Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2015:1978
HistoryNov 04, 2015 - 10:54 a.m.

kernel, perf, python security update

2015-11-0410:54:35
CentOS Project
lists.centos.org
72

6.1 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

62.0%

JSON

CentOS Errata and Security Advisory CESA-2015:1978

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

  • A flaw was found in the way the Linux kernel’s VFS subsystem handled file
    system locks. A local, unprivileged user could use this flaw to trigger a
    deadlock in the kernel, causing a denial of service on the system.
    (CVE-2014-8559, Moderate)

  • A buffer overflow flaw was found in the way the Linux kernel’s virtio-net
    subsystem handled certain fraglists when the GRO (Generic Receive Offload)
    functionality was enabled in a bridged network configuration. An attacker
    on the local network could potentially use this flaw to crash the system,
    or, although unlikely, elevate their privileges on the system.
    (CVE-2015-5156, Moderate)

The CVE-2015-5156 issue was discovered by Jason Wang of Red Hat.

This update also fixes several bugs and adds one enhancement. Refer to the
following Knowledgebase article for further information:

https://access.redhat.com/articles/2039563

All kernel users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues and add this
enhancement. The system must be rebooted for this update to take effect.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2015-November/083625.html

Affected packages:
kernel
kernel-abi-whitelists
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-tools
kernel-tools-libs
kernel-tools-libs-devel
perf
python-perf

Upstream details at:
https://access.redhat.com/errata/RHSA-2015:1978

OSVersionArchitecturePackageVersionFilename
CentOS7x86_64kernel< 3.10.0-229.20.1.el7kernel-3.10.0-229.20.1.el7.x86_64.rpm
CentOS7noarchkernel-abi-whitelists< 3.10.0-229.20.1.el7kernel-abi-whitelists-3.10.0-229.20.1.el7.noarch.rpm
CentOS7x86_64kernel-debug< 3.10.0-229.20.1.el7kernel-debug-3.10.0-229.20.1.el7.x86_64.rpm
CentOS7x86_64kernel-debug-devel< 3.10.0-229.20.1.el7kernel-debug-devel-3.10.0-229.20.1.el7.x86_64.rpm
CentOS7x86_64kernel-devel< 3.10.0-229.20.1.el7kernel-devel-3.10.0-229.20.1.el7.x86_64.rpm
CentOS7noarchkernel-doc< 3.10.0-229.20.1.el7kernel-doc-3.10.0-229.20.1.el7.noarch.rpm
CentOS7x86_64kernel-headers< 3.10.0-229.20.1.el7kernel-headers-3.10.0-229.20.1.el7.x86_64.rpm
CentOS7x86_64kernel-tools< 3.10.0-229.20.1.el7kernel-tools-3.10.0-229.20.1.el7.x86_64.rpm
CentOS7x86_64kernel-tools-libs< 3.10.0-229.20.1.el7kernel-tools-libs-3.10.0-229.20.1.el7.x86_64.rpm
CentOS7x86_64kernel-tools-libs-devel< 3.10.0-229.20.1.el7kernel-tools-libs-devel-3.10.0-229.20.1.el7.x86_64.rpm
Rows per page:
1-10 of 121

