ALT-PU-2015-1295-1
Package kernel-image-un-def updated to version 3.19.2-alt1 for branch p7 in task 142101.
Closed vulnerabilities
Published: 2015-03-12
Modified: 2025-04-12
Modified: 2025-04-12
CVE-2015-2150
Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.
Severity: MEDIUM (4.9)
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
References:
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=af6fc858a35b90e89ea7a7ee58e66628c55c776b
- http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155804.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155854.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155908.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152747.html
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html
- http://www.debian.org/security/2015/dsa-3237
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- http://www.securityfocus.com/bid/73014
- http://www.securitytracker.com/id/1031806
- http://www.securitytracker.com/id/1031902
- http://www.ubuntu.com/usn/USN-2631-1
- http://www.ubuntu.com/usn/USN-2632-1
- http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-423503.htm
- http://xenbits.xen.org/xsa/advisory-120.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1196266
- https://github.com/torvalds/linux/commit/af6fc858a35b90e89ea7a7ee58e66628c55c776b
- https://seclists.org/bugtraq/2019/Aug/18
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=af6fc858a35b90e89ea7a7ee58e66628c55c776b
- http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155804.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155854.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155908.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152747.html
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html
- http://www.debian.org/security/2015/dsa-3237
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- http://www.securityfocus.com/bid/73014
- http://www.securitytracker.com/id/1031806
- http://www.securitytracker.com/id/1031902
- http://www.ubuntu.com/usn/USN-2631-1
- http://www.ubuntu.com/usn/USN-2632-1
- http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-423503.htm
- http://xenbits.xen.org/xsa/advisory-120.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1196266
- https://github.com/torvalds/linux/commit/af6fc858a35b90e89ea7a7ee58e66628c55c776b
- https://seclists.org/bugtraq/2019/Aug/18
Published: 2016-05-02
Modified: 2025-04-12
Modified: 2025-04-12
CVE-2015-2672
The xsave/xrstor implementation in arch/x86/include/asm/xsave.h in the Linux kernel before 3.19.2 creates certain .altinstr_replacement pointers and consequently does not provide any protection against instruction faulting, which allows local users to cause a denial of service (panic) by triggering a fault, as demonstrated by an unaligned memory operand or a non-canonical address memory operand.
Severity: MEDIUM (4.9)
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Severity: MEDIUM (5.5)
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=06c8173eb92bbfc03a0fe8bb64315857d0badd06
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.2
- http://www.openwall.com/lists/oss-security/2015/03/22/1
- https://bugzilla.redhat.com/show_bug.cgi?id=1204729
- https://github.com/torvalds/linux/commit/06c8173eb92bbfc03a0fe8bb64315857d0badd06
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=06c8173eb92bbfc03a0fe8bb64315857d0badd06
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.2
- http://www.openwall.com/lists/oss-security/2015/03/22/1
- https://bugzilla.redhat.com/show_bug.cgi?id=1204729
- https://github.com/torvalds/linux/commit/06c8173eb92bbfc03a0fe8bb64315857d0badd06
Published: 2015-05-27
Modified: 2025-04-12
Modified: 2025-04-12
CVE-2015-2830
arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrated by an attack against seccomp before 3.16.
Severity: LOW (1.9)
Vector: AV:L/AC:M/Au:N/C:N/I:P/A:N
References:
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=956421fbb74c3a6261903f3836c0740187cf038b
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html
- http://rhn.redhat.com/errata/RHSA-2015-1137.html
- http://rhn.redhat.com/errata/RHSA-2015-1138.html
- http://rhn.redhat.com/errata/RHSA-2015-1221.html
- http://www.debian.org/security/2015/dsa-3237
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.2
- http://www.openwall.com/lists/oss-security/2015/04/02/1
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- http://www.securitytracker.com/id/1032413
- http://www.ubuntu.com/usn/USN-2631-1
- http://www.ubuntu.com/usn/USN-2632-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1208598
- https://github.com/torvalds/linux/commit/956421fbb74c3a6261903f3836c0740187cf038b
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=956421fbb74c3a6261903f3836c0740187cf038b
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html
- http://rhn.redhat.com/errata/RHSA-2015-1137.html
- http://rhn.redhat.com/errata/RHSA-2015-1138.html
- http://rhn.redhat.com/errata/RHSA-2015-1221.html
- http://www.debian.org/security/2015/dsa-3237
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.2
- http://www.openwall.com/lists/oss-security/2015/04/02/1
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- http://www.securitytracker.com/id/1032413
- http://www.ubuntu.com/usn/USN-2631-1
- http://www.ubuntu.com/usn/USN-2632-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1208598
- https://github.com/torvalds/linux/commit/956421fbb74c3a6261903f3836c0740187cf038b