ID CVE-2008-5702 Type cve Reporter NVD Modified 2017-09-28T21:32:44
Description
Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c in the Linux kernel before 2.6.28-rc1 might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.
{"seebug": [{"lastseen": "2017-11-19T19:03:13", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "references": [], "enchantments_done": [], "description": "BUGTRAQ ID: 33003\r\nCVE(CAN) ID: CVE-2008-5702\r\n\r\nLinux Kernel\u662f\u5f00\u653e\u6e90\u7801\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\r\n\r\nLinux kernel\u7684drivers/watchdog/ib700wdt.c\u4e2d\u7684ibwdt_ioctl\u51fd\u6570\u5b58\u5728\u7f13\u51b2\u533a\u4e0b\u6ea2\u6f0f\u6d1e\uff0c\u672c\u5730\u7528\u6237\u53ef\u4ee5\u901a\u8fc7\u7279\u5b9a\u7684/dev/watchdog WDIOC_SETTIMEOUT IOCTL\u8c03\u7528\u6765\u89e6\u53d1\u8fd9\u4e2a\u6ea2\u51fa\uff0c\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u6216\u6267\u884c\u4efb\u610f\u5185\u6838\u6001\u4ee3\u7801\u3002 \r\n\r\n\u4ee5\u4e0b\u662fib700wdt.c\u6587\u4ef6\u4e2d\u6709\u6f0f\u6d1e\u7684\u4ee3\u7801\u6bb5\uff1a\r\n\r\nstatic int wd_times[] = {\r\n 30, /* 0x0 */\r\n 28, /* 0x1 */\r\n 26, /* 0x2 */\r\n 24, /* 0x3 */\r\n 22, /* 0x4 */\r\n 20, /* 0x5 */\r\n 18, /* 0x6 */\r\n 16, /* 0x7 */\r\n 14, /* 0x8 */\r\n 12, /* 0x9 */\r\n 10, /* 0xA */\r\n 8, /* 0xB */\r\n 6, /* 0xC */\r\n 4, /* 0xD */\r\n 2, /* 0xE */\r\n 0, /* 0xF */\r\n};\r\n\r\nfunction ibwdt_ioctl:\r\n.....\r\n case WDIOC_SETTIMEOUT:\r\n if (get_user(new_margin, p))\r\n return -EFAULT;\r\n if (ibwdt_set_heartbeat(new_margin))\r\n return -EINVAL;\r\n ibwdt_ping();\r\n /* Fall */\r\n\r\n case WDIOC_GETTIMEOUT:\r\n return put_user(wd_times[wd_margin], p);\r\n.....\r\n\r\nfunction ibwdt_set_heartbeat:\r\nstatic int\r\nibwdt_set_heartbeat(int t)\r\n{\r\n int i;\r\n\r\n if ((t < 0) || (t > 30))\r\n return -EINVAL;\r\n\r\n for (i = 0x0F; i > -1; i--)\r\n if (wd_times[i] > t)\r\n break;\r\n wd_margin = i;\r\n return 0;\r\n}\r\n\r\n\u5982\u679c\u4f7f\u752830\u8fd9\u4e2a\u503c\u8c03\u7528ibwdt_set_heartbeat(int t)\uff0c\u5219\u7531\u4e8et == 30\uff0cibwdt_set_heartbeat\u4e2d\u7684((t < 0) || (t > 30))\u68c0\u67e5\u5c31\u4e0d\u4f1a\u5931\u8d25\uff0c\u4f46\u5728\u5faa\u73af\u4e2d\uff0cwd_times[i] >\u68c0\u67e5\u4e0d\u4f1a\u4e3a\u771f\uff0c\u56e0\u4e3a\u6ca1\u6709wd_times\u5927\u4e8et\u7684\u503c\uff08\u4e5f\u5c31\u662f30\uff09\u3002\u9000\u51fa\u5faa\u73af\u65f6i == -1\uff0c\u56e0\u6b64\u5c06wd_margin\u8bbe\u7f6e\u4e3a-1\u3002\r\n\n\nLinux kernel 2.6.x\n \u5382\u5546\u8865\u4e01\uff1a\r\n\r\nLinux\r\n-----\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n<a href=http://kernel.org/pub/linux/kernel/v2.6/testing/linux-2.6.28-rc1.tar.bz2 target=_blank rel=external nofollow>http://kernel.org/pub/linux/kernel/v2.6/testing/linux-2.6.28-rc1.tar.bz2</a>", "reporter": "Root", "published": "2008-12-31T00:00:00", "type": "seebug", "title": "Linux Kernel ib700wdt.c\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2008-5702"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2008-12-31T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-4610", "id": "SSV:4610", "sourceData": "", "sourceHref": "", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "status": "details"}], "openvas": [{"lastseen": "2017-12-04T11:29:45", "references": ["http://www.ubuntu.com/usn/usn-715-1/"], "pluginID": "63309", "description": "The remote host is missing an update to linux\nannounced via advisory USN-715-1.\n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. If\nyou use linux-restricted-modules, you have to update that package as\nwell to get modules which work with the new kernel version. Unless you\nmanually uninstalled the standard kernel metapackages (e.g. linux-generic,\nlinux-server, linux-powerpc), a standard system upgrade will automatically\nperform this as well.", "edition": 3, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-02-02T00:00:00", "title": "Ubuntu USN-715-1 (linux)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5702", "CVE-2008-5395", "CVE-2008-5700", "CVE-2008-5182", "CVE-2008-5079", "CVE-2008-5300"], "modified": "2017-12-01T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=63309", "id": "OPENVAS:63309", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_715_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_715_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-715-1 (linux)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 8.10:\n linux-image-2.6.27-11-generic 2.6.27-11.27\n linux-image-2.6.27-11-server 2.6.27-11.27\n linux-image-2.6.27-11-virtual 2.6.27-11.27\n\nAfter a standard system upgrade you need to reboot your computer to\neffect the necessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-715-1\";\n\ntag_insight = \"Hugo Dias discovered that the ATM subsystem did not correctly manage\nsocket counts. A local attacker could exploit this to cause a system hang,\nleading to a denial of service. (CVE-2008-5079)\n\nIt was discovered that the inotify subsystem contained watch removal\nrace conditions. A local attacker could exploit this to crash the system,\nleading to a denial of service. (CVE-2008-5182)\n\nDann Frazier discovered that in certain situations sendmsg did not\ncorrectly release allocated memory. A local attacker could exploit\nthis to force the system to run out of free memory, leading to a denial\nof service. (CVE-2008-5300)\n\nHelge Deller discovered that PA-RISC stack unwinding was not handled\ncorrectly. A local attacker could exploit this to crash the system,\nleading do a denial of service. This did not affect official Ubuntu\nkernels, but was fixed in the source for anyone performing HPPA kernel\nbuilds. (CVE-2008-5395)\n\nIt was discovered that the ATA subsystem did not correctly set timeouts. A\nlocal attacker could exploit this to cause a system hang, leading to a\ndenial of service. (CVE-2008-5700)\n\nIt was discovered that the ib700 watchdog timer did not correctly check\nbuffer sizes. A local attacker could send a specially crafted ioctl\nto the device to cause a system crash, leading to a denial of service.\n(CVE-2008-5702)\";\ntag_summary = \"The remote host is missing an update to linux\nannounced via advisory USN-715-1.\n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. If\nyou use linux-restricted-modules, you have to update that package as\nwell to get modules which work with the new kernel version. Unless you\nmanually uninstalled the standard kernel metapackages (e.g. linux-generic,\nlinux-server, linux-powerpc), a standard system upgrade will automatically\nperform this as well.\";\n\n \n\n\nif(description)\n{\n script_id(63309);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-02 23:28:24 +0100 (Mon, 02 Feb 2009)\");\n script_cve_id(\"CVE-2008-5079\", \"CVE-2008-5182\", \"CVE-2008-5300\", \"CVE-2008-5395\", \"CVE-2008-5700\", \"CVE-2008-5702\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-715-1 (linux)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-715-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-doc-2.6.27\", ver:\"2.6.27-11.27\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.27-11\", ver:\"2.6.27-11.27\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-2.6.27\", ver:\"2.6.27-11.27\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.27-11-generic\", ver:\"2.6.27-11.27\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.27-11-server\", ver:\"2.6.27-11.27\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.27-11-generic\", ver:\"2.6.27-11.27\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.27-11-server\", ver:\"2.6.27-11.27\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.27-11-virtual\", ver:\"2.6.27-11.27\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.27-11.27\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:52", "references": [], "pluginID": "136141256231063245", "description": "The remote host is missing updates to kernel announced in\nadvisory CESA-2009:0014.", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-01-20T00:00:00", "title": "CentOS Security Advisory CESA-2009:0014 (kernel)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5702", "CVE-2008-5029", "CVE-2008-5025", "CVE-2008-5300", "CVE-2008-4933", "CVE-2008-3275", "CVE-2008-4934"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063245", "id": "OPENVAS:136141256231063245", "sourceData": "#CESA-2009:0014 63245 2\n# $Id: ovcesa2009_0014.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:0014 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0014\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0014\nhttps://rhn.redhat.com/errata/RHSA-2009-0014.html\";\ntag_summary = \"The remote host is missing updates to kernel announced in\nadvisory CESA-2009:0014.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63245\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-20 22:42:09 +0100 (Tue, 20 Jan 2009)\");\n script_cve_id(\"CVE-2008-3275\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2008-5702\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:0014 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:32", "references": ["http://lists.centos.org/pipermail/centos-announce/2009-January/015556.html", "2009:0014"], "pluginID": "880928", "description": "Check for the Version of kernel", "edition": 2, "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "published": "2011-08-09T00:00:00", "title": "CentOS Update for kernel CESA-2009:0014 centos4 i386", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5702", "CVE-2008-5029", "CVE-2008-5025", "CVE-2008-5300", "CVE-2008-4933", "CVE-2008-3275", "CVE-2008-4934"], "modified": "2017-07-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=880928", "id": "OPENVAS:880928", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2009:0014 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update addresses the following security issues:\n \n * the sendmsg() function in the Linux kernel did not block during UNIX\n socket garbage collection. This could, potentially, lead to a local denial\n of service. (CVE-2008-5300, Important)\n \n * when fput() was called to close a socket, the __scm_destroy() function in\n the Linux kernel could make indirect recursive calls to itself. This could,\n potentially, lead to a local denial of service. (CVE-2008-5029, Important)\n \n * a deficiency was found in the Linux kernel virtual file system (VFS)\n implementation. This could allow a local, unprivileged user to make a\n series of file creations within deleted directories, possibly causing a\n denial of service. (CVE-2008-3275, Moderate)\n \n * a buffer underflow flaw was found in the Linux kernel IB700 SBC watchdog\n timer driver. This deficiency could lead to a possible information leak. By\n default, the "/dev/watchdog" device is accessible only to the root user.\n (CVE-2008-5702, Low)\n \n * the hfs and hfsplus file systems code failed to properly handle corrupted\n data structures. This could, potentially, lead to a local denial of\n service. (CVE-2008-4933, CVE-2008-5025, Low)\n \n * a flaw was found in the hfsplus file system implementation. This could,\n potentially, lead to a local denial of service when write operations were\n performed. (CVE-2008-4934, Low)\n \n This update also fixes the following bugs:\n \n * when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems running\n Intel\u00ae CPUs, the cpuspeed daemon did not run, preventing the CPU speed from\n being changed, such as not being reduced to an idle state when not in use.\n \n * mmap() could be used to gain access to beyond the first megabyte of RAM,\n due to insufficient checks in the Linux kernel code. Checks have been added\n to prevent this.\n \n * attempting to turn keyboard LEDs on and off rapidly on keyboards with\n slow keyboard controllers, may have caused key presses to fail.\n \n * after migrating a hypervisor guest, the MAC address table was not\n updated, causing packet loss and preventing network connections to the\n guest. Now, a gratuitous ARP request is sent after migration. This\n refreshes the ARP caches, minimizing network downtime.\n \n * writing crash dumps with diskdump may have caused a kernel panic on\n Non-Uniform Memory Access (NUMA) systems with certain memory\n configurations.\n \n * on big-endian systems, such as PowerPC, the getsockopt() function\n incorrectly returned 0 depending on ... \n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"kernel on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-January/015556.html\");\n script_id(880928);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2009:0014\");\n script_cve_id(\"CVE-2008-3275\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \n \"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2008-5702\");\n script_name(\"CentOS Update for kernel CESA-2009:0014 centos4 i386\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:19", "references": [], "pluginID": "63467", "description": "The remote host is missing updates announced in\nadvisory SUSE-SA:2009:010.", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-03-02T00:00:00", "title": "SuSE Security Advisory SUSE-SA:2009:010 (kernel)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5702", "CVE-2008-5700", "CVE-2009-0028", "CVE-2009-0322", "CVE-2008-5079", "CVE-2009-0065", "CVE-2009-0269", "CVE-2009-0031", "CVE-2009-0029"], "modified": "2017-07-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=63467", "id": "OPENVAS:63467", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sa_2009_010.nasl 6668 2017-07-11 13:34:29Z cfischer $\n# Description: Auto-generated from advisory SUSE-SA:2009:010 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This update fixes several security issues and lots of bugs in the\nopenSUSE 11.1 kernel. For details, please visit the referenced\nsecurity advisories.\n\nThe Linux kernel on openSUSE 11.1 was updated to the stable version\n2.6.27.19 and is also now at the same kernel as we are planning to\nship with SUSE Linux Enterprise (Server/Desktop) 11.\n\nThis update introduces kABI changes, so all kernel module packages\nalso need to be rebuilt and reapplied. Rebuilt NVIDIA KMPs already\nare provided by NVIDIA, ATI and Madwifi KMPs will follow soon.\";\ntag_solution = \"Update your system with the packages as indicated in\nthe referenced security advisory.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:010\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SA:2009:010.\";\n\n \n\nif(description)\n{\n script_id(63467);\n script_version(\"$Revision: 6668 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:34:29 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-02 19:11:09 +0100 (Mon, 02 Mar 2009)\");\n script_cve_id(\"CVE-2008-5079\", \"CVE-2008-5700\", \"CVE-2008-5702\", \"CVE-2009-0028\", \"CVE-2009-0029\", \"CVE-2009-0031\", \"CVE-2009-0065\", \"CVE-2009-0269\", \"CVE-2009-0322\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Advisory SUSE-SA:2009:010 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-extra\", rpm:\"kernel-debug-extra~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-extra\", rpm:\"kernel-default-extra~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-extra\", rpm:\"kernel-pae-extra~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-extra\", rpm:\"kernel-trace-extra~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-extra\", rpm:\"kernel-xen-extra~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~2.6.3~3.13.5\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump\", rpm:\"kernel-kdump~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64\", rpm:\"kernel-ppc64~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64-base\", rpm:\"kernel-ppc64-base~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64-extra\", rpm:\"kernel-ppc64-extra~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ps3\", rpm:\"kernel-ps3~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:02:48", "references": ["http://lists.centos.org/pipermail/centos-announce/2009-January/015556.html", "2009:0014"], "pluginID": "1361412562310880928", "description": "Check for the Version of kernel", "edition": 4, "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "published": "2011-08-09T00:00:00", "title": "CentOS Update for kernel CESA-2009:0014 centos4 i386", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5702", "CVE-2008-5029", "CVE-2008-5025", "CVE-2008-5300", "CVE-2008-4933", "CVE-2008-3275", "CVE-2008-4934"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880928", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880928", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2009:0014 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update addresses the following security issues:\n \n * the sendmsg() function in the Linux kernel did not block during UNIX\n socket garbage collection. This could, potentially, lead to a local denial\n of service. (CVE-2008-5300, Important)\n \n * when fput() was called to close a socket, the __scm_destroy() function in\n the Linux kernel could make indirect recursive calls to itself. This could,\n potentially, lead to a local denial of service. (CVE-2008-5029, Important)\n \n * a deficiency was found in the Linux kernel virtual file system (VFS)\n implementation. This could allow a local, unprivileged user to make a\n series of file creations within deleted directories, possibly causing a\n denial of service. (CVE-2008-3275, Moderate)\n \n * a buffer underflow flaw was found in the Linux kernel IB700 SBC watchdog\n timer driver. This deficiency could lead to a possible information leak. By\n default, the "/dev/watchdog" device is accessible only to the root user.\n (CVE-2008-5702, Low)\n \n * the hfs and hfsplus file systems code failed to properly handle corrupted\n data structures. This could, potentially, lead to a local denial of\n service. (CVE-2008-4933, CVE-2008-5025, Low)\n \n * a flaw was found in the hfsplus file system implementation. This could,\n potentially, lead to a local denial of service when write operations were\n performed. (CVE-2008-4934, Low)\n \n This update also fixes the following bugs:\n \n * when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems running\n Intel\u00ae CPUs, the cpuspeed daemon did not run, preventing the CPU speed from\n being changed, such as not being reduced to an idle state when not in use.\n \n * mmap() could be used to gain access to beyond the first megabyte of RAM,\n due to insufficient checks in the Linux kernel code. Checks have been added\n to prevent this.\n \n * attempting to turn keyboard LEDs on and off rapidly on keyboards with\n slow keyboard controllers, may have caused key presses to fail.\n \n * after migrating a hypervisor guest, the MAC address table was not\n updated, causing packet loss and preventing network connections to the\n guest. Now, a gratuitous ARP request is sent after migration. This\n refreshes the ARP caches, minimizing network downtime.\n \n * writing crash dumps with diskdump may have caused a kernel panic on\n Non-Uniform Memory Access (NUMA) systems with certain memory\n configurations.\n \n * on big-endian systems, such as PowerPC, the getsockopt() function\n incorrectly returned 0 depending on ... \n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"kernel on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-January/015556.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880928\");\n script_version(\"$Revision: 9371 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:55:06 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2009:0014\");\n script_cve_id(\"CVE-2008-3275\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \n \"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2008-5702\");\n script_name(\"CentOS Update for kernel CESA-2009:0014 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:57", "references": [], "pluginID": "63245", "description": "The remote host is missing updates to kernel announced in\nadvisory CESA-2009:0014.", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-01-20T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "CentOS Security Advisory CESA-2009:0014 (kernel)", "type": "openvas", "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5702", "CVE-2008-5029", "CVE-2008-5025", "CVE-2008-5300", "CVE-2008-4933", "CVE-2008-3275", "CVE-2008-4934"], "modified": "2017-07-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=63245", "id": "OPENVAS:63245", "sourceData": "#CESA-2009:0014 63245 2\n# $Id: ovcesa2009_0014.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:0014 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0014\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0014\nhttps://rhn.redhat.com/errata/RHSA-2009-0014.html\";\ntag_summary = \"The remote host is missing updates to kernel announced in\nadvisory CESA-2009:0014.\";\n\n\n\nif(description)\n{\n script_id(63245);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-20 22:42:09 +0100 (Tue, 20 Jan 2009)\");\n script_cve_id(\"CVE-2008-3275\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2008-5702\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:0014 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:46", "references": ["http://www.redhat.com/security/updates/classification/#important", "http://rhn.redhat.com/errata/RHSA-2009-0014.html"], "pluginID": "136141256231063191", "description": "The remote host is missing updates to the kernel announced in\nadvisory RHSA-2009:0014. For details, please visit the referenced\nsecurity advisories.\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated\npackages, which contain backported patches to resolve these issues.", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-01-20T00:00:00", "title": "RedHat Security Advisory RHSA-2009:0014", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5702", "CVE-2008-5029", "CVE-2008-5025", "CVE-2008-5300", "CVE-2008-4933", "CVE-2008-3275", "CVE-2008-4934"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063191", "id": "OPENVAS:136141256231063191", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0014.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0014 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to the kernel announced in\nadvisory RHSA-2009:0014. For details, please visit the referenced\nsecurity advisories.\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated\npackages, which contain backported patches to resolve these issues.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63191\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-20 22:42:09 +0100 (Tue, 20 Jan 2009)\");\n script_cve_id(\"CVE-2008-3275\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2008-5702\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:0014\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0014.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~78.0.13.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.9~78.0.13.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~78.0.13.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~78.0.13.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~78.0.13.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~78.0.13.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~78.0.13.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~78.0.13.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~78.0.13.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~78.0.13.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~78.0.13.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~78.0.13.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:35", "references": [], "pluginID": "136141256231063467", "description": "The remote host is missing updates announced in\nadvisory SUSE-SA:2009:010.", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-03-02T00:00:00", "title": "SuSE Security Advisory SUSE-SA:2009:010 (kernel)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5702", "CVE-2008-5700", "CVE-2009-0028", "CVE-2009-0322", "CVE-2008-5079", "CVE-2009-0065", "CVE-2009-0269", "CVE-2009-0031", "CVE-2009-0029"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063467", "id": "OPENVAS:136141256231063467", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sa_2009_010.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory SUSE-SA:2009:010 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This update fixes several security issues and lots of bugs in the\nopenSUSE 11.1 kernel. For details, please visit the referenced\nsecurity advisories.\n\nThe Linux kernel on openSUSE 11.1 was updated to the stable version\n2.6.27.19 and is also now at the same kernel as we are planning to\nship with SUSE Linux Enterprise (Server/Desktop) 11.\n\nThis update introduces kABI changes, so all kernel module packages\nalso need to be rebuilt and reapplied. Rebuilt NVIDIA KMPs already\nare provided by NVIDIA, ATI and Madwifi KMPs will follow soon.\";\ntag_solution = \"Update your system with the packages as indicated in\nthe referenced security advisory.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:010\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SA:2009:010.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63467\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-02 19:11:09 +0100 (Mon, 02 Mar 2009)\");\n script_cve_id(\"CVE-2008-5079\", \"CVE-2008-5700\", \"CVE-2008-5702\", \"CVE-2009-0028\", \"CVE-2009-0029\", \"CVE-2009-0031\", \"CVE-2009-0065\", \"CVE-2009-0269\", \"CVE-2009-0322\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Advisory SUSE-SA:2009:010 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-extra\", rpm:\"kernel-debug-extra~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-extra\", rpm:\"kernel-default-extra~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-extra\", rpm:\"kernel-pae-extra~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-extra\", rpm:\"kernel-trace-extra~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-extra\", rpm:\"kernel-xen-extra~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~2.6.3~3.13.5\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump\", rpm:\"kernel-kdump~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64\", rpm:\"kernel-ppc64~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64-base\", rpm:\"kernel-ppc64-base~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64-extra\", rpm:\"kernel-ppc64-extra~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ps3\", rpm:\"kernel-ps3~2.6.27.19~3.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:10", "references": ["http://www.redhat.com/security/updates/classification/#important", "http://rhn.redhat.com/errata/RHSA-2009-0014.html"], "pluginID": "63191", "description": "The remote host is missing updates to the kernel announced in\nadvisory RHSA-2009:0014. For details, please visit the referenced\nsecurity advisories.\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated\npackages, which contain backported patches to resolve these issues.", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-01-20T00:00:00", "title": "RedHat Security Advisory RHSA-2009:0014", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5702", "CVE-2008-5029", "CVE-2008-5025", "CVE-2008-5300", "CVE-2008-4933", "CVE-2008-3275", "CVE-2008-4934"], "modified": "2017-07-12T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=63191", "id": "OPENVAS:63191", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0014.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0014 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to the kernel announced in\nadvisory RHSA-2009:0014. For details, please visit the referenced\nsecurity advisories.\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated\npackages, which contain backported patches to resolve these issues.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(63191);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-20 22:42:09 +0100 (Tue, 20 Jan 2009)\");\n script_cve_id(\"CVE-2008-3275\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2008-5702\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:0014\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0014.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~78.0.13.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.9~78.0.13.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~78.0.13.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~78.0.13.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~78.0.13.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~78.0.13.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~78.0.13.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~78.0.13.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~78.0.13.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~78.0.13.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~78.0.13.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~78.0.13.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:56:21", "references": [], "pluginID": "63224", "description": "The remote host is missing updates to the kernel announced in\nadvisory SUSE-SA:2009:003.", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-01-20T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "SuSE Security Advisory SUSE-SA:2009:003 (kernel-debug)", "type": "openvas", "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5702", "CVE-2008-4554", "CVE-2008-5700", "CVE-2008-5029", "CVE-2008-3831", "CVE-2008-5182", "CVE-2008-5079", "CVE-2008-5025", "CVE-2008-5300", "CVE-2008-4933"], "modified": "2017-07-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=63224", "id": "OPENVAS:63224", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sa_2009_003.nasl 6668 2017-07-11 13:34:29Z cfischer $\n# Description: Auto-generated from advisory SUSE-SA:2009:003 (kernel-debug)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This update fixes various security issues and several bugs in the\nopenSUSE 11.0 kernel.\n\nThe kernel was also updated to the stable version 2.6.25.20,\nincluding its bugfixes.\n\nFor details on the security issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update your system with the packages as indicated in\nthe referenced security advisory.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:003\";\ntag_summary = \"The remote host is missing updates to the kernel announced in\nadvisory SUSE-SA:2009:003.\";\n\n \n\nif(description)\n{\n script_id(63224);\n script_version(\"$Revision: 6668 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:34:29 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-20 22:42:09 +0100 (Tue, 20 Jan 2009)\");\n script_cve_id(\"CVE-2008-3831\", \"CVE-2008-4554\", \"CVE-2008-4933\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5079\", \"CVE-2008-5182\", \"CVE-2008-5300\", \"CVE-2008-5700\", \"CVE-2008-5702\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"SuSE Security Advisory SUSE-SA:2009:003 (kernel-debug)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.25.20~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.25.20~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.25.20~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt\", rpm:\"kernel-rt~2.6.25.20~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt_debug\", rpm:\"kernel-rt_debug~2.6.25.20~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.25.20~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.25.20~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.25.20~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.25.20~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~2.6.25.20~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump\", rpm:\"kernel-kdump~2.6.25.20~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64\", rpm:\"kernel-ppc64~2.6.25.20~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ps3\", rpm:\"kernel-ps3~2.6.25.20~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:31", "references": [], "description": "Multiple DoS conditions.", "edition": 1, "reporter": "BUGTRAQ", "published": "2009-01-31T00:00:00", "title": "Linux kernel multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:31", "vector": "NONE", "value": 10.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "kernel", "version": "2.6", "operator": "eq"}], "cvelist": ["CVE-2008-5702", "CVE-2008-5395", "CVE-2008-5700", "CVE-2008-5182", "CVE-2008-5079", "CVE-2008-5300"], "modified": "2009-01-31T00:00:00", "id": "SECURITYVULNS:VULN:9633", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9633", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:30", "references": [], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ----------------------------------------------------------------------\r\nDebian Security Advisory DSA-1787-1 security@debian.org\r\nhttp://www.debian.org/security/ Dann Frazier\r\nMay 2, 2009 http://www.debian.org/security/faq\r\n- ----------------------------------------------------------------------\r\n\r\nPackage : linux-2.6.24\r\nVulnerability : denial of service/privilege escalation/information leak\r\nProblem type : local/remote\r\nDebian-specific: no\r\nCVE Id(s) : CVE-2008-4307 CVE-2008-5079 CVE-2008-5395 CVE-2008-5700\r\n CVE-2008-5701 CVE-2008-5702 CVE-2009-0028 CVE-2009-0029\r\n CVE-2009-0031 CVE-2009-0065 CVE-2009-0269 CVE-2009-0322\r\n CVE-2009-0675 CVE-2009-0676 CVE-2009-0745 CVE-2009-0834\r\n CVE-2009-0859 CVE-2009-1046 CVE-2009-1192 CVE-2009-1242\r\n CVE-2009-1265 CVE-2009-1337 CVE-2009-1338 CVE-2009-1439\r\n\r\nSeveral vulnerabilities have been discovered in the Linux kernel that\r\nmay lead to a denial of service or privilege escalation. The Common\r\nVulnerabilities and Exposures project identifies the following\r\nproblems:\r\n\r\nCVE-2008-4307\r\n\r\n Bryn M. Reeves reported a denial of service in the NFS filesystem.\r\n Local users can trigger a kernel BUG() due to a race condition in\r\n the do_setlk function.\r\n\r\nCVE-2008-5079\r\n\r\n Hugo Dias reported a DoS condition in the ATM subsystem that can\r\n be triggered by a local user by calling the svc_listen function\r\n twice on the same socket and reading /proc/net/atm/*vc.\r\n\r\nCVE-2008-5395\r\n\r\n Helge Deller discovered a denial of service condition that allows\r\n local users on PA-RISC systems to crash a system by attempting to\r\n unwind a stack contiaining userspace addresses.\r\n\r\nCVE-2008-5700\r\n\r\n Alan Cox discovered a lack of minimum timeouts on SG_IO requests,\r\n which allows local users of systems using ATA to cause a denial of\r\n service by forcing drives into PIO mode.\r\n \r\nCVE-2008-5701\r\n\r\n Vlad Malov reported an issue on 64-bit MIPS systems where a local\r\n user could cause a system crash by crafing a malicious binary\r\n which makes o32 syscalls with a number less than 4000.\r\n\r\nCVE-2008-5702\r\n\r\n Zvonimir Rakamaric reported an off-by-one error in the ib700wdt\r\n watchdog driver which allows local users to cause a buffer\r\n underflow by making a specially crafted WDIOC_SETTIMEOUT ioctl\r\n call.\r\n\r\nCVE-2009-0028\r\n\r\n Chris Evans discovered a situation in which a child process can\r\n send an arbitrary signal to its parent.\r\n\r\nCVE-2009-0029\r\n\r\n Christian Borntraeger discovered an issue effecting the alpha,\r\n mips, powerpc, s390 and sparc64 architectures that allows local\r\n users to cause a denial of service or potentially gain elevated\r\n privileges.\r\n\r\nCVE-2009-0031\r\n\r\n Vegard Nossum discovered a memory leak in the keyctl subsystem\r\n that allows local users to cause a denial of service by consuming\r\n all of kernel memory.\r\n\r\nCVE-2009-0065\r\n\r\n Wei Yongjun discovered a memory overflow in the SCTP\r\n implementation that can be triggered by remote users, permitting\r\n remote code execution.\r\n \r\nCVE-2009-0269\r\n\r\n Duane Griffin provided a fix for an issue in the eCryptfs\r\n subsystem which allows local users to cause a denial of service\r\n (fault or memory corruption).\r\n\r\nCVE-2009-0322\r\n\r\n Pavel Roskin provided a fix for an issue in the dell_rbu driver\r\n that allows a local user to cause a denial of service (oops) by\r\n reading 0 byts from a sysfs entry.\r\n\r\nCVE-2009-0675\r\n\r\n Roel Kluin discovered inverted logic in the skfddi driver that\r\n permits local, unprivileged users to reset the driver statistics.\r\n\r\nCVE-2009-0676\r\n\r\n Clement LECIGNE discovered a bug in the sock_getsockopt function\r\n that may result in leaking sensitive kernel memory.\r\n\r\nCVE-2009-0745\r\n\r\n Peter Kerwien discovered an issue in the ext4 filesystem that\r\n allows local users to cause a denial of service (kernel oops)\r\n during a resize operation.\r\n\r\nCVE-2009-0834\r\n\r\n Roland McGrath discovered an issue on amd64 kernels that allows\r\n local users to circumvent system call audit configurations which\r\n filter based on the syscall numbers or argument details.\r\n\r\nCVE-2009-0859\r\n\r\n Jiri Olsa discovered that a local user can cause a denial of\r\n service (system hang) using a SHM_INFO shmctl call on kernels\r\n compiled with CONFIG_SHMEM disabled. This issue does not affect\r\n prebuilt Debian kernels.\r\n\r\nCVE-2009-1046\r\n\r\n Mikulas Patocka reported an issue in the console subsystem that\r\n allows a local user to cause memory corruption by selecting a\r\n small number of 3-byte UTF-8 characters.\r\n\r\nCVE-2009-1192\r\n\r\n Shaohua Li reported an issue in the AGP subsystem they may allow\r\n local users to read sensitive kernel memory due to a leak of\r\n uninitialized memory.\r\n\r\nCVE-2009-1242\r\n\r\n Benjamin Gilbert reported a local denial of service vulnerability\r\n in the KVM VMX implementation that allows local users to trigger\r\n an oops.\r\n\r\nCVE-2009-1265\r\n\r\n Thomas Pollet reported an overflow in the af_rose implementation\r\n that allows remote attackers to retrieve uninitialized kernel\r\n memory that may contain sensitive data.