SUSE-SU-2015:1224-1
Vulnerability from csaf_suse - Published: 2015-07-31 10:31 - Updated: 2015-07-31 10:31Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch: The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to fix the following bugs and security issues.
The following security issues have been fixed:
- Update patches.fixes/udp-fix-behavior-of-wrong-checksums.patch (bsc#936831, CVE-2015-5364, CVE-2015-5366).
- Btrfs: make xattr replace operations atomic (bnc#923908, CVE-2014-9710).
- udp: fix behavior of wrong checksums (bsc#936831, CVE-2015-5364, CVE-2015-5366).
- vfs: read file_handle only once in handle_to_path (bsc#915517, CVE-2015-1420).
- x86: bpf_jit: fix compilation of large bpf programs (bnc#935705,CVE-2015-4700).
- udf: Check length of extended attributes and allocation (bsc#936831, CVE-2015-5364, CVE-2015-5366).
- Update patches.fixes/udf-Check-component-length-before-reading-it.patch (bsc#933904, CVE-2014-9728, CVE-2014-9730).
- Update patches.fixes/udf-Verify-i_size-when-loading-inode.patch (bsc#933904, CVE-2014-9728, CVE-2014-9729).
- Update patches.fixes/udf-Verify-symlink-size-before-loading-it.patch (bsc#933904, CVE-2014-9728).
- Update patches.fixes/udf-Check-path-length-when-reading-symlink.patch (bnc#933896, CVE-2014-9731).
- pipe: fix iov overrun for failed atomic copy (bsc#933429, CVE-2015-1805).
- ipv6: Don't reduce hop limit for an interface (bsc#922583, CVE-2015-2922).
- net: llc: use correct size for sysctl timeout entries (bsc#919007, CVE-2015-2041).
- ipv4: Missing sk_nulls_node_init() in ping_unhash() (bsc#929525, CVE-2015-3636).
- ipv6: Don't reduce hop limit for an interface (bsc#922583, CVE-2015-2922).
- net: llc: use correct size for sysctl timeout entries (bsc#919007, CVE-2015-2041).
- ipv4: Missing sk_nulls_node_init() in ping_unhash() (bsc#929525, CVE-2015-3636).
The following non-security issues have been fixed:
- mlx4: Check for assigned VFs before disabling SR-IOV (bsc#927355).
- ixgbe: Use pci_vfs_assigned instead of ixgbe_vfs_are_assigned (bsc#927355).
- pci: Add SRIOV helper function to determine if VFs are assigned to guest (bsc#927355).
- net/mlx4_core: Don't disable SRIOV if there are active VFs (bsc#927355).
- udf: Remove repeated loads blocksize (bsc#933907).
- Refresh patches.fixes/deal-with-deadlock-in-d_walk-fix.patch. based on 3.2 stable fix 20defcec264c ('dcache: Fix locking bugs in backported 'deal with deadlock in d_walk()''). Not harmfull for regular SLES kernels but RT or PREEMPT kernels would see disbalance.
- sched: Fix potential near-infinite distribute_cfs_runtime() loop (bnc#930786)
- tty: Correct tty buffer flush (bnc#929647).
- tty: hold lock across tty buffer finding and buffer filling (bnc#929647).
