Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2015.1478.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2015:1478-1)
Summary:The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2015:1478-1 advisory.
Description:Summary:
The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2015:1478-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise Server 11 SP2 LTSS kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2015-5707: An integer overflow in the SCSI generic driver could be
potentially used by local attackers to crash the kernel or execute code.
- CVE-2015-2830: arch/x86/kernel/entry_64.S in the Linux kernel did not
prevent the TS_COMPAT flag from reaching a user-mode task, which might
have allowed local users to bypass the seccomp or audit protection
mechanism via a crafted application that uses the (1) fork or (2) close
system call, as demonstrated by an attack against seccomp before 3.16
(bnc#926240).
- CVE-2015-0777: drivers/xen/usbback/usbback.c in the Linux kernel allowed
guest OS users to obtain sensitive information from uninitialized
locations in host OS kernel memory via unspecified vectors (bnc#917830).
- CVE-2015-2150: Xen and the Linux kernel did not properly restrict access
to PCI command registers, which might have allowed local guest users to
cause a denial of service (non-maskable interrupt and host crash) by
disabling the (1) memory or (2) I/O decoding for a PCI Express device
and then accessing the device, which triggers an Unsupported Request
(UR) response (bnc#919463).
- CVE-2015-5364: A remote denial of service (hang) via UDP flood with
incorrect package checksums was fixed. (bsc#936831).
- CVE-2015-5366: A remote denial of service (unexpected error returns) via
UDP flood with incorrect package checksums was fixed. (bsc#936831).
- CVE-2015-1420: CVE-2015-1420: Race condition in the handle_to_path
function in fs/fhandle.c in the Linux kernel allowed local users to
bypass intended size restrictions and trigger read operations on
additional memory locations by changing the handle_bytes value of a file
handle during the execution of this function (bnc#915517).
- CVE-2015-4700: A local user could have created a bad instruction in the
JIT processed BPF code, leading to a kernel crash (bnc#935705).
- CVE-2015-1805: The (1) pipe_read and (2) pipe_write implementations in
fs/pipe.c in the Linux kernel did not properly consider the side effects
of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls,
which allowed local users to cause a denial of service (system crash)
or possibly gain privileges via a crafted application, aka an 'I/O
vector array overrun' (bnc#933429).
- CVE-2015-3331: The __driver_rfc4106_decrypt function in
arch/x86/crypto/aesni-intel_glue.c in the Linux kernel did not properly
determine the memory locations used for encrypted data, which allowed
context-dependent attackers to cause a denial of service (buffer
overflow and system crash) or possibly execute arbitrary code by
triggering a crypto API call, as demonstrated by use of a libkcapi test
program with an AF_ALG(aead) socket (bnc#927257).
- CVE-2015-2922: The ndisc_router_discovery function in net... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'Linux Kernel' package(s) on SUSE Linux Enterprise Server 11-SP2, SUSE Linux Enterprise Debuginfo 11-SP2

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-8086
BugTraq ID: 70376
http://www.securityfocus.com/bid/70376
http://www.spinics.net/lists/linux-ext4/msg45685.html
http://www.spinics.net/lists/linux-ext4/msg45683.html
https://lkml.org/lkml/2014/10/8/545
https://lkml.org/lkml/2014/10/9/129
http://www.openwall.com/lists/oss-security/2014/10/09/25
RedHat Security Advisories: RHSA-2015:0290
http://rhn.redhat.com/errata/RHSA-2015-0290.html
