Huawei EulerOS Local Security Checks : Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1516)

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.1.2.2019.1516
Kategorie:	Huawei EulerOS Local Security Checks
Titel:	Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1516)
Zusammenfassung:	The remote host is missing an update for the Huawei EulerOS 'kernel' package(s) announced via the EulerOS-SA-2019-1516 advisory.
Beschreibung:	Summary: The remote host is missing an update for the Huawei EulerOS 'kernel' package(s) announced via the EulerOS-SA-2019-1516 advisory. Vulnerability Insight: The hi3660_stub_clk_probe function in drivers/clk/hisilicon/clk-hi3660-stub.c in the Linux kernel before 4.16 allows local users to cause a denial of service (NULL pointer dereference) by triggering a failure of resource retrieval.(CVE-2018-10074) An information leak flaw was found in the RAM Disks Memory Copy (rd_mcp) backend driver of the iSCSI Target subsystem of the Linux kernel. A privileged user could use this flaw to leak the contents of kernel memory to an iSCSI initiator remote client.(CVE-2014-4027) It was found that in the Linux kernel version 4.2-rc1 to 4.3-rc1, a use of uninitialized 'n_proto', 'ip_proto', and 'thoff' variables in __skb_flow_dissect() function can lead to a remote denial-of-service via malformed MPLS packet.(CVE-2017-13715) It was found that the packet_set_ring() function of the Linux kernel's networking implementation did not properly validate certain block-size data. A local attacker with CAP_NET_RAW capability could use this flaw to trigger a buffer overflow, resulting in the crash of the system. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.(CVE-2017-7308) A weakness was found in the Linux ASLR implementation. Any user able to running 32-bit applications in a x86 machine can disable ASLR by setting the RLIMIT_STACK resource to unlimited.(CVE-2016-3672) sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (out-of-bounds write and memory corruption) or possibly have unspecified other impact via a crafted application that makes an ioctl call triggering incorrect use of a parameters pointer.(CVE-2016-2065) A race condition flaw was found in the ioctl_send_fib() function in the Linux kernel's aacraid implementation. A local attacker could use this flaw to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value.(CVE-2016-6480) The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling.(CVE-2017-8925) The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users (who are physically proximate for inserting a crafted USB device) to gain privileges by leveraging a write-what-where condition that occurs after a race condition and a NULL pointer dereference.(CVE-2017-15102) The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.(CVE-2016-4486) A vulnerability was found in the Linux kernel's ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'kernel' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.1.0. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-7265 http://www.openwall.com/lists/oss-security/2013/11/28/13 http://seclists.org/oss-sec/2014/q1/29 RedHat Security Advisories: RHSA-2014:0159 http://rhn.redhat.com/errata/RHSA-2014-0159.html http://secunia.com/advisories/55882 http://secunia.com/advisories/56036 SuSE Security Announcement: SUSE-SU-2014:0459 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html http://www.ubuntu.com/usn/USN-2107-1 http://www.ubuntu.com/usn/USN-2108-1 http://www.ubuntu.com/usn/USN-2109-1 http://www.ubuntu.com/usn/USN-2110-1 http://www.ubuntu.com/usn/USN-2113-1 http://www.ubuntu.com/usn/USN-2117-1 http://www.ubuntu.com/usn/USN-2135-1 http://www.ubuntu.com/usn/USN-2136-1 http://www.ubuntu.com/usn/USN-2138-1 http://www.ubuntu.com/usn/USN-2139-1 http://www.ubuntu.com/usn/USN-2141-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-0069 BugTraq ID: 65588 http://www.securityfocus.com/bid/65588 http://article.gmane.org/gmane.linux.kernel.cifs/9401 http://www.openwall.com/lists/oss-security/2014/02/17/4 RedHat Security Advisories: RHSA-2014:0328 http://rhn.redhat.com/errata/RHSA-2014-0328.html Common Vulnerability Exposure (CVE) ID: CVE-2014-4027 http://www.openwall.com/lists/oss-security/2014/06/11/1 http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618 http://secunia.com/advisories/59134 http://secunia.com/advisories/59777 http://secunia.com/advisories/60564 http://secunia.com/advisories/61310 SuSE Security Announcement: SUSE-SU-2014:1316 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html SuSE Security Announcement: SUSE-SU-2014:1319 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html http://www.ubuntu.com/usn/USN-2334-1 http://www.ubuntu.com/usn/USN-2335-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-5283 BugTraq ID: 77058 http://www.securityfocus.com/bid/77058 Debian Security Information: DSA-3372 (Google Search) http://www.debian.org/security/2015/dsa-3372 http://www.securitytracker.com/id/1033808 SuSE Security Announcement: SUSE-SU-2015:1727 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html SuSE Security Announcement: SUSE-SU-2015:2194 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html http://www.ubuntu.com/usn/USN-2823-1 http://www.ubuntu.com/usn/USN-2826-1 http://www.ubuntu.com/usn/USN-2829-1 http://www.ubuntu.com/usn/USN-2829-2 Common Vulnerability Exposure (CVE) ID: CVE-2016-2065 BugTraq ID: 92376 http://www.securityfocus.com/bid/92376 Common Vulnerability Exposure (CVE) ID: CVE-2016-2549 BugTraq ID: 83382 http://www.securityfocus.com/bid/83382 Debian Security Information: DSA-3503 (Google Search) http://www.debian.org/security/2016/dsa-3503 http://www.openwall.com/lists/oss-security/2016/01/19/1 SuSE Security Announcement: SUSE-SU-2016:0911 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html SuSE Security Announcement: SUSE-SU-2016:1102 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html SuSE Security Announcement: SUSE-SU-2016:2074 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html http://www.ubuntu.com/usn/USN-2929-1 http://www.ubuntu.com/usn/USN-2929-2 http://www.ubuntu.com/usn/USN-2930-1 http://www.ubuntu.com/usn/USN-2930-2 http://www.ubuntu.com/usn/USN-2930-3 http://www.ubuntu.com/usn/USN-2931-1 http://www.ubuntu.com/usn/USN-2932-1 http://www.ubuntu.com/usn/USN-2967-1 http://www.ubuntu.com/usn/USN-2967-2 Common Vulnerability Exposure (CVE) ID: CVE-2016-3672 BugTraq ID: 85884 http://www.securityfocus.com/bid/85884 Bugtraq: 20160406 CVE-2016-3672 - Unlimiting the stack not longer disables ASLR (Google Search) http://www.securityfocus.com/archive/1/537996/100/0/threaded Debian Security Information: DSA-3607 (Google Search) http://www.debian.org/security/2016/dsa-3607 https://www.exploit-db.com/exploits/39669/ http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182524.html http://seclists.org/fulldisclosure/2016/Apr/26 http://hmarco.org/bugs/CVE-2016-3672-Unlimiting-the-stack-not-longer-dis http://hmarco.org/bugs/CVE-2016-3672-Unlimiting-the-stack-not-longer-disables-ASLR.html RedHat Security Advisories: RHSA-2018:0676 https://access.redhat.com/errata/RHSA-2018:0676 RedHat Security Advisories: RHSA-2018:1062 https://access.redhat.com/errata/RHSA-2018:1062 http://www.securitytracker.com/id/1035506 SuSE Security Announcement: SUSE-SU-2016:1690 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html SuSE Security Announcement: SUSE-SU-2016:1937 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html SuSE Security Announcement: SUSE-SU-2016:2105 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html SuSE Security Announcement: openSUSE-SU-2016:1641 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html SuSE Security Announcement: openSUSE-SU-2016:2184 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html http://www.ubuntu.com/usn/USN-2989-1 http://www.ubuntu.com/usn/USN-2996-1 http://www.ubuntu.com/usn/USN-2997-1 http://www.ubuntu.com/usn/USN-2998-1 http://www.ubuntu.com/usn/USN-3000-1 http://www.ubuntu.com/usn/USN-3001-1 http://www.ubuntu.com/usn/USN-3002-1 http://www.ubuntu.com/usn/USN-3003-1 http://www.ubuntu.com/usn/USN-3004-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-4486 BugTraq ID: 90051 http://www.securityfocus.com/bid/90051 https://www.exploit-db.com/exploits/46006/ http://www.openwall.com/lists/oss-security/2016/05/04/27 SuSE Security Announcement: SUSE-SU-2016:1672 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html SuSE Security Announcement: SUSE-SU-2016:1696 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html SuSE Security Announcement: SUSE-SU-2016:1985 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html http://www.ubuntu.com/usn/USN-3005-1 http://www.ubuntu.com/usn/USN-3006-1 http://www.ubuntu.com/usn/USN-3007-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-5344 BugTraq ID: 92695 http://www.securityfocus.com/bid/92695 Common Vulnerability Exposure (CVE) ID: CVE-2016-6213 BugTraq ID: 91754 http://www.securityfocus.com/bid/91754 