All errata/sisyphus/ALT-PU-2013-1236-2
ALT-PU-2013-1236-2

Package update kernel-image-un-def in branch sisyphus

Version3.12.2-alt1
Task#109862
Published2026-02-04
Max severityCRITICAL
Severity:

Closed issues (13)

BDU:2014-00089
LOW3.3

Уязвимость операционной системы Linux, приводящая к раскрытию информации

Published: 2016-07-05Modified: 2021-08-19
CVSS 2.0LOW 3.3
CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:N
References
BDU:2014-00096
MEDIUM4.7

Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии

Published: 2016-07-05Modified: 2026-04-30
CVSS 2.0MEDIUM 4.7
CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C
References
BDU:2014-00098
MEDIUM4.0

Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии

Published: 2016-07-05Modified: 2016-11-28
CVSS 2.0MEDIUM 4.0
CVSS:2.0/AV:L/AC:H/Au:N/C:N/I:N/A:C
References
BDU:2015-04307
CRITICAL10.0

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2026-04-30
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
References
BDU:2015-04308
CRITICAL10.0

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
References
BDU:2015-04309
CRITICAL10.0

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
References
BDU:2015-04310
CRITICAL10.0

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
References
CVE-2013-2929
LOW3.3

The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a crafted application, related to kernel/ptrace.c and arch/ia64/include/asm/processor.h.

Published: 2013-12-09Modified: 2026-04-29
CVSS 2.0LOW 3.3
CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:N
References
CVE-2013-2930
LOW3.6

The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application.

Published: 2013-12-09Modified: 2026-04-29
CVSS 2.0LOW 3.6
CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:N
References
CVE-2013-6378
MEDIUM4.4

The lbs_debugfs_write function in drivers/net/wireless/libertas/debugfs.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service (OOPS) by leveraging root privileges for a zero-length write operation.

Published: 2013-11-27Modified: 2026-04-29
CVSS 2.0MEDIUM 4.4
CVSS:2.0/AV:L/AC:M/Au:S/C:N/I:N/A:C
References
CVE-2013-6380
MEDIUM4.7

The aac_send_raw_srb function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 3.12.1 does not properly validate a certain size value, which allows local users to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via an FSACTL_SEND_RAW_SRB ioctl call that triggers a crafted SRB command.

Published: 2013-11-27Modified: 2026-04-29
CVSS 2.0MEDIUM 4.7
CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C
References
CVE-2013-6382
MEDIUM4.0

Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value, related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c.

Published: 2013-11-27Modified: 2026-04-29
CVSS 2.0MEDIUM 4.0
CVSS:2.0/AV:L/AC:H/Au:N/C:N/I:N/A:C
References
CVE-2013-7026
MEDIUM4.7

Multiple race conditions in ipc/shm.c in the Linux kernel before 3.12.2 allow local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted application that uses shmctl IPC_RMID operations in conjunction with other shm system calls.

Published: 2013-12-09Modified: 2026-04-29
CVSS 2.0MEDIUM 4.7
CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C
References