ALT-BU-2014-2684-1
Branch p6 update bulletin.
Package kernel-image-un-def updated to version 3.4.84-alt0.M60P.1 for branch p6 in task 116946.
Closed vulnerabilities
BDU:2014-00102
Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании
BDU:2015-04307
Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
- CVE-2012-2372
- CVE-2013-2929
- CVE-2013-4299
- CVE-2013-4579
- CVE-2013-6382
- CVE-2013-7339
- CVE-2014-0055
- CVE-2014-0077
- CVE-2014-0101
- CVE-2014-0131
- CVE-2014-0155
- CVE-2014-1444
- CVE-2014-1445
- CVE-2014-1446
- CVE-2014-1874
- CVE-2014-2309
- CVE-2014-2523
- CVE-2014-2678
- CVE-2014-2851
- CVE-2014-3122
- CVE-2014-3144
- CVE-2014-3145
- CVE-2014-3917
- CVE-2014-4652
- CVE-2014-4653
- CVE-2014-4654
- CVE-2014-4655
- CVE-2014-4656
- CVE-2014-4699
BDU:2015-04308
Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
- CVE-2012-2372
- CVE-2013-2929
- CVE-2013-4299
- CVE-2013-4579
- CVE-2013-6382
- CVE-2013-7339
- CVE-2014-0055
- CVE-2014-0077
- CVE-2014-0101
- CVE-2014-0131
- CVE-2014-0155
- CVE-2014-1444
- CVE-2014-1445
- CVE-2014-1446
- CVE-2014-1874
- CVE-2014-2309
- CVE-2014-2523
- CVE-2014-2678
- CVE-2014-2851
- CVE-2014-3122
- CVE-2014-3144
- CVE-2014-3145
- CVE-2014-3917
- CVE-2014-4652
- CVE-2014-4653
- CVE-2014-4654
- CVE-2014-4655
- CVE-2014-4656
- CVE-2014-4699
BDU:2015-04309
Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
- CVE-2012-2372
- CVE-2013-2929
- CVE-2013-4299
- CVE-2013-4579
- CVE-2013-6382
- CVE-2013-7339
- CVE-2014-0055
- CVE-2014-0077
- CVE-2014-0101
- CVE-2014-0131
- CVE-2014-0155
- CVE-2014-1444
- CVE-2014-1445
- CVE-2014-1446
- CVE-2014-1874
- CVE-2014-2309
- CVE-2014-2523
- CVE-2014-2678
- CVE-2014-2851
- CVE-2014-3122
- CVE-2014-3144
- CVE-2014-3145
- CVE-2014-3917
- CVE-2014-4652
- CVE-2014-4653
- CVE-2014-4654
- CVE-2014-4655
- CVE-2014-4656
- CVE-2014-4699
BDU:2015-04310
Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
- CVE-2012-2372
- CVE-2013-2929
- CVE-2013-4299
- CVE-2013-4579
- CVE-2013-6382
- CVE-2013-7339
- CVE-2014-0055
- CVE-2014-0077
- CVE-2014-0101
- CVE-2014-0131
- CVE-2014-0155
- CVE-2014-1444
- CVE-2014-1445
- CVE-2014-1446
- CVE-2014-1874
- CVE-2014-2309
- CVE-2014-2523
- CVE-2014-2678
- CVE-2014-2851
- CVE-2014-3122
- CVE-2014-3144
- CVE-2014-3145
- CVE-2014-3917
- CVE-2014-4652
- CVE-2014-4653
- CVE-2014-4654
- CVE-2014-4655
- CVE-2014-4656
- CVE-2014-4699
Modified: 2024-11-21
CVE-2014-0101
The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk.
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729
- RHSA-2014:0328
- RHSA-2014:0328
- RHSA-2014:0419
- RHSA-2014:0419
- RHSA-2014:0432
- RHSA-2014:0432
- 59216
- 59216
- http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html
- http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html
- [oss-security] 20140304 CVE-2014-0101 -- Linux kernel: net: sctp: null pointer dereference when processing authenticated cookie_echo chunk
- [oss-security] 20140304 CVE-2014-0101 -- Linux kernel: net: sctp: null pointer dereference when processing authenticated cookie_echo chunk
- 65943
- 65943
- USN-2173-1
- USN-2173-1
- USN-2174-1
- USN-2174-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1070705
- https://bugzilla.redhat.com/show_bug.cgi?id=1070705
- https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729
- https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729
Modified: 2024-11-21
CVE-2014-2706
Race condition in the mac80211 subsystem in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via network traffic that improperly interacts with the WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and tx.c.
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1d147bfa64293b2723c4fec50922168658e613ba
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1d147bfa64293b2723c4fec50922168658e613ba
- http://linux.oracle.com/errata/ELSA-2014-3052.html
- http://linux.oracle.com/errata/ELSA-2014-3052.html
- SUSE-SU-2014:1316
- SUSE-SU-2014:1316
- SUSE-SU-2014:1319
- SUSE-SU-2014:1319
- 60613
- 60613
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.7
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.7
- [oss-security] 20140401 Re: CVE request: Linux Kernel, two security issues
- [oss-security] 20140401 Re: CVE request: Linux Kernel, two security issues
- 66591
- 66591
- 1038201
- 1038201
- https://bugzilla.kernel.org/show_bug.cgi?id=70551#c18
- https://bugzilla.kernel.org/show_bug.cgi?id=70551#c18
- https://bugzilla.redhat.com/show_bug.cgi?id=1083512
- https://bugzilla.redhat.com/show_bug.cgi?id=1083512
- https://github.com/torvalds/linux/commit/1d147bfa64293b2723c4fec50922168658e613ba
- https://github.com/torvalds/linux/commit/1d147bfa64293b2723c4fec50922168658e613ba
- https://source.android.com/security/bulletin/2017-04-01
- https://source.android.com/security/bulletin/2017-04-01