ID CVE-2015-4167
Summary The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local users to cause a denial of service (incorrect data representation or integer overflow, and OOPS) via a crafted UDF filesystem.
References
Vulnerable Configurations
  • Debian Linux 7.0
    cpe:2.3:o:debian:debian_linux:7.0
  • Linux Kernel 3.19
    cpe:2.3:o:linux:linux_kernel:3.19
  • Canonical Ubuntu Linux 12.04 LTS
    cpe:2.3:o:canonical:ubuntu_linux:12.04:-:-:-:lts
CVSS
Base: 4.7 (as of 22-06-2016 - 09:59)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-124.NASL
    description The openSUSE 13.1 kernel was updated to receive various security and bugfixes. Following security bugs were fixed : - CVE-2016-0728: A reference leak in keyring handling with join_session_keyring() could lead to local attackers gain root privileges. (bsc#962075). - CVE-2015-7550: A local user could have triggered a race between read and revoke in keyctl (bnc#958951). - CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel did not verify an address length, which allowed local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application (bnc#959190). - CVE-2015-8543: The networking implementation in the Linux kernel did not validate protocol identifiers for certain protocol families, which allowed local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application (bnc#958886). - CVE-2014-8989: The Linux kernel did not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allowed local users to bypass intended file permissions by leveraging a POSIX ACL containing an entry for the group category that is more restrictive than the entry for the other category, aka a 'negative groups' issue, related to kernel/groups.c, kernel/uid16.c, and kernel/user_namespace.c (bnc#906545). - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI (bnc#937969). - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 did not ensure that certain slot numbers are valid, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call (bnc#949936). - CVE-2015-8104: The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c (bnc#954404). - CVE-2015-5307: The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c (bnc#953527). - CVE-2014-9529: Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allowed local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that trigger access to a key structure member during garbage collection of a key (bnc#912202). - CVE-2015-7990: Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937 (bnc#952384 953052). - CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound (bnc#945825). - CVE-2015-7885: The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 did not initialize a certain structure member, which allowed local users to obtain sensitive information from kernel memory via a crafted application (bnc#951627). - CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel did not validate attempted changes to the MTU value, which allowed context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) larger than the MTU of an interface, as demonstrated by a Router Advertisement (RA) message that is not validated by a daemon, a different vulnerability than CVE-2015-0272. NOTE: the scope of CVE-2015-0272 is limited to the NetworkManager product (bnc#955354). - CVE-2015-8767: A case can occur when sctp_accept() is called by the user during a heartbeat timeout event after the 4-way handshake. Since sctp_assoc_migrate() changes both assoc->base.sk and assoc->ep, the bh_sock_lock in sctp_generate_heartbeat_event() will be taken with the listening socket but released with the new association socket. The result is a deadlock on any future attempts to take the listening socket lock. (bsc#961509) - CVE-2015-8575: Validate socket address length in sco_sock_bind() to prevent information leak (bsc#959399). - CVE-2015-8551, CVE-2015-8552: xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled (bsc#957990). - CVE-2015-8550: Compiler optimizations in the XEN PV backend drivers could have lead to double fetch vulnerabilities, causing denial of service or arbitrary code execution (depending on the configuration) (bsc#957988). The following non-security bugs were fixed : - ALSA: hda - Disable 64bit address for Creative HDA controllers (bnc#814440). - ALSA: hda - Fix noise problems on Thinkpad T440s (boo#958504). - Input: aiptek - fix crash on detecting device without endpoints (bnc#956708). - KEYS: Make /proc/keys unconditional if CONFIG_KEYS=y (boo#956934). - KVM: x86: update masterclock values on TSC writes (bsc#961739). - NFS: Fix a NULL pointer dereference of migration recovery ops for v4.2 client (bsc#960839). - apparmor: allow SYS_CAP_RESOURCE to be sufficient to prlimit another task (bsc#921949). - blktap: also call blkif_disconnect() when frontend switched to closed (bsc#952976). - blktap: refine mm tracking (bsc#952976). - cdrom: Random writing support for BD-RE media (bnc#959568). - genksyms: Handle string literals with spaces in reference files (bsc#958510). - ipv4: Do not increase PMTU with Datagram Too Big message (bsc#955224). - ipv6: distinguish frag queues by device for multicast and link-local packets (bsc#955422). - ipv6: fix tunnel error handling (bsc#952579). - route: Use ipv4_mtu instead of raw rt_pmtu (bsc#955224). - uas: Add response iu handling (bnc#954138). - usbvision fix overflow of interfaces array (bnc#950998). - x86/evtchn: make use of PHYSDEVOP_map_pirq. - xen/pciback: Do not allow MSI-X ops if PCI_COMMAND_MEMORY is not set (bsc#957990 XSA-157).
