ALT Linux Team

Branch p8 update on 2021-03-31

2021-03-31

ALT-BU-2021-3826-1

Branch p8 update bulletin.

ALT-PU-2021-1552-1

Package kernel-image-std-def updated to version 4.9.262-alt0.M80P.1 for branch p8 in task 268239.

Closed vulnerabilities

Published: 2019-10-09

BDU:2019-04812

Уязвимость функции adis_update_scan_mode_burst() (drivers/iio/imu/adis_buffer.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH (7.8) Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
References:
Published: 2019-10-09

BDU:2019-04829

Уязвимость функции adis_update_scan_mode() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH (7.8) Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
References:
Published: 2021-03-10

BDU:2021-01688

Уязвимость функции rtw_wx_set_scan() (drivers/staging/rtl8188eu/os_dep/ioctl_linux.c) ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (8.8) Vector: AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH (8.3) Vector: AV:A/AC:L/Au:N/C:C/I:C/A:C
References:
Published: 2019-11-18
Modified: 2024-11-21

CVE-2019-19060

A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.

Severity: HIGH (7.8) Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2019-11-18
Modified: 2024-11-21

CVE-2019-19061

A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-9c0530e898f3.

Severity: HIGH (7.8) Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2021-03-17
Modified: 2024-11-21

CVE-2021-28660

rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/* (unfinished work); however, system integrators may have situations in which a drivers/staging issue is relevant to their own customer base.

Severity: HIGH (8.3) Vector: AV:A/AC:L/Au:N/C:C/I:C/A:C
Severity: HIGH (8.8) Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:

ALT-PU-2021-1576-1

Package hddtemp updated to version 0.4.2-alt1 for branch p8 in task 267162.

Closed bugs

Bug #28054

hddtemp: Необходимо обеспечить совместимость службы с systemd

Bug #38616

/usr/sbin/hddtemp -nq -u C /dev/sda Ошибка сегментирования

VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.2
Back to top