SUSE Linux 11-SP2: SUSE-SU-2015:1478-1 Important Kernel Security Update

suse

September 2, 2015

An update that solves 18 vulnerabilities and has 25 fixes An update that solves 18 vulnerabilities and has 25 fixes An update that solves 18 vulnerabilities and has 25 fixes is now...

Summary

The SUSE Linux Enterprise Server 11 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2015-5707: An integer overflow in the SCSI generic driver could be potentially used by local attackers to crash the kernel or execute code. - CVE-2015-2830: arch/x86/kernel/entry_64.S in the Linux kernel did not prevent the TS_COMPAT flag from reaching a user-mode task, which might have allowed local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrated by an attack against seccomp before 3.16 (bnc#926240). - CVE-2015-0777: drivers/xen/usbback/usbback.c in the Linux kernel allowed guest OS users to obtain sensitive information from uninitialized

Topics Covered

security advisory denial of service kernel fix integer overflow local attack SUSE Linux important update

References

#798406 #821931 #860593 #879878 #891087 #897995

#898693 #900881 #904671 #908870 #909477 #912916

#914742 #915200 #915517 #915577 #916010 #917093

#917830 #918333 #919007 #919018 #919463 #921769

#922583 #923245 #926240 #927257 #928801 #929148

#929283 #929360 #929525 #930284 #930934 #931474

#933429 #935705 #936831 #937032 #937986 #940338

#940398

Cross- CVE-2014-8086 CVE-2014-8159 CVE-2014-9683

CVE-2015-0777 CVE-2015-1420 CVE-2015-1421

CVE-2015-1805 CVE-2015-2041 CVE-2015-2042

CVE-2015-2150 CVE-2015-2830 CVE-2015-2922

CVE-2015-3331 CVE-2015-3636 CVE-2015-4700

CVE-2015-5364 CVE-2015-5366 CVE-2015-5707

Affected Products:

SUSE Linux Enterprise Server 11-SP2-LTSS

SUSE Linux Enterprise Debuginfo ...

Read the Full Advisory

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2015:1478-1

Rating: important

Topics Covered

security advisory denial of service kernel fix integer overflow local attack SUSE Linux important update

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Linux 11-SP2: SUSE-SU-2015:1478-1 Important Kernel Security Update

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Linux 11-SP2: SUSE-SU-2015:1478-1 Important Kernel Security Update

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!