\r\n\r\nCVE-2009-1337\r\n\r\n Oleg Nesterov discovered an issue in the exit_notify function that\r\n allows local users to send an arbitrary signal to a process by\r\n running a program that modifies the exit_signal field and then\r\n uses an exec system call to launch a setuid application.\r\n\r\nCVE-2009-1338\r\n\r\n Daniel Hokka Zakrisson discovered that a kill(-1) is permitted to\r\n reach processes outside of the current process namespace.\r\n \r\nCVE-2009-1439\r\n\r\n Pavan Naregundi reported an issue in the CIFS filesystem code that\r\n allows remote users to overwrite memory via a long\r\n nativeFileSystem field in a Tree Connect response during mount.\r\n\r\nFor the stable distribution (etch), these problems have been fixed in\r\nversion 2.6.24-6~etchnhalf.8etch1.\r\n\r\nWe recommend that you upgrade your linux-2.6.24 packages.\r\n\r\nNote: Debian 'etch' includes linux kernel packages based upon both the\r\n2.6.18 and 2.6.24 linux releases. All known security issues are\r\ncarefully tracked against both packages and both packages will receive\r\nsecurity updates until security support for Debian 'etch'\r\nconcludes. However, given the high frequency at which low-severity\r\nsecurity issues are discovered in the kernel and the resource\r\nrequirements of doing an update, lower severity 2.6.18 and 2.6.24\r\nupdates will typically release in a staggered or "leap-frog" fashion.\r\n\r\nUpgrade instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\nDebian GNU/Linux 4.0 alias etch\r\n- -------------------------------\r\n\r\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.8etch1.diff.gz\r\n Size/MD5 checksum: 4033829 ff5f9342fbd061dcab316080057bf9ac\r\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.8etch1.dsc\r\n Size/MD5 checksum: 5117 c71acfa6a187429a702d368e5974d082\r\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24.orig.tar.gz\r\n Size/MD5 checksum: 59630522 6b8751d1eb8e71498ba74bbd346343af\r\n\r\nArchitecture independent packages:\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-tree-2.6.24_2.6.24-6~etchnhalf.8etch1_all.deb\r\n Size/MD5 checksum: 82422 f39c24b3acf13eee80ab07421e120bc7\r\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-doc-2.6.24_2.6.24-6~etchnhalf.8etch1_all.deb\r\n Size/MD5 checksum: 4260850 8b0891fa602714572b2ea8be13d4b2eb\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-support-2.6.24-etchnhalf.1_2.6.24-6~etchnhalf.8etch1_all.deb\r\n Size/MD5 checksum: 96802 317936645be453126afab54705999059\r\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-manual-2.6.24_2.6.24-6~etchnhalf.8etch1_all.deb\r\n Size/MD5 checksum: 1542086 460bc638a040b2674f4da6e30fc975f1\r\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-source-2.6.24_2.6.24-6~etchnhalf.8etch1_all.deb\r\n Size/MD5 checksum: 46865722 b3afc19906294f1990ab97e6c8943285\r\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-patch-debian-2.6.24_2.6.24-6~etchnhalf.8etch1_all.deb\r\n Size/MD5 checksum: 917482 dc533207197184a44dcc931372534b0b\r\n\r\nalpha architecture (DEC Alpha)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-alpha_2.6.24-6~etchnhalf.8etch1_alpha.deb\r\n Size/MD5 checksum: 82038 12269f5ccc3251bed6544c82ace6bab8\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-legacy_2.6.24-6~etchnhalf.8etch1_alpha.deb\r\n Size/MD5 checksum: 26736698 8714134f74ad24d4a761d9e1b18c84dc\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-smp_2.6.24-6~etchnhalf.8etch1_alpha.deb\r\n Size/MD5 checksum: 332080 2632341b6c0d98b6798103d4e03a4980\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-generic_2.6.24-6~etchnhalf.8etch1_alpha.deb\r\n Size/MD5 checksum: 26757530 c00a3280cf8bc9d18e52c64202af9e34\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-smp_2.6.24-6~etchnhalf.8etch1_alpha.deb\r\n Size/MD5 checksum: 27341904 ee355aab70b9061c511e7152929c150a\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-generic_2.6.24-6~etchnhalf.8etch1_alpha.deb\r\n Size/MD5 checksum: 331054 7d30fb320e409180de47bdf7be8430c2\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_alpha.deb\r\n Size/MD5 checksum: 3454072 01417e58c71bb9515a4011c390be0580\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_alpha.deb\r\n Size/MD5 checksum: 82010 cff77bfb7491d357acc7d9d50dc0217e\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-legacy_2.6.24-6~etchnhalf.8etch1_alpha.deb\r\n Size/MD5 checksum: 330926 1b2c38a3628e25cc62b7e555800d48e5\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8etch1_amd64.deb\r\n Size/MD5 checksum: 19480638 9f9f06adb37a611ed3f24000859beb03\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_amd64.deb\r\n Size/MD5 checksum: 3654580 aac989a8eee05d7adaf9731dfdda062f\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8etch1_amd64.deb\r\n Size/MD5 checksum: 344960 4a6f4ac493086ec243734b3b6968a2bd\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-amd64_2.6.24-6~etchnhalf.8etch1_amd64.deb\r\n Size/MD5 checksum: 82010 f7713fceebf11933dd20c7db1c636df0\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_amd64.deb\r\n Size/MD5 checksum: 81998 7f2d31a9d80ae34c397d90912dbbb46f\r\n\r\narm architecture (ARM)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-ixp4xx_2.6.24-6~etchnhalf.8etch1_arm.deb\r\n Size/MD5 checksum: 308926 05539199c8e837c4fccc75172a9c82be\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_arm.deb\r\n Size/MD5 checksum: 82136 39e67aa9c8617379a54c9f36d0d72572\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_arm.deb\r\n Size/MD5 checksum: 3939598 804e621a444954f2045f27a9282ae77a\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-iop32x_2.6.24-6~etchnhalf.8etch1_arm.deb\r\n Size/MD5 checksum: 306808 3086d994c254c2481c6610729c6ee182\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-footbridge_2.6.24-6~etchnhalf.8etch1_arm.deb\r\n Size/MD5 checksum: 296510 23d73ccad75398f169ad602db513b908\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-footbridge_2.6.24-6~etchnhalf.8etch1_arm.deb\r\n Size/MD5 checksum: 9351566 c0326566806f5c7ed8de2342f4de857a\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-ixp4xx_2.6.24-6~etchnhalf.8etch1_arm.deb\r\n Size/MD5 checksum: 10775966 6661bd851503d953c4ca43b6f8e85deb\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-iop32x_2.6.24-6~etchnhalf.8etch1_arm.deb\r\n Size/MD5 checksum: 10768304 daca396e0f5decdfe92a7724069daa50\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-arm_2.6.24-6~etchnhalf.8etch1_arm.deb\r\n Size/MD5 checksum: 82166 8bb034ce3157aeefe7c3c692ebe14df4\r\n\r\nhppa architecture (HP PA RISC)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc64-smp_2.6.24-6~etchnhalf.8etch1_hppa.deb\r\n Size/MD5 checksum: 261644 7c1852bbe840ac3d90c12d452e2681cf\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_hppa.deb\r\n Size/MD5 checksum: 82016 293d2bba2cb8563e700377ada35f2ba2\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc-smp_2.6.24-6~etchnhalf.8etch1_hppa.deb\r\n Size/MD5 checksum: 259304 f3db74269efbac5501598e35a462bf20\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-hppa_2.6.24-6~etchnhalf.8etch1_hppa.deb\r\n Size/MD5 checksum: 82038 bdae604446c924296cd1aac5b9be7e95\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc_2.6.24-6~etchnhalf.8etch1_hppa.deb\r\n Size/MD5 checksum: 13332816 5d9819ffa069392df46ad94e193cbdf1\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc_2.6.24-6~etchnhalf.8etch1_hppa.deb\r\n Size/MD5 checksum: 258452 c1a9dde9f1c92b4563126d1937d4eec2\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc64_2.6.24-6~etchnhalf.8etch1_hppa.deb\r\n Size/MD5 checksum: 14385162 6cbd8dc0702e5cb15237d246883dd2c0\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc64_2.6.24-6~etchnhalf.8etch1_hppa.deb\r\n Size/MD5 checksum: 258378 4a864d5f74cd4f1e05362aa00e94236a\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc64-smp_2.6.24-6~etchnhalf.8etch1_hppa.deb\r\n Size/MD5 checksum: 14847618 ab5989ffb84c1780ba7a8d06ac501f67\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_hppa.deb\r\n Size/MD5 checksum: 3439250 22ebf43e46ee15c1240d6881c2554248\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc-smp_2.6.24-6~etchnhalf.8etch1_hppa.deb\r\n Size/MD5 checksum: 13845394 731ba27a151e94071c8f64ceb0da9e92\r\n\r\ni386 architecture (Intel ia32)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-686_2.6.24-6~etchnhalf.8etch1_i386.deb\r\n Size/MD5 checksum: 360908 aef486d9faf9aca0e61ea01e16d0cbc8\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-486_2.6.24-6~etchnhalf.8etch1_i386.deb\r\n Size/MD5 checksum: 19348860 15a2e2dc1fa2b3b423d3010272f7f3f6\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_i386.deb\r\n Size/MD5 checksum: 82124 ee99a97dc91f3c2e205bce0b901904c0\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-686-bigmem_2.6.24-6~etchnhalf.8etch1_i386.deb\r\n Size/MD5 checksum: 359834 d80f275632e07acaaa02679eee976bb6\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-i386_2.6.24-6~etchnhalf.8etch1_i386.deb\r\n Size/MD5 checksum: 82160 07df09b3f1af03cd0f20d2b0cf2b679a\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8etch1_i386.deb\r\n Size/MD5 checksum: 347518 a3530c65c732ef54f207a3551c85ec9f\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-686-bigmem_2.6.24-6~etchnhalf.8etch1_i386.deb\r\n Size/MD5 checksum: 19344944 28d8879c242e0698ee8524d006970445\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-486_2.6.24-6~etchnhalf.8etch1_i386.deb\r\n Size/MD5 checksum: 361402 