ALT-PU-2015-1576-1
Package kernel-image-std-def updated to version 3.14.45-alt1 for branch t7 in task 145840.
Closed vulnerabilities
Published: 2015-06-08
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-4002
drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 does not ensure that certain length values are sufficiently large, which allows remote attackers to cause a denial of service (system crash or large loop) or possibly execute arbitrary code via a crafted packet, related to the (1) oz_usb_rx and (2) oz_usb_handle_ep_data functions.
Severity: CRITICAL (9.0)
References:
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d114b9fe78c8d6fc6e70808c2092aa307c36dc8e
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d114b9fe78c8d6fc6e70808c2092aa307c36dc8e
- openSUSE-SU-2015:1382
- openSUSE-SU-2015:1382
- [oss-security] 20150605 Re: CVE Request: Linux Kernel Ozwpan Driver - Remote packet-of-death vulnerabilities
- [oss-security] 20150605 Re: CVE Request: Linux Kernel Ozwpan Driver - Remote packet-of-death vulnerabilities
- 74668
- 74668
- USN-2665-1
- USN-2665-1
- USN-2667-1
- USN-2667-1
- https://github.com/torvalds/linux/commit/9a59029bc218b48eff8b5d4dde5662fd79d3e1a8
- https://github.com/torvalds/linux/commit/9a59029bc218b48eff8b5d4dde5662fd79d3e1a8
- https://github.com/torvalds/linux/commit/d114b9fe78c8d6fc6e70808c2092aa307c36dc8e
- https://github.com/torvalds/linux/commit/d114b9fe78c8d6fc6e70808c2092aa307c36dc8e
Published: 2015-06-08
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-4003
The oz_usb_handle_ep_data function in drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service (divide-by-zero error and system crash) via a crafted packet.
Severity: HIGH (7.8)
References:
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04bf464a5dfd9ade0dda918e44366c2c61fce80b
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04bf464a5dfd9ade0dda918e44366c2c61fce80b
- openSUSE-SU-2015:1382
- openSUSE-SU-2015:1382
- [oss-security] 20150605 Re: CVE Request: Linux Kernel Ozwpan Driver - Remote packet-of-death vulnerabilities
- [oss-security] 20150605 Re: CVE Request: Linux Kernel Ozwpan Driver - Remote packet-of-death vulnerabilities
- 74668
- 74668
- USN-2665-1
- USN-2665-1
- USN-2667-1
- USN-2667-1
- https://github.com/torvalds/linux/commit/04bf464a5dfd9ade0dda918e44366c2c61fce80b
- https://github.com/torvalds/linux/commit/04bf464a5dfd9ade0dda918e44366c2c61fce80b
Published: 2015-08-31
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-5364
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service (system hang) via incorrect checksums within a UDP packet flood.
Severity: HIGH (7.8)
References:
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=beb39db59d14990e401e235faf66a6b9b31240b0
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=beb39db59d14990e401e235faf66a6b9b31240b0
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761
- SUSE-SU-2015:1224
- SUSE-SU-2015:1224
- SUSE-SU-2015:1324
- SUSE-SU-2015:1324
- openSUSE-SU-2015:1382
- openSUSE-SU-2015:1382
- SUSE-SU-2015:1478
- SUSE-SU-2015:1478
- SUSE-SU-2015:1487
- SUSE-SU-2015:1487
- SUSE-SU-2015:1488
- SUSE-SU-2015:1488
- SUSE-SU-2015:1489
- SUSE-SU-2015:1489
- SUSE-SU-2015:1490
- SUSE-SU-2015:1490
- SUSE-SU-2015:1491
- SUSE-SU-2015:1491
- SUSE-SU-2015:1592
- SUSE-SU-2015:1592
- SUSE-SU-2015:1611
- SUSE-SU-2015:1611
- RHSA-2015:1623
- RHSA-2015:1623
- RHSA-2015:1778
- RHSA-2015:1778
- RHSA-2015:1787
- RHSA-2015:1787
- RHSA-2016:0045
- RHSA-2016:0045
- RHSA-2016:1096
- RHSA-2016:1096
- RHSA-2016:1100
- RHSA-2016:1100
- DSA-3313
- DSA-3313
- DSA-3329
- DSA-3329
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.6
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.6
- [oss-security] 20150630 CVE Request: UDP checksum DoS
- [oss-security] 20150630 CVE Request: UDP checksum DoS
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- 75510
- 75510
- 1032794
- 1032794
- USN-2680-1
- USN-2680-1
- USN-2681-1
- USN-2681-1
- USN-2682-1
- USN-2682-1
- USN-2683-1
- USN-2683-1
- USN-2684-1
- USN-2684-1
- USN-2713-1
- USN-2713-1
- USN-2714-1
- USN-2714-1
- RHSA-2016:1225
- RHSA-2016:1225
- https://bugzilla.redhat.com/show_bug.cgi?id=1239029
- https://bugzilla.redhat.com/show_bug.cgi?id=1239029
- https://github.com/torvalds/linux/commit/beb39db59d14990e401e235faf66a6b9b31240b0
- https://github.com/torvalds/linux/commit/beb39db59d14990e401e235faf66a6b9b31240b0
- https://twitter.com/grsecurity/status/605854034260426753
- https://twitter.com/grsecurity/status/605854034260426753