Все бюллетени/p7/ALT-PU-2015-1570-1
ALT-PU-2015-1570-1

Обновление пакета kernel-image-std-def в ветке p7

Версия3.14.45-alt1
Задание#145721
Опубликовано2015-06-25
Макс. серьёзностьCRITICAL
Серьёзность:

Закрытые проблемы (3)

CVE-2015-4002
CRITICAL9.0

drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 does not ensure that certain length values are sufficiently large, which allows remote attackers to cause a denial of service (system crash or large loop) or possibly execute arbitrary code via a crafted packet, related to the (1) oz_usb_rx and (2) oz_usb_handle_ep_data functions.

Опубликовано: 2015-06-07Изменено: 2025-04-12
CVSS 2.0КРИТИЧЕСКАЯ 9.0
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:C
Ссылки
CVE-2015-4003
HIGH7.8

The oz_usb_handle_ep_data function in drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service (divide-by-zero error and system crash) via a crafted packet.

Опубликовано: 2015-06-07Изменено: 2025-04-12
CVSS 2.0ВЫСОКАЯ 7.8
CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C
Ссылки
CVE-2015-5364
HIGH7.8

The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service (system hang) via incorrect checksums within a UDP packet flood.

Опубликовано: 2015-08-31Изменено: 2025-04-12
CVSS 2.0ВЫСОКАЯ 7.8
CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C
Ссылки