RedHat Security Advisories: RHSA-2015:0694
http://rhn.redhat.com/errata/RHSA-2015-0694.html
SuSE Security Announcement: SUSE-SU-2015:1478 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html
XForce ISS Database: linux-kernel-cve20148086-dos(96922)
https://exchange.xforce.ibmcloud.com/vulnerabilities/96922
Common Vulnerability Exposure (CVE) ID: CVE-2014-8159
BugTraq ID: 73060
http://www.securityfocus.com/bid/73060
Debian Security Information: DSA-3237 (Google Search)
http://www.debian.org/security/2015/dsa-3237
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152747.html
RedHat Security Advisories: RHSA-2015:0674
http://rhn.redhat.com/errata/RHSA-2015-0674.html
RedHat Security Advisories: RHSA-2015:0695
http://rhn.redhat.com/errata/RHSA-2015-0695.html
RedHat Security Advisories: RHSA-2015:0726
http://rhn.redhat.com/errata/RHSA-2015-0726.html
RedHat Security Advisories: RHSA-2015:0751
http://rhn.redhat.com/errata/RHSA-2015-0751.html
RedHat Security Advisories: RHSA-2015:0782
http://rhn.redhat.com/errata/RHSA-2015-0782.html
RedHat Security Advisories: RHSA-2015:0783
http://rhn.redhat.com/errata/RHSA-2015-0783.html
RedHat Security Advisories: RHSA-2015:0803
http://rhn.redhat.com/errata/RHSA-2015-0803.html
RedHat Security Advisories: RHSA-2015:0870
http://rhn.redhat.com/errata/RHSA-2015-0870.html
RedHat Security Advisories: RHSA-2015:0919
http://rhn.redhat.com/errata/RHSA-2015-0919.html
http://www.securitytracker.com/id/1032224
SuSE Security Announcement: SUSE-SU-2015:1487 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html
SuSE Security Announcement: SUSE-SU-2015:1488 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html
SuSE Security Announcement: SUSE-SU-2015:1489 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html
SuSE Security Announcement: SUSE-SU-2015:1491 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html
http://www.ubuntu.com/usn/USN-2525-1
http://www.ubuntu.com/usn/USN-2526-1
http://www.ubuntu.com/usn/USN-2527-1
http://www.ubuntu.com/usn/USN-2528-1
http://www.ubuntu.com/usn/USN-2529-1
http://www.ubuntu.com/usn/USN-2530-1
http://www.ubuntu.com/usn/USN-2561-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-9683
BugTraq ID: 72643
http://www.securityfocus.com/bid/72643
Debian Security Information: DSA-3170 (Google Search)
http://www.debian.org/security/2015/dsa-3170
http://www.mandriva.com/security/advisories?name=MDVSA-2015:058
http://www.openwall.com/lists/oss-security/2015/02/17/9
RedHat Security Advisories: RHSA-2015:1272
http://rhn.redhat.com/errata/RHSA-2015-1272.html
http://www.securitytracker.com/id/1031860
http://www.ubuntu.com/usn/USN-2515-1
http://www.ubuntu.com/usn/USN-2516-1
http://www.ubuntu.com/usn/USN-2517-1
http://www.ubuntu.com/usn/USN-2518-1
http://www.ubuntu.com/usn/USN-2541-1
http://www.ubuntu.com/usn/USN-2542-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-0777
BugTraq ID: 73921
http://www.securityfocus.com/bid/73921
SuSE Security Announcement: SUSE-SU-2015:0658 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00001.html
SuSE Security Announcement: SUSE-SU-2015:1592 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html
SuSE Security Announcement: SUSE-SU-2015:1611 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-1420
BugTraq ID: 72357
http://www.securityfocus.com/bid/72357
http://marc.info/?l=linux-kernel&m=142247707318982&w=2
http://www.openwall.com/lists/oss-security/2015/01/29/12
SuSE Security Announcement: SUSE-SU-2015:1224 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html
SuSE Security Announcement: openSUSE-SU-2015:1382 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html
http://www.ubuntu.com/usn/USN-2660-1
http://www.ubuntu.com/usn/USN-2661-1
http://www.ubuntu.com/usn/USN-2665-1
