ALT-BU-2016-2776-1
Branch t7 update bulletin.
Package adobe-flash-player updated to version 11-alt62 for branch t7 in task 164731.
Closed vulnerabilities
BDU:2016-01276
Уязвимость программной платформы Flash Player, позволяющая нарушителю получить контроль над системой и вызвать аварийное завершение работы приложения
BDU:2016-01277
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01278
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01279
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01280
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01281
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01282
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01283
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01284
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01285
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01295
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01296
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01297
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01298
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01299
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01300
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01301
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01302
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01303
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01304
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01305
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01306
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01307
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01308
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01309
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
Modified: 2024-11-21
CVE-2016-1096
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
- SUSE-SU-2016:1305
- SUSE-SU-2016:1305
- http://packetstormsecurity.com/files/137051/Adobe-Flash-MP4-File-Stack-Corruption.html
- http://packetstormsecurity.com/files/137051/Adobe-Flash-MP4-File-Stack-Corruption.html
- RHSA-2016:1079
- RHSA-2016:1079
- 90618
- 90618
- 1035827
- 1035827
- MS16-064
- MS16-064
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- 39828
- 39828
Modified: 2024-11-21
CVE-2016-1097
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-1098
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-1099
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-1100
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-1101
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
- SUSE-SU-2016:1305
- SUSE-SU-2016:1305
- http://packetstormsecurity.com/files/137052/Adobe-Flash-ATF-Processing-Heap-Overflow.html
- http://packetstormsecurity.com/files/137052/Adobe-Flash-ATF-Processing-Heap-Overflow.html
- RHSA-2016:1079
- RHSA-2016:1079
- 1035827
- 1035827
- MS16-064
- MS16-064
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- 39827
- 39827
Modified: 2024-11-21
CVE-2016-1102
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
- SUSE-SU-2016:1305
- SUSE-SU-2016:1305
- http://packetstormsecurity.com/files/137053/Adobe-Flash-JXR-Processing-Out-Of-Bounds-Read.html
- http://packetstormsecurity.com/files/137053/Adobe-Flash-JXR-Processing-Out-Of-Bounds-Read.html
- RHSA-2016:1079
- RHSA-2016:1079
- 90618
- 90618
- 1035827
- 1035827
- MS16-064
- MS16-064
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- 39824
- 39824
Modified: 2024-11-21
CVE-2016-1103
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
- SUSE-SU-2016:1305
- SUSE-SU-2016:1305
- http://packetstormsecurity.com/files/137054/Adobe-Flash-Raw-565-Texture-Processing-Overflow.html
- http://packetstormsecurity.com/files/137054/Adobe-Flash-Raw-565-Texture-Processing-Overflow.html
- RHSA-2016:1079
- RHSA-2016:1079
- 1035827
- 1035827
- MS16-064
- MS16-064
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- 39826
- 39826
Modified: 2024-11-21
CVE-2016-1104
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
- SUSE-SU-2016:1305
- SUSE-SU-2016:1305
- http://packetstormsecurity.com/files/137055/Adobe-Flash-Object-Placing-Out-Of-Bounds-Read.html
- http://packetstormsecurity.com/files/137055/Adobe-Flash-Object-Placing-Out-Of-Bounds-Read.html
- RHSA-2016:1079
- RHSA-2016:1079
- 90618
- 90618
- 1035827
- 1035827
- MS16-064
- MS16-064
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- 39825
- 39825
Modified: 2024-11-21
CVE-2016-1105
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
- SUSE-SU-2016:1305
- SUSE-SU-2016:1305
- http://packetstormsecurity.com/files/137056/Adobe-Flash-FileReference-Type-Confusion.html
- http://packetstormsecurity.com/files/137056/Adobe-Flash-FileReference-Type-Confusion.html
- RHSA-2016:1079
- RHSA-2016:1079
- 1035827
- 1035827
- MS16-064
- MS16-064
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- 39829
- 39829
Modified: 2024-11-21
CVE-2016-1106
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
- SUSE-SU-2016:1305
- SUSE-SU-2016:1305
- http://packetstormsecurity.com/files/137057/Adobe-Flash-SetNative-Use-After-Free.html
- http://packetstormsecurity.com/files/137057/Adobe-Flash-SetNative-Use-After-Free.html
- RHSA-2016:1079
- RHSA-2016:1079
- 1035827
- 1035827
- MS16-064
- MS16-064
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- 39831
- 39831
Modified: 2024-11-21
CVE-2016-1107
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-1108
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-1109
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-1110
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-4108
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
- SUSE-SU-2016:1305
- SUSE-SU-2016:1305
- http://packetstormsecurity.com/files/137058/Adobe-Flash-addProperty-Use-After-Free.html
- http://packetstormsecurity.com/files/137058/Adobe-Flash-addProperty-Use-After-Free.html
- RHSA-2016:1079
- RHSA-2016:1079
- 1035827
- 1035827
- MS16-064
- MS16-064
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- 39830
- 39830
Modified: 2024-11-21
CVE-2016-4109
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-4110
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-4111
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-4112
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-4113
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-4114
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-4115
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-4116
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2025-02-14
CVE-2016-4117
Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in May 2016.
- SUSE-SU-2016:1305
- openSUSE-SU-2016:1306
- openSUSE-SU-2016:1308
- openSUSE-SU-2016:1309
- RHSA-2016:1079
- 90505
- 1035826
- https://helpx.adobe.com/security/products/flash-player/apsa16-02.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- GLSA-201606-08
- 46339
- SUSE-SU-2016:1305
- 46339
- GLSA-201606-08
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- https://helpx.adobe.com/security/products/flash-player/apsa16-02.html
- 1035826
- 90505
- RHSA-2016:1079
- openSUSE-SU-2016:1309
- openSUSE-SU-2016:1308
- openSUSE-SU-2016:1306
Package kernel-image-std-def updated to version 3.14.69-alt0.M70P.1 for branch t7 in task 164731.
Closed vulnerabilities
BDU:2017-01145
Уязвимость операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2017-8106
The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer.
Package kernel-image-un-def updated to version 4.1.24-alt0.M70P.1 for branch t7 in task 164731.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2016-7912
Use-after-free vulnerability in the ffs_user_copy_worker function in drivers/usb/gadget/function/f_fs.c in the Linux kernel before 4.5.3 allows local users to gain privileges by accessing an I/O data structure after a certain callback call.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=38740a5b87d53ceb89eb2c970150f6e94e00373a
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=38740a5b87d53ceb89eb2c970150f6e94e00373a
- http://source.android.com/security/bulletin/2016-11-01.html
- http://source.android.com/security/bulletin/2016-11-01.html
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.3
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.3
- 94197
- 94197
- https://github.com/torvalds/linux/commit/38740a5b87d53ceb89eb2c970150f6e94e00373a
- https://github.com/torvalds/linux/commit/38740a5b87d53ceb89eb2c970150f6e94e00373a
Modified: 2024-11-21
CVE-2017-7273
The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 3.2 and 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1ebb71143758f45dc0fa76e2f48429e13b16d110
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1ebb71143758f45dc0fa76e2f48429e13b16d110
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4faec4a2ef5dd481682cc155cb9ea14ba2534b76
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4faec4a2ef5dd481682cc155cb9ea14ba2534b76
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.4
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.4
- 97190
- 97190
- https://github.com/torvalds/linux/commit/1ebb71143758f45dc0fa76e2f48429e13b16d110
- https://github.com/torvalds/linux/commit/1ebb71143758f45dc0fa76e2f48429e13b16d110