Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.850900 |
Kategorie: | SuSE Local Security Checks |
Titel: | SUSE: Security Advisory for Security (SUSE-SU-2015:0658-1) |
Zusammenfassung: | The remote host is missing an update for the 'Security'; package(s) announced via the referenced advisory. |
Beschreibung: | Summary: The remote host is missing an update for the 'Security' package(s) announced via the referenced advisory. Vulnerability Insight: The SUSE Linux Enterprise Server 12 kernel was updated to 3.12.39 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2015-0777: The XEN usb backend could leak information to the guest system due to copying uninitialized memory. - CVE-2015-2150: Xen and the Linux kernel did not properly restrict access to PCI command registers, which might have allowed local guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response. The following non-security bugs were fixed: - Added Little Endian support to vtpm module (bsc#918620). - Add support for pnfs block layout. Patches not included by default yet - ALSA: hda - Fix regression of HD-audio controller fallback modes (bsc#921313). - btrfs: add missing blk_finish_plug in btrfs_sync_log() (bnc#922284). - btrfs: cleanup orphans while looking up default subvolume (bsc#914818). - btrfs: do not ignore errors from btrfs_lookup_xattr in do_setxattr (bnc#922272). - btrfs: fix BUG_ON in btrfs_orphan_add() when delete unused block group (bnc#922278). - btrfs: fix data loss in the fast fsync path (bnc#922275). - btrfs: fix fsync data loss after adding hard link to inode (bnc#922275). - cgroup: revert cgroup_mutex removal from idr_remove (bnc#918644). - cifs: fix use-after-free bug in find_writable_file (bnc#909477). - crypto: rng - RNGs must return 0 in success case (bsc#920805). - crypto: testmgr - fix RNG return code enforcement (bsc#920805). - exit: Always reap resource stats in __exit_signal() (Time scalability). - fork: report pid reservation failure properly (bnc#909684). - fsnotify: Fix handling of renames in audit (bnc#915200). - HID: hyperv: match wait_for_completion_timeout return type. - hv: address compiler warnings for hv_fcopy_daemon.c. - hv: address compiler warnings for hv_kvp_daemon.c. - hv: check vmbus_device_create() return value in vmbus_process_offer(). - hv: do not add redundant / in hv_start_fcopy(). - hv: hv_balloon: Do not post pressure status from interrupt context. - hv: hv_balloon: Fix a locking bug in the balloon driver. - hv: hv_balloon: Make adjustments in computing the floor. - hv: hv_fcopy: drop the obsolete message on transfer failure. - hv: kvp_daemon: make IPv6-only-injection work. - hv: remove unused bytes_written from kvp_update_file(). - hv: rename sc_lock to the more generic lock ... Description truncated, please see the referenced URL(s) for more information. Affected Software/OS: Security on SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Desktop 12 Solution: Please install the updated package(s). CVSS Score: 4.9 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2015-0777 BugTraq ID: 73921 http://www.securityfocus.com/bid/73921 SuSE Security Announcement: SUSE-SU-2015:0658 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00001.html SuSE Security Announcement: SUSE-SU-2015:1478 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html SuSE Security Announcement: SUSE-SU-2015:1592 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html SuSE Security Announcement: SUSE-SU-2015:1611 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html Common Vulnerability Exposure (CVE) ID: CVE-2015-2150 BugTraq ID: 73014 http://www.securityfocus.com/bid/73014 Bugtraq: 20190813 [SECURITY] [DSA 4497-1] linux security update (Google Search) https://seclists.org/bugtraq/2019/Aug/18 Debian Security Information: DSA-3237 (Google Search) http://www.debian.org/security/2015/dsa-3237 http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152747.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155908.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155804.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155854.html http://www.securitytracker.com/id/1031806 http://www.securitytracker.com/id/1031902 http://www.ubuntu.com/usn/USN-2631-1 http://www.ubuntu.com/usn/USN-2632-1 |
Copyright | Copyright (C) 2015 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |