Package kernel-image-un-def updated to version 3.18.2-alt1 for branch c7 in task 138372.

Published: 2014-12-15

BDU:2015-06999

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07000

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07001

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07002

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07003

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07004

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07005

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07006

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07007

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07008

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07009

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07010

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07011

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07012

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07013

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07014

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07015

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07016

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07017

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07278

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07279

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07280

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07281

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07282

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07283

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07284

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07285

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07286

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07287

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07288

Severity: HIGH (7.2)

References:

Published: 2014-12-15

BDU:2015-07289

Severity: HIGH (7.2)

References:

Published: 2014-12-18

BDU:2015-09300

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации

Severity: HIGH (7.8)

References:

Published: 2014-12-18

BDU:2015-09301

Severity: HIGH (7.8)

References:

Published: 2014-12-18

BDU:2015-09302

Severity: HIGH (7.8)

References:

Published: 2014-12-18

BDU:2015-09303

Severity: HIGH (7.8)

References:

Published: 2014-12-18

BDU:2015-09304

Severity: HIGH (7.8)

References:

Published: 2014-12-18

BDU:2015-09305

Severity: HIGH (7.8)

References:

Published: 2014-12-18

BDU:2015-09306

Severity: HIGH (7.8)

References:

Published: 2014-12-18

BDU:2015-09307

Severity: HIGH (7.8)

References:

Published: 2014-12-18

BDU:2015-09308

Severity: HIGH (7.8)

References:

Published: 2014-12-18

BDU:2015-09309

Severity: HIGH (7.8)

References:

Published: 2014-12-18

BDU:2015-09310

Severity: HIGH (7.8)

References:

Published: 2014-12-18

BDU:2015-09311

Severity: HIGH (7.8)

References:

Published: 2014-12-18

BDU:2015-09312

Severity: HIGH (7.8)

References:

Published: 2014-12-18

BDU:2015-09313

Severity: HIGH (7.8)

References:

Published: 2014-12-18

BDU:2015-09314

Severity: HIGH (7.8)

References:

Published: 2014-12-18

BDU:2015-09315

Severity: HIGH (7.8)

References:

Published: 2014-12-18

BDU:2015-09316

Severity: HIGH (7.8)

References:

Published: 2014-12-18

BDU:2015-09317

Severity: HIGH (7.8)

References:

Published: 2014-12-18

BDU:2015-09318

Severity: HIGH (7.8)

References:

Published: 2014-12-18

BDU:2015-09319

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Severity: CRITICAL (10.0)

References:

Published: 2014-12-18

BDU:2015-09320

Severity: CRITICAL (10.0)

References:

Published: 2014-12-18

BDU:2015-09321

Severity: CRITICAL (10.0)

References:

Published: 2014-12-18

BDU:2015-09322

Severity: CRITICAL (10.0)

References:

Published: 2014-12-18

BDU:2015-09323

Severity: CRITICAL (10.0)

References:

Published: 2014-12-18

BDU:2015-09324

Severity: CRITICAL (10.0)

References:

Published: 2014-12-18

BDU:2015-09325

Severity: CRITICAL (10.0)

References:

Published: 2014-12-18

BDU:2015-09326

Severity: CRITICAL (10.0)

References:

Published: 2014-12-18

BDU:2015-09327

Severity: CRITICAL (10.0)

References:

Published: 2014-12-18

BDU:2015-09328

Severity: CRITICAL (10.0)

References:

Published: 2014-12-18

BDU:2015-09329

Severity: CRITICAL (10.0)

References:

Published: 2014-12-18

BDU:2015-09330

Severity: CRITICAL (10.0)

References:

Published: 2015-03-24

BDU:2015-09846

Уязвимости операционной системы Ubuntu, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Severity: CRITICAL (10.0)

References:

Published: 2017-03-08

BDU:2017-00542

Уязвимость операционных систем Android и Android, позволяющая нарушителю выполнить произвольный код

Severity: HIGH (7.6)

References:

CVE-2017-0523

Published: 2017-04-04

BDU:2017-01546

Уязвимость операционной системы Android, позволяющая нарушителю повысить свои привилегии

Severity: CRITICAL (9.3)

References:

Published: 2014-09-16

BDU:2017-01573

Уязвимость операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии

Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Published: 2014-12-24
Modified: 2024-11-21

CVE-2014-4322

drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain offset, length, and base values within an ioctl call, which allows attackers to gain privileges or cause a denial of service (memory corruption) via a crafted application.

Severity: HIGH (7.2)

References:

Published: 2014-12-17
Modified: 2024-11-21

CVE-2014-8133

arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation in the Linux kernel through 3.18.1 allows local users to bypass the espfix protection mechanism, and consequently makes it easier for local users to bypass the ASLR protection mechanism, via a crafted application that makes a set_thread_area system call and later reads a 16-bit value.

