www.ubuntu.com/usn/USN-2116-1
http://www.ubuntu.com/usn/USN-2128-1
http://www.ubuntu.com/usn/USN-2129-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-7263
http://www.openwall.com/lists/oss-security/2013/11/28/13
http://seclists.org/oss-sec/2014/q1/29
http://secunia.com/advisories/55882
http://secunia.com/advisories/56036
SuSE Security Announcement: SUSE-SU-2014:0459 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html
SuSE Security Announcement: SUSE-SU-2015:0736 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html
http://www.ubuntu.com/usn/USN-2107-1
http://www.ubuntu.com/usn/USN-2108-1
http://www.ubuntu.com/usn/USN-2113-1
http://www.ubuntu.com/usn/USN-2117-1
http://www.ubuntu.com/usn/USN-2135-1
http://www.ubuntu.com/usn/USN-2136-1
http://www.ubuntu.com/usn/USN-2138-1
http://www.ubuntu.com/usn/USN-2139-1
http://www.ubuntu.com/usn/USN-2141-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-0131
http://www.spinics.net/lists/netdev/msg274250.html
http://www.spinics.net/lists/netdev/msg274316.html
http://www.openwall.com/lists/oss-security/2014/03/10/4
Common Vulnerability Exposure (CVE) ID: CVE-2014-0181
http://marc.info/?l=linux-netdev&m=139828832919748&w=2
http://www.openwall.com/lists/oss-security/2014/04/23/6
RedHat Security Advisories: RHSA-2014:1959
http://rhn.redhat.com/errata/RHSA-2014-1959.html
SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-2309
BugTraq ID: 66095
http://www.securityfocus.com/bid/66095
http://www.openwall.com/lists/oss-security/2014/03/08/1
http://www.securitytracker.com/id/1029894
http://secunia.com/advisories/57250
Common Vulnerability Exposure (CVE) ID: CVE-2014-3181
BugTraq ID: 69779
http://www.securityfocus.com/bid/69779
https://code.google.com/p/google-security-research/issues/detail?id=100
http://www.openwall.com/lists/oss-security/2014/09/11/21
RedHat Security Advisories: RHSA-2014:1318
http://rhn.redhat.com/errata/RHSA-2014-1318.html
http://www.ubuntu.com/usn/USN-2376-1
http://www.ubuntu.com/usn/USN-2377-1
http://www.ubuntu.com/usn/USN-2378-1
http://www.ubuntu.com/usn/USN-2379-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-3184
BugTraq ID: 69768
http://www.securityfocus.com/bid/69768
https://code.google.com/p/google-security-research/issues/detail?id=91
RedHat Security Advisories: RHSA-2015:1272
http://rhn.redhat.com/errata/RHSA-2015-1272.html
http://www.ubuntu.com/usn/USN-2374-1
http://www.ubuntu.com/usn/USN-2375-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-3185
BugTraq ID: 69781
http://www.securityfocus.com/bid/69781
https://code.google.com/p/google-security-research/issues/detail?id=98
RedHat Security Advisories: RHSA-2015:0284
http://rhn.redhat.com/errata/RHSA-2015-0284.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-3186
BugTraq ID: 69763
http://www.securityfocus.com/bid/69763
https://code.google.com/p/google-security-research/issues/detail?id=101
http://www.openwall.com/lists/oss-security/2014/09/11/22
Common Vulnerability Exposure (CVE) ID: CVE-2014-3601
BugTraq ID: 69489
http://www.securityfocus.com/bid/69489
http://secunia.com/advisories/60830
http://www.ubuntu.com/usn/USN-2356-1
http://www.ubuntu.com/usn/USN-2357-1
http://www.ubuntu.com/usn/USN-2358-1
http://www.ubuntu.com/usn/USN-2359-1
XForce ISS Database: linux-kernel-cve20143601-dos(95689)
https://exchange.xforce.ibmcloud.com/vulnerabilities/95689
Common Vulnerability Exposure (CVE) ID: CVE-2014-3610
BugTraq ID: 70742
http://www.securityfocus.com/bid/70742
Debian Security Information: DSA-3060 (Google Search)
http://www.debian.org/security/2014/dsa-3060
http://www.openwall.com/lists/oss-security/2014/10/24/9
RedHat Security Advisories: RHSA-2015:0869
http://rhn.redhat.com/errata/RHSA-2015-0869.html
http://www.ubuntu.com/usn/USN-2394-1
http://www.ubuntu.com/usn/USN-2417-1
http://www.ubuntu.com/usn/USN-2418-1
http://www.ubuntu.com/usn/USN-2491-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-3646
RedHat Security Advisories: RHSA-2015:0126
http://rhn.redhat.com/errata/RHSA-2015-0126.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-3647
BugTraq ID: 70748
http://www.securityfocus.com/bid/70748
Common Vulnerability Exposure (CVE) ID: CVE-2014-3673
BugTraq ID: 70883
http://www.securityfocus.com/bid/70883
HPdes Security Advisory: HPSBGN03282
http://marc.info/?l=bugtraq&m=142722544401658&w=2
HPdes Security Advisory: HPSBGN03285
http://marc.info/?l=bugtraq&m=142722450701342&w=2
RedHat Security Advisories: RHSA-2015:0062
http://rhn.redhat.com/errata/RHSA-2015-0062.html
RedHat Security Advisories: RHSA-2015:0115
http://rhn.redhat.com/errata/RHSA-2015-0115.html
http://secunia.com/advisories/62428
SuSE Security Announcement: SUSE-SU-2015:0529 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-3687
BugTraq ID: 70766
http://www.securityfocus.com/bid/70766
SuSE Security Announcement: SUSE-SU-2015:0178 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html
SuSE Security Announcement: SUSE-SU-2015:1489 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-3688
http://www.openwall.com/lists/oss-security/2014/11/13/8
Common Vulnerability Exposure (CVE) ID: CVE-2014-3690
BugTraq ID: 70691
http://www.securityfocus.com/bid/70691
http://www.mandriva.com/security/advisories?name=MDVSA-2015:058
http://www.openwall.com/lists/oss-security/2014/10/21/4
http://www.openwall.com/lists/oss-security/2014/10/29/7
RedHat Security Advisories: RHSA-2015:0290
http://rhn.redhat.com/errata/RHSA-2015-0290.html
RedHat Security Advisories: RHSA-2015:0782
http://rhn.redhat.com/errata/RHSA-2015-0782.html
RedHat Security Advisories: RHSA-2015:0864
http://rhn.redhat.com/errata/RHSA-2015-0864.html
http://secunia.com/advisories/60174
http://www.ubuntu.com/usn/USN-2419-1
http://www.ubuntu.com/usn/USN-2420-1
http://www.ubuntu.com/usn/USN-2421-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-4608
BugTraq ID: 68214
http://www.securityfocus.com/bid/68214
http://blog.securitymouse.com/2014/06/raising-lazarus-20-year-old-bug-that.html
http://www.oberhumer.com/opensource/lzo/
https://www.securitymouse.com/lms-2014-06-16-2
http://www.openwall.com/lists/oss-security/2014/06/26/21
http://secunia.com/advisories/60011
http://secunia.com/advisories/62633
http://www.ubuntu.com/usn/USN-2416-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-4943
Debian Security Information: DSA-2992 (Google Search)
http://www.debian.org/security/2014/dsa-2992
http://www.exploit-db.com/exploits/36267
http://openwall.com/lists/oss-security/2014/07/17/1
http://osvdb.org/show/osvdb/109277
RedHat Security Advisories: RHSA-2014:1025
http://rhn.redhat.com/errata/RHSA-2014-1025.html
http://www.securitytracker.com/id/1030610
http://secunia.com/advisories/59790
http://secunia.com/advisories/60071
http://secunia.com/advisories/60220
http://secunia.com/advisories/60380
http://secunia.com/advisories/60393
SuSE Security Announcement: SUSE-SU-2014:1316 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html
SuSE Security Announcement: SUSE-SU-2014:1319 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html
XForce ISS Database: linux-kernel-cve20144943-priv-esc(94665)
https://exchange.xforce.ibmcloud.com/vulnerabilities/94665
Common Vulnerability Exposure (CVE) ID: CVE-2014-5471
BugTraq ID: 69396
http://www.securityfocus.com/bid/69396
https://code.google.com/p/google-security-research/issues/detail?id=88
http://seclists.org/oss-sec/2014/q3/450
http://www.openwall.com/lists/oss-security/2014/08/27/1
RedHat Security Advisories: RHSA-2015:0102
http://rhn.redhat.com/errata/RHSA-2015-0102.html
RedHat Security Advisories: RHSA-2015:0695
http://rhn.redhat.com/errata/RHSA-2015-0695.html
RedHat Security Advisories: RHSA-2015:0803
http://rhn.redhat.com/errata/RHSA-2015-0803.html
http://www.ubuntu.com/usn/USN-2354-1
http://www.ubuntu.com/usn/USN-2355-1
XForce ISS Database: linux-kernel-isofs-bo(95481)
https://exchange.xforce.ibmcloud.com/vulnerabilities/95481
Common Vulnerability Exposure (CVE) ID: CVE-2014-5472
BugTraq ID: 69428
http://www.securityfocus.com/bid/69428
XForce ISS Database: linux-kernel-cve20145472-dos(95556)
https://exchange.xforce.ibmcloud.com/vulnerabilities/95556
Common Vulnerability Exposure (CVE) ID: CVE-2014-7826
BugTraq ID: 70971
http://www.securityfocus.com/bid/70971
http://www.openwall.com/lists/oss-security/2014/11/06/11
RedHat Security Advisories: RHSA-2014:1943
http://rhn.redhat.com/errata/RHSA-2014-1943.html
XForce ISS Database: linux-kernel-cve20147826-dos(98556)
https://exchange.xforce.ibmcloud.com/vulnerabilities/98556
Common Vulnerability Exposure (CVE) ID: CVE-2014-7841
BugTraq ID: 71081
http://www.securityfocus.com/bid/71081
Debian Security Information: DSA-3093 (Google Search)
http://www.debian.org/security/2014/dsa-3093
http://www.openwall.com/lists/oss-security/2014/11/13/6
RedHat Security Advisories: RHSA-2015:0087
http://rhn.redhat.com/errata/RHSA-2015-0087.html
RedHat Security Advisories: RHSA-2015:0285
http://rhn.redhat.com/errata/RHSA-2015-0285.html
http://secunia.com/advisories/62305
http://secunia.com/advisories/62597
http://secunia.com/advisories/62735
Common Vulnerability Exposure (CVE) ID: CVE-2014-7842
BugTraq ID: 71078
http://www.securityfocus.com/bid/71078
http://secunia.com/advisories/62326
http://secunia.com/advisories/62336
Common Vulnerability Exposure (CVE) ID: CVE-2014-8134
BugTraq ID: 71650
http://www.securityfocus.com/bid/71650
http://www.spinics.net/lists/kvm/msg111458.html
SuSE Security Announcement: openSUSE-SU-2015:0714 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-8369
BugTraq ID: 70747
http://www.securityfocus.com/bid/70747
BugTraq ID: 70749
http://www.securityfocus.com/bid/70749
https://lkml.org/lkml/2014/10/24/460
http://www.openwall.com/lists/oss-security/2014/10/24/7
RedHat Security Advisories: RHSA-2015:0674
http://rhn.redhat.com/errata/RHSA-2015-0674.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-8559
BugTraq ID: 70854
http://www.securityfocus.com/bid/70854
Debian Security Information: DSA-3170 (Google Search)
http://www.debian.org/security/2015/dsa-3170
https://lkml.org/lkml/2014/10/25/171
https://lkml.org/lkml/2014/10/25/179
https://lkml.org/lkml/2014/10/25/180
https://lkml.org/lkml/2014/10/26/101
https://lkml.org/lkml/2014/10/26/116
https://lkml.org/lkml/2014/10/26/128
https://lkml.org/lkml/2014/10/26/129
http://www.openwall.com/lists/oss-security/2014/10/30/7
RedHat Security Advisories: RHSA-2015:1976
http://rhn.redhat.com/errata/RHSA-2015-1976.html
RedHat Security Advisories: RHSA-2015:1978
http://rhn.redhat.com/errata/RHSA-2015-1978.html
http://www.securitytracker.com/id/1034051
http://secunia.com/advisories/62801
http://www.ubuntu.com/usn/USN-2492-1
http://www.ubuntu.com/usn/USN-2493-1
http://www.ubuntu.com/usn/USN-2515-1
http://www.ubuntu.com/usn/USN-2516-1
http://www.ubuntu.com/usn/USN-2517-1
http://www.ubuntu.com/usn/USN-2518-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-8709
BugTraq ID: 70965
http://www.securityfocus.com/bid/70965
http://www.openwall.com/lists/oss-security/2014/11/09/1
http://www.securitytracker.com/id/1037968
XForce ISS Database: linux-kernel-cve20148709-info-disclsoure(98922)
https://exchange.xforce.ibmcloud.com/vulnerabilities/98922
Common Vulnerability Exposure (CVE) ID: CVE-2014-9584
BugTraq ID: 71883
http://www.securityfocus.com/bid/71883
Debian Security Information: DSA-3128 (Google Search)
http://www.debian.org/security/2015/dsa-3128
http://www.openwall.com/lists/oss-security/2015/01/09/4
RedHat Security Advisories: RHSA-2015:1137
http://rhn.redhat.com/errata/RHSA-2015-1137.html
RedHat Security Advisories: RHSA-2015:1138
http://rhn.redhat.com/errata/RHSA-2015-1138.html
http://www.ubuntu.com/usn/USN-2511-1
http://www.ubuntu.com/usn/USN-2512-1
http://www.ubuntu.com/usn/USN-2513-1
http://www.ubuntu.com/usn/USN-2514-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-9585
BugTraq ID: 71990
http://www.securityfocus.com/bid/71990
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148480.html
http://git.kernel.org/?p=linux/kernel/git/luto/linux.git;a=commit;h=bc3b94c31d65e761ddfe150d02932c65971b74e2
http://v0ids3curity.blogspot.in/2014/12/return-to-vdso-using-elf-auxiliary.html
http://www.openwall.com/lists/oss-security/2014/12/09/10
http://www.openwall.com/lists/oss-security/2015/01/09/8
RedHat Security Advisories: RHSA-2015:1081
http://rhn.redhat.com/errata/RHSA-2015-1081.html
RedHat Security Advisories: RHSA-2015:1778
http://rhn.redhat.com/errata/RHSA-2015-1778.html
RedHat Security Advisories: RHSA-2015:1787
http://rhn.redhat.com/errata/RHSA-2015-1787.html
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.