ALT-PU-2018-2029-1
Package kernel-image-std-def updated to version 4.14.56-alt1 for branch sisyphus in task 210366.
Closed vulnerabilities
Published: 2018-07-06
BDU:2019-00979
Уязвимость файла drivers/usb/misc/yurex.c ядра операционной системы Linux, позволяющая нарушителю вызвать сбой в работе ядра операционной системы или повысить привилегии
Severity: HIGH (7.8)
Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2018-08-31
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2018-16276
An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges.
Severity: HIGH (7.8)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f1e255d60ae66a9f672ff9a207ee6cd8e33d2679
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f1e255d60ae66a9f672ff9a207ee6cd8e33d2679
- https://bugzilla.suse.com/show_bug.cgi?id=1106095
- https://bugzilla.suse.com/show_bug.cgi?id=1106095
- https://bugzilla.suse.com/show_bug.cgi?id=1115593
- https://bugzilla.suse.com/show_bug.cgi?id=1115593
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.17.7
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.17.7
- https://github.com/torvalds/linux/commit/f1e255d60ae66a9f672ff9a207ee6cd8e33d2679
- https://github.com/torvalds/linux/commit/f1e255d60ae66a9f672ff9a207ee6cd8e33d2679
- [debian-lts-announce] 20181003 [SECURITY] [DLA 1531-1] linux-4.9 security update
- [debian-lts-announce] 20181003 [SECURITY] [DLA 1531-1] linux-4.9 security update
- USN-3776-1
- USN-3776-1
- USN-3776-2
- USN-3776-2
- USN-3847-1
- USN-3847-1
- USN-3847-2
- USN-3847-2
- USN-3847-3
- USN-3847-3
- USN-3849-1
- USN-3849-1
- USN-3849-2
- USN-3849-2
- DSA-4308
- DSA-4308