http://www.openwall.com/lists/oss-security/2016/07/13/8 RedHat Security Advisories: RHSA-2017:1842 https://access.redhat.com/errata/RHSA-2017:1842 RedHat Security Advisories: RHSA-2017:2077 https://access.redhat.com/errata/RHSA-2017:2077 Common Vulnerability Exposure (CVE) ID: CVE-2016-6480 BugTraq ID: 92214 http://www.securityfocus.com/bid/92214 Bugtraq: 20160801 [CVE-2016-6480] Double-Fetch Vulnerability in Linux-4.5/drivers/scsi/aacraid/commctrl.c (Google Search) http://www.securityfocus.com/archive/1/539074/30/0/threaded RedHat Security Advisories: RHSA-2016:2574 http://rhn.redhat.com/errata/RHSA-2016-2574.html RedHat Security Advisories: RHSA-2016:2584 http://rhn.redhat.com/errata/RHSA-2016-2584.html RedHat Security Advisories: RHSA-2017:0817 http://rhn.redhat.com/errata/RHSA-2017-0817.html SuSE Security Announcement: SUSE-SU-2016:2174 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00048.html SuSE Security Announcement: SUSE-SU-2016:2175 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00049.html SuSE Security Announcement: SUSE-SU-2016:2177 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00050.html SuSE Security Announcement: SUSE-SU-2016:2178 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00051.html SuSE Security Announcement: SUSE-SU-2016:2179 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00052.html SuSE Security Announcement: SUSE-SU-2016:2180 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00053.html SuSE Security Announcement: SUSE-SU-2016:2181 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00054.html SuSE Security Announcement: SUSE-SU-2016:2230 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00001.html Common Vulnerability Exposure (CVE) ID: CVE-2016-9555 BugTraq ID: 94479 http://www.securityfocus.com/bid/94479 http://www.openwall.com/lists/oss-security/2016/11/22/18 RedHat Security Advisories: RHSA-2017:0086 http://rhn.redhat.com/errata/RHSA-2017-0086.html RedHat Security Advisories: RHSA-2017:0091 http://rhn.redhat.com/errata/RHSA-2017-0091.html RedHat Security Advisories: RHSA-2017:0113 http://rhn.redhat.com/errata/RHSA-2017-0113.html RedHat Security Advisories: RHSA-2017:0307 http://rhn.redhat.com/errata/RHSA-2017-0307.html http://www.securitytracker.com/id/1037339 SuSE Security Announcement: SUSE-SU-2016:3096 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00044.html SuSE Security Announcement: SUSE-SU-2016:3113 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00054.html SuSE Security Announcement: SUSE-SU-2016:3116 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00055.html SuSE Security Announcement: SUSE-SU-2016:3117 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00056.html SuSE Security Announcement: SUSE-SU-2016:3169 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00067.html SuSE Security Announcement: SUSE-SU-2016:3183 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00070.html SuSE Security Announcement: SUSE-SU-2016:3197 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00073.html SuSE Security Announcement: SUSE-SU-2016:3205 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00076.html SuSE Security Announcement: SUSE-SU-2016:3206 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00077.html SuSE Security Announcement: SUSE-SU-2016:3247 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00087.html Common Vulnerability Exposure (CVE) ID: CVE-2016-9685 BugTraq ID: 94593 http://www.securityfocus.com/bid/94593 http://www.openwall.com/lists/oss-security/2016/11/30/1 RedHat Security Advisories: RHSA-2017:2669 https://access.redhat.com/errata/RHSA-2017:2669 Common Vulnerability Exposure (CVE) ID: CVE-2017-7308 BugTraq ID: 97234 http://www.securityfocus.com/bid/97234 https://www.exploit-db.com/exploits/41994/ https://www.exploit-db.com/exploits/44654/ https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html RedHat Security Advisories: RHSA-2017:1297 https://access.redhat.com/errata/RHSA-2017:1297 RedHat Security Advisories: RHSA-2017:1298 https://access.redhat.com/errata/RHSA-2017:1298 RedHat Security Advisories: RHSA-2017:1308 https://access.redhat.com/errata/RHSA-2017:1308 RedHat Security Advisories: RHSA-2018:1854 https://access.redhat.com/errata/RHSA-2018:1854 Common Vulnerability Exposure (CVE) ID: CVE-2017-8925 BugTraq ID: 98462 http://www.securityfocus.com/bid/98462 Debian Security Information: DSA-3886 (Google Search) http://www.debian.org/security/2017/dsa-3886
Copyright	Copyright (C) 2020 Greenbone Networks GmbH