ALT-PU-2016-1078-1
Package kernel-image-un-def updated to version 4.1.17-alt0.M70P.1 for branch p7 in task 157481.
Closed vulnerabilities
BDU:2016-00187
Уязвимость ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии и выполнить произвольный код на целевой системе
BDU:2021-01293
Уязвимость ядра операционных систем Linux, связанная с ошибками разыменования указателей, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2015-8543
The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79462ad02e861803b3840cc782248c7359451cd9
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79462ad02e861803b3840cc782248c7359451cd9
- SUSE-SU-2016:0911
- SUSE-SU-2016:0911
- SUSE-SU-2016:1102
- SUSE-SU-2016:1102
- SUSE-SU-2016:2074
- SUSE-SU-2016:2074
- RHSA-2016:0855
- RHSA-2016:0855
- RHSA-2016:2574
- RHSA-2016:2574
- RHSA-2016:2584
- RHSA-2016:2584
- DSA-3426
- DSA-3426
- DSA-3434
- DSA-3434
- [oss-security] 20151209 Re: CVE request - Android kernel - IPv6 connect cause a denial of service
- [oss-security] 20151209 Re: CVE request - Android kernel - IPv6 connect cause a denial of service
- http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
- 79698
- 79698
- 1034892
- 1034892
- USN-2886-1
- USN-2886-1
- USN-2888-1
- USN-2888-1
- USN-2890-1
- USN-2890-1
- USN-2890-2
- USN-2890-2
- USN-2890-3
- USN-2890-3
- https://bugzilla.redhat.com/show_bug.cgi?id=1290475
- https://bugzilla.redhat.com/show_bug.cgi?id=1290475
- https://github.com/torvalds/linux/commit/79462ad02e861803b3840cc782248c7359451cd9
- https://github.com/torvalds/linux/commit/79462ad02e861803b3840cc782248c7359451cd9
Modified: 2024-11-21
CVE-2016-0728
The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23567fd052a9abb6d67fe8e7a9ccdd9800a540f2
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23567fd052a9abb6d67fe8e7a9ccdd9800a540f2
- FEDORA-2016-5d43766e33
- FEDORA-2016-5d43766e33
- FEDORA-2016-b59fd603be
- FEDORA-2016-b59fd603be
- SUSE-SU-2016:0205
- SUSE-SU-2016:0205
- SUSE-SU-2016:0341
- SUSE-SU-2016:0341
- SUSE-SU-2016:0745
- SUSE-SU-2016:0745
- SUSE-SU-2016:0746
- SUSE-SU-2016:0746
- SUSE-SU-2016:0747
- SUSE-SU-2016:0747
- SUSE-SU-2016:0750
- SUSE-SU-2016:0750
- SUSE-SU-2016:0751
- SUSE-SU-2016:0751
- SUSE-SU-2016:0752
- SUSE-SU-2016:0752
- SUSE-SU-2016:0753
- SUSE-SU-2016:0753
- SUSE-SU-2016:0755
- SUSE-SU-2016:0755
- SUSE-SU-2016:0756
- SUSE-SU-2016:0756
- SUSE-SU-2016:0757
- SUSE-SU-2016:0757
- http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/
- http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/
- RHSA-2016:0064
- RHSA-2016:0064
- RHSA-2016:0065
- RHSA-2016:0065
- RHSA-2016:0068
- RHSA-2016:0068
- http://source.android.com/security/bulletin/2016-03-01.html
- http://source.android.com/security/bulletin/2016-03-01.html
- DSA-3448
- DSA-3448
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1
- [oss-security] 20160119 Linux kernel: use after free in keyring facility.
- [oss-security] 20160119 Linux kernel: use after free in keyring facility.
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- 81054
- 81054
- 1034701
- 1034701
- USN-2870-1
- USN-2870-1
- USN-2870-2
- USN-2870-2
- USN-2871-1
- USN-2871-1
- USN-2871-2
- USN-2871-2
- USN-2872-1
- USN-2872-1
- USN-2872-2
- USN-2872-2
- USN-2872-3
- USN-2872-3
- USN-2873-1
- USN-2873-1
- https://bto.bluecoat.com/security-advisory/sa112
- https://bto.bluecoat.com/security-advisory/sa112
- https://bugzilla.redhat.com/show_bug.cgi?id=1297475
- https://bugzilla.redhat.com/show_bug.cgi?id=1297475
- https://github.com/torvalds/linux/commit/23567fd052a9abb6d67fe8e7a9ccdd9800a540f2
- https://github.com/torvalds/linux/commit/23567fd052a9abb6d67fe8e7a9ccdd9800a540f2
- HPSBHF03436
- HPSBHF03436
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05130958
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05130958
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
- https://security.netapp.com/advisory/ntap-20160211-0001/
- https://security.netapp.com/advisory/ntap-20160211-0001/
- 39277
- 39277