ALT-BU-2015-2700-1
Branch t7 update bulletin.
Package adobe-flash-player updated to version 11-alt55 for branch t7 in task 151891.
Closed vulnerabilities
BDU:2015-11791
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2016-00275
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2016-00276
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
Modified: 2025-02-14
CVE-2015-7645
Adobe Flash Player 18.x through 18.0.0.252 and 19.x through 19.0.0.207 on Windows and OS X and 11.x through 11.2.202.535 on Linux allows remote attackers to execute arbitrary code via a crafted SWF file, as exploited in the wild in October 2015.
- http://blog.trendmicro.com/trendlabs-security-intelligence/new-adobe-flash-zero-day-used-in-pawn-storm-campaign/
- openSUSE-SU-2015:1768
- SUSE-SU-2015:1770
- SUSE-SU-2015:1771
- openSUSE-SU-2015:1781
- http://packetstormsecurity.com/files/134009/Adobe-Flash-IExternalizable.writeExternal-Type-Confusion.html
- RHSA-2015:1913
- RHSA-2015:2024
- 77081
- 1033850
- https://helpx.adobe.com/security/products/flash-player/apsa15-05.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-27.html
- GLSA-201511-02
- 38490
- http://blog.trendmicro.com/trendlabs-security-intelligence/new-adobe-flash-zero-day-used-in-pawn-storm-campaign/
- 38490
- GLSA-201511-02
- https://helpx.adobe.com/security/products/flash-player/apsb15-27.html
- https://helpx.adobe.com/security/products/flash-player/apsa15-05.html
- 1033850
- 77081
- RHSA-2015:2024
- RHSA-2015:1913
- http://packetstormsecurity.com/files/134009/Adobe-Flash-IExternalizable.writeExternal-Type-Confusion.html
- openSUSE-SU-2015:1781
- SUSE-SU-2015:1771
- SUSE-SU-2015:1770
- openSUSE-SU-2015:1768
Modified: 2024-11-21
CVE-2015-7647
Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on Windows and OS X and before 11.2.202.540 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-7648.
Modified: 2024-11-21
CVE-2015-7648
Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on Windows and OS X and before 11.2.202.540 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-7647.
Package kernel-modules-nvidia-std-def updated to version 352.55-alt1.200246.0.M70P.1 for branch t7 in task 151891.
Closed vulnerabilities
BDU:2015-12100
Уязвимость программного обеспечения графического процессора NVIDIA GPU, позволяющая нарушителю повысить свои привилегии или вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2015-5053
The host memory mapping path feature in the NVIDIA GPU graphics driver R346 before 346.87 and R352 before 352.41 for Linux and R352 before 352.46 for GRID vGPU and vSGA does not properly restrict access to third-party device IO memory, which allows attackers to gain privileges, cause a denial of service (resource consumption), or possibly have unspecified other impact via unknown vectors related to the follow_pfn kernel-mode API call.
Package nvidia_glx_common updated to version 352.55-alt155 for branch t7 in task 151891.
Closed vulnerabilities
BDU:2015-12100
Уязвимость программного обеспечения графического процессора NVIDIA GPU, позволяющая нарушителю повысить свои привилегии или вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2015-5053
The host memory mapping path feature in the NVIDIA GPU graphics driver R346 before 346.87 and R352 before 352.41 for Linux and R352 before 352.46 for GRID vGPU and vSGA does not properly restrict access to third-party device IO memory, which allows attackers to gain privileges, cause a denial of service (resource consumption), or possibly have unspecified other impact via unknown vectors related to the follow_pfn kernel-mode API call.