ALT-PU-2016-2322-1

Обновление пакета kernel-image-std-def в ветке sisyphus

Версия4.4.33-alt1

Задание#172542

Опубликовано2016-11-21

Макс. серьёзностьMEDIUM

Серьёзность:

Закрытые проблемы (3)

MEDIUM5.5

The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure.

Опубликовано: 2016-11-16Изменено: 2025-04-12

CVSS 2.0ВЫСОКАЯ 7.1

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:N/A:N

CVSS 3.xСРЕДНЯЯ 5.5

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Ссылки

MEDIUM5.0

The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (infinite loop or out-of-bounds read) by leveraging the CAP_NET_ADMIN capability.

Опубликовано: 2016-11-16Изменено: 2025-04-12

CVSS 2.0СРЕДНЯЯ 4.3

CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS 3.xСРЕДНЯЯ 5.0

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Ссылки

MEDIUM6.6

The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 3.2 and 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report.

Опубликовано: 2017-03-27Изменено: 2025-04-20

CVSS 2.0СРЕДНЯЯ 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS 3.xСРЕДНЯЯ 6.6

CVSS:3.x/CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Ссылки