- Home
- CVEs with nessus.description==The+SUSE+Linux+Enterprise+11+SP3+kernel+was+updated+to+receive+various+security+and+bugfixes.%0A%0AFollowing+security+bugs+were+fixed+%3A%0A%0A++-+CVE-2015-5707%3A+An+integer+overflow+in+the+SCSI+generic+++++driver+could+be+potentially+used+by+local+attackers+to+++++crash+the+kernel+or+execute+code+%28bsc%23940338%29.%0A%0A++-+CVE-2015-5364%3A+A+remote+denial+of+service+%28hang%29+via+UDP+++++flood+with+incorrect+package+checksums+was+fixed.%0A++++%28bsc%23936831%29.%0A%0A++-+CVE-2015-5366%3A+A+remote+denial+of+service+%28unexpected+++++error+returns%29+via+UDP+flood+with+incorrect+package+++++checksums+was+fixed.+%28bsc%23936831%29.%0A%0A++-+CVE-2015-1420%3A+A+race+condition+in+the+handle_to_path+++++function+in+fs%2Ffhandle.c+in+the+Linux+kernel+allowed+++++local+users+to+bypass+intended+size+restrictions+and+++++trigger+read+operations+on+additional+memory+locations+++++by+changing+the+handle_bytes+value+of+a+file+handle+++++during+the+execution+of+this+function+%28bnc%23915517%29.%0A%0A++-+CVE-2015-4700%3A+A+local+user+could+have+created+a+bad+++++instruction+in+the+JIT+processed+BPF+code%2C+leading+to+a+++++kernel+crash+%28bnc%23935705%29.%0A%0A++-+CVE-2015-4167%3A+The+UDF+filesystem+in+the+Linux+kernel+++++was+vulnerable+to+a+crash+which+could+occur+while+++++fetching+inode+information+from+a+corrupted%2Fmalicious+++++udf+file+system+image.+%28bsc%23933907%29.%0A%0A++-+CVE-2014-9728+CVE-2014-9729+CVE-2014-9730+CVE-2014-9731%3A%0A++++Various+issues+in+handling+UDF+filesystems+in+the+Linux+++++kernel+allowed+the+corruption+of+kernel+memory+and+other+++++issues.+An+attacker+able+to+mount+a+corrupted%2Fmalicious+++++UDF+file+system+image+could+cause+the+kernel+to+crash.%0A++++%28bsc%23933904+bsc%23933896%29%0A%0A++-+CVE-2015-2150%3A+The+Linux+kernel+did+not+properly+++++restrict+access+to+PCI+command+registers%2C+which+might+++++have+allowed+local+guest+users+to+cause+a+denial+of+++++service+%28non-maskable+interrupt+and+host+crash%29+by+++++disabling+the+%281%29+memory+or+%282%29+I%2FO+decoding+for+a+PCI+++++Express+device+and+then+accessing+the+device%2C+which+++++triggers+an+Unsupported+Request+%28UR%29+response+++++%28bsc%23919463%29.%0A%0A++-+CVE-2015-0777%3A+drivers%2Fxen%2Fusbback%2Fusbback.c+as+used+in+++++the+Linux+kernel+2.6.x+and+3.x+in+SUSE+Linux+++++distributions%2C+allowed+guest+OS+users+to+obtain+++++sensitive+information+from+uninitialized+locations+in+++++host+OS+kernel+memory+via+unspecified+vectors+++++%28bnc%23917830%29.%0A%0A++-+CVE-2015-2830%3A+arch%2Fx86%2Fkernel%2Fentry_64.S+in+the+Linux+++++kernel+did+not+prevent+the+TS_COMPAT+flag+from+reaching+++++a+user-mode+task%2C+which+might+have+allowed+local+users+++++to+bypass+the+seccomp+or+audit+protection+mechanism+via+++++a+crafted+application+that+uses+the+%281%29+fork+or+%282%29+++++close+system+call%2C+as+demonstrated+by+an+attack+against+++++seccomp+before+3.16+%28bnc%23926240%29.%0A%0A++-+CVE-2015-1805%3A+The+Linux+kernels+implementation+of+++++vectored+pipe+read+and+write+functionality+did+not+take+++++into+account+the+I%2FO+vectors+that+were+already+processed+++++when+retrying+after+a+failed+atomic+access+operation%2C+++++potentially+resulting+in+memory+corruption+due+to+an+I%2FO+++++vector+array+overrun.+A+local%2C+unprivileged+user+could+++++use+this+flaw+to+crash+the+system+or%2C+potentially%2C+++++escalate+their+privileges+on+the+system.+%28bsc%23933429%29.%0A%0AAlso+%0A%0AThe+update+package+also+includes+non-security+fixes.+See+advisory+for+details.%0A%0ANote+that+Tenable+Network+Security+has+extracted+the+preceding+description+block+directly+from+the+SUSE+security+advisory.+Tenable+has+attempted+to+automatically+clean+and+format+it+as+much+as+possible+without+introducing+additional+issues
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top