Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2015:1478-1)
Summary:The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2015:1478-1 advisory.
The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2015:1478-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise Server 11 SP2 LTSS kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2015-5707: An integer overflow in the SCSI generic driver could be
potentially used by local attackers to crash the kernel or execute code.
- CVE-2015-2830: arch/x86/kernel/entry_64.S in the Linux kernel did not
prevent the TS_COMPAT flag from reaching a user-mode task, which might
have allowed local users to bypass the seccomp or audit protection
mechanism via a crafted application that uses the (1) fork or (2) close
system call, as demonstrated by an attack against seccomp before 3.16
- CVE-2015-0777: drivers/xen/usbback/usbback.c in the Linux kernel allowed
guest OS users to obtain sensitive information from uninitialized
locations in host OS kernel memory via unspecified vectors (bnc#917830).
- CVE-2015-2150: Xen and the Linux kernel did not properly restrict access
to PCI command registers, which might have allowed local guest users to
cause a denial of service (non-maskable interrupt and host crash) by
disabling the (1) memory or (2) I/O decoding for a PCI Express device
and then accessing the device, which triggers an Unsupported Request
(UR) response (bnc#919463).
- CVE-2015-5364: A remote denial of service (hang) via UDP flood with
incorrect package checksums was fixed. (bsc#936831).
- CVE-2015-5366: A remote denial of service (unexpected error returns) via
UDP flood with incorrect package checksums was fixed. (bsc#936831).
- CVE-2015-1420: CVE-2015-1420: Race condition in the handle_to_path
function in fs/fhandle.c in the Linux kernel allowed local users to
bypass intended size restrictions and trigger read operations on
additional memory locations by changing the handle_bytes value of a file
handle during the execution of this function (bnc#915517).
- CVE-2015-4700: A local user could have created a bad instruction in the
JIT processed BPF code, leading to a kernel crash (bnc#935705).
- CVE-2015-1805: The (1) pipe_read and (2) pipe_write implementations in
fs/pipe.c in the Linux kernel did not properly consider the side effects
of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls,
which allowed local users to cause a denial of service (system crash)
or possibly gain privileges via a crafted application, aka an 'I/O
vector array overrun' (bnc#933429).
- CVE-2015-3331: The __driver_rfc4106_decrypt function in
arch/x86/crypto/aesni-intel_glue.c in the Linux kernel did not properly
determine the memory locations used for encrypted data, which allowed
context-dependent attackers to cause a denial of service (buffer
overflow and system crash) or possibly execute arbitrary code by
triggering a crypto API call, as demonstrated by use of a libkcapi test
program with an AF_ALG(aead) socket (bnc#927257).
- CVE-2015-2922: The ndisc_router_discovery function in net... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'Linux Kernel' package(s) on SUSE Linux Enterprise Server 11-SP2, SUSE Linux Enterprise Debuginfo 11-SP2

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-8086
BugTraq ID: 70376
RedHat Security Advisories: RHSA-2015:0290
RedHat Security Advisories: RHSA-2015:0694
SuSE Security Announcement: SUSE-SU-2015:1478 (Google Search)
XForce ISS Database: linux-kernel-cve20148086-dos(96922)
Common Vulnerability Exposure (CVE) ID: CVE-2014-8159
BugTraq ID: 73060
Debian Security Information: DSA-3237 (Google Search)
RedHat Security Advisories: RHSA-2015:0674
RedHat Security Advisories: RHSA-2015:0695
RedHat Security Advisories: RHSA-2015:0726
RedHat Security Advisories: RHSA-2015:0751
RedHat Security Advisories: RHSA-2015:0782
RedHat Security Advisories: RHSA-2015:0783
RedHat Security Advisories: RHSA-2015:0803
RedHat Security Advisories: RHSA-2015:0870
RedHat Security Advisories: RHSA-2015:0919
SuSE Security Announcement: SUSE-SU-2015:1487 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1488 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1489 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1491 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2014-9683
BugTraq ID: 72643
Debian Security Information: DSA-3170 (Google Search)
RedHat Security Advisories: RHSA-2015:1272
Common Vulnerability Exposure (CVE) ID: CVE-2015-0777
BugTraq ID: 73921
SuSE Security Announcement: SUSE-SU-2015:0658 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1592 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1611 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2015-1420
BugTraq ID: 72357
SuSE Security Announcement: SUSE-SU-2015:1224 (Google Search)
SuSE Security Announcement: openSUSE-SU-2015:1382 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2015-1421
BugTraq ID: 72356
RedHat Security Advisories: RHSA-2015:0864
RedHat Security Advisories: RHSA-2015:1082
SuSE Security Announcement: SUSE-SU-2015:0832 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2015-1805
BugTraq ID: 74951
Debian Security Information: DSA-3290 (Google Search)
RedHat Security Advisories: RHSA-2015:1042
RedHat Security Advisories: RHSA-2015:1081
RedHat Security Advisories: RHSA-2015:1120
RedHat Security Advisories: RHSA-2015:1137
RedHat Security Advisories: RHSA-2015:1138
RedHat Security Advisories: RHSA-2015:1190
RedHat Security Advisories: RHSA-2015:1199
RedHat Security Advisories: RHSA-2015:1211
SuSE Security Announcement: SUSE-SU-2015:1324 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1490 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2015-2041
BugTraq ID: 72729
SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2015-2042
BugTraq ID: 72730
Common Vulnerability Exposure (CVE) ID: CVE-2015-2150
BugTraq ID: 73014
Bugtraq: 20190813 [SECURITY] [DSA 4497-1] linux security update (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2015-2830
RedHat Security Advisories: RHSA-2015:1221
Common Vulnerability Exposure (CVE) ID: CVE-2015-2922
BugTraq ID: 74315
RedHat Security Advisories: RHSA-2015:1534
RedHat Security Advisories: RHSA-2015:1564
Common Vulnerability Exposure (CVE) ID: CVE-2015-3331
Common Vulnerability Exposure (CVE) ID: CVE-2015-3636
BugTraq ID: 74450
RedHat Security Advisories: RHSA-2015:1583
RedHat Security Advisories: RHSA-2015:1643
Common Vulnerability Exposure (CVE) ID: CVE-2015-4700
BugTraq ID: 75356
Debian Security Information: DSA-3329 (Google Search)
RedHat Security Advisories: RHSA-2015:1778
Common Vulnerability Exposure (CVE) ID: CVE-2015-5364
BugTraq ID: 75510
Debian Security Information: DSA-3313 (Google Search)
RedHat Security Advisories: RHSA-2015:1623
RedHat Security Advisories: RHSA-2015:1787
RedHat Security Advisories: RHSA-2016:0045
RedHat Security Advisories: RHSA-2016:1096
RedHat Security Advisories: RHSA-2016:1100
RedHat Security Advisories: RHSA-2016:1225
Common Vulnerability Exposure (CVE) ID: CVE-2015-5366
Common Vulnerability Exposure (CVE) ID: CVE-2015-5707
BugTraq ID: 76145
SuSE Security Announcement: SUSE-SU-2015:2084 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:2085 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:2086 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:2087 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:2089 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:2090 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:2091 (Google Search)
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.