ALT-PU-2014-1385-1
Package kernel-image-ovz-el updated to version 2.6.32-alt117 for branch c7 in task 117041.
Closed vulnerabilities
BDU:2015-04307
Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
- CVE-2012-2372
- CVE-2013-2929
- CVE-2013-4299
- CVE-2013-4579
- CVE-2013-6382
- CVE-2013-7339
- CVE-2014-0055
- CVE-2014-0077
- CVE-2014-0101
- CVE-2014-0131
- CVE-2014-0155
- CVE-2014-1444
- CVE-2014-1445
- CVE-2014-1446
- CVE-2014-1874
- CVE-2014-2309
- CVE-2014-2523
- CVE-2014-2678
- CVE-2014-2851
- CVE-2014-3122
- CVE-2014-3144
- CVE-2014-3145
- CVE-2014-3917
- CVE-2014-4652
- CVE-2014-4653
- CVE-2014-4654
- CVE-2014-4655
- CVE-2014-4656
- CVE-2014-4699
BDU:2015-04308
Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
- CVE-2012-2372
- CVE-2013-2929
- CVE-2013-4299
- CVE-2013-4579
- CVE-2013-6382
- CVE-2013-7339
- CVE-2014-0055
- CVE-2014-0077
- CVE-2014-0101
- CVE-2014-0131
- CVE-2014-0155
- CVE-2014-1444
- CVE-2014-1445
- CVE-2014-1446
- CVE-2014-1874
- CVE-2014-2309
- CVE-2014-2523
- CVE-2014-2678
- CVE-2014-2851
- CVE-2014-3122
- CVE-2014-3144
- CVE-2014-3145
- CVE-2014-3917
- CVE-2014-4652
- CVE-2014-4653
- CVE-2014-4654
- CVE-2014-4655
- CVE-2014-4656
- CVE-2014-4699
BDU:2015-04309
Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
- CVE-2012-2372
- CVE-2013-2929
- CVE-2013-4299
- CVE-2013-4579
- CVE-2013-6382
- CVE-2013-7339
- CVE-2014-0055
- CVE-2014-0077
- CVE-2014-0101
- CVE-2014-0131
- CVE-2014-0155
- CVE-2014-1444
- CVE-2014-1445
- CVE-2014-1446
- CVE-2014-1874
- CVE-2014-2309
- CVE-2014-2523
- CVE-2014-2678
- CVE-2014-2851
- CVE-2014-3122
- CVE-2014-3144
- CVE-2014-3145
- CVE-2014-3917
- CVE-2014-4652
- CVE-2014-4653
- CVE-2014-4654
- CVE-2014-4655
- CVE-2014-4656
- CVE-2014-4699
BDU:2015-04310
Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
- CVE-2012-2372
- CVE-2013-2929
- CVE-2013-4299
- CVE-2013-4579
- CVE-2013-6382
- CVE-2013-7339
- CVE-2014-0055
- CVE-2014-0077
- CVE-2014-0101
- CVE-2014-0131
- CVE-2014-0155
- CVE-2014-1444
- CVE-2014-1445
- CVE-2014-1446
- CVE-2014-1874
- CVE-2014-2309
- CVE-2014-2523
- CVE-2014-2678
- CVE-2014-2851
- CVE-2014-3122
- CVE-2014-3144
- CVE-2014-3145
- CVE-2014-3917
- CVE-2014-4652
- CVE-2014-4653
- CVE-2014-4654
- CVE-2014-4655
- CVE-2014-4656
- CVE-2014-4699
Modified: 2024-11-21
CVE-2013-2141
The do_tkill function in kernel/signal.c in the Linux kernel before 3.8.9 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted application that makes a (1) tkill or (2) tgkill system call.