Severity: LOW (2.1)

References:

Published: 2014-12-12
Modified: 2024-11-21

CVE-2014-8134

The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value.

Severity: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

References:

Published: 2015-03-02
Modified: 2024-11-21

CVE-2014-8160

net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disallowed port numbers.

Severity: MEDIUM (5.0)

References:

Published: 2014-11-10
Modified: 2024-11-21

CVE-2014-8480

The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 lacks intended decoder-table flags for certain RIP-relative instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application.

Severity: MEDIUM (4.9)

References:

Published: 2014-11-10
Modified: 2024-11-21

CVE-2014-8481

The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 does not properly handle invalid instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application that triggers (1) an improperly fetched instruction or (2) an instruction that occupies too many bytes. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8480.

Severity: MEDIUM (4.9)

References:

Published: 2014-12-17
Modified: 2024-11-21

CVE-2014-9322

arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Published: 2014-12-26
Modified: 2024-11-21

CVE-2014-9419

The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage (TLS) descriptors are loaded before proceeding with other steps, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application that reads a TLS base address.

Severity: LOW (2.1)

References:

Published: 2014-12-26
Modified: 2024-11-21

CVE-2014-9420

The rock_continue function in fs/isofs/rock.c in the Linux kernel through 3.18.1 does not restrict the number of Rock Ridge continuation entries, which allows local users to cause a denial of service (infinite loop, and system crash or hang) via a crafted iso9660 image.

Severity: MEDIUM (4.9)

References:

Published: 2015-01-10
Modified: 2024-11-21

CVE-2014-9584

The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel memory via a crafted iso9660 image.

Severity: LOW (2.1)

References:

Published: 2015-03-03
Modified: 2024-11-21

CVE-2014-9683

Off-by-one error in the ecryptfs_decode_from_filename function in fs/ecryptfs/crypto.c in the eCryptfs subsystem in the Linux kernel before 3.18.2 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted filename.

Severity: LOW (3.6)

References:

Published: 2015-08-31
Modified: 2024-11-21

CVE-2014-9728

The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service (buffer over-read and system crash) via a crafted filesystem image, related to fs/udf/inode.c and fs/udf/symlink.c.

Severity: MEDIUM (4.9)

References:

Published: 2015-08-31
Modified: 2024-11-21

CVE-2014-9729

The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.18.2 does not ensure a certain data-structure size consistency, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image.

Severity: MEDIUM (4.9)

References:

Published: 2015-08-31
Modified: 2024-11-21

CVE-2014-9730

The udf_pc_to_char function in fs/udf/symlink.c in the Linux kernel before 3.18.2 relies on component lengths that are unused, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image.

Severity: MEDIUM (4.9)

References:

Published: 2015-08-31
Modified: 2024-11-21

CVE-2014-9731

The UDF filesystem implementation in the Linux kernel before 3.18.2 does not ensure that space is available for storing a symlink target's name along with a trailing \0 character, which allows local users to obtain sensitive information via a crafted filesystem image, related to fs/udf/symlink.c and fs/udf/unicode.c.

Severity: LOW (2.1)

References:

Published: 2017-04-04
Modified: 2024-11-21

CVE-2014-9922

The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c.

Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References:

Published: 2015-05-27
Modified: 2024-11-21

CVE-2015-3332

A certain backport in the TCP Fast Open implementation for the Linux kernel before 3.18 does not properly maintain a count value, which allow local users to cause a denial of service (system crash) via the Fast Open feature, as demonstrated by visiting the chrome://flags/#enable-tcp-fast-open URL when using certain 3.10.x through 3.16.x kernel builds, including longterm-maintenance releases and ckt (aka Canonical Kernel Team) builds.

Severity: MEDIUM (4.9)

References:

Published: 2015-08-31
Modified: 2024-11-21

CVE-2015-4036

Array index error in the tcm_vhost_make_tpg function in drivers/vhost/scsi.c in the Linux kernel before 4.0 might allow guest OS users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted VHOST_SCSI_SET_ENDPOINT ioctl call. NOTE: the affected function was renamed to vhost_scsi_make_tpg before the vulnerability was announced.

Severity: HIGH (7.2)

References:

Published: 2017-03-08
Modified: 2024-11-21

CVE-2017-0523

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-32835279. References: QC-CR#1096945.

Severity: HIGH (7.0) Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

References:

Published: 2017-03-31
Modified: 2024-11-21

CVE-2017-2647

The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c.

Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Version: 2.1.0

ALT-PU-2015-1032-1

Closed vulnerabilities