Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2017:2525-1)
Summary:The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2017:2525-1 advisory.
The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2017:2525-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2016-5243: The tipc_nl_compat_link_dump function in
net/tipc/netlink_compat.c in the Linux kernel did not properly copy a
certain string, which allowed local users to obtain sensitive
information from kernel stack memory by reading a Netlink message
- CVE-2016-10200: Race condition in the L2TPv3 IP Encapsulation feature in
the Linux kernel allowed local users to gain privileges or cause a
denial of service (use-after-free) by making multiple bind system calls
without properly ascertaining whether a socket has the SOCK_ZAPPED
status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c
- CVE-2017-2647: The KEYS subsystem in the Linux kernel allowed local
users to gain privileges or cause a denial of service (NULL pointer
dereference and system crash) via vectors involving a NULL value for a
certain match field, related to the keyring_search_iterator function in
keyring.c (bsc#1030593).
- CVE-2017-2671: The ping_unhash function in net/ipv4/ping.c in the Linux
kernel was too late in obtaining a certain lock and consequently could
not ensure that disconnect function calls are safe, which allowed local
users to cause a denial of service (panic) by leveraging access to the
protocol value of IPPROTO_ICMP in a socket system call (bnc#1031003)
- CVE-2017-5669: The do_shmat function in ipc/shm.c in the Linux kernel
did not restrict the address calculated by a certain rounding operation,
which allowed local users to map page zero, and consequently bypass a
protection mechanism that exists for the mmap system call, by making
crafted shmget and shmat system calls in a privileged context
- CVE-2017-5970: The ipv4_pktinfo_prepare function in
net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a
denial of service (system crash) via (1) an application that made
crafted system calls or possibly (2) IPv4 traffic with invalid IP
options (bsc#1024938)
- CVE-2017-5986: Race condition in the sctp_wait_for_sndbuf function in
net/sctp/socket.c in the Linux kernel allowed local users to cause a
denial of service (assertion failure and panic) via a multithreaded
application that peels off an association in a certain buffer-full state
- CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c
in the Linux kernel mishandled DCCP_PKT_REQUEST packet data structures
in the LISTEN state, which allowed local users to obtain root privileges
or cause a denial of service (double free) via an application that made
an IPV6_RECVPKTINFO setsockopt system call (bnc#1026024)
- CVE-2017-6214: The tcp_splice_read function in net/ipv4/tcp.c in the
Linux kernel allowed remote attackers to cause a denial of service
(infinite loop and soft lockup) via vectors ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'Linux Kernel' package(s) on SUSE Linux Enterprise Server 11-SP3, SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP3

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2016-5243
BugTraq ID: 91334
Debian Security Information: DSA-3607 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2017-2647
BugTraq ID: 97258
RedHat Security Advisories: RHSA-2017:1842
RedHat Security Advisories: RHSA-2017:2077
RedHat Security Advisories: RHSA-2017:2437
RedHat Security Advisories: RHSA-2017:2444
Common Vulnerability Exposure (CVE) ID: CVE-2017-2671
BugTraq ID: 97407
RedHat Security Advisories: RHSA-2017:2669
RedHat Security Advisories: RHSA-2018:1854
Common Vulnerability Exposure (CVE) ID: CVE-2017-5669
BugTraq ID: 96754
Debian Security Information: DSA-3804 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2017-5970
BugTraq ID: 96233
Debian Security Information: DSA-3791 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2017-5986
BugTraq ID: 96222
RedHat Security Advisories: RHSA-2017:1308
Common Vulnerability Exposure (CVE) ID: CVE-2017-6074
BugTraq ID: 96310
RedHat Security Advisories: RHSA-2017:0293
RedHat Security Advisories: RHSA-2017:0294
RedHat Security Advisories: RHSA-2017:0295
RedHat Security Advisories: RHSA-2017:0316
RedHat Security Advisories: RHSA-2017:0323
RedHat Security Advisories: RHSA-2017:0324
RedHat Security Advisories: RHSA-2017:0345
RedHat Security Advisories: RHSA-2017:0346
RedHat Security Advisories: RHSA-2017:0347
RedHat Security Advisories: RHSA-2017:0365
RedHat Security Advisories: RHSA-2017:0366
RedHat Security Advisories: RHSA-2017:0403
RedHat Security Advisories: RHSA-2017:0501
RedHat Security Advisories: RHSA-2017:0932
RedHat Security Advisories: RHSA-2017:1209
Common Vulnerability Exposure (CVE) ID: CVE-2017-6214
BugTraq ID: 96421
RedHat Security Advisories: RHSA-2017:1372
RedHat Security Advisories: RHSA-2017:1615
RedHat Security Advisories: RHSA-2017:1616
RedHat Security Advisories: RHSA-2017:1647
Common Vulnerability Exposure (CVE) ID: CVE-2017-6348
BugTraq ID: 96483
Common Vulnerability Exposure (CVE) ID: CVE-2017-6353
BugTraq ID: 96473
Common Vulnerability Exposure (CVE) ID: CVE-2017-6951
BugTraq ID: 96943
Common Vulnerability Exposure (CVE) ID: CVE-2017-7184
BugTraq ID: 97018
RedHat Security Advisories: RHSA-2017:2918
RedHat Security Advisories: RHSA-2017:2930
RedHat Security Advisories: RHSA-2017:2931
RedHat Security Advisories: RHSA-2019:4159
Common Vulnerability Exposure (CVE) ID: CVE-2017-7187
BugTraq ID: 96989
Common Vulnerability Exposure (CVE) ID: CVE-2017-7261
BugTraq ID: 97096
Common Vulnerability Exposure (CVE) ID: CVE-2017-7294
BugTraq ID: 97177
RedHat Security Advisories: RHSA-2018:0676
RedHat Security Advisories: RHSA-2018:1062
Common Vulnerability Exposure (CVE) ID: CVE-2017-7308
BugTraq ID: 97234
RedHat Security Advisories: RHSA-2017:1297
RedHat Security Advisories: RHSA-2017:1298
Common Vulnerability Exposure (CVE) ID: CVE-2017-7482
BugTraq ID: 99299
Debian Security Information: DSA-3927 (Google Search)
Debian Security Information: DSA-3945 (Google Search)
RedHat Security Advisories: RHSA-2019:0641
Common Vulnerability Exposure (CVE) ID: CVE-2017-7487
BugTraq ID: 98439
Debian Security Information: DSA-3886 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2017-7533
BugTraq ID: 100123
RedHat Security Advisories: RHSA-2017:2473
RedHat Security Advisories: RHSA-2017:2585
RedHat Security Advisories: RHSA-2017:2770
RedHat Security Advisories: RHSA-2017:2869
Common Vulnerability Exposure (CVE) ID: CVE-2017-7542
BugTraq ID: 99953
RedHat Security Advisories: RHSA-2018:0169
Common Vulnerability Exposure (CVE) ID: CVE-2017-7616
BugTraq ID: 97527
Common Vulnerability Exposure (CVE) ID: CVE-2017-8831
BugTraq ID: 99619
Common Vulnerability Exposure (CVE) ID: CVE-2017-8890
BugTraq ID: 98562
Common Vulnerability Exposure (CVE) ID: CVE-2017-8924
BugTraq ID: 98451
Common Vulnerability Exposure (CVE) ID: CVE-2017-8925
BugTraq ID: 98462
Common Vulnerability Exposure (CVE) ID: CVE-2017-9074
BugTraq ID: 98577
Common Vulnerability Exposure (CVE) ID: CVE-2017-9075
BugTraq ID: 98597
Common Vulnerability Exposure (CVE) ID: CVE-2017-9076
BugTraq ID: 98586
Common Vulnerability Exposure (CVE) ID: CVE-2017-9077
BugTraq ID: 98583
Common Vulnerability Exposure (CVE) ID: CVE-2017-9242
BugTraq ID: 98731
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.