    last seen 2019-02-21
    modified 2016-12-07
    plugin id 88545
    published 2016-02-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88545
    title openSUSE Security Update : the Linux Kernel (openSUSE-2016-124)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2015-543.NASL
    description The openSUSE 13.2 kernel was updated to receive various security and bugfixes. Following security bugs were fixed : - CVE-2015-3290: A flaw was found in the way the Linux kernels nested NMI handler and espfix64 functionalities interacted during NMI processing. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. - CVE-2015-3212: A race condition flaw was found in the way the Linux kernels SCTP implementation handled Address Configuration lists when performing Address Configuration Change (ASCONF). A local attacker could use this flaw to crash the system via a race condition triggered by setting certain ASCONF options on a socket. - CVE-2015-5364: A remote denial of service (hang) via UDP flood with incorrect package checksums was fixed. (bsc#936831). - CVE-2015-5366: A remote denial of service (unexpected error returns) via UDP flood with incorrect package checksums was fixed. (bsc#936831). - CVE-2015-4700: A local user could have created a bad instruction in the JIT processed BPF code, leading to a kernel crash (bnc#935705). - CVE-2015-1420: Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel allowed local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execution of this function (bnc#915517). - CVE-2015-4692: The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call (bnc#935542). - CVE-2015-4167 CVE-2014-9728 CVE-2014-9730 CVE-2014-9729 CVE-2014-9731: Various problems in the UDF filesystem were fixed that could lead to crashes when mounting prepared udf filesystems. - CVE-2015-4002: drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel did not ensure that certain length values are sufficiently large, which allowed remote attackers to cause a denial of service (system crash or large loop) or possibly execute arbitrary code via a crafted packet, related to the (1) oz_usb_rx and (2) oz_usb_handle_ep_data functions (bnc#933934). - CVE-2015-4003: The oz_usb_handle_ep_data function in drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel allowed remote attackers to cause a denial of service (divide-by-zero error and system crash) via a crafted packet (bnc#933934). - CVE-2015-4001: Integer signedness error in the oz_hcd_get_desc_cnf function in drivers/staging/ozwpan/ozhcd.c in the OZWPAN driver in the Linux kernel allowed remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted packet (bnc#933934). - CVE-2015-4036: A potential memory corruption in vhost/scsi was fixed. - CVE-2015-2922: The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel allowed remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message (bnc#922583). - CVE-2015-3636: It was found that the Linux kernels ping socket implementation did not properly handle socket unhashing during spurious disconnects, which could lead to a use-after-free flaw. On x86-64 architecture systems, a local user able to create ping sockets could use this flaw to crash the system. On non-x86-64 architecture systems, a local user able to create ping sockets could use this flaw to escalate their privileges on the system. - CVE-2015-2041: net/llc/sysctl_net_llc.c in the Linux kernel used an incorrect data type in a sysctl table, which allowed local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry (bnc#919007). - CVE-2015-3339: Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel allowed local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped. - CVE-2015-1465: The IPv4 implementation in the Linux kernel did not properly consider the length of the Read-Copy Update (RCU) grace period for redirecting lookups in the absence of caching, which allowed remote attackers to cause a denial of service (memory consumption or system crash) via a flood of packets (bnc#916225). The following non-security bugs were fixed : - ALSA: ak411x: Fix stall in work callback (boo#934755). - ALSA: emu10k1: Emu10k2 32 bit DMA mode (boo#934755). - ALSA: emu10k1: Fix card shortname string buffer overflow (boo#934755). - ALSA: emu10k1: do not deadlock in proc-functions (boo#934755). - ALSA: emux: Fix mutex deadlock at unloading (boo#934755). - ALSA: emux: Fix mutex deadlock in OSS emulation (boo#934755). - ALSA: hda - Add AZX_DCAPS_SNOOP_OFF (and refactor snoop setup) (boo#934755). - ALSA: hda - Add Conexant codecs CX20721, CX20722, CX20723 and CX20724 (boo#934755). - ALSA: hda - Add common pin macros for ALC269 family (boo#934755). - ALSA: hda - Add dock support for ThinkPad X250 (17aa:2226) (boo#934755). - ALSA: hda - Add dock support for Thinkpad T450s (17aa:5036) (boo#934755). - ALSA: hda - Add headphone quirk for Lifebook E752 (boo#934755). - ALSA: hda - Add headset mic quirk for Dell Inspiron 5548 (boo#934755). - ALSA: hda - Add mute-LED mode control to Thinkpad (boo#934755). - ALSA: hda - Add one more node in the EAPD supporting candidate list (boo#934755). - ALSA: hda - Add pin configs for ASUS mobo with IDT 92HD73XX codec (boo#934755). - ALSA: hda - Add ultra dock support for Thinkpad X240 (boo#934755). - ALSA: hda - Add workaround for CMI8888 snoop behavior (boo#934755). - ALSA: hda - Add workaround for MacBook Air 5,2 built-in mic (boo#934755). - ALSA: hda - Disable runtime PM for Panther Point again (boo#934755). - ALSA: hda - Do not access stereo amps for mono channel widgets (boo#934755). - ALSA: hda - Fix Dock Headphone on Thinkpad X250 seen as a Line Out (boo#934755). - ALSA: hda - Fix headphone pin config for Lifebook T731 (boo#934755). - ALSA: hda - Fix noise on AMD radeon 290x controller (boo#934755). - ALSA: hda - Fix probing and stuttering on CMI8888 HD-audio controller (boo#934755). - ALSA: hda - One more Dell macine needs DELL1_MIC_NO_PRESENCE quirk (boo#934755). - ALSA: hda - One more HP machine needs to change mute led quirk (boo#934755). - ALSA: hda - Set GPIO 4 low for a few HP machines (boo#934755). - ALSA: hda - Set single_adc_amp flag for CS420x codecs (boo#934755). - ALSA: hda - Treat stereo-to-mono mix properly (boo#934755). - ALSA: hda - change three SSID quirks to one pin quirk (boo#934755). - ALSA: hda - fix 'num_steps = 0' error on ALC256 (boo#934755). - ALSA: hda - fix a typo by changing mute_led_nid to cap_mute_led_nid (boo#934755). - ALSA: hda - fix headset mic detection problem for one more machine (boo#934755). - ALSA: hda - fix mute led problem for three HP laptops (boo#934755). - ALSA: hda - set proper caps for newer AMD hda audio in KB/KV (boo#934755). - ALSA: hda/realtek - ALC292 dock fix for Thinkpad L450 (boo#934755). - ALSA: hda/realtek - Add a fixup for another Acer Aspire 9420 (boo#934755). - ALSA: hda/realtek - Enable the ALC292 dock fixup on the Thinkpad T450 (boo#934755). - ALSA: hda/realtek - Fix Headphone Mic does not recording for ALC256 (boo#934755). - ALSA: hda/realtek - Make more stable to get pin sense for ALC283 (boo#934755). - ALSA: hda/realtek - Support Dell headset mode for ALC256 (boo#934755). - ALSA: hda/realtek - Support HP mute led for output and input (boo#934755). - ALSA: hda/realtek - move HP_LINE1_MIC1_LED quirk for alc282 (boo#934755). - ALSA: hda/realtek - move HP_MUTE_LED_MIC1 quirk for alc282 (boo#934755). - ALSA: hdspm - Constrain periods to 2 on older cards (boo#934755). - ALSA: pcm: Do not leave PREPARED state after draining (boo#934755). - ALSA: snd-usb: add quirks for Roland UA-22 (boo#934755). - ALSA: usb - Creative USB X-Fi Pro SB1095 volume knob support (boo#934755). - ALSA: usb-audio: Add mic volume fix quirk for Logitech Quickcam Fusion (boo#934755). - ALSA: usb-audio: Add quirk for MS LifeCam HD-3000 (boo#934755). - ALSA: usb-audio: Add quirk for MS LifeCam Studio (boo#934755). - ALSA: usb-audio: Do not attempt to get Lifecam HD-5000 sample rate (boo#934755). - ALSA: usb-audio: Do not attempt to get Microsoft Lifecam Cinema sample rate (boo#934755). - ALSA: usb-audio: add MAYA44 USB+ mixer control names (boo#934755). - ALSA: usb-audio: do not try to get Benchmark DAC1 sample rate (boo#934755). - ALSA: usb-audio: do not try to get Outlaw RR2150 sample rate (boo#934755). - ALSA: usb-audio: fix missing input volume controls in MAYA44 USB(+) (boo#934755). - Automatically Provide/Obsolete all subpackages of old flavors (bnc#925567) - Fix kABI for ak411x structs (boo#934755). - Fix kABI for snd_emu10k1 struct (boo#934755). - HID: add ALWAYS_POLL quirk for a Logitech 0xc007 (bnc#929624). - HID: add HP OEM mouse to quirk ALWAYS_POLL (bnc#929624). - HID: add quirk for PIXART OEM mouse used by HP (bnc#929624). - HID: usbhid: add always-poll quirk (bnc#929624). - HID: usbhid: add another mouse that needs QUIRK_ALWAYS_POLL (bnc#929624). - HID: usbhid: enable always-poll quirk for Elan Touchscreen (bnc#929624). - HID: usbhid: enable always-poll quirk for Elan Touchscreen 009b (bnc#929624). - HID: usbhid: enable always-poll quirk for Elan Touchscreen 0103 (bnc#929624). - HID: usbhid: enable always-poll quirk for Elan Touchscreen 016f (bnc#929624). - HID: usbhid: fix PIXART optical mouse (bnc#929624). - HID: usbhid: more mice with ALWAYS_POLL (bnc#929624). - HID: usbhid: yet another mouse with ALWAYS_POLL (bnc#929624). - HID: yet another buggy ELAN touchscreen (bnc#929624). - Input: synaptics - handle spurious release of trackstick buttons (bnc#928693). - Input: synaptics - re-route tracksticks buttons on the Lenovo 2015 series (bnc#928693). - Input: synaptics - remove TOPBUTTONPAD property for Lenovos 2015 (bnc#928693). - Input: synaptics - retrieve the extended capabilities in query $10 (bnc#928693). - NFSv4: When returning a delegation, do not reclaim an incompatible open mode (bnc#934202). - Refresh patches.xen/xen-blkfront-indirect (bsc#922235). - Update config files: extend CONFIG_DPM_WATCHDOG_TIMEOUT to 60 (bnc#934397) - arm64: mm: Remove hack in mmap randomized layout Fix commit id and mainlined information - bnx2x: Fix kdump when iommu=on (bug#921769). - client MUST ignore EncryptionKeyLength if CAP_EXTENDED_SECURITY is set (bnc#932348). - config/armv7hl: Disable AMD_XGBE_PHY The AMD XGBE ethernet chip is only used on ARM64 systems. - config: disable XGBE on non-ARM hardware It is documented as being present only on AMD SoCs. - cpufreq: fix a NULL pointer dereference in __cpufreq_governor() (bsc#924664). - drm/i915/bdw: PCI IDs ending in 0xb are ULT (boo#935913). - drm/i915/chv: Remove Wait for a previous gfx force-off (boo#935913). - drm/i915/dp: only use training pattern 3 on platforms that support it (boo#935913). - drm/i915/dp: there is no audio on port A (boo#935913). - drm/i915/hsw: Fix workaround for server AUX channel clock divisor (boo#935913). - drm/i915/vlv: remove wait for previous GFX clk disable request (boo#935913). - drm/i915/vlv: save/restore the power context base reg (boo#935913). - drm/i915: Add missing MacBook Pro models with dual channel LVDS (boo#935913). - drm/i915: BDW Fix Halo PCI IDs marked as ULT (boo#935913). - drm/i915: Ban Haswell from using RCS flips (boo#935913). - drm/i915: Check obj->vma_list under the struct_mutex (boo#935913). - drm/i915: Correct the IOSF Dev_FN field for IOSF transfers (boo#935913). - drm/i915: Dell Chromebook 11 has PWM backlight (boo#935913). - drm/i915: Disable caches for Global GTT (boo#935913). - drm/i915: Do a dummy DPCD read before the actual read (bnc#907714). - drm/i915: Do not complain about stolen conflicts on gen3 (boo#935913). - drm/i915: Do not leak pages when freeing userptr objects (boo#935913). - drm/i915: Dont enable CS_PARSER_ERROR interrupts at all (boo#935913). - drm/i915: Evict CS TLBs between batches (boo#935913). - drm/i915: Fix DDC probe for passive adapters (boo#935913). - drm/i915: Fix and clean BDW PCH identification (boo#935913). - drm/i915: Force the CS stall for invalidate flushes (boo#935913). - drm/i915: Handle failure to kick out a conflicting fb driver (boo#935913). - drm/i915: Ignore SURFLIVE and flip counter when the GPU gets reset (boo#935913). - drm/i915: Ignore VBT backlight check on Macbook 2, 1 (boo#935913). - drm/i915: Invalidate media caches on gen7 (boo#935913). - drm/i915: Kick fbdev before vgacon (boo#935913). - drm/i915: Only fence tiled region of object (boo#935913). - drm/i915: Only warn the first time we attempt to mmio whilst suspended (boo#935913). - drm/i915: Unlock panel even when LVDS is disabled (boo#935913). - drm/i915: Use IS_HSW_ULT() in a HSW specific code path (boo#935913). - drm/i915: cope with large i2c transfers (boo#935913). - drm/i915: do not warn if backlight unexpectedly enabled (boo#935913). - drm/i915: drop WaSetupGtModeTdRowDispatch:snb (boo#935913). - drm/i915: save/restore GMBUS freq across suspend/resume on gen4 (boo#935913). - drm/i915: vlv: fix IRQ masking when uninstalling interrupts (boo#935913). - drm/i915: vlv: fix save/restore of GFX_MAX_REQ_COUNT reg (boo#935913). - drm/radeon: retry dcpd fetch (bnc#931580). - ftrace/x86/xen: use kernel identity mapping only when really needed (bsc#873195, bsc#886272, bsc#903727, bsc#927725) - guards: Add support for an external filelist in --check mode This will allow us to run --check without a kernel-source.git work tree. - guards: Include the file name also in the 'Not found' error - guards: Simplify help text - hyperv: Add processing of MTU reduced by the host (bnc#919596). - ideapad_laptop: Lenovo G50-30 fix rfkill reports wireless blocked (boo#939394). - ipv6: do not delete previously existing ECMP routes if add fails (bsc#930399). - ipv6: fix ECMP route replacement (bsc#930399). - ipv6: replacing a rt6_info needs to purge possible propagated rt6_infos too (bsc#930399). - kABI: protect linux/slab.h include in of/address. - kabi/severities: ignore already-broken but acceptable kABI changes - SYSTEM_TRUSTED_KEYRING=n change removed system_trusted_keyring - Commits 3688875f852 and ea5ed8c70e9 changed iov_iter_get_pages prototype - KVM changes are intermodule dependencies - kabi: Fix CRC for dma_get_required_mask. - kabi: add kABI reference files - libata: Blacklist queued TRIM on Samsung SSD 850 Pro (bsc#926156). - libata: Blacklist queued TRIM on all Samsung 800-series (bnc#930599). - net: ppp: Do not call bpf_prog_create() in ppp_lock (bnc#930488). - rpm/kernel-obs-qa.spec.in: Do not fail if the kernel versions do not match - rt2x00: do not align payload on modern H/W (bnc#932844). - rtlwifi: rtl8192cu: Fix kernel deadlock (bnc#927786). - thermal: step_wise: Revert optimization (boo#925961). - tty: Fix pty master poll() after slave closes v2 (bsc#937138). arm64: mm: Remove hack in mmap randomize layout (bsc#937033) - udf: Remove repeated loads blocksize (bsc#933907). - usb: core: Fix USB 3.0 devices lost in NOTATTACHED state after a hub port reset (bnc#937226). - x86, apic: Handle a bad TSC more gracefully (boo#935530). - x86/PCI: Use host bridge _CRS info on Foxconn K8M890-8237A (bnc#907092). - x86/PCI: Use host bridge _CRS info on systems with >32 bit addressing (bnc#907092). - x86/microcode/amd: Do not overwrite final patch levels (bsc#913996). - x86/microcode/amd: Extract current patch level read to a function (bsc#913996). - x86/mm: Improve AMD Bulldozer ASLR workaround (bsc#937032). - xenbus: add proper handling of XS_ERROR from Xenbus for transactions. - xhci: Calculate old endpoints correctly on device reset (bnc#938976).
    last seen 2019-02-21
    modified 2015-08-17
    plugin id 85432
    published 2015-08-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=85432
    title openSUSE Security Update : the Linux Kernel (openSUSE-2015-543)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2017-3597.NASL
    description Description of changes: [2.6.39-400.297.5.el6uek] - selinux: quiet the filesystem labeling behavior message (Paul Moore) [Orabug: 25721485] - RDS/IB: active bonding port state fix for intfs added late (Mukesh Kacker) [Orabug: 25875426] - HID: hid-cypress: validate length of report (Greg Kroah-Hartman) [Orabug: 25891914] {CVE-2017-7273} - udf: Remove repeated loads blocksize (Jan Kara) [Orabug: 25905722] {CVE-2015-4167} - udf: Check length of extended attributes and allocation descriptors (Jan Kara) [Orabug: 25905722] {CVE-2015-4167} - udf: Verify i_size when loading inode (Jan Kara) [Orabug: 25905722] {CVE-2015-4167} - btrfs: drop unused parameter from btrfs_item_nr (Ross Kirk) [Orabug: 25948102] {CVE-2014-9710} - Btrfs: cleanup of function where fixup_low_keys() is called (Tsutomu Itoh) [Orabug: 25948102] {CVE-2014-9710} - Btrfs: remove unused argument of fixup_low_keys() (Tsutomu Itoh) [Orabug: 25948102] {CVE-2014-9710} - Btrfs: remove unused argument of btrfs_extend_item() (Tsutomu Itoh) [Orabug: 25948102] {CVE-2014-9710} - Btrfs: add support for asserts (Josef Bacik) [Orabug: 25948102] {CVE-2014-9710} - Btrfs: make xattr replace operations atomic (Filipe Manana) [Orabug: 25948102] {CVE-2014-9710} - net: validate the range we feed to iov_iter_init() in sys_sendto/sys_recvfrom (Al Viro) [Orabug: 25948149] {CVE-2015-2686} - xsigo: Compute node crash on FC failover (Joe Jin) [Orabug: 25965445] - PCI: Prevent VPD access for QLogic ISP2722 (Ethan Zhao) [Orabug: 25975513] - PCI: Prevent VPD access for buggy devices (Babu Moger) [Orabug: 25975513] - ipv4: try to cache dst_entries which would cause a redirect (Hannes Frederic Sowa) [Orabug: 26032377] {CVE-2015-1465}
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 102061
    published 2017-07-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102061
    title Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2017-3597)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2664-1.NASL
    description