English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.851367
Categoría:SuSE Local Security Checks
Título:openSUSE: Security Advisory for kernel (openSUSE-SU-2016:1798-1)
Resumen:The remote host is missing an update for the 'kernel'; package(s) announced via the referenced advisory.
Descripción:Summary:
The remote host is missing an update for the 'kernel'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The openSUSE Leap 42.1 was updated to 4.1.27 to receive various security
and bugfixes.

The following security bugs were fixed:

- CVE-2016-4997: A buffer overflow in 32bit compat_setsockopt iptables
handling could lead to a local privilege escalation. (bsc#986362)

- CVE-2016-5829: Multiple heap-based buffer overflows in the
hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux
kernel allow local users to cause a denial of service or possibly have
unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2)
HIDIOCSUSAGES ioctl call (bnc#986572).

- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c
in the Linux kernel did not ensure that a certain data structure is
initialized, which allowed local users to cause a denial of service
(system crash) via vectors involving a crafted keyctl request2 command
(bnc#984755).

- CVE-2016-4794: Use-after-free vulnerability in mm/percpu.c in the Linux
kernel allowed local users to cause a denial of service (BUG)
or possibly have unspecified other impact via crafted use of the mmap
and bpf system calls (bnc#980265).

The following non-security bugs were fixed:

- Refresh patches.xen/xen-netback-coalesce: Restore copying of SKBs with
head exceeding page size (bsc#978469).

- Refresh patches.xen/xen3-patch-2.6.26 (fix PAT initialization).

- Refresh patches.xen/xen3-patch-2.6.39 (fix ia32_compat inheritance).

- Refresh patches.xen/xen3-patch-3.14: Suppress atomic file position
updates for /proc/xen/xenbus (bsc#970275).

- Refresh patches.xen/xen3-patch-3.16 (drop redundant addition of a
comment).

- Refresh patches.xen/xen3-patch-4.1.7-8.

- base: make module_create_drivers_dir race-free (bnc#983977).

- ipvs: count pre-established TCP states as active (bsc#970114).

- net: thunderx: Fix TL4 configuration for secondary Qsets (bsc#986530).

- net: thunderx: Fix link status reporting (bsc#986530).

Affected Software/OS:
kernel on openSUSE Leap 42.1

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-4470
Debian Security Information: DSA-3607 (Google Search)
http://www.debian.org/security/2016/dsa-3607
http://www.openwall.com/lists/oss-security/2016/06/15/11
RedHat Security Advisories: RHSA-2016:1532
http://rhn.redhat.com/errata/RHSA-2016-1532.html
RedHat Security Advisories: RHSA-2016:1539
http://rhn.redhat.com/errata/RHSA-2016-1539.html
RedHat Security Advisories: RHSA-2016:1541
http://rhn.redhat.com/errata/RHSA-2016-1541.html
RedHat Security Advisories: RHSA-2016:1657
http://rhn.redhat.com/errata/RHSA-2016-1657.html
RedHat Security Advisories: RHSA-2016:2006
http://rhn.redhat.com/errata/RHSA-2016-2006.html
RedHat Security Advisories: RHSA-2016:2074
http://rhn.redhat.com/errata/RHSA-2016-2074.html
RedHat Security Advisories: RHSA-2016:2076
http://rhn.redhat.com/errata/RHSA-2016-2076.html
RedHat Security Advisories: RHSA-2016:2128
http://rhn.redhat.com/errata/RHSA-2016-2128.html
RedHat Security Advisories: RHSA-2016:2133
http://rhn.redhat.com/errata/RHSA-2016-2133.html
http://www.securitytracker.com/id/1036763
SuSE Security Announcement: SUSE-SU-2016:1937 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html
SuSE Security Announcement: SUSE-SU-2016:1961 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html
SuSE Security Announcement: SUSE-SU-2016:1985 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html
SuSE Security Announcement: SUSE-SU-2016:1994 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html
SuSE Security Announcement: SUSE-SU-2016:1995 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html
SuSE Security Announcement: SUSE-SU-2016:1998 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00012.html
SuSE Security Announcement: SUSE-SU-2016:1999 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00013.html
SuSE Security Announcement: SUSE-SU-2016:2000 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html
SuSE Security Announcement: SUSE-SU-2016:2001 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html
SuSE Security Announcement: SUSE-SU-2016:2002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html
SuSE Security Announcement: SUSE-SU-2016:2003 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html
SuSE Security Announcement: SUSE-SU-2016:2005 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html
SuSE Security Announcement: SUSE-SU-2016:2006 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html
SuSE Security Announcement: SUSE-SU-2016:2007 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html
SuSE Security Announcement: SUSE-SU-2016:2009 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html
SuSE Security Announcement: SUSE-SU-2016:2010 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html
SuSE Security Announcement: SUSE-SU-2016:2011 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html
SuSE Security Announcement: SUSE-SU-2016:2014 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html
SuSE Security Announcement: SUSE-SU-2016:2018 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html
SuSE Security Announcement: SUSE-SU-2016:2105 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html
SuSE Security Announcement: openSUSE-SU-2016:2184 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html
http://www.ubuntu.com/usn/USN-3049-1
http://www.ubuntu.com/usn/USN-3050-1
http://www.ubuntu.com/usn/USN-3051-1
http://www.ubuntu.com/usn/USN-3052-1
http://www.ubuntu.com/usn/USN-3053-1
http://www.ubuntu.com/usn/USN-3054-1
http://www.ubuntu.com/usn/USN-3055-1
http://www.ubuntu.com/usn/USN-3056-1
http://www.ubuntu.com/usn/USN-3057-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-4794
BugTraq ID: 90625
http://www.securityfocus.com/bid/90625
https://lkml.org/lkml/2016/4/17/125
http://www.openwall.com/lists/oss-security/2016/05/12/6
RedHat Security Advisories: RHSA-2016:2574
http://rhn.redhat.com/errata/RHSA-2016-2574.html
RedHat Security Advisories: RHSA-2016:2584
http://rhn.redhat.com/errata/RHSA-2016-2584.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-4997
BugTraq ID: 91451
http://www.securityfocus.com/bid/91451
https://www.exploit-db.com/exploits/40435/
https://www.exploit-db.com/exploits/40489/
https://github.com/nccgroup/TriforceLinuxSyscallFuzzer/tree/master/crash_reports/report_compatIpt
http://www.openwall.com/lists/oss-security/2016/06/24/5
http://www.openwall.com/lists/oss-security/2016/09/29/10
RedHat Security Advisories: RHSA-2016:1847
http://rhn.redhat.com/errata/RHSA-2016-1847.html
RedHat Security Advisories: RHSA-2016:1875
http://rhn.redhat.com/errata/RHSA-2016-1875.html
RedHat Security Advisories: RHSA-2016:1883
http://rhn.redhat.com/errata/RHSA-2016-1883.html
http://www.securitytracker.com/id/1036171
SuSE Security Announcement: SUSE-SU-2016:1709 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00060.html
SuSE Security Announcement: SUSE-SU-2016:1710 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00061.html
SuSE Security Announcement: SUSE-SU-2016:2174 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00048.html
SuSE Security Announcement: SUSE-SU-2016:2177 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00050.html
SuSE Security Announcement: SUSE-SU-2016:2178 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00051.html
SuSE Security Announcement: SUSE-SU-2016:2179 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00052.html
SuSE Security Announcement: SUSE-SU-2016:2180 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00053.html
SuSE Security Announcement: SUSE-SU-2016:2181 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00054.html
http://www.ubuntu.com/usn/USN-3016-1
http://www.ubuntu.com/usn/USN-3016-2
http://www.ubuntu.com/usn/USN-3016-3
http://www.ubuntu.com/usn/USN-3016-4
http://www.ubuntu.com/usn/USN-3017-1
http://www.ubuntu.com/usn/USN-3017-2
http://www.ubuntu.com/usn/USN-3017-3
http://www.ubuntu.com/usn/USN-3018-1
http://www.ubuntu.com/usn/USN-3018-2
http://www.ubuntu.com/usn/USN-3019-1
http://www.ubuntu.com/usn/USN-3020-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-5829
BugTraq ID: 91450
http://www.securityfocus.com/bid/91450
Debian Security Information: DSA-3616 (Google Search)
http://www.debian.org/security/2016/dsa-3616
http://www.openwall.com/lists/oss-security/2016/06/26/2
SuSE Security Announcement: SUSE-SU-2016:2175 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00049.html
http://www.ubuntu.com/usn/USN-3070-1
http://www.ubuntu.com/usn/USN-3070-2
http://www.ubuntu.com/usn/USN-3070-3
http://www.ubuntu.com/usn/USN-3070-4
http://www.ubuntu.com/usn/USN-3071-1
http://www.ubuntu.com/usn/USN-3071-2
http://www.ubuntu.com/usn/USN-3072-1
http://www.ubuntu.com/usn/USN-3072-2
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2024 E-Soft Inc. Todos los derechos reservados.