ALT-BU-2017-2949-1
Branch sisyphus update bulletin.
Package kernel-image-un-def updated to version 4.9.11-alt1 for branch sisyphus in task 178434.
Closed vulnerabilities
BDU:2017-01082
Уязвимость операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие
BDU:2017-01083
Уязвимость операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие
BDU:2017-01084
Уязвимость операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие
BDU:2017-01463
Уязвимость функции ip6gre_err операционной системы Linux, позволяющая нарушителю оказать неопределенное воздействие
Modified: 2024-11-21
CVE-2017-5897
The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access.
- DSA-3791
- DSA-3791
- [oss-security] 20170207 Re: CVE Request: Linux: ip6_gre: invalid reads in ip6gre_err()
- [oss-security] 20170207 Re: CVE Request: Linux: ip6_gre: invalid reads in ip6gre_err()
- 96037
- 96037
- 1037794
- 1037794
- https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=7892032cfe67f4bde6fc2ee967e45a8fbaf33756
- https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=7892032cfe67f4bde6fc2ee967e45a8fbaf33756
- https://source.android.com/security/bulletin/2017-09-01
- https://source.android.com/security/bulletin/2017-09-01
- USN-3754-1
- USN-3754-1
Modified: 2024-11-21
CVE-2017-6214
The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccf7abb93af09ad0868ae9033d1ca8108bdaec82
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccf7abb93af09ad0868ae9033d1ca8108bdaec82
- DSA-3804
- DSA-3804
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11
- 96421
- 96421
- 1037897
- 1037897
- RHSA-2017:1372
- RHSA-2017:1372
- RHSA-2017:1615
- RHSA-2017:1615
- RHSA-2017:1616
- RHSA-2017:1616
- RHSA-2017:1647
- RHSA-2017:1647
- https://github.com/torvalds/linux/commit/ccf7abb93af09ad0868ae9033d1ca8108bdaec82
- https://github.com/torvalds/linux/commit/ccf7abb93af09ad0868ae9033d1ca8108bdaec82
- https://source.android.com/security/bulletin/2017-09-01
- https://source.android.com/security/bulletin/2017-09-01
Modified: 2024-11-21
CVE-2017-8068
drivers/net/usb/pegasus.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11
- [oss-security] 20170416 Silently (or obliviously) partially-fixed CONFIG_STRICT_DEVMEM bypass
- [oss-security] 20170416 Silently (or obliviously) partially-fixed CONFIG_STRICT_DEVMEM bypass
- 98000
- 98000
- 98008
- 98008
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5593523f968bc86d42a035c6df47d5e0979b5ace
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5593523f968bc86d42a035c6df47d5e0979b5ace
- https://github.com/torvalds/linux/commit/5593523f968bc86d42a035c6df47d5e0979b5ace
- https://github.com/torvalds/linux/commit/5593523f968bc86d42a035c6df47d5e0979b5ace
Modified: 2024-11-21
CVE-2017-8069
drivers/net/usb/rtl8150.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11
- [oss-security] 20170416 Silently (or obliviously) partially-fixed CONFIG_STRICT_DEVMEM bypass
- [oss-security] 20170416 Silently (or obliviously) partially-fixed CONFIG_STRICT_DEVMEM bypass
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7926aff5c57b577ab0f43364ff0c59d968f6a414
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7926aff5c57b577ab0f43364ff0c59d968f6a414
- https://github.com/torvalds/linux/commit/7926aff5c57b577ab0f43364ff0c59d968f6a414
- https://github.com/torvalds/linux/commit/7926aff5c57b577ab0f43364ff0c59d968f6a414
Modified: 2024-11-21
CVE-2017-8070
drivers/net/usb/catc.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11
- [oss-security] 20170416 Silently (or obliviously) partially-fixed CONFIG_STRICT_DEVMEM bypass
- [oss-security] 20170416 Silently (or obliviously) partially-fixed CONFIG_STRICT_DEVMEM bypass
- 98011
- 98011
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2d6a0e9de03ee658a9adc3bfb2f0ca55dff1e478
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2d6a0e9de03ee658a9adc3bfb2f0ca55dff1e478
- https://github.com/torvalds/linux/commit/2d6a0e9de03ee658a9adc3bfb2f0ca55dff1e478
- https://github.com/torvalds/linux/commit/2d6a0e9de03ee658a9adc3bfb2f0ca55dff1e478
Closed vulnerabilities
Modified: 2024-11-21
CVE-2014-4000
Cacti before 1.0.0 allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object, related to calling unserialize(stripslashes()).
- https://forums.cacti.net/viewtopic.php?f=4&t=56794
- https://forums.cacti.net/viewtopic.php?f=4&t=56794
- GLSA-201711-10
- GLSA-201711-10
- https://security-tracker.debian.org/tracker/CVE-2014-4000
- https://security-tracker.debian.org/tracker/CVE-2014-4000
- https://www.cacti.net/release_notes_1_0_0.php
- https://www.cacti.net/release_notes_1_0_0.php
Modified: 2024-11-21
CVE-2016-10700
auth_login.php in Cacti before 1.0.0 allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database, because the guest user is not considered. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-2313.
- http://bugs.cacti.net/view.php?id=2697
- http://bugs.cacti.net/view.php?id=2697
- http://www.cacti.net/release_notes_1_0_0.php
- http://www.cacti.net/release_notes_1_0_0.php
- https://github.com/Cacti/cacti/commit/69983495cd41bf0903fe02baeef84b1fa85f2846
- https://github.com/Cacti/cacti/commit/69983495cd41bf0903fe02baeef84b1fa85f2846
- https://web.archive.org/web/20160817090458/http://bugs.cacti.net/view.php?id=2697
- https://web.archive.org/web/20160817090458/http://bugs.cacti.net/view.php?id=2697