vulnerability
SUSE: CVE-2013-4312: SUSE Linux Security Advisory
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
5 | (AV:L/AC:L/Au:N/C:N/I:N/A:C) | Feb 7, 2016 | Apr 26, 2018 | Jun 21, 2018 |
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:N/I:N/A:C)
Published
Feb 7, 2016
Added
Apr 26, 2018
Modified
Jun 21, 2018
Description
The Linux kernel before 4.4.1 allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c.
Solution(s)
suse-upgrade-kernel-bigmemsuse-upgrade-kernel-bigmem-basesuse-upgrade-kernel-bigmem-develsuse-upgrade-kernel-bigsmpsuse-upgrade-kernel-bigsmp-basesuse-upgrade-kernel-bigsmp-develsuse-upgrade-kernel-defaultsuse-upgrade-kernel-default-basesuse-upgrade-kernel-default-develsuse-upgrade-kernel-default-extrasuse-upgrade-kernel-default-mansuse-upgrade-kernel-develsuse-upgrade-kernel-docssuse-upgrade-kernel-ec2suse-upgrade-kernel-ec2-basesuse-upgrade-kernel-ec2-develsuse-upgrade-kernel-macrossuse-upgrade-kernel-obs-buildsuse-upgrade-kernel-paesuse-upgrade-kernel-pae-basesuse-upgrade-kernel-pae-develsuse-upgrade-kernel-ppc64suse-upgrade-kernel-ppc64-basesuse-upgrade-kernel-ppc64-develsuse-upgrade-kernel-sourcesuse-upgrade-kernel-symssuse-upgrade-kernel-tracesuse-upgrade-kernel-trace-basesuse-upgrade-kernel-trace-develsuse-upgrade-kernel-xensuse-upgrade-kernel-xen-basesuse-upgrade-kernel-xen-devel
References
- BID-82986
- DEBIAN-DSA-3448
- DEBIAN-DSA-3503
- NVD-CVE-2013-4312
- REDHAT-RHSA-2016:0855
- REDHAT-RHSA-2016:2574
- REDHAT-RHSA-2016:2584
- SUSE-SUSE-SU-2016:2245-1
- SUSE-SUSE-SU-2016:2976-1
- SUSE-SUSE-SU-2016:3069-1
- SUSE-SUSE-SU-2017:0333-1
- UBUNTU-USN-2908-1
- UBUNTU-USN-2908-2
- UBUNTU-USN-2908-3
- UBUNTU-USN-2908-4
- UBUNTU-USN-2908-5
- UBUNTU-USN-2929-1
- UBUNTU-USN-2929-2
- UBUNTU-USN-2931-1
- UBUNTU-USN-2932-1
- UBUNTU-USN-2967-1
- UBUNTU-USN-2967-2

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.