| Description: | Summary:
The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2016:1203-1 advisory.
Vulnerability Insight:
The SUSE Linux Enterprise 11 SP3 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in
the Linux kernel allowed local users to bypass intended AF_UNIX socket
permissions or cause a denial of service (panic) via crafted epoll_ctl
calls (bnc#955654).
- CVE-2015-7509: fs/ext4/namei.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (system crash) via
a crafted no-journal filesystem, a related issue to CVE-2013-2015
(bnc#956707).
- CVE-2015-7515: An out of bounds memory access in the aiptek USB
driver could be used by physical local attackers to crash the kernel
(bnc#956708).
- CVE-2015-7550: The keyctl_read_key function in security/keys/keyctl.c
in the Linux kernel did not properly use a semaphore, which allowed
local users to cause a denial of service (NULL pointer dereference and
system crash) or possibly have unspecified other impact via a crafted
application that leverages a race condition between keyctl_revoke and
keyctl_read calls (bnc#958951).
- CVE-2015-7566: A malicious USB device could cause kernel crashes in
the visor device driver (bnc#961512).
- CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in
the Linux kernel did not ensure that certain slot numbers are valid,
which allowed local users to cause a denial of service (NULL pointer
dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call
(bnc#949936).
- CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in the Linux
kernel did not validate attempted changes to the MTU value, which allowed
context-dependent attackers to cause a denial of service (packet loss)
via a value that is (1) smaller than the minimum compliant value or
(2) larger than the MTU of an interface, as demonstrated by a Router
Advertisement (RA) message that is not validated by a daemon, a different
vulnerability than CVE-2015-0272. NOTE: the scope of CVE-2015-0272 is
limited to the NetworkManager product (bnc#955354).
- CVE-2015-8539: The KEYS subsystem in the Linux kernel allowed
local users to gain privileges or cause a denial of service (BUG)
via crafted keyctl commands that negatively instantiate a key, related
to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c,
and security/keys/user_defined.c (bnc#958463).
- CVE-2015-8543: The networking implementation in the Linux kernel
did not validate protocol identifiers for certain protocol families,
which allowed local users to cause a denial of service (NULL function
pointer dereference and system crash) or possibly gain privileges by
leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application
(bnc#958886).
- CVE-2015-8550: Optimizations introduced by the compiler could have
lead to double fetch vulnerabilities, potentially possibly leading to
... [Please see the references for more information on the vulnerabilities]
Affected Software/OS:
'Linux Kernel' package(s) on SUSE Linux Enterprise Server 11-SP3.
Solution:
Please install the updated package(s).
CVSS Score:
10.0
CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
