- Home
- CVEs with nessus.description==This+update+for+the+Linux+Kernel+3.12.55-52_42+fixes+several+issues.%0AThe+following+security+bugs+were+fixed+%3A%0A%0A++-+CVE-2016-4470%3A+The+key_reject_and_link+function+in+++++security%2Fkeys%2Fkey.c+in+the+Linux+kernel+did+not+ensure+++++that+a+certain+data+structure+is+initialized%2C+which+++++allowed+local+users+to+cause+a+denial+of+service+%28system+++++crash%29+via+vectors+involving+a+crafted+keyctl+request2+++++command+%28bsc%23984764%29.%0A%0A++-+CVE-2016-1583%3A+The+ecryptfs_privileged_open+function+in+++++fs%2Fecryptfs%2Fkthread.c+in+the+Linux+kernel+allowed+local+++++users+to+gain+privileges+or+cause+a+denial+of+service+++++%28stack+memory+consumption%29+via+vectors+involving+crafted+++++mmap+calls+for+%2Fproc+pathnames%2C+leading+to+recursive+++++pagefault+handling+%28bsc%23983144%29.%0A%0A++-+CVE-2016-4565%3A+The+InfiniBand+%28aka+IB%29+stack+in+the+++++Linux+kernel+incorrectly+relied+on+the+write+system+++++call%2C+which+allowed+local+users+to+cause+a+denial+of+++++service+%28kernel+memory+write+operation%29+or+possibly+have+++++unspecified+other+impact+via+a+uAPI+interface+++++%28bsc%23980883%29.%0A%0A++-+CVE-2016-0758%3A+Integer+overflow+in+lib%2Fasn1_decoder.c+in+++++the+Linux+kernel+allowed+local+users+to+gain+privileges+++++via+crafted+ASN.1+data+%28bsc%23980856%29.%0A%0A++-+CVE-2016-2053%3A+The+asn1_ber_decoder+function+in+++++lib%2Fasn1_decoder.c+in+the+Linux+kernel+allowed+attackers+++++to+cause+a+denial+of+service+%28panic%29+via+an+ASN.1+BER+++++file+that+lacks+a+public+key%2C+leading+to+mishandling+by+++++the+public_key_verify_signature+function+in+++++crypto%2Fasymmetric_keys%2Fpublic_key.c+%28bsc%23979074%29.%0A%0A++-+CVE-2015-8816%3A+The+hub_activate+function+in+++++drivers%2Fusb%2Fcore%2Fhub.c+in+the+Linux+kernel+did+not+++++properly+maintain+a+hub-interface+data+structure%2C+which+++++allowed+physically+proximate+attackers+to+cause+a+denial+++++of+service+%28invalid+memory+access+and+system+crash%29+or+++++possibly+have+unspecified+other+impact+by+unplugging+a+++++USB+hub+device+%28bsc%23979064%29.%0A%0A++-+CVE-2016-3134%3A+The+netfilter+subsystem+in+the+Linux+++++kernel+did+not+validate+certain+offset+fields%2C+which+++++allowed+local+users+to+gain+privileges+or+cause+a+denial+++++of+service+%28heap+memory+corruption%29+via+an+++++IPT_SO_SET_REPLACE+setsockopt+call+%28bsc%23971793%29.%0A%0A++-+CVE-2013-7446%3A+Use-after-free+vulnerability+in+++++net%2Funix%2Faf_unix.c+in+the+Linux+kernel+allowed+local+++++users+to+bypass+intended+AF_UNIX+socket+permissions+or+++++cause+a+denial+of+service+%28panic%29+via+crafted+epoll_ctl+++++calls+%28bsc%23973570%2C+bsc%23955837%29.%0A%0ANote+that+Tenable+Network+Security+has+extracted+the+preceding+description+block+directly+from+the+SUSE+security+advisory.+Tenable+has+attempted+to+automatically+clean+and+format+it+as+much+as+possible+without+introducing+additional+issues
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top