Related

oraclelinux 6
nessus 51
openvas 64
redhat 4
prion 2
nvd 2
debiancve 2
ubuntucve 2
cvelist 2
fedora 16
cve 2
veracode 2
ubuntu 16
mageia 3
cloudfoundry 1
securityvulns 4
debian 4
f5 1
suse 10
osv 3
ibm 1
centos 1
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2015-11-03 00:00:00
Unbreakable Enterprise kernel security update
2015-11-04 00:00:00
Unbreakable Enterprise kernel security update
2015-11-05 00:00:00
nessus
nessus
RHEL 7 : kernel (RHSA-2015:1978)
2015-11-04 00:00:00
RHEL 7 : kernel-rt (RHSA-2015:1977)
2015-11-04 00:00:00
CentOS 7 : kernel (CESA-2015:1978)
2015-11-05 00:00:00
openvas
openvas
RedHat Update for kernel RHSA-2015:1978-01
2015-11-04 00:00:00
Oracle: Security Advisory (ELSA-2015-1978)
2015-11-08 00:00:00
CentOS Update for kernel CESA-2015:1978 centos7
2015-11-05 00:00:00
redhat
redhat
(RHSA-2015:1978) Moderate: kernel security, bug fix, and enhancement update
2015-11-03 16:23:10
(RHSA-2015:1977) Moderate: kernel-rt security, bug fix, and enhancement update
2015-09-25 14:33:15
(RHSA-2015:1976) Moderate: kernel-rt security, bug fix, and enhancement update
2015-11-03 00:00:00
prion
prion
Design/Logic Flaw
2014-11-10 11:55:00
Buffer overflow
2015-10-19 10:59:00
nvd
nvd
CVE-2014-8559
2014-11-10 11:55:09
CVE-2015-5156
2015-10-19 10:59:02
debiancve
debiancve
CVE-2014-8559
2014-11-10 11:55:09
CVE-2015-5156
2015-10-19 10:59:02
ubuntucve
ubuntucve
CVE-2014-8559
2014-11-10 00:00:00
CVE-2015-5156
2015-08-06 00:00:00
cvelist
cvelist
CVE-2014-8559
2014-11-10 11:00:00
CVE-2015-5156
2015-10-19 10:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: kernel-4.1.12-101.fc21
2015-11-13 02:53:39
[SECURITY] Fedora 22 Update: kernel-4.2.3-200.fc22
2015-10-16 06:58:49
[SECURITY] Fedora 21 Update: kernel-3.17.7-300.fc21
2014-12-22 02:32:48
cve
cve
CVE-2014-8559
2014-11-10 11:55:09
CVE-2015-5156
2015-10-19 10:59:02
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:08:18
Denial Of Service (DoS)
2019-05-02 05:29:38
ubuntu
ubuntu
Linux kernel (OMAP4) vulnerabilities
2015-10-19 00:00:00
Linux kernel vulnerabilities
2015-10-19 00:00:00
Linux kernel vulnerabilities
2015-02-04 00:00:00
mageia
mageia
Updated kernel packages fix security vulnerabilities
2015-11-20 01:08:19
Updated kernel-linus packages fix security vulnerabilities
2016-01-14 04:44:39
Updated kernel-tmb packages provides 4.1 longterm kernel and fixes security issues
2016-01-14 04:44:39
cloudfoundry
cloudfoundry
USN-2778-1 Linux kernel vulnerabilities | Cloud Foundry
2015-11-03 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3364-1] linux security update
2015-10-05 00:00:00
[SECURITY] [DSA 3170-1] linux security update
2015-03-07 00:00:00
Linux kernel multiple security vulnerabilities
2015-03-15 00:00:00
debian
debian
[SECURITY] [DSA 3364-1] linux security update
2015-09-21 18:43:25
[SECURITY] [DSA 3364-1] linux security update
2015-09-21 18:43:25
[SECURITY] [DLA 310-1] linux-2.6 security update
2015-09-21 21:07:12
f5
f5
K05211147 : Kernel vulnerabilities CVE-2014-8559, CVE-2015-0275, CVE-2015-1333, CVE-2015-3212, and CVE-2015-4700
2019-04-08 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2015-01-30 11:04:56
Security update for kernel-source (important)
2015-10-13 11:09:43
Security update for the Linux Kernel (important)
2015-12-17 16:11:14
osv
osv
linux - security update
2015-09-21 00:00:00
linux-2.6 - security update
2015-09-21 00:00:00
linux - security update
2015-02-23 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in the Linux kernel affect PowerKVM
2018-06-18 01:33:24
centos
centos
kernel, perf, python security update
2016-05-16 10:16:52

6.1 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

62.0%

JSON
Related for CESA-2015:1978
oraclelinux6nessus51openvas64redhat4prion2nvd2debiancve2ubuntucve2cvelist2fedora16cve2veracode2ubuntu16mageia3cloudfoundry1securityvulns4debian4f51suse10osv3ibm1centos1