Patchnames: slessp3-kernel-201507-2
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to fix the following bugs and security issues.\n\nThe following security issues have been fixed:\n\n- Update patches.fixes/udp-fix-behavior-of-wrong-checksums.patch (bsc#936831, CVE-2015-5364, CVE-2015-5366).\n- Btrfs: make xattr replace operations atomic (bnc#923908, CVE-2014-9710).\n- udp: fix behavior of wrong checksums (bsc#936831, CVE-2015-5364, CVE-2015-5366).\n- vfs: read file_handle only once in handle_to_path (bsc#915517, CVE-2015-1420).\n- x86: bpf_jit: fix compilation of large bpf programs (bnc#935705,CVE-2015-4700).\n- udf: Check length of extended attributes and allocation (bsc#936831, CVE-2015-5364, CVE-2015-5366).\n- Update patches.fixes/udf-Check-component-length-before-reading-it.patch (bsc#933904, CVE-2014-9728, CVE-2014-9730).\n- Update patches.fixes/udf-Verify-i_size-when-loading-inode.patch (bsc#933904, CVE-2014-9728, CVE-2014-9729).\n- Update patches.fixes/udf-Verify-symlink-size-before-loading-it.patch (bsc#933904, CVE-2014-9728).\n- Update patches.fixes/udf-Check-path-length-when-reading-symlink.patch (bnc#933896, CVE-2014-9731).\n- pipe: fix iov overrun for failed atomic copy (bsc#933429, CVE-2015-1805).\n- ipv6: Don\u0027t reduce hop limit for an interface (bsc#922583, CVE-2015-2922).\n- net: llc: use correct size for sysctl timeout entries (bsc#919007, CVE-2015-2041).\n- ipv4: Missing sk_nulls_node_init() in ping_unhash() (bsc#929525, CVE-2015-3636).\n- ipv6: Don\u0027t reduce hop limit for an interface (bsc#922583, CVE-2015-2922).\n- net: llc: use correct size for sysctl timeout entries (bsc#919007, CVE-2015-2041).\n- ipv4: Missing sk_nulls_node_init() in ping_unhash() (bsc#929525, CVE-2015-3636).\n\nThe following non-security issues have been fixed:\n\n- mlx4: Check for assigned VFs before disabling SR-IOV (bsc#927355).\n- ixgbe: Use pci_vfs_assigned instead of ixgbe_vfs_are_assigned (bsc#927355).\n- pci: Add SRIOV helper function to determine if VFs are assigned to guest (bsc#927355).\n- net/mlx4_core: Don\u0027t disable SRIOV if there are active VFs (bsc#927355).\n- udf: Remove repeated loads blocksize (bsc#933907).\n- Refresh patches.fixes/deal-with-deadlock-in-d_walk-fix.patch. based on 3.2 stable fix 20defcec264c (\u0027dcache: Fix locking bugs in backported \u0027deal with deadlock in d_walk()\u0027\u0027). Not harmfull for regular SLES kernels but RT or PREEMPT kernels would see disbalance.\n- sched: Fix potential near-infinite distribute_cfs_runtime() loop (bnc#930786)\n- tty: Correct tty buffer flush (bnc#929647).\n- tty: hold lock across tty buffer finding and buffer filling (bnc#929647).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "slessp3-kernel-201507-2",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_1224-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2015:1224-1",
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20151224-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2015:1224-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2015-July/001490.html"
},
{
"category": "self",
"summary": "SUSE Bug 915517",
"url": "https://bugzilla.suse.com/915517"
},
{
"category": "self",
"summary": "SUSE Bug 919007",
"url": "https://bugzilla.suse.com/919007"
},
{
"category": "self",
"summary": "SUSE Bug 922583",
"url": "https://bugzilla.suse.com/922583"
},
{
"category": "self",
"summary": "SUSE Bug 923908",
"url": "https://bugzilla.suse.com/923908"
},
{
"category": "self",
"summary": "SUSE Bug 927355",
"url": "https://bugzilla.suse.com/927355"
},
{
"category": "self",
"summary": "SUSE Bug 929525",
"url": "https://bugzilla.suse.com/929525"
},
{
"category": "self",
"summary": "SUSE Bug 929647",
"url": "https://bugzilla.suse.com/929647"
},
{
"category": "self",
"summary": "SUSE Bug 930786",
"url": "https://bugzilla.suse.com/930786"
},
{
"category": "self",
"summary": "SUSE Bug 933429",
"url": "https://bugzilla.suse.com/933429"
},
{
"category": "self",
"summary": "SUSE Bug 933896",
"url": "https://bugzilla.suse.com/933896"
},
{
"category": "self",
"summary": "SUSE Bug 933904",
"url": "https://bugzilla.suse.com/933904"
},
{
"category": "self",
"summary": "SUSE Bug 933907",
"url": "https://bugzilla.suse.com/933907"
},
{
"category": "self",
"summary": "SUSE Bug 935705",
"url": "https://bugzilla.suse.com/935705"
},
{
"category": "self",
"summary": "SUSE Bug 936831",
"url": "https://bugzilla.suse.com/936831"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9710 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9710/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9728 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9728/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9729 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9729/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9730 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9730/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9731 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9731/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-1420 page",
"url": "https://www.suse.com/security/cve/CVE-2015-1420/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-1805 page",
"url": "https://www.suse.com/security/cve/CVE-2015-1805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2041 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2041/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2922 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-3636 page",
"url": "https://www.suse.com/security/cve/CVE-2015-3636/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4700 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4700/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5364 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5366 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5366/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2015-07-31T10:31:13Z",
"generator": {
"date": "2015-07-31T10:31:13Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2015:1224-1",
"initial_release_date": "2015-07-31T10:31:13Z",
"revision_history": [
{
"date": "2015-07-31T10:31:13Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.0.101-0.63.TDC.1.x86_64",
"product": {
"name": "kernel-default-3.0.101-0.63.TDC.1.x86_64",
"product_id": "kernel-default-3.0.101-0.63.TDC.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"product": {
"name": "kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"product_id": "kernel-default-base-3.0.101-0.63.TDC.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"product": {
"name": "kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"product_id": "kernel-default-devel-3.0.101-0.63.TDC.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-source-3.0.101-0.63.TDC.1.x86_64",
"product": {
"name": "kernel-source-3.0.101-0.63.TDC.1.x86_64",
"product_id": "kernel-source-3.0.101-0.63.TDC.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"product": {
"name": "kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"product_id": "kernel-syms-3.0.101-0.63.TDC.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"product": {
"name": "kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"product_id": "kernel-trace-3.0.101-0.63.TDC.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"product": {
"name": "kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"product_id": "kernel-trace-base-3.0.101-0.63.TDC.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"product": {
"name": "kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"product_id": "kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"product": {
"name": "kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"product_id": "kernel-xen-3.0.101-0.63.TDC.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"product": {
"name": "kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"product_id": "kernel-xen-base-3.0.101-0.63.TDC.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64",
"product": {
"name": "kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64",
"product_id": "kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:11:sp3:teradata"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-0.63.TDC.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64"
},
"product_reference": "kernel-default-3.0.101-0.63.TDC.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-0.63.TDC.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64"
},
"product_reference": "kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-0.63.TDC.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64"
},
"product_reference": "kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-0.63.TDC.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64"
},
"product_reference": "kernel-source-3.0.101-0.63.TDC.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-0.63.TDC.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64"
},
"product_reference": "kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-0.63.TDC.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64"
},
"product_reference": "kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-0.63.TDC.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64"
},
"product_reference": "kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64"
},
"product_reference": "kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.0.101-0.63.TDC.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64"
},
"product_reference": "kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.0.101-0.63.TDC.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64"
},
"product_reference": "kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9710",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9710"
}
],
"notes": [
{
"category": "general",
"text": "The Btrfs implementation in the Linux kernel before 3.19 does not ensure that the visible xattr state is consistent with a requested replacement, which allows local users to bypass intended ACL settings and gain privileges via standard filesystem operations (1) during an xattr-replacement time window, related to a race condition, or (2) after an xattr-replacement attempt that fails because the data does not fit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9710",
"url": "https://www.suse.com/security/cve/CVE-2014-9710"
},
{
"category": "external",
"summary": "SUSE Bug 923908 for CVE-2014-9710",
"url": "https://bugzilla.suse.com/923908"
},
{
"category": "external",
"summary": "SUSE Bug 939260 for CVE-2014-9710",
