Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2015:2108-1)
Summary:The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2015:2108-1 advisory.
The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2015:2108-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to receive various security and bugfixes.
Following security bugs were fixed:
- CVE-2015-8104: Prevent guest to host DoS caused by infinite loop in
microcode via #DB exception (bsc#954404).
- CVE-2015-5307: Prevent guest to host DoS caused by infinite loop in
microcode via #AC exception (bsc#953527).
- CVE-2015-7990: RDS: Verify the underlying transport exists before
creating a connection, preventing possible DoS (bsc#952384).
- CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel on the
x86_64 platform mishandled IRET faults in processing NMIs that occurred
during userspace execution, which might have allowed local users to gain
privileges by triggering an NMI (bsc#938706).
- CVE-2015-7872: Possible crash when trying to garbage collect an
uninstantiated keyring (bsc#951440).
- CVE-2015-0272: Prevent remote DoS using IPv6 RA with bogus MTU by
validating before applying it (bsc#944296).
- CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in
the Linux kernel allowed local users to cause a denial of service (NULL
pointer dereference and system crash) or possibly have unspecified other
impact by using a socket that was not properly bound (bsc#945825).
- CVE-2015-6252: The vhost_dev_ioctl function in drivers/vhost/vhost.c in
the Linux kernel allowed local users to cause a denial of service
(memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggered
permanent file-descriptor allocation (bsc#942367).
The following non-security bugs were fixed:
- alsa: hda - Disable 64bit address for Creative HDA controllers
- btrfs: fix hang when failing to submit bio of directIO (bsc#942688).
- btrfs: fix memory corruption on failure to submit bio for direct IO
- btrfs: fix put dio bio twice when we submit dio bio fail (bsc#942688).
- dm sysfs: introduce ability to add writable attributes (bsc#904348).
- dm-snap: avoid deadock on s->lock when a read is split (bsc#939826).
- dm: do not start current request if it would have merged with the
previous (bsc#904348).
- dm: impose configurable deadline for dm_request_fn merge heuristic
- drm/i915: (re)init HPD interrupt storm statistics (bsc#942938).
- drm/i915: Add HPD IRQ storm detection (v5) (bsc#942938).
- drm/i915: Add Reenable Timer to turn Hotplug Detection back on (v4)
- drm/i915: Add bit field to record which pins have received HPD events
(v3) (bsc#942938).
- drm/i915: Add enum hpd_pin to intel_encoder (bsc#942938).
- drm/i915: Add messages useful for HPD storm detection debugging (v2)
- drm/i915: Avoid race of intel_crt_detect_hotplug() with HPD interrupt
- drm/i915: Convert HPD interrupts to make use of HPD pin assignment in
encoders (v2) (bsc#942938).
- drm/i915: Disable HPD interrupt on pin when irq storm is detected (v3)
(bsc#942938)... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'Linux Kernel' package(s) on SUSE Linux Enterprise Software Development Kit 11-SP3, SUSE Linux Enterprise Server for VMWare 11-SP3, SUSE Linux Enterprise Server 11-SP3, SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Desktop 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP3

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-0272
BugTraq ID: 76814
SuSE Security Announcement: SUSE-SU-2015:2108 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:2194 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:2292 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:2339 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:2350 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:0354 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:2074 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2015-5157
BugTraq ID: 76005
Debian Security Information: DSA-3313 (Google Search)
RedHat Security Advisories: RHSA-2016:0185
RedHat Security Advisories: RHSA-2016:0212
RedHat Security Advisories: RHSA-2016:0224
RedHat Security Advisories: RHSA-2016:0715
SuSE Security Announcement: SUSE-SU-2015:1727 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2015-5307
BugTraq ID: 77528
Debian Security Information: DSA-3396 (Google Search)
Debian Security Information: DSA-3414 (Google Search)
Debian Security Information: DSA-3454 (Google Search)
RedHat Security Advisories: RHSA-2015:2636
RedHat Security Advisories: RHSA-2015:2645
RedHat Security Advisories: RHSA-2016:0046
SuSE Security Announcement: openSUSE-SU-2015:2232 (Google Search)
SuSE Security Announcement: openSUSE-SU-2015:2250 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2015-6252
BugTraq ID: 76400
Debian Security Information: DSA-3364 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2015-6937
BugTraq ID: 76767
SuSE Security Announcement: SUSE-SU-2016:0335 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:0337 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:0380 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:0381 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:0383 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:0384 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:0386 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:0387 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:0434 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2015-7872
BugTraq ID: 77544
HPdes Security Advisory: HPSBGN03565
SuSE Security Announcement: openSUSE-SU-2016:1008 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2015-7990
BugTraq ID: 77340
Common Vulnerability Exposure (CVE) ID: CVE-2015-8104
BugTraq ID: 77524
BugTraq ID: 91787
Debian Security Information: DSA-3426 (Google Search)
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.