http://www.ubuntu.com/usn/USN-2667-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-1421
BugTraq ID: 72356
http://www.securityfocus.com/bid/72356
http://www.openwall.com/lists/oss-security/2015/01/29/15
RedHat Security Advisories: RHSA-2015:0864
http://rhn.redhat.com/errata/RHSA-2015-0864.html
RedHat Security Advisories: RHSA-2015:1082
http://rhn.redhat.com/errata/RHSA-2015-1082.html
http://www.securitytracker.com/id/1032172
SuSE Security Announcement: SUSE-SU-2015:0832 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00001.html
http://www.ubuntu.com/usn/USN-2545-1
http://www.ubuntu.com/usn/USN-2546-1
http://www.ubuntu.com/usn/USN-2562-1
http://www.ubuntu.com/usn/USN-2563-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-1805
BugTraq ID: 74951
http://www.securityfocus.com/bid/74951
Debian Security Information: DSA-3290 (Google Search)
http://www.debian.org/security/2015/dsa-3290
http://www.openwall.com/lists/oss-security/2015/06/06/2
RedHat Security Advisories: RHSA-2015:1042
http://rhn.redhat.com/errata/RHSA-2015-1042.html
RedHat Security Advisories: RHSA-2015:1081
http://rhn.redhat.com/errata/RHSA-2015-1081.html
RedHat Security Advisories: RHSA-2015:1120
http://rhn.redhat.com/errata/RHSA-2015-1120.html
RedHat Security Advisories: RHSA-2015:1137
http://rhn.redhat.com/errata/RHSA-2015-1137.html
RedHat Security Advisories: RHSA-2015:1138
http://rhn.redhat.com/errata/RHSA-2015-1138.html
RedHat Security Advisories: RHSA-2015:1190
http://rhn.redhat.com/errata/RHSA-2015-1190.html
RedHat Security Advisories: RHSA-2015:1199
http://rhn.redhat.com/errata/RHSA-2015-1199.html
RedHat Security Advisories: RHSA-2015:1211
http://rhn.redhat.com/errata/RHSA-2015-1211.html
http://www.securitytracker.com/id/1032454
SuSE Security Announcement: SUSE-SU-2015:1324 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html
SuSE Security Announcement: SUSE-SU-2015:1490 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00010.html
http://www.ubuntu.com/usn/USN-2679-1
http://www.ubuntu.com/usn/USN-2680-1
http://www.ubuntu.com/usn/USN-2681-1
http://www.ubuntu.com/usn/USN-2967-1
http://www.ubuntu.com/usn/USN-2967-2
Common Vulnerability Exposure (CVE) ID: CVE-2015-2041
BugTraq ID: 72729
http://www.securityfocus.com/bid/72729
http://www.openwall.com/lists/oss-security/2015/02/20/19
SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
http://www.ubuntu.com/usn/USN-2560-1
http://www.ubuntu.com/usn/USN-2564-1
http://www.ubuntu.com/usn/USN-2565-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-2042
BugTraq ID: 72730
http://www.securityfocus.com/bid/72730
http://www.openwall.com/lists/oss-security/2015/02/20/20
Common Vulnerability Exposure (CVE) ID: CVE-2015-2150
BugTraq ID: 73014
http://www.securityfocus.com/bid/73014
Bugtraq: 20190813 [SECURITY] [DSA 4497-1] linux security update (Google Search)
https://seclists.org/bugtraq/2019/Aug/18
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155908.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155804.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155854.html
http://www.securitytracker.com/id/1031806
http://www.securitytracker.com/id/1031902
http://www.ubuntu.com/usn/USN-2631-1
http://www.ubuntu.com/usn/USN-2632-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-2830
http://www.openwall.com/lists/oss-security/2015/04/02/1
RedHat Security Advisories: RHSA-2015:1221
http://rhn.redhat.com/errata/RHSA-2015-1221.html
http://www.securitytracker.com/id/1032413
Common Vulnerability Exposure (CVE) ID: CVE-2015-2922
BugTraq ID: 74315
http://www.securityfocus.com/bid/74315
http://www.openwall.com/lists/oss-security/2015/04/04/2
RedHat Security Advisories: RHSA-2015:1534
http://rhn.redhat.com/errata/RHSA-2015-1534.html
RedHat Security Advisories: RHSA-2015:1564
http://rhn.redhat.com/errata/RHSA-2015-1564.html
http://www.securitytracker.com/id/1032417
Common Vulnerability Exposure (CVE) ID: CVE-2015-3331
http://www.openwall.com/lists/oss-security/2015/04/14/16
http://www.securitytracker.com/id/1032416
Common Vulnerability Exposure (CVE) ID: CVE-2015-3636
BugTraq ID: 74450
http://www.securityfocus.com/bid/74450
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157897.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157788.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158804.html
http://www.openwall.com/lists/oss-security/2015/05/02/5
RedHat Security Advisories: RHSA-2015:1583
http://rhn.redhat.com/errata/RHSA-2015-1583.html
RedHat Security Advisories: RHSA-2015:1643
http://rhn.redhat.com/errata/RHSA-2015-1643.html
http://www.securitytracker.com/id/1033186
http://www.ubuntu.com/usn/USN-2633-1
http://www.ubuntu.com/usn/USN-2634-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-4700
BugTraq ID: 75356
http://www.securityfocus.com/bid/75356
Debian Security Information: DSA-3329 (Google Search)
http://www.debian.org/security/2015/dsa-3329
http://www.openwall.com/lists/oss-security/2015/06/23/2
RedHat Security Advisories: RHSA-2015:1778
http://rhn.redhat.com/errata/RHSA-2015-1778.html
http://www.securitytracker.com/id/1033046
http://www.ubuntu.com/usn/USN-2683-1
http://www.ubuntu.com/usn/USN-2684-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-5364
BugTraq ID: 75510
http://www.securityfocus.com/bid/75510
Debian Security Information: DSA-3313 (Google Search)
http://www.debian.org/security/2015/dsa-3313
https://twitter.com/grsecurity/status/605854034260426753
http://www.openwall.com/lists/oss-security/2015/06/30/13
RedHat Security Advisories: RHSA-2015:1623
http://rhn.redhat.com/errata/RHSA-2015-1623.html
RedHat Security Advisories: RHSA-2015:1787
http://rhn.redhat.com/errata/RHSA-2015-1787.html
RedHat Security Advisories: RHSA-2016:0045
http://rhn.redhat.com/errata/RHSA-2016-0045.html
RedHat Security Advisories: RHSA-2016:1096
http://rhn.redhat.com/errata/RHSA-2016-1096.html
RedHat Security Advisories: RHSA-2016:1100
http://rhn.redhat.com/errata/RHSA-2016-1100.html
RedHat Security Advisories: RHSA-2016:1225
https://access.redhat.com/errata/RHSA-2016:1225
http://www.securitytracker.com/id/1032794
http://www.ubuntu.com/usn/USN-2682-1
http://www.ubuntu.com/usn/USN-2713-1
http://www.ubuntu.com/usn/USN-2714-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-5366
Common Vulnerability Exposure (CVE) ID: CVE-2015-5707
BugTraq ID: 76145
http://www.securityfocus.com/bid/76145
http://www.openwall.com/lists/oss-security/2015/08/01/6
http://www.securitytracker.com/id/1033521
SuSE Security Announcement: SUSE-SU-2015:2084 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00026.html
SuSE Security Announcement: SUSE-SU-2015:2085 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00027.html
SuSE Security Announcement: SUSE-SU-2015:2086 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00028.html
SuSE Security Announcement: SUSE-SU-2015:2087 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00029.html
SuSE Security Announcement: SUSE-SU-2015:2089 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00030.html
SuSE Security Announcement: SUSE-SU-2015:2090 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00031.html
SuSE Security Announcement: SUSE-SU-2015:2091 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00032.html
http://www.ubuntu.com/usn/USN-2733-1
http://www.ubuntu.com/usn/USN-2734-1
http://www.ubuntu.com/usn/USN-2737-1
http://www.ubuntu.com/usn/USN-2738-1
http://www.ubuntu.com/usn/USN-2750-1
http://www.ubuntu.com/usn/USN-2759-1
http://www.ubuntu.com/usn/USN-2760-1
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.