"url": "https://bugzilla.suse.com/939260"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-07-31T10:31:13Z",
"details": "moderate"
}
],
"title": "CVE-2014-9710"
},
{
"cve": "CVE-2014-9728",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9728"
}
],
"notes": [
{
"category": "general",
"text": "The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service (buffer over-read and system crash) via a crafted filesystem image, related to fs/udf/inode.c and fs/udf/symlink.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9728",
"url": "https://www.suse.com/security/cve/CVE-2014-9728"
},
{
"category": "external",
"summary": "SUSE Bug 911325 for CVE-2014-9728",
"url": "https://bugzilla.suse.com/911325"
},
{
"category": "external",
"summary": "SUSE Bug 933904 for CVE-2014-9728",
"url": "https://bugzilla.suse.com/933904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-07-31T10:31:13Z",
"details": "low"
}
],
"title": "CVE-2014-9728"
},
{
"cve": "CVE-2014-9729",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9729"
}
],
"notes": [
{
"category": "general",
"text": "The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.18.2 does not ensure a certain data-structure size consistency, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9729",
"url": "https://www.suse.com/security/cve/CVE-2014-9729"
},
{
"category": "external",
"summary": "SUSE Bug 911325 for CVE-2014-9729",
"url": "https://bugzilla.suse.com/911325"
},
{
"category": "external",
"summary": "SUSE Bug 933904 for CVE-2014-9729",
"url": "https://bugzilla.suse.com/933904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-07-31T10:31:13Z",
"details": "low"
}
],
"title": "CVE-2014-9729"
},
{
"cve": "CVE-2014-9730",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9730"
}
],
"notes": [
{
"category": "general",
"text": "The udf_pc_to_char function in fs/udf/symlink.c in the Linux kernel before 3.18.2 relies on component lengths that are unused, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9730",
"url": "https://www.suse.com/security/cve/CVE-2014-9730"
},
{
"category": "external",
"summary": "SUSE Bug 911325 for CVE-2014-9730",
"url": "https://bugzilla.suse.com/911325"
},
{
"category": "external",
"summary": "SUSE Bug 933904 for CVE-2014-9730",
"url": "https://bugzilla.suse.com/933904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-07-31T10:31:13Z",
"details": "low"
}
],
"title": "CVE-2014-9730"
},
{
"cve": "CVE-2014-9731",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9731"
}
],
"notes": [
{
"category": "general",
"text": "The UDF filesystem implementation in the Linux kernel before 3.18.2 does not ensure that space is available for storing a symlink target\u0027s name along with a trailing \\0 character, which allows local users to obtain sensitive information via a crafted filesystem image, related to fs/udf/symlink.c and fs/udf/unicode.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9731",
"url": "https://www.suse.com/security/cve/CVE-2014-9731"
},
{
"category": "external",
"summary": "SUSE Bug 911325 for CVE-2014-9731",
"url": "https://bugzilla.suse.com/911325"
},
{
"category": "external",
"summary": "SUSE Bug 933896 for CVE-2014-9731",
"url": "https://bugzilla.suse.com/933896"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-07-31T10:31:13Z",
"details": "moderate"
}
],
"title": "CVE-2014-9731"
},
{
"cve": "CVE-2015-1420",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-1420"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execution of this function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-1420",
"url": "https://www.suse.com/security/cve/CVE-2015-1420"
},
{
"category": "external",
"summary": "SUSE Bug 915517 for CVE-2015-1420",
"url": "https://bugzilla.suse.com/915517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-07-31T10:31:13Z",
"details": "moderate"
}
],
"title": "CVE-2015-1420"
},
{
"cve": "CVE-2015-1805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-1805"
}
],
"notes": [
{
"category": "general",
"text": "The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an \"I/O vector array overrun.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-1805",
"url": "https://www.suse.com/security/cve/CVE-2015-1805"
},
{
"category": "external",
"summary": "SUSE Bug 917839 for CVE-2015-1805",
"url": "https://bugzilla.suse.com/917839"
},
{
"category": "external",
"summary": "SUSE Bug 933429 for CVE-2015-1805",
"url": "https://bugzilla.suse.com/933429"
},
{
"category": "external",
"summary": "SUSE Bug 939270 for CVE-2015-1805",
"url": "https://bugzilla.suse.com/939270"
},
{
"category": "external",
"summary": "SUSE Bug 964730 for CVE-2015-1805",
"url": "https://bugzilla.suse.com/964730"
},
{
"category": "external",
"summary": "SUSE Bug 964732 for CVE-2015-1805",
"url": "https://bugzilla.suse.com/964732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-07-31T10:31:13Z",
"details": "important"
}
],
"title": "CVE-2015-1805"
},
{
"cve": "CVE-2015-2041",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2041"
}
],
"notes": [
{
"category": "general",
"text": "net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2041",
"url": "https://www.suse.com/security/cve/CVE-2015-2041"
},
{
"category": "external",
"summary": "SUSE Bug 903967 for CVE-2015-2041",
"url": "https://bugzilla.suse.com/903967"
},
{