3bad41e46bd717ebe8d15e0473f130eb\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8etch1_i386.deb\r\n Size/MD5 checksum: 19589084 a8319258d3194cd59fa263a1b66a5626\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-686_2.6.24-6~etchnhalf.8etch1_i386.deb\r\n Size/MD5 checksum: 19278254 608362b1503eb3ec838bd01152d7aa93\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_i386.deb\r\n Size/MD5 checksum: 3647296 a6ce4748c3fefd49a40ebbfed1e004f9\r\n\r\nia64 architecture (Intel ia64)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-mckinley_2.6.24-6~etchnhalf.8etch1_ia64.deb\r\n Size/MD5 checksum: 318210 76ad07637a2fac8a32d827c23f893ffa\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-itanium_2.6.24-6~etchnhalf.8etch1_ia64.deb\r\n Size/MD5 checksum: 32025152 eb4eec0df149a61e18ae22ef8c50eb43\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-itanium_2.6.24-6~etchnhalf.8etch1_ia64.deb\r\n Size/MD5 checksum: 318482 a155708aa4e74d90e54a4f107221c995\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_ia64.deb\r\n Size/MD5 checksum: 3567324 0e1d20a7ecbf444ad6aba30cc169963d\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_ia64.deb\r\n Size/MD5 checksum: 82000 f66623c2c53891b0d92055fb032d0592\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-mckinley_2.6.24-6~etchnhalf.8etch1_ia64.deb\r\n Size/MD5 checksum: 32206190 62738a79d48dffcad324124d2b73f3d4\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-ia64_2.6.24-6~etchnhalf.8etch1_ia64.deb\r\n Size/MD5 checksum: 82028 6aa864922de84ad84cfff13eb9ce71ee\r\n\r\nmips architecture (MIPS (Big Endian))\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 308452 f5d33880c20e98b12a9ad5ef53743910\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-r4k-ip22_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 214502 a39b0ecffd3a215979f8e5bcdcd78bfe\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 17166576 38a62721888bbb2f0fc4d7fbdba70c9e\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-mips_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 82062 3aa3ea6a854d046759d5824257e47bf3\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 17151594 603b866be5168c042bbef832eb253c9d\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-r4k-ip22_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 10522386 725913ed966df3029d3f72332af590fd\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-r5k-ip32_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 225228 e8ad107d20c67c798cdb093ae150592c\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 246218 69eee0d55e37c414da07e70b90c190a9\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-r5k-ip32_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 11957416 9d75b25a0668735d4bfb1fac77788723\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 27772372 307325283c10af9dd6dc8cb4f0de39a7\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 246310 815dfe8f02f354f03f0d63f8605bedd9\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 22150880 d183f2a93f59d18034573fd7febf5e22\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 3803446 4448552a0dd930e3d51a800c1d6deb50\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 82008 871aace093a3411d3d01dfcc19e57a7a\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 309908 ebc141db56c3f149eaf265af89054e03\r\n\r\nmipsel architecture (MIPS (Little Endian))\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_mipsel.deb\r\n Size/MD5 checksum: 3803432 926f0974edf97ded8ef4bd4f99847b35\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-r5k-cobalt_2.6.24-6~etchnhalf.8etch1_mipsel.deb\r\n Size/MD5 checksum: 245716 9a62f6221f1b1e36c8b397e5afcb966a\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-mipsel_2.6.24-6~etchnhalf.8etch1_mipsel.deb\r\n Size/MD5 checksum: 82060 401c4c5fb02f54a0deacef21bf630b0e\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8etch1_mipsel.deb\r\n Size/MD5 checksum: 26982892 39032aaca4b2a6cecc7091022a42e2b7\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8etch1_mipsel.deb\r\n Size/MD5 checksum: 16629962 874a967e72aa10398626267cb2d5ba54\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8etch1_mipsel.deb\r\n Size/MD5 checksum: 21732318 7819062b50720a60a098d086978298ea\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_mipsel.deb\r\n Size/MD5 checksum: 82012 06886337047db3ad1df77cc919c4cff6\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8etch1_mipsel.deb\r\n Size/MD5 checksum: 246190 ec4b8f66e8a0065d694f990745049e7e\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8etch1_mipsel.deb\r\n Size/MD5 checksum: 16566324 d778d8f7f199e49cb087fafaef7eb551\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-r5k-cobalt_2.6.24-6~etchnhalf.8etch1_mipsel.deb\r\n Size/MD5 checksum: 13316760 aadc4a462ca185163c902551556c92f6\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8etch1_mipsel.deb\r\n Size/MD5 checksum: 309226 44e7866afb834db0bf71a9d034d729ba\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8etch1_mipsel.deb\r\n Size/MD5 checksum: 308360 e53f7681e10aa6b07d1ea3e3b58622da\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8etch1_mipsel.deb\r\n Size/MD5 checksum: 245984 a572ee84ea19bb4bb908e6c20a56ca37\r\n\r\npowerpc architecture (PowerPC)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc_2.6.24-6~etchnhalf.8etch1_powerpc.deb\r\n Size/MD5 checksum: 19194974 99103ae37f6001139ea44dd31f84183f\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc-smp_2.6.24-6~etchnhalf.8etch1_powerpc.deb\r\n Size/MD5 checksum: 320916 0ba37f3d80f38b92b9097ea7e90fb3e7\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc_2.6.24-6~etchnhalf.8etch1_powerpc.deb\r\n Size/MD5 checksum: 320840 0ab836295bc998d5b54f9d54bb2bd23c\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc-smp_2.6.24-6~etchnhalf.8etch1_powerpc.deb\r\n Size/MD5 checksum: 19485870 bbee80ba2e47827a9f8ac2360ccf9e68\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_powerpc.deb\r\n Size/MD5 checksum: 3672412 4ff49fe861ab4f49eec95d425114c349\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_powerpc.deb\r\n Size/MD5 checksum: 82012 03d29f46bdcab8bab20d237a294fc242\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc-miboot_2.6.24-6~etchnhalf.8etch1_powerpc.deb\r\n Size/MD5 checksum: 295058 7718f3ba536f4af7252961bbbbab24be\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc64_2.6.24-6~etchnhalf.8etch1_powerpc.deb\r\n Size/MD5 checksum: 21169748 db5e60f6e3ba1fcd12a793fd30f75c14\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc-miboot_2.6.24-6~etchnhalf.8etch1_powerpc.deb\r\n Size/MD5 checksum: 17459470 60369530c57a669b6c9bcd441f757417\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc64_2.6.24-6~etchnhalf.8etch1_powerpc.deb\r\n Size/MD5 checksum: 322436 779ccace55f22bdcf1ccd9212033b58d\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-powerpc_2.6.24-6~etchnhalf.8etch1_powerpc.deb\r\n Size/MD5 checksum: 82046 39a3cbedcbc4e13f997b7641394e3ad0\r\n\r\ns390 architecture (IBM S/390)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-s390-tape_2.6.24-6~etchnhalf.8etch1_s390.deb\r\n Size/MD5 checksum: 1501738 7bf06e1f51092c18b512045444fba8e9\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-s390_2.6.24-6~etchnhalf.8etch1_s390.deb\r\n Size/MD5 checksum: 193848 6713da5dfd8696c27718075e6cb3fa03\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-s390_2.6.24-6~etchnhalf.8etch1_s390.deb\r\n Size/MD5 checksum: 82016 1668a7a797859f5d9e0a7af2ba1781b4\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-s390_2.6.24-6~etchnhalf.8etch1_s390.deb\r\n Size/MD5 checksum: 6950110 9f8a8d765c71aaee7e94402626f413a1\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_s390.deb\r\n Size/MD5 checksum: 82002 0f37b246336adf27ce4d37776257ff95\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-s390x_2.6.24-6~etchnhalf.8etch1_s390.deb\r\n Size/MD5 checksum: 7200396 de8ace94802f259aef088e9384a4ca6b\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-s390x_2.6.24-6~etchnhalf.8etch1_s390.deb\r\n Size/MD5 checksum: 194084 ea695f010b1916d50f1bdad2e85dd1f0\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_s390.deb\r\n Size/MD5 checksum: 3429706 8a40f944fa6b7c64353d76154bded277\r\n\r\nsparc architecture (Sun SPARC/UltraSPARC)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-sparc_2.6.24-6~etchnhalf.8etch1_sparc.deb\r\n Size/MD5 checksum: 82152 88b0f93df760ac992f30c1927d0144f7\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_sparc.deb\r\n Size/MD5 checksum: 3652306 42dda4de967328363df86bee8ba0c53b\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sparc64_2.6.24-6~etchnhalf.8etch1_sparc.deb\r\n Size/MD5 checksum: 13022916 93538efd19eae1488128df8a3a73b957\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sparc64_2.6.24-6~etchnhalf.8etch1_sparc.deb\r\n Size/MD5 checksum: 263066 c796e2fd4e51ff6a66d9eec594c81386\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sparc64-smp_2.6.24-6~etchnhalf.8etch1_sparc.deb\r\n Size/MD5 checksum: 13317632 e50f9515e67c38d66c58f317bf2c9292\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sparc64-smp_2.6.24-6~etchnhalf.8etch1_sparc.deb\r\n Size/MD5 checksum: 264930 a1d0ba75ee8eded18b4d97327ebd0291\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_sparc.deb\r\n Size/MD5 checksum: 82128 6c1ebe596b196e25cb0307f78ab1f358\r\n\r\n\r\n These changes will probably be included in the oldstable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\n\r\niD8DBQFJ/JE8huANDBmkLRkRAlzXAJwJvkPuUoKwLYQPFVnF7t2DRIkzjQCgg8zC\r\nw+zXZAH5HPrUZ78bMIHk8Sw=\r\n=KhiR\r\n-----END PGP SIGNATURE-----", "edition": 1, "reporter": "Securityvulns", "published": "2009-05-04T00:00:00", "title": "[SECURITY] [DSA 1787-1] New Linux 2.6.24 packages fix several vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:30", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2008-5702", "CVE-2009-1046", "CVE-2008-5395", "CVE-2008-5700", "CVE-2009-0859", "CVE-2009-0675", "CVE-2008-4307", "CVE-2009-0028", "CVE-2009-1242", "CVE-2009-0322", "CVE-2009-0676", "CVE-2009-1192", "CVE-2008-5079", "CVE-2009-0065", "CVE-2009-0745", "CVE-2009-1338", "CVE-2009-1337", "CVE-2009-0269", "CVE-2009-0834", "CVE-2009-1265", "CVE-2009-0031", "CVE-2009-1439", "CVE-2009-0029", "CVE-2008-5701"], "modified": "2009-05-04T00:00:00", "id": "SECURITYVULNS:DOC:21767", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21767", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2018-09-01T23:43:07", "references": [], "pluginID": "36279", "description": "Hugo Dias discovered that the ATM subsystem did not correctly manage socket counts. A local attacker could exploit this to cause a system hang, leading to a denial of service. (CVE-2008-5079)\n\nIt was discovered that the inotify subsystem contained watch removal race conditions. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-5182)\n\nDann Frazier discovered that in certain situations sendmsg did not correctly release allocated memory. A local attacker could exploit this to force the system to run out of free memory, leading to a denial of service. (CVE-2008-5300)\n\nHelge Deller discovered that PA-RISC stack unwinding was not handled correctly. A local attacker could exploit this to crash the system, leading do a denial of service. This did not affect official Ubuntu kernels, but was fixed in the source for anyone performing HPPA kernel builds. (CVE-2008-5395)\n\nIt was discovered that the ATA subsystem did not correctly set timeouts. A local attacker could exploit this to cause a system hang, leading to a denial of service. (CVE-2008-5700)\n\nIt was discovered that the ib700 watchdog timer did not correctly check buffer sizes. A local attacker could send a specially crafted ioctl to the device to cause a system crash, leading to a denial of service. (CVE-2008-5702).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 6, "reporter": "Tenable", "published": "2009-04-23T00:00:00", "title": "Ubuntu 8.10 : linux vulnerabilities (USN-715-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5702", "CVE-2008-5395", "CVE-2008-5700", "CVE-2008-5182", "CVE-2008-5079", "CVE-2008-5300"], "modified": "2016-12-01T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.27", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.27", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic", "cpe:/o:canonical:ubuntu_linux:8.10", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server"], "id": "UBUNTU_USN-715-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=36279", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-715-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(36279);\n script_version(\"$Revision: 1.14 $\");\n script_cvs_date(\"$Date: 2016/12/01 21:21:52 $\");\n\n script_cve_id(\"CVE-2008-5079\", \"CVE-2008-5182\", \"CVE-2008-5300\", \"CVE-2008-5395\", \"CVE-2008-5700\", \"CVE-2008-5702\");\n script_bugtraq_id(32676, 33503);\n script_xref(name:\"USN\", value:\"715-1\");\n\n script_name(english:\"Ubuntu 8.10 : linux vulnerabilities (USN-715-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Hugo Dias discovered that the ATM subsystem did not correctly manage\nsocket counts. A local attacker could exploit this to cause a system\nhang, leading to a denial of service. (CVE-2008-5079)\n\nIt was discovered that the inotify subsystem contained watch removal\nrace conditions. A local attacker could exploit this to crash the\nsystem, leading to a denial of service. (CVE-2008-5182)\n\nDann Frazier discovered that in certain situations sendmsg did not\ncorrectly release allocated memory. A local attacker could exploit\nthis to force the system to run out of free memory, leading to a\ndenial of service. (CVE-2008-5300)\n\nHelge Deller discovered that PA-RISC stack unwinding was not handled\ncorrectly. A local attacker could exploit this to crash the system,\nleading do a denial of service. This did not affect official Ubuntu\nkernels, but was fixed in the source for anyone performing HPPA kernel\nbuilds. (CVE-2008-5395)\n\nIt was discovered that the ATA subsystem did not correctly set\ntimeouts. A local attacker could exploit this to cause a system hang,\nleading to a denial of service. (CVE-2008-5700)\n\nIt was discovered that the ib700 watchdog timer did not correctly\ncheck buffer sizes. A local attacker could send a specially crafted\nioctl to the device to cause a system crash, leading to a denial of\nservice. (CVE-2008-5702).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.27\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2016 Canonical, Inc. / NASL script (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(8\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-doc-2.6.27\", pkgver:\"2.6.27-11.27\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-11\", pkgver:\"2.6.27-11.27\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-11-generic\", pkgver:\"2.6.27-11.27\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-11-server\", pkgver:\"2.6.27-11.27\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-11-generic\", pkgver:\"2.6.27-11.27\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-11-server\", pkgver:\"2.6.27-11.27\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-11-virtual\", pkgver:\"2.6.27-11.27\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.27-11.27\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-source-2.6.27\", pkgver:\"2.6.27-11.27\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-doc-2.6.27 / linux-headers-2.6 / linux-headers-2.6-generic / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:59:31", "references": ["https://www.redhat.com/security/data/cve/CVE-2008-4933.html", "https://www.redhat.com/security/data/cve/CVE-2008-3275.html", "https://www.redhat.com/security/data/cve/CVE-2008-5029.html", "https://www.redhat.com/security/data/cve/CVE-2008-5702.html", "https://www.redhat.com/security/data/cve/CVE-2008-5025.html", "https://www.redhat.com/security/data/cve/CVE-2008-5300.html", "https://www.redhat.com/security/data/cve/CVE-2008-4934.html", "http://rhn.redhat.com/errata/RHSA-2009-0014.html"], "pluginID": "35381", "description": "Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update addresses the following security issues :\n\n* the sendmsg() function in the Linux kernel did not block during UNIX socket garbage collection. This could, potentially, lead to a local denial of service. (CVE-2008-5300, Important)\n\n* when fput() was called to close a socket, the __scm_destroy() function in the Linux kernel could make indirect recursive calls to itself. This could, potentially, lead to a local denial of service.\n(CVE-2008-5029, Important)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS) implementation. This could allow a local, unprivileged user to make a series of file creations within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\n* a buffer underflow flaw was found in the Linux kernel IB700 SBC watchdog timer driver. This deficiency could lead to a possible information leak. By default, the '/dev/watchdog' device is accessible only to the root user. (CVE-2008-5702, Low)\n\n* the hfs and hfsplus file systems code failed to properly handle corrupted data structures. This could, potentially, lead to a local denial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the hfsplus file system implementation. This could, potentially, lead to a local denial of service when write operations were performed. (CVE-2008-4934, Low)\n\nThis update also fixes the following bugs :\n\n* when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems running Intel(r) CPUs, the cpuspeed daemon did not run, preventing the CPU speed from being changed, such as not being reduced to an idle state when not in use.\n\n* mmap() could be used to gain access to beyond the first megabyte of RAM, due to insufficient checks in the Linux kernel code. Checks have been added to prevent this.\n\n* attempting to turn keyboard LEDs on and off rapidly on keyboards with slow keyboard controllers, may have caused key presses to fail.\n\n* after migrating a hypervisor guest, the MAC address table was not updated, causing packet loss and preventing network connections to the guest. Now, a gratuitous ARP request is sent after migration. This refreshes the ARP caches, minimizing network downtime.\n\n* writing crash dumps with diskdump may have caused a kernel panic on Non-Uniform Memory Access (NUMA) systems with certain memory configurations.\n\n* on big-endian systems, such as PowerPC, the getsockopt() function incorrectly returned 0 depending on the parameters passed to it when the time to live (TTL) value equaled 255, possibly causing memory corruption and application crashes.\n\n* a problem in the kernel packages provided by the RHSA-2008:0508 advisory caused the Linux kernel's built-in memory copy procedure to return the wrong error code after recovering from a page fault on AMD64 and Intel 64 systems. This may have caused other Linux kernel functions to return wrong error codes.