| Beschreibung: | Summary:
The remote host is missing an update for the 'kernel'
package(s) announced via the referenced advisory.
Vulnerability Insight:
The SUSE Linux Enterprise Server 11 SP1 LTSS received a roll up update to
fix several security and non-security issues.
The following security issues have been fixed:
* CVE-2013-1860: Heap-based buffer overflow in the wdm_in_callback
function in drivers/usb/class/cdc-wdm.c in the Linux kernel before
3.8.4 allows physically proximate attackers to cause a denial of
service (system crash) or possibly execute arbitrary code via a
crafted cdc-wdm USB device. (bnc#806431)
* CVE-2013-4162: The udp_v6_push_pending_frames function in
net/ipv6/udp.c in the IPv6 implementation in the Linux kernel
through 3.10.3 makes an incorrect function call for pending data,
which allows local users to cause a denial of service (BUG and
system crash) via a crafted application that uses the UDP_CORK
option in a setsockopt system call. (bnc#831058)
* CVE-2014-0203: The __do_follow_link function in fs/namei.c in the
Linux kernel before 2.6.33 does not properly handle the last
pathname component during use of certain filesystems, which allows
local users to cause a denial of service (incorrect free operations
and system crash) via an open system call. (bnc#883526)
* CVE-2014-3144: The (1) BPF_S_ANC_NLATTR and (2)
BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter
function in net/core/filter.c in the Linux kernel through 3.14.3 do
not check whether a certain length value is sufficiently large,
which allows local users to cause a denial of service (integer
underflow and system crash) via crafted BPF instructions. NOTE: the
affected code was moved to the __skb_get_nlattr and
__skb_get_nlattr_nest functions before the vulnerability was
announced. (bnc#877257)
* CVE-2014-3145: The BPF_S_ANC_NLATTR_NEST extension implementation in
the sk_run_filter function in net/core/filter.c in the Linux kernel
through 3.14.3 uses the reverse order in a certain subtraction,
which allows local users to cause a denial of service (over-read and
system crash) via crafted BPF instructions. NOTE: the affected code
was moved to the __skb_get_nlattr_nest function before the
vulnerability was announced. (bnc#877257)
* CVE-2014-3917: kernel/auditsc.c in the Linux kernel through 3.14.5,
when CONFIG_AUDITSYSCALL is enabled with certain syscall rules,
allows local users to obtain potentially sensitive single-bit values
from kernel memory or cause a denial of service (OOPS) via a large
value of a syscall number. (bnc#880484)
* CVE-2014-4508: arch/x86/kernel/entry_32.S in the Linux kernel
through 3.15.1 on 32-bit x86 platforms, ...
Description truncated, please see the referenced URL(s) for more information.
Affected Software/OS:
kernel on SUSE Linux Enterprise Server 11 SP1 LTSS
Solution:
Please install the updated package(s).
CVSS Score:
7.1
CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:C
|
