Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » SUSE-2015:10740

Overview

Id SUSE-2015:10740
Name Novell SUSE 2015:10740 kernel security update for SLE 11 SP3 x86_64
Vendor Name novell
Product None
Content Type Critical - 01 Critical - 01
Language(s)
Operating System(s) Linux 
Released On 29 May 2015 12:00:00

SUSE-2015:10740

Novell SUSE 2015:10740 kernel security update for SLE 11 SP3 x86_64

Vendor Name

novell

Product

None

Released On

29 May 2015 12:00:00

Url

http://www.novell.com/support

Description

LSAC(v2)
The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to fix various bugs and security issues. The following vulnerabilities have been fixed: * CVE-2015-3636: A missing sk_nulls_node_init() in ping_unhash() inside the ipv4 stack can cause crashes if a disconnect is followed by another connect() attempt. (bnc#929525) * CVE-2015-3339: Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped. (bnc#928130) * CVE-2015-3331: The __driver_rfc4106_decrypt function in arch/x86/crypto/aesni-intel_glue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for encrypted data, which allows context-dependent attackers to cause a denial of service (buffer overflow and system crash) or possibly execute arbitrary code by triggering a crypto API call, as demonstrated by use of a libkcapi test program with an AF_ALG(aead) socket. (bnc#927257) * CVE-2015-2922: The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message. (bnc#922583) * CVE-2015-2830: arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrated by an attack against seccomp before 3.16. (bnc#926240) * CVE-2015-2150: XSA-120: Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response. (bnc#919463) * CVE-2015-2042: net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry. (bnc#919018) * CVE-2015-2041: net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry. (bnc#919007) * CVE-2015-1421: Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper handling of shared-key data. (bnc#915577) * CVE-2015-0777: drivers/xen

Related Resources

Related Vulnerabilities

CVE-2014-8086   CVE-2014-8159   CVE-2014-9419   CVE-2014-9529   CVE-2015-0777   CVE-2015-1421   CVE-2015-2041   CVE-2015-2042   CVE-2015-2150   CVE-2015-2830   CVE-2015-2922   CVE-2015-3331   CVE-2015-3339   CVE-2015-3636  

Related Patches

None

Superseded Patches

None


Last Updated: 27 May 2016 11:21:58