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b9e146d8eb3b9ecae5086d373b50fa0c1f3e7f0f
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b9e146d8eb3b9ecae5086d373b50fa0c1f3e7f0f
- openSUSE-SU-2013:1971
- openSUSE-SU-2013:1971
- RHSA-2013:1801
- RHSA-2013:1801
- 55055
- 55055
- DSA-2766
- DSA-2766
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9
- MDVSA-2013:176
- MDVSA-2013:176
- [oss-security] 20130604 Re: CVE Request: kernel info leak in tkill/tgkill
- [oss-security] 20130604 Re: CVE Request: kernel info leak in tkill/tgkill
- USN-1899-1
- USN-1899-1
- USN-1900-1
- USN-1900-1
- https://bugzilla.redhat.com/show_bug.cgi?id=970873
- https://bugzilla.redhat.com/show_bug.cgi?id=970873
- https://github.com/torvalds/linux/commit/b9e146d8eb3b9ecae5086d373b50fa0c1f3e7f0f
- https://github.com/torvalds/linux/commit/b9e146d8eb3b9ecae5086d373b50fa0c1f3e7f0f
Modified: 2024-11-21
CVE-2013-4470
The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service (memory corruption and system crash) or possibly gain privileges via a crafted application that uses the UDP_CORK option in a setsockopt system call and sends both short and long packets, related to the ip_ufo_append_data function in net/ipv4/ip_output.c and the ip6_ufo_append_data function in net/ipv6/ip6_output.c.
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c547dbf55d5f8cf615ccc0e7265e98db27d3fb8b
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c547dbf55d5f8cf615ccc0e7265e98db27d3fb8b
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e93b7d748be887cd7639b113ba7d7ef792a7efb9
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e93b7d748be887cd7639b113ba7d7ef792a7efb9
- SUSE-SU-2014:0459
- SUSE-SU-2014:0459
- RHSA-2013:1801
- RHSA-2013:1801
- RHSA-2014:0100
- RHSA-2014:0100
- RHSA-2014:0284
- RHSA-2014:0284
- [oss-security] 20131025 Re: CVE request: Linux kernel: net: memory corruption with UDP_CORK and UFO
- [oss-security] 20131025 Re: CVE request: Linux kernel: net: memory corruption with UDP_CORK and UFO
- 63359
- 63359
- USN-2040-1
- USN-2040-1
- USN-2042-1
- USN-2042-1
- USN-2043-1
- USN-2043-1
- USN-2044-1
- USN-2044-1
- USN-2046-1
- USN-2046-1
- USN-2049-1
- USN-2049-1
- USN-2050-1
- USN-2050-1
- USN-2066-1
- USN-2066-1
- USN-2067-1
- USN-2067-1
- USN-2069-1
- USN-2069-1
- USN-2073-1
- USN-2073-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1023477
- https://bugzilla.redhat.com/show_bug.cgi?id=1023477
- https://github.com/torvalds/linux/commit/c547dbf55d5f8cf615ccc0e7265e98db27d3fb8b
- https://github.com/torvalds/linux/commit/c547dbf55d5f8cf615ccc0e7265e98db27d3fb8b
- https://github.com/torvalds/linux/commit/e93b7d748be887cd7639b113ba7d7ef792a7efb9
- https://github.com/torvalds/linux/commit/e93b7d748be887cd7639b113ba7d7ef792a7efb9
- https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.12.bz2
- https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.12.bz2
Modified: 2024-11-21
CVE-2014-2523
net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a DCCP packet that triggers a call to the (1) dccp_new, (2) dccp_packet, or (3) dccp_error function.
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b22f5126a24b3b2f15448c3f2a254fc10cbc2b92
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b22f5126a24b3b2f15448c3f2a254fc10cbc2b92
- 57446
- 57446
- http://twitter.com/grsecurity/statuses/445496197399461888
- http://twitter.com/grsecurity/statuses/445496197399461888
- [oss-security] 20140317 Re: CVE Request: netfilter: remote memory corruption in nf_conntrack_proto_dccp.c
- [oss-security] 20140317 Re: CVE Request: netfilter: remote memory corruption in nf_conntrack_proto_dccp.c
- 66279
- 66279
- 1029945
- 1029945
- USN-2173-1
- USN-2173-1
- USN-2174-1
- USN-2174-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1077343
- https://bugzilla.redhat.com/show_bug.cgi?id=1077343
- linux-kernel-cve20142523-code-exec(91910)
- linux-kernel-cve20142523-code-exec(91910)
- https://github.com/torvalds/linux/commit/b22f5126a24b3b2f15448c3f2a254fc10cbc2b92
- https://github.com/torvalds/linux/commit/b22f5126a24b3b2f15448c3f2a254fc10cbc2b92