pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
vuln-list-alt/oval/p9/ALT-PU-2016-1534/definitions.json
pepelyaevip 56bb29c44b ALT Vulnerability
2024-06-28 13:17:52 +00:00

182 lines
7.4 KiB
JSON
Raw Blame History

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20161534",
"Version": "oval:org.altlinux.errata:def:20161534",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2016-1534: package `kernel-image-std-def` update to version 4.4.11-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p9"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2016-1534",
"RefURL": "https://errata.altlinux.org/ALT-PU-2016-1534",
"Source": "ALTPU"
},
{
"RefID": "CVE-2016-4557",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-4557",
"Source": "CVE"
},
{
"RefID": "CVE-2016-4558",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-4558",
"Source": "CVE"
},
{
"RefID": "CVE-2016-4913",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-4913",
"Source": "CVE"
}
],
"Description": "This update upgrades kernel-image-std-def to version 4.4.11-alt1. \nSecurity Fix(es):\n\n * CVE-2016-4557: The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in the Linux kernel before 4.5.5 does not properly maintain an fd data structure, which allows local users to gain privileges or cause a denial of service (use-after-free) via crafted BPF instructions that reference an incorrect file descriptor.\n\n * CVE-2016-4558: The BPF subsystem in the Linux kernel before 4.5.5 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted application on (1) a system with more than 32 Gb of memory, related to the program reference count or (2) a 1 Tb system, related to the map reference count.\n\n * CVE-2016-4913: The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \\0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2016-05-23"
},
"Updated": {
"Date": "2016-05-23"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2016-4557",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "NVD-CWE-Other",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-4557",
"Impact": "High",
"Public": "20160523"
},
{
"ID": "CVE-2016-4558",
"CVSS": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "NVD-CWE-Other",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-4558",
"Impact": "High",
"Public": "20160523"
},
{
"ID": "CVE-2016-4913",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-200",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-4913",
"Impact": "High",
"Public": "20160523"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:9",
"cpe:/o:alt:workstation:9",
"cpe:/o:alt:server:9",
"cpe:/o:alt:server-v:9",
"cpe:/o:alt:education:9",
"cpe:/o:alt:slinux:9",
"cpe:/o:alt:starterkit:p9",
"cpe:/o:alt:kworkstation:9.1",
"cpe:/o:alt:workstation:9.1",
"cpe:/o:alt:server:9.1",
"cpe:/o:alt:server-v:9.1",
"cpe:/o:alt:education:9.1",
"cpe:/o:alt:slinux:9.1",
"cpe:/o:alt:starterkit:9.1",
"cpe:/o:alt:kworkstation:9.2",
"cpe:/o:alt:workstation:9.2",
"cpe:/o:alt:server:9.2",
"cpe:/o:alt:server-v:9.2",
"cpe:/o:alt:education:9.2",
"cpe:/o:alt:slinux:9.2",
"cpe:/o:alt:starterkit:9.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:1001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20161534001",
"Comment": "kernel-doc-std is earlier than 1:4.4.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20161534002",
"Comment": "kernel-headers-modules-std-def is earlier than 1:4.4.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20161534003",
"Comment": "kernel-headers-std-def is earlier than 1:4.4.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20161534004",
"Comment": "kernel-image-domU-std-def is earlier than 1:4.4.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20161534005",
"Comment": "kernel-image-std-def is earlier than 1:4.4.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20161534006",
"Comment": "kernel-modules-drm-nouveau-std-def is earlier than 1:4.4.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20161534007",
"Comment": "kernel-modules-drm-radeon-std-def is earlier than 1:4.4.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20161534008",
"Comment": "kernel-modules-drm-std-def is earlier than 1:4.4.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20161534009",
"Comment": "kernel-modules-ide-std-def is earlier than 1:4.4.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20161534010",
"Comment": "kernel-modules-kvm-std-def is earlier than 1:4.4.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20161534011",
"Comment": "kernel-modules-staging-std-def is earlier than 1:4.4.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20161534012",
"Comment": "kernel-modules-v4l-std-def is earlier than 1:4.4.11-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink