Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2018:1172-1)
Summary:The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2018:1172-1 advisory.
The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2018:1172-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-1087: And an unprivileged KVM guest user could use this flaw to
potentially escalate their privileges inside a guest. (bsc#1087088)
- CVE-2018-8897: An unprivileged system user could use incorrect set up
interrupt stacks to crash the Linux kernel resulting in DoS issue.
- CVE-2018-10124: The kill_something_info function in kernel/signal.c
might allow local users to cause a denial of service via an INT_MIN
argument (bnc#1089752).
- CVE-2018-10087: The kernel_wait4 function in kernel/exit.c might allow
local users to cause a denial of service by triggering an attempted use
of the -INT_MIN value (bnc#1089608).
- CVE-2018-7757: Memory leak in the sas_smp_get_phy_events function in
drivers/scsi/libsas/sas_expander.c allowed local users to cause a denial
of service (memory consumption) via many read accesses to files in the
/sys/class/sas_phy directory, as demonstrated by the
/sys/class/sas_phy/phy-1:0:12/invalid_dword_count file (bnc#1084536
- CVE-2018-7566: A Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL
ioctl write operation to /dev/snd/seq by a local user was fixed
- CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem allowed attackers to gain privileges via
unspecified vectors (bnc#1088260).
- CVE-2018-8822: Incorrect buffer length handling in the ncp_read_kernel
function in fs/ncpfs/ncplib_kernel.c could be exploited by malicious
NCPFS servers to crash the kernel or execute code (bnc#1086162).
- CVE-2017-13166: An elevation of privilege vulnerability in the kernel
v4l2 video driver. (bnc#1072865).
- CVE-2017-18203: The dm_get_from_kobject function in drivers/md/dm.c
allow local users to cause a denial of service (BUG) by leveraging a
race condition with __dm_destroy during creation and removal of DM
devices (bnc#1083242).
- CVE-2017-16911: The vhci_hcd driver allowed allows local attackers to
disclose kernel memory addresses. Successful exploitation requires that
a USB device is attached over IP (bnc#1078674).
- CVE-2017-18208: The madvise_willneed function in mm/madvise.c allowed
local users to cause a denial of service (infinite loop) by triggering
use of MADVISE_WILLNEED for a DAX mapping (bnc#1083494).
- CVE-2017-16644: The hdpvr_probe function in
drivers/media/usb/hdpvr/hdpvr-core.c allowed local users to cause a
denial of service (improper error handling and system crash) or possibly
have unspecified other impact via a crafted USB device (bnc#1067118).
- CVE-2018-6927: The futex_requeue function in kernel/futex.c might allow
attackers to cause a denial of service (integer overflow) or possibly
have unspecified other impact by triggering a negative wake or requeue
value (bnc#1080757).
- CVE-2017-1691... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'Linux Kernel' package(s) on SUSE Linux Enterprise Server 11-SP3, SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP3

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-5156
BugTraq ID: 76230
Debian Security Information: DSA-3364 (Google Search)
RedHat Security Advisories: RHSA-2015:1978
RedHat Security Advisories: RHSA-2016:0855
SuSE Security Announcement: SUSE-SU-2015:1727 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:2292 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2016-7915
BugTraq ID: 94138
RedHat Security Advisories: RHSA-2016:2574
Common Vulnerability Exposure (CVE) ID: CVE-2017-0861
BugTraq ID: 102329
Debian Security Information: DSA-4187 (Google Search)
RedHat Security Advisories: RHSA-2018:2390
RedHat Security Advisories: RHSA-2018:3083
RedHat Security Advisories: RHSA-2018:3096
RedHat Security Advisories: RHSA-2020:0036
Common Vulnerability Exposure (CVE) ID: CVE-2018-1087
BugTraq ID: 104127
Debian Security Information: DSA-4196 (Google Search)
RedHat Security Advisories: RHSA-2018:1318
RedHat Security Advisories: RHSA-2018:1345
RedHat Security Advisories: RHSA-2018:1347
RedHat Security Advisories: RHSA-2018:1348
RedHat Security Advisories: RHSA-2018:1355
RedHat Security Advisories: RHSA-2018:1524
Common Vulnerability Exposure (CVE) ID: CVE-2018-6927
BugTraq ID: 103023
RedHat Security Advisories: RHSA-2018:0654
RedHat Security Advisories: RHSA-2018:0676
RedHat Security Advisories: RHSA-2018:1062
Common Vulnerability Exposure (CVE) ID: CVE-2018-7566
BugTraq ID: 103605
Debian Security Information: DSA-4188 (Google Search)
RedHat Security Advisories: RHSA-2018:2384
RedHat Security Advisories: RHSA-2018:2395
RedHat Security Advisories: RHSA-2018:2948
RedHat Security Advisories: RHSA-2019:1483
RedHat Security Advisories: RHSA-2019:1487
SuSE Security Announcement: SUSE-SU-2018:0834 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2018-7757
BugTraq ID: 103348
Common Vulnerability Exposure (CVE) ID: CVE-2018-8822
BugTraq ID: 103476
Common Vulnerability Exposure (CVE) ID: CVE-2018-8897
BugTraq ID: 104071
CERT/CC vulnerability note: VU#631579
Debian Security Information: DSA-4201 (Google Search)
RedHat Security Advisories: RHSA-2018:1319
RedHat Security Advisories: RHSA-2018:1346
RedHat Security Advisories: RHSA-2018:1349
RedHat Security Advisories: RHSA-2018:1350
RedHat Security Advisories: RHSA-2018:1351
RedHat Security Advisories: RHSA-2018:1352
RedHat Security Advisories: RHSA-2018:1353
RedHat Security Advisories: RHSA-2018:1354
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.