ALT-PU-2016-1540-1
Package kernel-image-std-def updated to version 3.14.70-alt0.M70P.1 for branch p7 in task 164992.
Closed vulnerabilities
Published: 2016-05-23
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2016-4913
The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem.
Severity: HIGH (7.8)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99d825822eade8d827a1817357cbf3f889a552d6
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99d825822eade8d827a1817357cbf3f889a552d6
- SUSE-SU-2016:1672
- SUSE-SU-2016:1672
- SUSE-SU-2016:1985
- SUSE-SU-2016:1985
- DSA-3607
- DSA-3607
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5
- [oss-security] 20160518 CVE Request: Linux: information leak in Rock Ridge Extensions to iso9660 -- fs/isofs/rock.c
- [oss-security] 20160518 CVE Request: Linux: information leak in Rock Ridge Extensions to iso9660 -- fs/isofs/rock.c
- [oss-security] 20160518 Re: CVE Request: Linux: information leak in Rock Ridge Extensions to iso9660 -- fs/isofs/rock.c
- [oss-security] 20160518 Re: CVE Request: Linux: information leak in Rock Ridge Extensions to iso9660 -- fs/isofs/rock.c
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html
- 90730
- 90730
- USN-3016-1
- USN-3016-1
- USN-3016-2
- USN-3016-2
- USN-3016-3
- USN-3016-3
- USN-3016-4
- USN-3016-4
- USN-3017-1
- USN-3017-1
- USN-3017-2
- USN-3017-2
- USN-3017-3
- USN-3017-3
- USN-3018-1
- USN-3018-1
- USN-3018-2
- USN-3018-2
- USN-3019-1
- USN-3019-1
- USN-3020-1
- USN-3020-1
- USN-3021-1
- USN-3021-1
- USN-3021-2
- USN-3021-2
- RHSA-2018:3083
- RHSA-2018:3083
- RHSA-2018:3096
- RHSA-2018:3096
- https://bugzilla.redhat.com/show_bug.cgi?id=1337528
- https://bugzilla.redhat.com/show_bug.cgi?id=1337528
- https://github.com/torvalds/linux/commit/99d825822eade8d827a1817357cbf3f889a552d6
- https://github.com/torvalds/linux/commit/99d825822eade8d827a1817357cbf3f889a552d6