SUSE-SU-2015:1224-1

Advisory lineage Upstream: 13 Downstream: 0
Published: 31 Jul 2015, 10:31
Last modified:04 Feb 2026, 03:06

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

31 Jul 2015, 10:31
Published
Vulnerability first disclosed
04 Feb 2026, 03:06
Last Modified
Vulnerability information updated

Description

Security update for the Linux Kernel The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to fix the following bugs and security issues. The following security issues have been fixed: - Update patches.fixes/udp-fix-behavior-of-wrong-checksums.patch (bsc#936831, CVE-2015-5364, CVE-2015-5366). - Btrfs: make xattr replace operations atomic (bnc#923908, CVE-2014-9710). - udp: fix behavior of wrong checksums (bsc#936831, CVE-2015-5364, CVE-2015-5366). - vfs: read file_handle only once in handle_to_path (bsc#915517, CVE-2015-1420). - x86: bpf_jit: fix compilation of large bpf programs (bnc#935705,CVE-2015-4700). - udf: Check length of extended attributes and allocation (bsc#936831, CVE-2015-5364, CVE-2015-5366). - Update patches.fixes/udf-Check-component-length-before-reading-it.patch (bsc#933904, CVE-2014-9728, CVE-2014-9730). - Update patches.fixes/udf-Verify-i_size-when-loading-inode.patch (bsc#933904, CVE-2014-9728, CVE-2014-9729). - Update patches.fixes/udf-Verify-symlink-size-before-loading-it.patch (bsc#933904, CVE-2014-9728). - Update patches.fixes/udf-Check-path-length-when-reading-symlink.patch (bnc#933896, CVE-2014-9731). - pipe: fix iov overrun for failed atomic copy (bsc#933429, CVE-2015-1805). - ipv6: Don't reduce hop limit for an interface (bsc#922583, CVE-2015-2922). - net: llc: use correct size for sysctl timeout entries (bsc#919007, CVE-2015-2041). - ipv4: Missing sk_nulls_node_init() in ping_unhash() (bsc#929525, CVE-2015-3636). - ipv6: Don't reduce hop limit for an interface (bsc#922583, CVE-2015-2922). - net: llc: use correct size for sysctl timeout entries (bsc#919007, CVE-2015-2041). - ipv4: Missing sk_nulls_node_init() in ping_unhash() (bsc#929525, CVE-2015-3636). The following non-security issues have been fixed: - mlx4: Check for assigned VFs before disabling SR-IOV (bsc#927355). - ixgbe: Use pci_vfs_assigned instead of ixgbe_vfs_are_assigned (bsc#927355). - pci: Add SRIOV helper function to determine if VFs are assigned to guest (bsc#927355). - net/mlx4_core: Don't disable SRIOV if there are active VFs (bsc#927355). - udf: Remove repeated loads blocksize (bsc#933907). - Refresh patches.fixes/deal-with-deadlock-in-d_walk-fix.patch. based on 3.2 stable fix 20defcec264c ('dcache: Fix locking bugs in backported 'deal with deadlock in d_walk()''). Not harmfull for regular SLES kernels but RT or PREEMPT kernels would see disbalance. - sched: Fix potential near-infinite distribute_cfs_runtime() loop (bnc#930786) - tty: Correct tty buffer flush (bnc#929647). - tty: hold lock across tty buffer finding and buffer filling (bnc#929647).

Affected Systems

  • susekernel-default&distro=SUSE Linux Enterprise Server 11 SP3-TERADATA

    < 3.0.101-0.63.TDC.1

  • susekernel-source&distro=SUSE Linux Enterprise Server 11 SP3-TERADATA

    < 3.0.101-0.63.TDC.1

  • susekernel-syms&distro=SUSE Linux Enterprise Server 11 SP3-TERADATA

    < 3.0.101-0.63.TDC.1

  • susekernel-trace&distro=SUSE Linux Enterprise Server 11 SP3-TERADATA

    < 3.0.101-0.63.TDC.1

  • susekernel-xen&distro=SUSE Linux Enterprise Server 11 SP3-TERADATA

    < 3.0.101-0.63.TDC.1

References (28)