LOW3.3
Уязвимость операционной системы Linux, приводящая к раскрытию информации
CVSS 2.0LOW 3.3
CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:NReferences
ALT-PU-2013-1221-1Package update kernel-image-led-ws in branch sisyphus
Severity:
Closed issues (7)
CRITICAL10.0
Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CReferences
- CVE-2012-2372
- CVE-2013-2929
- CVE-2013-4299
- CVE-2013-4579
- CVE-2013-6382
- CVE-2013-7339
- CVE-2014-0055
- CVE-2014-0077
- CVE-2014-0101
- CVE-2014-0131
- CVE-2014-0155
- CVE-2014-1444
- CVE-2014-1445
- CVE-2014-1446
- CVE-2014-1874
- CVE-2014-2309
- CVE-2014-2523
- CVE-2014-2678
- CVE-2014-2851
- CVE-2014-3122
- CVE-2014-3144
- CVE-2014-3145
- CVE-2014-3917
- CVE-2014-4652
- CVE-2014-4653
- CVE-2014-4654
- CVE-2014-4655
- CVE-2014-4656
- CVE-2014-4699
CRITICAL10.0
Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CReferences
- CVE-2012-2372
- CVE-2013-2929
- CVE-2013-4299
- CVE-2013-4579
- CVE-2013-6382
- CVE-2013-7339
- CVE-2014-0055
- CVE-2014-0077
- CVE-2014-0101
- CVE-2014-0131
- CVE-2014-0155
- CVE-2014-1444
- CVE-2014-1445
- CVE-2014-1446
- CVE-2014-1874
- CVE-2014-2309
- CVE-2014-2523
- CVE-2014-2678
- CVE-2014-2851
- CVE-2014-3122
- CVE-2014-3144
- CVE-2014-3145
- CVE-2014-3917
- CVE-2014-4652
- CVE-2014-4653
- CVE-2014-4654
- CVE-2014-4655
- CVE-2014-4656
- CVE-2014-4699
CRITICAL10.0
Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CReferences
- CVE-2012-2372
- CVE-2013-2929
- CVE-2013-4299
- CVE-2013-4579
- CVE-2013-6382
- CVE-2013-7339
- CVE-2014-0055
- CVE-2014-0077
- CVE-2014-0101
- CVE-2014-0131
- CVE-2014-0155
- CVE-2014-1444
- CVE-2014-1445
- CVE-2014-1446
- CVE-2014-1874
- CVE-2014-2309
- CVE-2014-2523
- CVE-2014-2678
- CVE-2014-2851
- CVE-2014-3122
- CVE-2014-3144
- CVE-2014-3145
- CVE-2014-3917
- CVE-2014-4652
- CVE-2014-4653
- CVE-2014-4654
- CVE-2014-4655
- CVE-2014-4656
- CVE-2014-4699
CRITICAL10.0
Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CReferences
- CVE-2012-2372
- CVE-2013-2929
- CVE-2013-4299
- CVE-2013-4579
- CVE-2013-6382
- CVE-2013-7339
- CVE-2014-0055
- CVE-2014-0077
- CVE-2014-0101
- CVE-2014-0131
- CVE-2014-0155
- CVE-2014-1444
- CVE-2014-1445
- CVE-2014-1446
- CVE-2014-1874
- CVE-2014-2309
- CVE-2014-2523
- CVE-2014-2678
- CVE-2014-2851
- CVE-2014-3122
- CVE-2014-3144
- CVE-2014-3145
- CVE-2014-3917
- CVE-2014-4652
- CVE-2014-4653
- CVE-2014-4654
- CVE-2014-4655
- CVE-2014-4656
- CVE-2014-4699
LOW3.3
The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a crafted application, related to kernel/ptrace.c and arch/ia64/include/asm/processor.h.
CVSS 2.0LOW 3.3
CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:NReferences
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d049f74f2dbe71354d43d393ac3a188947811348
- http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
- http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
- http://rhn.redhat.com/errata/RHSA-2014-0100.html
- http://rhn.redhat.com/errata/RHSA-2014-0159.html
- http://rhn.redhat.com/errata/RHSA-2014-0285.html
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.2
- http://www.securityfocus.com/bid/64111
- http://www.ubuntu.com/usn/USN-2070-1
- http://www.ubuntu.com/usn/USN-2075-1
- http://www.ubuntu.com/usn/USN-2109-1
- http://www.ubuntu.com/usn/USN-2110-1
- http://www.ubuntu.com/usn/USN-2111-1
- http://www.ubuntu.com/usn/USN-2112-1
- http://www.ubuntu.com/usn/USN-2114-1
- http://www.ubuntu.com/usn/USN-2115-1
- http://www.ubuntu.com/usn/USN-2116-1
- http://www.ubuntu.com/usn/USN-2128-1
- http://www.ubuntu.com/usn/USN-2129-1
- https://access.redhat.com/errata/RHSA-2018:1252
- https://bugzilla.redhat.com/show_bug.cgi?id=1028148
- https://github.com/torvalds/linux/commit/d049f74f2dbe71354d43d393ac3a188947811348
- https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.54
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d049f74f2dbe71354d43d393ac3a188947811348
- http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
- http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
- http://rhn.redhat.com/errata/RHSA-2014-0100.html
- http://rhn.redhat.com/errata/RHSA-2014-0159.html
- http://rhn.redhat.com/errata/RHSA-2014-0285.html
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.2
- http://www.securityfocus.com/bid/64111
- http://www.ubuntu.com/usn/USN-2070-1
- http://www.ubuntu.com/usn/USN-2075-1
- http://www.ubuntu.com/usn/USN-2109-1
- http://www.ubuntu.com/usn/USN-2110-1
- http://www.ubuntu.com/usn/USN-2111-1
- http://www.ubuntu.com/usn/USN-2112-1
- http://www.ubuntu.com/usn/USN-2114-1
- http://www.ubuntu.com/usn/USN-2115-1
- http://www.ubuntu.com/usn/USN-2116-1
- http://www.ubuntu.com/usn/USN-2128-1
- http://www.ubuntu.com/usn/USN-2129-1
- https://access.redhat.com/errata/RHSA-2018:1252
- https://bugzilla.redhat.com/show_bug.cgi?id=1028148
- https://github.com/torvalds/linux/commit/d049f74f2dbe71354d43d393ac3a188947811348
- https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.54
LOW3.6
The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application.
CVSS 2.0LOW 3.6
CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:NReferences
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=12ae030d54ef250706da5642fc7697cc60ad0df7
- http://rhn.redhat.com/errata/RHSA-2014-0100.html
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.2
- http://www.ubuntu.com/usn/USN-2068-1
- http://www.ubuntu.com/usn/USN-2070-1
- http://www.ubuntu.com/usn/USN-2071-1
- http://www.ubuntu.com/usn/USN-2072-1
- http://www.ubuntu.com/usn/USN-2074-1
- http://www.ubuntu.com/usn/USN-2075-1
- http://www.ubuntu.com/usn/USN-2076-1
- http://www.ubuntu.com/usn/USN-2112-1
- https://github.com/torvalds/linux/commit/12ae030d54ef250706da5642fc7697cc60ad0df7
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=12ae030d54ef250706da5642fc7697cc60ad0df7
- http://rhn.redhat.com/errata/RHSA-2014-0100.html
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.2
- http://www.ubuntu.com/usn/USN-2068-1
- http://www.ubuntu.com/usn/USN-2070-1
- http://www.ubuntu.com/usn/USN-2071-1
- http://www.ubuntu.com/usn/USN-2072-1
- http://www.ubuntu.com/usn/USN-2074-1
- http://www.ubuntu.com/usn/USN-2075-1
- http://www.ubuntu.com/usn/USN-2076-1
- http://www.ubuntu.com/usn/USN-2112-1
- https://github.com/torvalds/linux/commit/12ae030d54ef250706da5642fc7697cc60ad0df7