Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2018:2879-1)
Summary:The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2018:2879-1 advisory.
The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2018:2879-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:
CVE-2018-14617: Prevent NULL pointer dereference and panic in
hfsplus_lookup() when opening a file (that is purportedly a hard link)
in an hfs+ filesystem that has malformed catalog data, and is mounted
read-only without a metadata directory (bsc#1102870).

CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in
yurex_read allowed local attackers to use user access read/writes to
crash the kernel or potentially escalate privileges (bsc#1106095).

CVE-2018-15594: Ensure correct handling of indirect calls, to prevent
attackers for conducting Spectre-v2 attacks against paravirtual guests

CVE-2018-14634: Prevent integer overflow in create_elf_tables that
allowed a local attacker to exploit this vulnerability via a SUID-root
binary and obtain full root privileges (bsc#1108912)

CVE-2018-12896: Prevent integer overflow in the POSIX timer code that
was caused by the way the overrun accounting works. Depending on
interval and expiry time values, the overrun can be larger than INT_MAX,
but the accounting is int based. This basically made the accounting
values, which are visible to user space via timer_getoverrun(2) and
siginfo::si_overrun, random. This allowed a local user to cause a denial
of service (signed integer overflow) via crafted mmap, futex,
timer_create, and timer_settime system calls (bnc#1099922)

CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local
attackers to use a incorrect bounds check in the CDROM driver
CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)

CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status
that could have been used by local attackers to read kernel memory

CVE-2018-6555: The irda_setsockopt function allowed local users to cause
a denial of service (ias_object use-after-free and system crash) or
possibly have unspecified other impact via an AF_IRDA socket

CVE-2018-6554: Prevent memory leak in the irda_bind function that
allowed local users to cause a denial of service (memory consumption) by
repeatedly binding an AF_IRDA socket (bnc#1106509)

CVE-2018-15572: The spectre_v2_select_mitigation function did not always
fill RSB upon a context switch, which made it easier for attackers to
conduct userspace-userspace spectreRSB attacks (bnc#1102517)

CVE-2018-10902: Protect against concurrent access to prevent double
realloc (double free) in snd_rawmidi_input_params() and
snd_rawmidi_output_status(). A malicious local attacker could have used
this for privilege escalation (bnc#1105322)

CVE-2018-14734: ucma_leave_multicast accessed a certain data structure
after a cleanup step in ucma_process_join, which allowed attackers to
cause a denial
of service (use-after-free) (bsc#1103119)

The... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'Linux Kernel' package(s) on SUSE Linux Enterprise Software Development Kit 11-SP4, SUSE Linux Enterprise Server 11-SP4, SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Debuginfo 11-SP4

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-6554
BugTraq ID: 105302
Debian Security Information: DSA-4308 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2018-6555
BugTraq ID: 105304
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.