"category": "external",
"summary": "SUSE Bug 919007 for CVE-2015-2041",
"url": "https://bugzilla.suse.com/919007"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-07-31T10:31:13Z",
"details": "moderate"
}
],
"title": "CVE-2015-2041"
},
{
"cve": "CVE-2015-2922",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2922"
}
],
"notes": [
{
"category": "general",
"text": "The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2922",
"url": "https://www.suse.com/security/cve/CVE-2015-2922"
},
{
"category": "external",
"summary": "SUSE Bug 903967 for CVE-2015-2922",
"url": "https://bugzilla.suse.com/903967"
},
{
"category": "external",
"summary": "SUSE Bug 922583 for CVE-2015-2922",
"url": "https://bugzilla.suse.com/922583"
},
{
"category": "external",
"summary": "SUSE Bug 926223 for CVE-2015-2922",
"url": "https://bugzilla.suse.com/926223"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-07-31T10:31:13Z",
"details": "moderate"
}
],
"title": "CVE-2015-2922"
},
{
"cve": "CVE-2015-3636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-3636"
}
],
"notes": [
{
"category": "general",
"text": "The ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) by leveraging the ability to make a SOCK_DGRAM socket system call for the IPPROTO_ICMP or IPPROTO_ICMPV6 protocol, and then making a connect system call after a disconnect.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-3636",
"url": "https://www.suse.com/security/cve/CVE-2015-3636"
},
{
"category": "external",
"summary": "SUSE Bug 929525 for CVE-2015-3636",
"url": "https://bugzilla.suse.com/929525"
},
{
"category": "external",
"summary": "SUSE Bug 939277 for CVE-2015-3636",
"url": "https://bugzilla.suse.com/939277"
},
{
"category": "external",
"summary": "SUSE Bug 994624 for CVE-2015-3636",
"url": "https://bugzilla.suse.com/994624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-07-31T10:31:13Z",
"details": "moderate"
}
],
"title": "CVE-2015-3636"
},
{
"cve": "CVE-2015-4700",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4700"
}
],
"notes": [
{
"category": "general",
"text": "The bpf_int_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 4.0.6 allows local users to cause a denial of service (system crash) by creating a packet filter and then loading crafted BPF instructions that trigger late convergence by the JIT compiler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4700",
"url": "https://www.suse.com/security/cve/CVE-2015-4700"
},
{
"category": "external",
"summary": "SUSE Bug 935705 for CVE-2015-4700",
"url": "https://bugzilla.suse.com/935705"
},
{
"category": "external",
"summary": "SUSE Bug 939273 for CVE-2015-4700",
"url": "https://bugzilla.suse.com/939273"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-07-31T10:31:13Z",
"details": "moderate"
}
],
"title": "CVE-2015-4700"
},
{
"cve": "CVE-2015-5364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5364"
}
],
"notes": [
{
"category": "general",
"text": "The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service (system hang) via incorrect checksums within a UDP packet flood.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5364",
"url": "https://www.suse.com/security/cve/CVE-2015-5364"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2015-5364",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 781018 for CVE-2015-5364",
"url": "https://bugzilla.suse.com/781018"
},
{
"category": "external",
"summary": "SUSE Bug 936831 for CVE-2015-5364",
"url": "https://bugzilla.suse.com/936831"
},
{
"category": "external",
"summary": "SUSE Bug 939276 for CVE-2015-5364",
"url": "https://bugzilla.suse.com/939276"
},
{
"category": "external",
"summary": "SUSE Bug 945112 for CVE-2015-5364",
"url": "https://bugzilla.suse.com/945112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-07-31T10:31:13Z",
"details": "moderate"
}
],
"title": "CVE-2015-5364"
},
{
"cve": "CVE-2015-5366",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5366"
}
],
"notes": [
{
"category": "general",
"text": "The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet, a different vulnerability than CVE-2015-5364.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5366",
"url": "https://www.suse.com/security/cve/CVE-2015-5366"
},
{
"category": "external",
"summary": "SUSE Bug 781018 for CVE-2015-5366",
"url": "https://bugzilla.suse.com/781018"
},
{
"category": "external",
"summary": "SUSE Bug 936831 for CVE-2015-5366",
"url": "https://bugzilla.suse.com/936831"
},
{
"category": "external",
"summary": "SUSE Bug 939276 for CVE-2015-5366",
"url": "https://bugzilla.suse.com/939276"
},
{
"category": "external",
"summary": "SUSE Bug 945112 for CVE-2015-5366",
"url": "https://bugzilla.suse.com/945112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-default-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-source-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-syms-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-trace-devel-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-base-3.0.101-0.63.TDC.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kernel-xen-devel-3.0.101-0.63.TDC.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-07-31T10:31:13Z",
"details": "moderate"
}
],
"title": "CVE-2015-5366"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…