[SUSE-SU-2016:0384-1] Security update for kernel live patch 2
Security update for kernel live patch 2
This kernel live patch for Linux Kernel 3.12.36-38.1 fixes security issues and bugs:
Security issues fixed:
- CVE-2015-8539: A negatively instantiated user key could have been used
by a local user to leverage privileges (bnc#958601).
CVE-2015-6937: A NULL pointer dereference flaw was found in the Reliable
Datagram Sockets (RDS) implementation allowing a local user to cause
system DoS. A verification was missing that the underlying transport
exists when a connection was created. (bsc#953052)CVE-2015-7990: RDS: Verify the underlying transport exists before
creating a connection, preventing possible DoS (bsc#953052).CVE-2015-7872: Possible crash when trying to garbage collect an
uninstantiated keyring (bsc#951542).CVE-2015-2925: The prepend_path function in fs/dcache.c in the Linux
kernel did not properly handle rename actions inside a bind mount, which
allowed local users to bypass an intended container protection mechanism
by renaming a directory, related to a 'double-chroot attack (bnc#951625).
Non-security bugfix were also done:
- xfs: Fix lost direct IO write in the last block (bsc#954005).
- simple fix in kallsyms initialization (bsc#940342 bsc#916225)
- ID
- SUSE-SU-2016:0384-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2016/suse-su-20160384-1/
- Published
-
2016-02-08T13:46:19
(8 years ago) - Modified
-
2016-02-08T13:46:19
(8 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ALAS-2015-603
-
ALAS-2015-610
-
DSA-3364-1
-
DSA-3396-1
-
ELSA-2015-2152
-
ELSA-2015-2636
-
ELSA-2015-3098
-
ELSA-2016-0185
-
ELSA-2016-3501
-
ELSA-2017-3567
-
ELSA-2018-0151
-
FEDORA-2015-115c302856
-
FEDORA-2015-16417
-
FEDORA-2015-16440
-
FEDORA-2015-16441
-
FEDORA-2015-43145298f4
-
FEDORA-2015-cd94ad8d7c
-
FEDORA-2015-d7e074ba30
-
FEDORA-2015-dcc260f2f2
-
FEDORA-2015-f2c534bc12
-
RHSA-2015:2152
-
RHSA-2015:2411
-
RHSA-2015:2636
-
RHSA-2016:0185
-
RHSA-2016:0212
-
RHSA-2018:0151
-
RHSA-2018:0152
-
SUSE-SU-2015:1727-1
-
SUSE-SU-2015:2108-1
-
SUSE-SU-2015:2194-1
-
SUSE-SU-2015:2292-1
-
SUSE-SU-2015:2339-1
-
SUSE-SU-2015:2350-1
-
SUSE-SU-2016:0168-1
-
SUSE-SU-2016:0335-1
-
SUSE-SU-2016:0336-1
-
SUSE-SU-2016:0337-1
-
SUSE-SU-2016:0339-1
-
SUSE-SU-2016:0354-1
-
SUSE-SU-2016:0380-1
-
SUSE-SU-2016:0381-1
-
SUSE-SU-2016:0383-1
-
SUSE-SU-2016:0386-1
-
SUSE-SU-2016:0387-1
-
SUSE-SU-2016:0434-1
-
SUSE-SU-2016:0585-1
-
SUSE-SU-2016:0911-1
-
SUSE-SU-2016:1102-1
-
SUSE-SU-2016:1203-1
-
SUSE-SU-2016:1937-1
-
SUSE-SU-2016:2074-1
-
USN-2773-1
-
USN-2774-1
-
USN-2775-1
-
USN-2776-1
-
USN-2777-1
-
USN-2778-1
-
USN-2779-1
-
USN-2792-1
-
USN-2794-1
-
USN-2795-1
-
USN-2796-1
-
USN-2797-1
-
USN-2798-1
-
USN-2799-1
-
USN-2823-1
-
USN-2824-1
-
USN-2826-1
-
USN-2829-1
-
USN-2829-2
-
USN-2840-1
-
USN-2840-2
-
USN-2843-1
-
USN-2843-2
-
USN-2843-3
-
USN-2886-1
-
USN-2886-2
-
USN-2887-1
-
USN-2887-2
-
USN-2888-1
-
USN-2889-1
-
USN-2889-2
-
USN-2890-1
-
USN-2890-2
-
USN-2890-3
-
USN-3798-1
-
USN-3798-2
-
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |