Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-8633 (GCVE-0-2016-8633)
Vulnerability from cvelistv5 – Published: 2016-11-28 03:01 – Updated: 2024-08-06 02:27
VLAI?
EPSS
Summary
drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:27:41.221Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.7"
},
{
"name": "94149",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94149"
},
{
"name": "RHSA-2018:1062",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1062"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633/"
},
{
"name": "RHSA-2018:0676",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1391490"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/667121ace9dbafb368618dbabcf07901c962ddac"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=667121ace9dbafb368618dbabcf07901c962ddac"
},
{
"name": "[oss-security] 20161106 Re: [engineering.redhat.com #426293] CVE Request - firewire driver RCE - linux 4.8",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/11/06/1"
},
{
"name": "RHSA-2019:1170",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1170"
},
{
"name": "RHSA-2019:1190",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1190"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-11-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-14T22:06:08.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.7"
},
{
"name": "94149",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94149"
},
{
"name": "RHSA-2018:1062",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1062"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633/"
},
{
"name": "RHSA-2018:0676",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1391490"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/667121ace9dbafb368618dbabcf07901c962ddac"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=667121ace9dbafb368618dbabcf07901c962ddac"
},
{
"name": "[oss-security] 20161106 Re: [engineering.redhat.com #426293] CVE Request - firewire driver RCE - linux 4.8",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/11/06/1"
},
{
"name": "RHSA-2019:1170",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1170"
},
{
"name": "RHSA-2019:1190",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1190"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-8633",
"datePublished": "2016-11-28T03:01:00.000Z",
"dateReserved": "2016-10-12T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:27:41.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CERTFR-2019-AVI-213
Vulnerability from certfr_avis - Published: 2019-05-15 - Updated: 2019-05-15
De multiples vulnérabilités ont été découvertes dans le noyau Linux de RedHat. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Update Services pour SAP Solutions 7.3 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour Power, little endian 7 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux Workstation 6 x86_64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder pour Power, little endian 8 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour Power, big endian 6 ppc64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - AUS 6.5 x86_64 | ||
| Red Hat | N/A | MRG Realtime 2 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour IBM z Systems 6 s390x | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour Real Time pour NFV 7 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour IBM z Systems - Extended Update Support 7.4 s390x | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Update Services pour SAP Solutions 7.4 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - AUS 7.3 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour Real Time 7 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour IBM z Systems - Extended Update Support 7.6 s390x | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour x86_64 8 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server (pour IBM Power LE) - Update Services pour SAP Solutions 7.6 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Update Services pour SAP Solutions 7.6 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux EUS Compute Node 7.4 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour IBM z Systems 8 s390x | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - AUS 7.4 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server 7 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server (pour IBM Power LE) - Update Services pour SAP Solutions 7.4 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server 6 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux EUS Compute Node 7.6 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server (pour IBM Power LE) - Update Services pour SAP Solutions 7.3 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux Desktop 6 i386 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour Power, little endian - Extended Update Support 7.6 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server 6 i386 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux Workstation 7 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour Power, little endian - Extended Update Support 7.5 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - TUS 7.6 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - TUS 7.4 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour Power, big endian - Extended Update Support 7.6 ppc64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Extended Update Support 7.5 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour Real Time 8 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux EUS Compute Node 7.5 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour Power, big endian - Extended Update Support 7.5 ppc64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour Power, big endian - Extended Update Support 7.4 ppc64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder pour ARM 64 8 aarch64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux Workstation 6 i386 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour Scientific Computing 6 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour Real Time pour NFV 8 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Extended Update Support 7.6 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour IBM z Systems 7 s390x | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - TUS 7.3 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Extended Update Support 7.4 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux Desktop 6 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - AUS 7.6 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour Scientific Computing 7 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour Power, big endian 7 ppc64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux Desktop 7 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour ARM 64 8 aarch64 | ||
| Oracle | Virtualization | Red Hat Virtualization Host 4 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour IBM z Systems - Extended Update Support 7.5 s390x | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder pour x86_64 8 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour Power, little endian - Extended Update Support 7.4 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour Power, little endian 8 ppc64le |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Red Hat Enterprise Linux Server - Update Services pour SAP Solutions 7.3 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux pour Power, little endian 7 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Workstation 6 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder pour Power, little endian 8 ppc64le",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux pour Power, big endian 6 ppc64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - AUS 6.5 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "MRG Realtime 2 x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux pour IBM z Systems 6 s390x",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux pour Real Time pour NFV 7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux pour IBM z Systems - Extended Update Support 7.4 s390x",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - Update Services pour SAP Solutions 7.4 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - AUS 7.3 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux pour Real Time 7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux pour IBM z Systems - Extended Update Support 7.6 s390x",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux pour x86_64 8 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server (pour IBM Power LE) - Update Services pour SAP Solutions 7.6 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - Update Services pour SAP Solutions 7.6 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux EUS Compute Node 7.4 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux pour IBM z Systems 8 s390x",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - AUS 7.4 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server 7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server (pour IBM Power LE) - Update Services pour SAP Solutions 7.4 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server 6 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux EUS Compute Node 7.6 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server (pour IBM Power LE) - Update Services pour SAP Solutions 7.3 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Desktop 6 i386",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux pour Power, little endian - Extended Update Support 7.6 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server 6 i386",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Workstation 7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux pour Power, little endian - Extended Update Support 7.5 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - TUS 7.6 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - TUS 7.4 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux pour Power, big endian - Extended Update Support 7.6 ppc64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - Extended Update Support 7.5 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux pour Real Time 8 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux EUS Compute Node 7.5 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux pour Power, big endian - Extended Update Support 7.5 ppc64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux pour Power, big endian - Extended Update Support 7.4 ppc64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder pour ARM 64 8 aarch64",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Workstation 6 i386",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux pour Scientific Computing 6 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux pour Real Time pour NFV 8 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - Extended Update Support 7.6 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux pour IBM z Systems 7 s390x",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - TUS 7.3 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - Extended Update Support 7.4 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Desktop 6 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - AUS 7.6 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux pour Scientific Computing 7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux pour Power, big endian 7 ppc64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Desktop 7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux pour ARM 64 8 aarch64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Virtualization Host 4 x86_64",
"product": {
"name": "Virtualization",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux pour IBM z Systems - Extended Update Support 7.5 s390x",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder pour x86_64 8 x86_64",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux pour Power, little endian - Extended Update Support 7.4 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux pour Power, little endian 8 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-12190",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12190"
},
{
"name": "CVE-2019-11091",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11091"
},
{
"name": "CVE-2018-1068",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1068"
},
{
"name": "CVE-2016-7913",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7913"
},
{
"name": "CVE-2017-16939",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16939"
},
{
"name": "CVE-2018-12127",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12127"
},
{
"name": "CVE-2017-1000407",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000407"
},
{
"name": "CVE-2016-8633",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8633"
},
{
"name": "CVE-2017-13215",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13215"
},
{
"name": "CVE-2018-12130",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12130"
},
{
"name": "CVE-2018-18559",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18559"
},
{
"name": "CVE-2017-11600",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11600"
},
{
"name": "CVE-2017-17558",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17558"
},
{
"name": "CVE-2018-3665",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3665"
},
{
"name": "CVE-2018-12126",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12126"
}
],
"initial_release_date": "2019-05-15T00:00:00",
"last_revision_date": "2019-05-15T00:00:00",
"links": [],
"reference": "CERTFR-2019-AVI-213",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-05-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nRedHat. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire, un d\u00e9ni de service et une atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de RedHat",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2019:1190 du 14 mai 2019",
"url": "https://access.redhat.com/errata/RHSA-2019:1190"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2019:1155 du 14 mai 2019",
"url": "https://access.redhat.com/errata/RHSA-2019:1155"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2019:1171 du 14 mai 2019",
"url": "https://access.redhat.com/errata/RHSA-2019:1171"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2019:1168 du 14 mai 2019",
"url": "https://access.redhat.com/errata/RHSA-2019:1168"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2019:1174 du 14 mai 2019",
"url": "https://access.redhat.com/errata/RHSA-2019:1174"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2019:1176 du 14 mai 2019",
"url": "https://access.redhat.com/errata/RHSA-2019:1176"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2019:1169 du 14 mai 2019",
"url": "https://access.redhat.com/errata/RHSA-2019:1169"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2019:1196 du 14 mai 2019",
"url": "https://access.redhat.com/errata/RHSA-2019:1196"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2019:1170 du 14 mai 2019",
"url": "https://access.redhat.com/errata/RHSA-2019:1170"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2019:1167 du 14 mai 2019",
"url": "https://access.redhat.com/errata/RHSA-2019:1167"
}
]
}
CERTFR-2016-AVI-426
Vulnerability from certfr_avis - Published: 2016-12-21 - Updated: 2016-12-21
De multiples vulnérabilités ont été corrigées dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 12.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 16.10",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-7097",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7097"
},
{
"name": "CVE-2016-7916",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7916"
},
{
"name": "CVE-2016-9313",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9313"
},
{
"name": "CVE-2016-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7425"
},
{
"name": "CVE-2016-9555",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9555"
},
{
"name": "CVE-2016-9178",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9178"
},
{
"name": "CVE-2016-8633",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8633"
},
{
"name": "CVE-2016-4568",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4568"
},
{
"name": "CVE-2016-7042",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7042"
},
{
"name": "CVE-2016-8645",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8645"
},
{
"name": "CVE-2016-9644",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9644"
},
{
"name": "CVE-2016-8630",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8630"
},
{
"name": "CVE-2015-8964",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8964"
},
{
"name": "CVE-2016-8658",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8658"
},
{
"name": "CVE-2016-6213",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6213"
}
],
"initial_release_date": "2016-12-21T00:00:00",
"last_revision_date": "2016-12-21T00:00:00",
"links": [],
"reference": "CERTFR-2016-AVI-426",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2016-12-21T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une ex\u00e9cution de code arbitraire et un d\u00e9ni de service \u00e0\ndistance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3161-2 du 20 d\u00e9cembre 2016",
"url": "https://www.ubuntu.com/usn/usn-3161-2/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3160-1 du 20 d\u00e9cembre 2016",
"url": "https://www.ubuntu.com/usn/usn-3160-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3162-2 du 20 d\u00e9cembre 2016",
"url": "https://www.ubuntu.com/usn/usn-3162-2/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3159-2 du 20 d\u00e9cembre 2016",
"url": "https://www.ubuntu.com/usn/usn-3159-2/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3160-2 du 20 d\u00e9cembre 2016",
"url": "https://www.ubuntu.com/usn/usn-3160-2/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3161-3 du 20 d\u00e9cembre 2016",
"url": "https://www.ubuntu.com/usn/usn-3161-3/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3159-1 du 20 d\u00e9cembre 2016",
"url": "https://www.ubuntu.com/usn/usn-3159-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3161-4 du 20 d\u00e9cembre 2016",
"url": "https://www.ubuntu.com/usn/usn-3161-4/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3161-1 du 20 d\u00e9cembre 2016",
"url": "https://www.ubuntu.com/usn/usn-3161-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3162-1 du 20 d\u00e9cembre 2016",
"url": "https://www.ubuntu.com/usn/usn-3162-1/"
}
]
}
CERTFR-2017-AVI-053
Vulnerability from certfr_avis - Published: 2017-02-16 - Updated: 2017-02-16
De multiples vulnérabilités ont été corrigées dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server pour SAP 12 sans le dernier correctif de sécurité | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-LTSS sans le dernier correctif de sécurité | ||
| SUSE | N/A | SUSE Linux Enterprise Module pour Public Cloud 12 sans le dernier correctif de sécurité |
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server pour SAP 12 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-LTSS sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module pour Public Cloud 12 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-7097",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7097"
},
{
"name": "CVE-2016-5829",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5829"
},
{
"name": "CVE-2017-2584",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2584"
},
{
"name": "CVE-2016-7914",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7914"
},
{
"name": "CVE-2016-4470",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4470"
},
{
"name": "CVE-2016-5828",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5828"
},
{
"name": "CVE-2016-7913",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7913"
},
{
"name": "CVE-2016-9793",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9793"
},
{
"name": "CVE-2016-9756",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9756"
},
{
"name": "CVE-2014-9904",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9904"
},
{
"name": "CVE-2016-5696",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5696"
},
{
"name": "CVE-2016-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7425"
},
{
"name": "CVE-2016-8399",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8399"
},
{
"name": "CVE-2016-8633",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8633"
},
{
"name": "CVE-2015-8963",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8963"
},
{
"name": "CVE-2016-6130",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6130"
},
{
"name": "CVE-2015-8956",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8956"
},
{
"name": "CVE-2016-9083",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9083"
},
{
"name": "CVE-2017-2583",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2583"
},
{
"name": "CVE-2016-1008",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1008"
},
{
"name": "CVE-2016-6480",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6480"
},
{
"name": "CVE-2016-9806",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9806"
},
{
"name": "CVE-2016-7042",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7042"
},
{
"name": "CVE-2016-6327",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6327"
},
{
"name": "CVE-2016-4998",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4998"
},
{
"name": "CVE-2016-8645",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8645"
},
{
"name": "CVE-2015-8962",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8962"
},
{
"name": "CVE-2016-7910",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7910"
},
{
"name": "CVE-2016-7911",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7911"
},
{
"name": "CVE-2017-5551",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5551"
},
{
"name": "CVE-2015-8964",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8964"
},
{
"name": "CVE-2016-8658",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8658"
},
{
"name": "CVE-2016-9084",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9084"
},
{
"name": "CVE-2016-6828",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6828"
}
],
"initial_release_date": "2017-02-16T00:00:00",
"last_revision_date": "2017-02-16T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2017:0471-1 du 15 f\u00e9vrier 2017",
"url": "https://www.suse.com//support/update/announcement/2017/suse-su-20170471-1.html"
}
],
"reference": "CERTFR-2017-AVI-053",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-02-16T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de SUSE\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une ex\u00e9cution de code arbitraire et un d\u00e9ni de service.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2017:0471-1 du 15 f\u00e9vrier 2017",
"url": null
}
]
}
CERTFR-2017-AVI-042
Vulnerability from certfr_avis - Published: 2017-02-07 - Updated: 2017-02-07
De multiples vulnérabilités ont été corrigées dans le noyau Linux de Suse. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
SUSE Linux Enterprise Real Time Extension 12-SP1
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eSUSE Linux Enterprise Real Time Extension 12-SP1\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-9794",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9794"
},
{
"name": "CVE-2017-2584",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2584"
},
{
"name": "CVE-2016-7914",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7914"
},
{
"name": "CVE-2016-7913",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7913"
},
{
"name": "CVE-2016-9793",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9793"
},
{
"name": "CVE-2016-9756",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9756"
},
{
"name": "CVE-2016-9555",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9555"
},
{
"name": "CVE-2016-8399",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8399"
},
{
"name": "CVE-2016-8633",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8633"
},
{
"name": "CVE-2015-8963",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8963"
},
{
"name": "CVE-2016-9083",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9083"
},
{
"name": "CVE-2016-9576",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9576"
},
{
"name": "CVE-2017-2583",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2583"
},
{
"name": "CVE-2016-1008",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1008"
},
{
"name": "CVE-2016-9806",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9806"
},
{
"name": "CVE-2016-8655",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8655"
},
{
"name": "CVE-2016-8645",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8645"
},
{
"name": "CVE-2015-8962",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8962"
},
{
"name": "CVE-2016-7910",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7910"
},
{
"name": "CVE-2016-7911",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7911"
},
{
"name": "CVE-2017-5551",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5551"
},
{
"name": "CVE-2015-8964",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8964"
},
{
"name": "CVE-2016-9084",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9084"
},
{
"name": "CVE-2016-8632",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8632"
}
],
"initial_release_date": "2017-02-07T00:00:00",
"last_revision_date": "2017-02-07T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Suse suse-su-20170407-1 du 06 f\u00e9vrier 2017",
"url": "https://www.suse.com//support/update/announcement/2017/suse-su-20170407-1.html"
}
],
"reference": "CERTFR-2017-AVI-042",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-02-07T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de Suse\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une ex\u00e9cution de code arbitraire et un d\u00e9ni de service.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Suse",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Suse suse-su-20170407-1 du 06 f\u00e9vrier 2017",
"url": null
}
]
}
CERTFR-2017-AVI-044
Vulnerability from certfr_avis - Published: 2017-02-10 - Updated: 2017-02-10
De multiples vulnérabilités ont été corrigées dans le noyau Linux de Suse. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise Debuginfo 11-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 11-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Software Development Kit 11-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 11-EXTRA |
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Debuginfo 11-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 11-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Software Development Kit 11-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 11-EXTRA",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2013-6368",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6368"
},
{
"name": "CVE-2016-7916",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7916"
},
{
"name": "CVE-2016-9793",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9793"
},
{
"name": "CVE-2016-9756",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9756"
},
{
"name": "CVE-2004-0230",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-0230"
},
{
"name": "CVE-2015-1350",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1350"
},
{
"name": "CVE-2016-5696",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5696"
},
{
"name": "CVE-2016-9685",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9685"
},
{
"name": "CVE-2016-9555",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9555"
},
{
"name": "CVE-2016-8399",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8399"
},
{
"name": "CVE-2016-8633",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8633"
},
{
"name": "CVE-2012-6704",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6704"
},
{
"name": "CVE-2016-9576",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9576"
},
{
"name": "CVE-2016-1008",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1008"
},
{
"name": "CVE-2016-8646",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8646"
},
{
"name": "CVE-2015-8962",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8962"
},
{
"name": "CVE-2016-7910",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7910"
},
{
"name": "CVE-2016-7911",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7911"
},
{
"name": "CVE-2017-5551",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5551"
},
{
"name": "CVE-2015-8964",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8964"
},
{
"name": "CVE-2016-8632",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8632"
}
],
"initial_release_date": "2017-02-10T00:00:00",
"last_revision_date": "2017-02-10T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Suse suse-su-20170437-1 du 09 f\u00e9vrier 2017",
"url": "https://www.suse.com//support/update/announcement/2017/suse-su-20170437-1.html"
}
],
"reference": "CERTFR-2017-AVI-044",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-02-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de Suse\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9\ndes donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Suse",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Suse suse-su-20170437-1 du 09 f\u00e9vrier 2017",
"url": null
}
]
}
CERTFR-2017-AVI-050
Vulnerability from certfr_avis - Published: 2017-02-15 - Updated: 2017-02-15
De multiples vulnérabilités ont été corrigées dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP1 | ||
| SUSE | SUSE Linux Enterprise Desktop | SUSE Linux Enterprise Desktop 12-SP1 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Public Cloud 12 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 12-SP1 | ||
| SUSE | N/A | SUSE Linux Enterprise Software Development Kit 12-SP1 |
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP1",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 12-SP1",
"product": {
"name": "SUSE Linux Enterprise Desktop",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Public Cloud 12",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 12-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Software Development Kit 12-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-2584",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2584"
},
{
"name": "CVE-2016-7914",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7914"
},
{
"name": "CVE-2016-7913",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7913"
},
{
"name": "CVE-2016-9793",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9793"
},
{
"name": "CVE-2016-9756",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9756"
},
{
"name": "CVE-2016-8399",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8399"
},
{
"name": "CVE-2016-8633",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8633"
},
{
"name": "CVE-2015-8963",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8963"
},
{
"name": "CVE-2016-9083",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9083"
},
{
"name": "CVE-2017-2583",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2583"
},
{
"name": "CVE-2016-1008",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1008"
},
{
"name": "CVE-2016-9806",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9806"
},
{
"name": "CVE-2016-8645",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8645"
},
{
"name": "CVE-2015-8962",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8962"
},
{
"name": "CVE-2016-7910",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7910"
},
{
"name": "CVE-2016-7911",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7911"
},
{
"name": "CVE-2017-5551",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5551"
},
{
"name": "CVE-2015-8964",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8964"
},
{
"name": "CVE-2016-9084",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9084"
}
],
"initial_release_date": "2017-02-15T00:00:00",
"last_revision_date": "2017-02-15T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2017:0464-1 du 14 f\u00e9vrier 2017",
"url": "https://www.suse.com//support/update/announcement/2017/suse-su-20170464-1.html"
}
],
"reference": "CERTFR-2017-AVI-050",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-02-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de SUSE\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une ex\u00e9cution de code arbitraire et un d\u00e9ni de service.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2017:0464-1 du 14 f\u00e9vrier 2017",
"url": null
}
]
}
CERTFR-2017-AVI-034
Vulnerability from certfr_avis - Published: 2017-01-31 - Updated: 2017-01-31
De multiples vulnérabilités ont été corrigées dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-LTSS | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12 | ||
| SUSE | N/A | SUSE Linux Enterprise Debuginfo 11-SP2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server pour SAP 12 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 11-SP2-LTSS |
References
| Title | Publication Time | Tags | |
|---|---|---|---|
|
|
|||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Debuginfo 11-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server pour SAP 12",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 11-SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-7097",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7097"
},
{
"name": "CVE-2016-7916",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7916"
},
{
"name": "CVE-2016-5829",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5829"
},
{
"name": "CVE-2013-4312",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4312"
},
{
"name": "CVE-2016-4578",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4578"
},
{
"name": "CVE-2016-4997",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4997"
},
{
"name": "CVE-2016-4805",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4805"
},
{
"name": "CVE-2016-4470",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4470"
},
{
"name": "CVE-2015-7833",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7833"
},
{
"name": "CVE-2016-4485",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4485"
},
{
"name": "CVE-2016-9793",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9793"
},
{
"name": "CVE-2016-1583",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1583"
},
{
"name": "CVE-2016-9756",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9756"
},
{
"name": "CVE-2016-5244",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5244"
},
{
"name": "CVE-2004-0230",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-0230"
},
{
"name": "CVE-2015-1350",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1350"
},
{
"name": "CVE-2016-9685",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9685"
},
{
"name": "CVE-2016-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7425"
},
{
"name": "CVE-2016-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4565"
},
{
"name": "CVE-2016-4913",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4913"
},
{
"name": "CVE-2016-9555",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9555"
},
{
"name": "CVE-2016-8399",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8399"
},
{
"name": "CVE-2016-8633",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8633"
},
{
"name": "CVE-2015-7513",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7513"
},
{
"name": "CVE-2016-3841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3841"
},
{
"name": "CVE-2015-8956",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8956"
},
{
"name": "CVE-2012-6704",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6704"
},
{
"name": "CVE-2016-4569",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4569"
},
{
"name": "CVE-2016-1008",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1008"
},
{
"name": "CVE-2016-6480",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6480"
},
{
"name": "CVE-2016-4580",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4580"
},
{
"name": "CVE-2016-9806",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9806"
},
{
"name": "CVE-2016-2187",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2187"
},
{
"name": "CVE-2016-7042",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7042"
},
{
"name": "CVE-2016-0823",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0823"
},
{
"name": "CVE-2016-2189",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2189"
},
{
"name": "CVE-2016-4998",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4998"
},
{
"name": "CVE-2016-4482",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4482"
},
{
"name": "CVE-2016-8646",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8646"
},
{
"name": "CVE-2016-7117",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7117"
},
{
"name": "CVE-2015-8962",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8962"
},
{
"name": "CVE-2016-7910",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7910"
},
{
"name": "CVE-2016-7911",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7911"
},
{
"name": "CVE-2017-5551",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5551"
},
{
"name": "CVE-2015-8964",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8964"
},
{
"name": "CVE-2016-6828",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6828"
},
{
"name": "CVE-2016-8632",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8632"
}
],
"initial_release_date": "2017-01-31T00:00:00",
"last_revision_date": "2017-01-31T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2017:0307-1 du 27 janvier 2017",
"url": "https://www.suse.com//support/update/announcement/2017/suse-su-20170307-1.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2017:0333-1 du 30 janvier 2017",
"url": "https://www.suse.com//support/update/announcement/2017/suse-su-20170333-1.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SSUSE-SU-2017:0303-1 du 27 janvier 2017",
"url": "https://www.suse.com//support/update/announcement/2017/suse-su-20170303-1.html"
}
],
"reference": "CERTFR-2017-AVI-034",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-01-31T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de SUSE\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2017:0333-1 du 30 janvier 2017",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2017:0307-1 du 27 janvier 2017",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SSUSE-SU-2017:0303-1 du 27 janvier 2017",
"url": null
}
]
}
CERTFR-2017-AVI-054
Vulnerability from certfr_avis - Published: 2017-02-20 - Updated: 2017-02-20
De multiples vulnérabilités ont été corrigées dans le noyau Linux de Suse. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et une exécution de code arbitraire.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 11-SP3-LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise Point of Sale 11-SP3 | ||
| SUSE | N/A | SUSE Manager 2.1 | ||
| SUSE | N/A | SUSE Linux Enterprise Debuginfo 11-SP3 | ||
| SUSE | N/A | SUSE OpenStack Cloud 5 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 2.1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 11-EXTRA |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server 11-SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Point of Sale 11-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager 2.1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Debuginfo 11-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE OpenStack Cloud 5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 2.1",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 11-EXTRA",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-7097",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7097"
},
{
"name": "CVE-2016-7916",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7916"
},
{
"name": "CVE-2016-9793",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9793"
},
{
"name": "CVE-2016-9756",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9756"
},
{
"name": "CVE-2004-0230",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-0230"
},
{
"name": "CVE-2015-1350",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1350"
},
{
"name": "CVE-2016-9685",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9685"
},
{
"name": "CVE-2016-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7425"
},
{
"name": "CVE-2016-9555",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9555"
},
{
"name": "CVE-2016-8399",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8399"
},
{
"name": "CVE-2016-8633",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8633"
},
{
"name": "CVE-2016-3841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3841"
},
{
"name": "CVE-2015-8956",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8956"
},
{
"name": "CVE-2012-6704",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6704"
},
{
"name": "CVE-2016-9576",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9576"
},
{
"name": "CVE-2016-1008",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1008"
},
{
"name": "CVE-2016-7042",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7042"
},
{
"name": "CVE-2016-0823",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0823"
},
{
"name": "CVE-2016-8646",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8646"
},
{
"name": "CVE-2016-7117",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7117"
},
{
"name": "CVE-2015-8962",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8962"
},
{
"name": "CVE-2016-7910",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7910"
},
{
"name": "CVE-2016-7911",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7911"
},
{
"name": "CVE-2017-5551",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5551"
},
{
"name": "CVE-2015-8970",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8970"
},
{
"name": "CVE-2015-8964",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8964"
},
{
"name": "CVE-2016-6828",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6828"
},
{
"name": "CVE-2016-8632",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8632"
}
],
"initial_release_date": "2017-02-20T00:00:00",
"last_revision_date": "2017-02-20T00:00:00",
"links": [],
"reference": "CERTFR-2017-AVI-054",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-02-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de Suse\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non\nsp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code arbitraire \u00e0 distance et\nune ex\u00e9cution de code arbitraire.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Suse",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Suse du 17 f\u00e9vrier 2017",
"url": "https://www.suse.com//support/update/announcement/2017/suse-su-20170494-1.html"
}
]
}
CERTFR-2017-AVI-131
Vulnerability from certfr_avis - Published: 2017-04-26 - Updated: 2017-04-26
De multiples vulnérabilités ont été corrigées dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un déni de service.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time Extension 11-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Debuginfo 11-SP4 |
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Real Time Extension 11-SP4",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Debuginfo 11-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-9794",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9794"
},
{
"name": "CVE-2013-6368",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6368"
},
{
"name": "CVE-2016-7097",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7097"
},
{
"name": "CVE-2016-7916",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7916"
},
{
"name": "CVE-2016-9793",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9793"
},
{
"name": "CVE-2016-9756",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9756"
},
{
"name": "CVE-2004-0230",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-0230"
},
{
"name": "CVE-2015-1350",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1350"
},
{
"name": "CVE-2016-5696",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5696"
},
{
"name": "CVE-2016-9685",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9685"
},
{
"name": "CVE-2016-9555",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9555"
},
{
"name": "CVE-2016-8399",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8399"
},
{
"name": "CVE-2016-8633",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8633"
},
{
"name": "CVE-2016-3841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3841"
},
{
"name": "CVE-2015-8956",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8956"
},
{
"name": "CVE-2012-6704",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6704"
},
{
"name": "CVE-2016-9576",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9576"
},
{
"name": "CVE-2016-1008",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1008"
},
{
"name": "CVE-2016-7042",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7042"
},
{
"name": "CVE-2016-8646",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8646"
},
{
"name": "CVE-2016-7117",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7117"
