ALT-PU-2016-1856-1
Package kernel-image-std-def updated to version 3.14.76-alt0.M70P.1 for branch p7 in task 168612.
Closed vulnerabilities
Published: 2016-05-23
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2016-4565
The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.
Severity: HIGH (7.8)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3
- openSUSE-SU-2016:1641
- openSUSE-SU-2016:1641
- SUSE-SU-2016:1672
- SUSE-SU-2016:1672
- SUSE-SU-2016:1690
- SUSE-SU-2016:1690
- SUSE-SU-2016:1937
- SUSE-SU-2016:1937
- SUSE-SU-2016:1961
- SUSE-SU-2016:1961
- SUSE-SU-2016:1985
- SUSE-SU-2016:1985
- SUSE-SU-2016:1994
- SUSE-SU-2016:1994
- SUSE-SU-2016:1995
- SUSE-SU-2016:1995
- SUSE-SU-2016:2000
- SUSE-SU-2016:2000
- SUSE-SU-2016:2001
- SUSE-SU-2016:2001
- SUSE-SU-2016:2002
- SUSE-SU-2016:2002
- SUSE-SU-2016:2003
- SUSE-SU-2016:2003
- SUSE-SU-2016:2005
- SUSE-SU-2016:2005
- SUSE-SU-2016:2006
- SUSE-SU-2016:2006
- SUSE-SU-2016:2007
- SUSE-SU-2016:2007
- SUSE-SU-2016:2009
- SUSE-SU-2016:2009
- SUSE-SU-2016:2010
- SUSE-SU-2016:2010
- SUSE-SU-2016:2011
- SUSE-SU-2016:2011
- SUSE-SU-2016:2014
- SUSE-SU-2016:2014
- SUSE-SU-2016:2105
- SUSE-SU-2016:2105
- openSUSE-SU-2016:2184
- openSUSE-SU-2016:2184
- RHSA-2016:1489
- RHSA-2016:1489
- RHSA-2016:1581
- RHSA-2016:1581
- RHSA-2016:1617
- RHSA-2016:1617
- RHSA-2016:1640
- RHSA-2016:1640
- RHSA-2016:1657
- RHSA-2016:1657
- RHSA-2016:1814
- RHSA-2016:1814
- DSA-3607
- DSA-3607
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.3
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.3
- [oss-security] 20160507 CVE Request: Linux: IB/security: Restrict use of the write() interface'
- [oss-security] 20160507 CVE Request: Linux: IB/security: Restrict use of the write() interface'
- http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- 90301
- 90301
- USN-3001-1
- USN-3001-1
- USN-3002-1
- USN-3002-1
- USN-3003-1
- USN-3003-1
- USN-3004-1
- USN-3004-1
- USN-3005-1
- USN-3005-1
- USN-3006-1
- USN-3006-1
- USN-3007-1
- USN-3007-1
- USN-3018-1
- USN-3018-1
- USN-3018-2
- USN-3018-2
- USN-3019-1
- USN-3019-1
- USN-3021-1
- USN-3021-1
- USN-3021-2
- USN-3021-2
- RHSA-2016:1277
- RHSA-2016:1277
- RHSA-2016:1301
- RHSA-2016:1301
- RHSA-2016:1341
- RHSA-2016:1341
- RHSA-2016:1406
- RHSA-2016:1406
- https://bugzilla.redhat.com/show_bug.cgi?id=1310570
- https://bugzilla.redhat.com/show_bug.cgi?id=1310570
- https://github.com/torvalds/linux/commit/e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3
- https://github.com/torvalds/linux/commit/e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3
Published: 2016-11-16
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2016-7910
Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed.
Severity: HIGH (7.8)
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=77da160530dd1dc94f6ae15a981f24e5f0021e84
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=77da160530dd1dc94f6ae15a981f24e5f0021e84
- http://source.android.com/security/bulletin/2016-11-01.html
- http://source.android.com/security/bulletin/2016-11-01.html
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.1
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.1
- 94135
- 94135
- RHSA-2017:0892
- RHSA-2017:0892
- RHSA-2017:1297
- RHSA-2017:1297
- RHSA-2017:1298
- RHSA-2017:1298
- RHSA-2017:1308
- RHSA-2017:1308
- https://github.com/torvalds/linux/commit/77da160530dd1dc94f6ae15a981f24e5f0021e84
- https://github.com/torvalds/linux/commit/77da160530dd1dc94f6ae15a981f24e5f0021e84