- Home
- CVEs with nessus.description==The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to fix
various bugs and security issues.
The following vulnerabilities have been fixed :
CVE-2015-3636: A missing sk_nulls_node_init() in ping_unhash() inside
the ipv4 stack can cause crashes if a disconnect is followed by
another connect() attempt. (bnc#929525)
CVE-2015-3339: Race condition in the prepare_binprm function in
fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain
privileges by executing a setuid program at a time instant when a
chown to root is in progress, and the ownership is changed but the
setuid bit is not yet stripped. (bnc#928130)
CVE-2015-3331: The __driver_rfc4106_decrypt function in
arch/x86/crypto/aesni-intel_glue.c in the Linux kernel before 3.19.3
does not properly determine the memory locations used for encrypted
data, which allows context-dependent attackers to cause a denial of
service (buffer overflow and system crash) or possibly execute
arbitrary code by triggering a crypto API call, as demonstrated by use
of a libkcapi test program with an AF_ALG(aead) socket. (bnc#927257)
CVE-2015-2922: The ndisc_router_discovery function in net/ipv6/ndisc.c
in the Neighbor Discovery (ND) protocol implementation in the IPv6
stack in the Linux kernel before 3.19.6 allows remote attackers to
reconfigure a hop-limit setting via a small hop_limit value in a
Router Advertisement (RA) message. (bnc#922583)
CVE-2015-2830: arch/x86/kernel/entry_64.S in the Linux kernel before
3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode
task, which might allow local users to bypass the seccomp or audit
protection mechanism via a crafted application that uses the (1) fork
or (2) close system call, as demonstrated by an attack against seccomp
before 3.16. (bnc#926240)
CVE-2015-2150: XSA-120: Xen 3.3.x through 4.5.x and the Linux kernel
through 3.19.1 do not properly restrict access to PCI command
registers, which might allow local guest users to cause a denial of
service (non-maskable interrupt and host crash) by disabling the (1)
memory or (2) I/O decoding for a PCI Express device and then accessing
the device, which triggers an Unsupported Request (UR) response.
(bnc#919463)
CVE-2015-2042: net/rds/sysctl.c in the Linux kernel before 3.19 uses
an incorrect data type in a sysctl table, which allows local users to
obtain potentially sensitive information from kernel memory or
possibly have unspecified other impact by accessing a sysctl entry.
(bnc#919018)
CVE-2015-2041: net/llc/sysctl_net_llc.c in the Linux kernel before
3.19 uses an incorrect data type in a sysctl table, which allows local
users to obtain potentially sensitive information from kernel memory
or possibly have unspecified other impact by accessing a sysctl entry.
(bnc#919007)
CVE-2015-1421: Use-after-free vulnerability in the sctp_assoc_update
function in net/sctp/associola.c in the Linux kernel before 3.18.8
allows remote attackers to cause a denial of service (slab corruption
and panic) or possibly have unspecified other impact by triggering an
INIT collision that leads to improper handling of shared-key data.
(bnc#915577)
CVE-2015-0777: drivers/xen/usbback/usbback.c in 1 -2.6.18-xen-3.4.0
(aka the Xen 3.4.x support patches for the Linux kernel 2.6.18), as
used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions,
allows guest OS users to obtain sensitive information from
uninitialized locations in host OS kernel memory via unspecified
vectors. (bnc#917830)
CVE-2014-9683: Off-by-one error in the ecryptfs_decode_from_filename
function in fs/ecryptfs/crypto.c in the eCryptfs subsystem in the
Linux kernel before 3.18.2 allows local users to cause a denial of
service (buffer overflow and system crash) or possibly gain privileges
via a crafted filename. (bnc#918333)
CVE-2014-9529: Race condition in the key_gc_unused_keys function in
security/keys/gc.c in the Linux kernel through 3.18.2 allows local
users to cause a denial of service (memory corruption or panic) or
possibly have unspecified other impact via keyctl commands that
trigger access to a key structure member during garbage collection of
a key. (bnc#912202)
CVE-2014-9419: The __switch_to function in
arch/x86/kernel/process_64.c in the Linux kernel through 3.18.1 does
not ensure that Thread Local Storage (TLS) descriptors are loaded
before proceeding with other steps, which makes it easier for local
users to bypass the ASLR protection mechanism via a crafted
application that reads a TLS base address. (bnc#911326)
CVE-2014-8159: The InfiniBand (IB) implementation in the Linux kernel
does not properly restrict use of User Verbs for registration of
memory regions, which allows local users to access arbitrary physical
memory locations, and consequently cause a denial of service (system
crash) or gain privileges, by leveraging permissions on a uverbs
device under /dev/infiniband/. (bnc#914742)
CVE-2014-8086: Race condition in the ext4_file_write_iter function in
fs/ext4/file.c in the Linux kernel through 3.17 allows local users to
cause a denial of service (file unavailability) via a combination of a
write action and an F_SETFL fcntl operation for the O_DIRECT flag.
(bnc#900881)
Also
The update package also includes non-security fixes. See advisory for
details.
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top