},
{
"name": "CVE-2015-8962",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8962"
},
{
"name": "CVE-2016-7910",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7910"
},
{
"name": "CVE-2016-7911",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7911"
},
{
"name": "CVE-2017-5551",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5551"
},
{
"name": "CVE-2015-8964",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8964"
},
{
"name": "CVE-2016-8632",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8632"
}
],
"initial_release_date": "2017-04-26T00:00:00",
"last_revision_date": "2017-04-26T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2017:1102-1 du 25 avril 2017",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20171102-1/"
}
],
"reference": "CERTFR-2017-AVI-131",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-04-26T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de SUSE\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et un d\u00e9ni de service.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2017:1102-1 du 25 avril 2017",
"url": null
}
]
}
CERTFR-2017-AVI-339
Vulnerability from certfr_avis - Published: 2017-10-11 - Updated: 2017-10-12
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu . Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 17.04",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 12.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-14106",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14106"
},
{
"name": "CVE-2016-8633",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8633"
},
{
"name": "CVE-2017-14140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14140"
},
{
"name": "CVE-2017-1000255",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000255"
},
{
"name": "CVE-2017-12134",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12134"
}
],
"initial_release_date": "2017-10-11T00:00:00",
"last_revision_date": "2017-10-12T00:00:00",
"links": [],
"reference": "CERTFR-2017-AVI-339",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2017-10-11T00:00:00.000000"
},
{
"description": "Ajout des bulletins de s\u00e9curit\u00e9 Ubuntu usn-3443-3 et usn-3445-2.",
"revision_date": "2017-10-12T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux\nd\u0027Ubuntu . Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3445-2 du 11 octobre 2017",
"url": "https://usn.ubuntu.com/usn/usn-3445-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3444-1 du 10 octobre 2017",
"url": "https://usn.ubuntu.com/usn/usn-3444-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3443-2 du 10 octobre 2017",
"url": "https://usn.ubuntu.com/usn/usn-3443-2/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3443-3 du 11 octobre 2017",
"url": "https://usn.ubuntu.com/usn/usn-3443-3/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3443-1 du 10 octobre 2017",
"url": "https://usn.ubuntu.com/usn/usn-3443-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3444-2 du 10 octobre 2017",
"url": "https://usn.ubuntu.com/usn/usn-3444-2/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3445-1 du 10 octobre 2017",
"url": "https://usn.ubuntu.com/usn/usn-3445-1/"
}
]
}
GSD-2016-8633
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2016-8633",
"description": "drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets.",
"id": "GSD-2016-8633",
"references": [
"https://www.suse.com/security/cve/CVE-2016-8633.html",
"https://access.redhat.com/errata/RHSA-2019:1190",
"https://access.redhat.com/errata/RHSA-2019:1170",
"https://access.redhat.com/errata/RHSA-2018:1062",
"https://access.redhat.com/errata/RHSA-2018:0676",
"https://ubuntu.com/security/CVE-2016-8633",
"https://advisories.mageia.org/CVE-2016-8633.html",
"https://linux.oracle.com/cve/CVE-2016-8633.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2016-8633"
],
"details": "drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets.",
"id": "GSD-2016-8633",
"modified": "2023-12-13T01:21:22.283463Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-8633",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://access.redhat.com/errata/RHSA-2018:0676",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"name": "https://access.redhat.com/errata/RHSA-2018:1062",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2018:1062"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.7",
"refsource": "MISC",
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.7"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=667121ace9dbafb368618dbabcf07901c962ddac",
"refsource": "MISC",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=667121ace9dbafb368618dbabcf07901c962ddac"
},
{
"name": "http://www.openwall.com/lists/oss-security/2016/11/06/1",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2016/11/06/1"
},
{
"name": "http://www.securityfocus.com/bid/94149",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/94149"
},
{
"name": "https://access.redhat.com/errata/RHSA-2019:1170",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2019:1170"
},
{
"name": "https://access.redhat.com/errata/RHSA-2019:1190",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2019:1190"
},
{
"name": "https://eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633/",
"refsource": "MISC",
"url": "https://eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633/"
},
{
"name": "https://github.com/torvalds/linux/commit/667121ace9dbafb368618dbabcf07901c962ddac",
"refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/667121ace9dbafb368618dbabcf07901c962ddac"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1391490",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1391490"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.8.6",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-8633"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/torvalds/linux/commit/667121ace9dbafb368618dbabcf07901c962ddac",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/667121ace9dbafb368618dbabcf07901c962ddac"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=667121ace9dbafb368618dbabcf07901c962ddac",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=667121ace9dbafb368618dbabcf07901c962ddac"
},
{
"name": "[oss-security] 20161106 Re: [engineering.redhat.com #426293] CVE Request - firewire driver RCE - linux 4.8",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/11/06/1"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.7",
"refsource": "CONFIRM",
"tags": [
"Release Notes"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.7"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1391490",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1391490"
},
{
"name": "https://eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633/",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633/"
},
{
"name": "94149",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/94149"
},
{
"name": "RHSA-2018:1062",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2018:1062"
},
{
"name": "RHSA-2018:0676",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"name": "RHSA-2019:1170",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2019:1170"
},
{
"name": "RHSA-2019:1190",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2019:1190"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2023-02-12T23:26Z",
"publishedDate": "2016-11-28T03:59Z"
}
}
}
GHSA-98P8-G74R-RJV3
Vulnerability from github – Published: 2022-05-14 01:02 – Updated: 2025-04-12 13:06
VLAI?
Details
drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets.
Severity ?
6.8 (Medium)
{
"affected": [],
"aliases": [
"CVE-2016-8633"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2016-11-28T03:59:00Z",
"severity": "MODERATE"
},
"details": "drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets.",
"id": "GHSA-98p8-g74r-rjv3",
"modified": "2025-04-12T13:06:49Z",
"published": "2022-05-14T01:02:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8633"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/667121ace9dbafb368618dbabcf07901c962ddac"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:1062"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:1170"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:1190"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2016-8633"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1391490"
},
{
"type": "WEB",
"url": "https://eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633"
},
{
"type": "WEB",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=667121ace9dbafb368618dbabcf07901c962ddac"
},
{
"type": "WEB",
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.7"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2016/11/06/1"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/94149"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
FKIE_CVE-2016-8633
Vulnerability from fkie_nvd - Published: 2016-11-28 03:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DB1181C-8236-47EF-AB6F-1042AFCE5F54",
"versionEndIncluding": "4.8.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets."
},
{
"lang": "es",
"value": "drivers/firewire/net.c en el kernel Linux en versiones anteriores a 4.8.7, en ciertas configuraciones de hardware no usuales, permite a atacantes remotos ejecutar un c\u00f3digo arbitrario a trav\u00e9s de paquetes fragmentados manipulados."
}
],
"id": "CVE-2016-8633",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-11-28T03:59:06.063",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=667121ace9dbafb368618dbabcf07901c962ddac"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.7"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/11/06/1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/94149"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2018:1062"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2019:1170"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2019:1190"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1391490"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/667121ace9dbafb368618dbabcf07901c962ddac"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=667121ace9dbafb368618dbabcf07901c962ddac"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/11/06/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/94149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2018:1062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:1170"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:1190"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1391490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/667121ace9dbafb368618dbabcf07901c962ddac"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CNVD-2016-11078
Vulnerability from cnvd - Published: 2016-11-15
VLAI Severity ?
Title
Linux Kernel本地缓冲区溢出漏洞
Description
Linux kernel是美国Linux基金会发布的操作系统Linux所使用的内核。
Linux Kernel存在本地缓冲区溢出漏洞,由于程序未能充分对用户的输入进行边界检查。允许攻击者利用该漏洞在内核权限上执行任意代码,失败尝试可能会导致拒绝服务。
Severity
中
Patch Name
Linux Kernel本地缓冲区溢出漏洞的补丁
Patch Description
Linux kernel是美国Linux基金会发布的操作系统Linux所使用的内核。
Linux Kernel存在本地缓冲区溢出漏洞,由于程序未能充分对用户的输入进行边界检查。允许攻击者利用该漏洞在内核权限上执行任意代码,失败尝试可能会导致拒绝服务。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接: https://git.kernel.org/cgit/linux/kernel/git/ieee1394/linux1394.git/commit/?h=testing&id=ff89027279ec57d69797cbae7c681672f1dbea71
Reference
http://www.securityfocus.com/bid/94149
Impacted products
| Name | Linux Kernel |
|---|
{
"bids": {
"bid": {
"bidNumber": "94149"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2016-8633"
}
},
"description": "Linux kernel\u662f\u7f8e\u56fdLinux\u57fa\u91d1\u4f1a\u53d1\u5e03\u7684\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\r\n\r\nLinux Kernel\u5b58\u5728\u672c\u5730\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u7531\u4e8e\u7a0b\u5e8f\u672a\u80fd\u5145\u5206\u5bf9\u7528\u6237\u7684\u8f93\u5165\u8fdb\u884c\u8fb9\u754c\u68c0\u67e5\u3002\u5141\u8bb8\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u5185\u6838\u6743\u9650\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u5931\u8d25\u5c1d\u8bd5\u53ef\u80fd\u4f1a\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002",
"discovererName": "Adam Mari\u00c5\u00a1",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://git.kernel.org/cgit/linux/kernel/git/ieee1394/linux1394.git/commit/?h=testing\u0026id=ff89027279ec57d69797cbae7c681672f1dbea71",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2016-11078",
"openTime": "2016-11-15",
"patchDescription": "Linux kernel\u662f\u7f8e\u56fdLinux\u57fa\u91d1\u4f1a\u53d1\u5e03\u7684\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\r\n\r\nLinux Kernel\u5b58\u5728\u672c\u5730\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u7531\u4e8e\u7a0b\u5e8f\u672a\u80fd\u5145\u5206\u5bf9\u7528\u6237\u7684\u8f93\u5165\u8fdb\u884c\u8fb9\u754c\u68c0\u67e5\u3002\u5141\u8bb8\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u5185\u6838\u6743\u9650\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u5931\u8d25\u5c1d\u8bd5\u53ef\u80fd\u4f1a\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Linux Kernel\u672c\u5730\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Linux Kernel"
},
"referenceLink": "http://www.securityfocus.com/bid/94149",
"serverity": "\u4e2d",
"submitTime": "2016-11-09",
"title": "Linux Kernel\u672c\u5730\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…