\n\n* a divide-by-zero bug in the Linux kernel process scheduler, which may have caused kernel panics on certain systems, has been resolved.\n\n* the netconsole kernel module caused the Linux kernel to hang when slave interfaces of bonded network interfaces were started, resulting in a system hang or kernel panic when restarting the network.\n\n* the '/proc/xen/' directory existed even if systems were not running Red Hat Virtualization. This may have caused problems for third-party software that checks virtualization-ability based on the existence of '/proc/xen/'. Note: this update will remove the '/proc/xen/' directory on systems not running Red Hat Virtualization.\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated packages, which contain backported patches to resolve these issues.", "edition": 6, "reporter": "Tenable", "published": "2009-01-15T00:00:00", "title": "RHEL 4 : kernel (RHSA-2009:0014)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5702", "CVE-2008-5029", "CVE-2008-5025", "CVE-2008-5300", "CVE-2008-4933", "CVE-2008-3275", "CVE-2008-4934"], "modified": "2018-07-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:4", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xenU", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem", "p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel", "cpe:/o:redhat:enterprise_linux:4.7", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp"], "id": "REDHAT-RHSA-2009-0014.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=35381", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0014. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(35381);\n script_version (\"1.24\");\n script_cvs_date(\"Date: 2018/07/25 18:58:05\");\n\n script_cve_id(\"CVE-2008-3275\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2008-5702\");\n script_bugtraq_id(30647, 32093, 32154, 32289);\n script_xref(name:\"RHSA\", value:\"2009:0014\");\n\n script_name(english:\"RHEL 4 : kernel (RHSA-2009:0014)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update addresses the following security issues :\n\n* the sendmsg() function in the Linux kernel did not block during UNIX\nsocket garbage collection. This could, potentially, lead to a local\ndenial of service. (CVE-2008-5300, Important)\n\n* when fput() was called to close a socket, the __scm_destroy()\nfunction in the Linux kernel could make indirect recursive calls to\nitself. This could, potentially, lead to a local denial of service.\n(CVE-2008-5029, Important)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS)\nimplementation. This could allow a local, unprivileged user to make a\nseries of file creations within deleted directories, possibly causing\na denial of service. (CVE-2008-3275, Moderate)\n\n* a buffer underflow flaw was found in the Linux kernel IB700 SBC\nwatchdog timer driver. This deficiency could lead to a possible\ninformation leak. By default, the '/dev/watchdog' device is accessible\nonly to the root user. (CVE-2008-5702, Low)\n\n* the hfs and hfsplus file systems code failed to properly handle\ncorrupted data structures. This could, potentially, lead to a local\ndenial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the hfsplus file system implementation. This\ncould, potentially, lead to a local denial of service when write\noperations were performed. (CVE-2008-4934, Low)\n\nThis update also fixes the following bugs :\n\n* when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems\nrunning Intel(r) CPUs, the cpuspeed daemon did not run, preventing the\nCPU speed from being changed, such as not being reduced to an idle\nstate when not in use.\n\n* mmap() could be used to gain access to beyond the first megabyte of\nRAM, due to insufficient checks in the Linux kernel code. Checks have\nbeen added to prevent this.\n\n* attempting to turn keyboard LEDs on and off rapidly on keyboards\nwith slow keyboard controllers, may have caused key presses to fail.\n\n* after migrating a hypervisor guest, the MAC address table was not\nupdated, causing packet loss and preventing network connections to the\nguest. Now, a gratuitous ARP request is sent after migration. This\nrefreshes the ARP caches, minimizing network downtime.\n\n* writing crash dumps with diskdump may have caused a kernel panic on\nNon-Uniform Memory Access (NUMA) systems with certain memory\nconfigurations.\n\n* on big-endian systems, such as PowerPC, the getsockopt() function\nincorrectly returned 0 depending on the parameters passed to it when\nthe time to live (TTL) value equaled 255, possibly causing memory\ncorruption and application crashes.\n\n* a problem in the kernel packages provided by the RHSA-2008:0508\nadvisory caused the Linux kernel's built-in memory copy procedure to\nreturn the wrong error code after recovering from a page fault on\nAMD64 and Intel 64 systems. This may have caused other Linux kernel\nfunctions to return wrong error codes.\n\n* a divide-by-zero bug in the Linux kernel process scheduler, which\nmay have caused kernel panics on certain systems, has been resolved.\n\n* the netconsole kernel module caused the Linux kernel to hang when\nslave interfaces of bonded network interfaces were started, resulting\nin a system hang or kernel panic when restarting the network.\n\n* the '/proc/xen/' directory existed even if systems were not running\nRed Hat Virtualization. This may have caused problems for third-party\nsoftware that checks virtualization-ability based on the existence of\n'/proc/xen/'. Note: this update will remove the '/proc/xen/' directory\non systems not running Red Hat Virtualization.\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated\npackages, which contain backported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-3275.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-4933.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-4934.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-5025.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-5029.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-5300.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-5702.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2009-0014.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/01/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:0014\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-devel-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-doc-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-devel-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-devel-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-devel-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-78.0.13.EL\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:42:29", "references": [], "pluginID": "36454", "description": "Hugo Dias discovered that the ATM subsystem did not correctly manage socket counts. A local attacker could exploit this to cause a system hang, leading to a denial of service. (CVE-2008-5079)\n\nIt was discovered that the libertas wireless driver did not correctly handle beacon and probe responses. A physically near-by attacker could generate specially crafted wireless network traffic and cause a denial of service. Ubuntu 6.06 was not affected. (CVE-2008-5134)\n\nIt was discovered that the inotify subsystem contained watch removal race conditions. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-5182)\n\nDann Frazier discovered that in certain situations sendmsg did not correctly release allocated memory. A local attacker could exploit this to force the system to run out of free memory, leading to a denial of service. Ubuntu 6.06 was not affected. (CVE-2008-5300)\n\nIt was discovered that the ATA subsystem did not correctly set timeouts. A local attacker could exploit this to cause a system hang, leading to a denial of service. (CVE-2008-5700)\n\nIt was discovered that the ib700 watchdog timer did not correctly check buffer sizes. A local attacker could send a specially crafted ioctl to the device to cause a system crash, leading to a denial of service. (CVE-2008-5702)\n\nIt was discovered that in certain situations the network scheduler did not correctly handle very large levels of traffic. A local attacker could produce a high volume of UDP traffic resulting in a system hang, leading to a denial of service. Ubuntu 8.04 was not affected.\n(CVE-2008-5713).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 6, "reporter": "Tenable", "published": "2009-04-23T00:00:00", "title": "Ubuntu 6.06 LTS / 7.10 / 8.04 LTS : linux-source-2.6.15/22, linux vulnerabilities (USN-714-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5702", "CVE-2008-5700", "CVE-2008-5713", "CVE-2008-5134", "CVE-2008-5182", "CVE-2008-5079", "CVE-2008-5300"], "modified": "2016-12-01T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:7.10", "p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.22", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-cell", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.22", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24"], "id": "UBUNTU_USN-714-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=36454", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-714-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(36454);\n script_version(\"$Revision: 1.14 $\");\n script_cvs_date(\"$Date: 2016/12/01 21:21:52 $\");\n\n script_cve_id(\"CVE-2008-5079\", \"CVE-2008-5134\", \"CVE-2008-5182\", \"CVE-2008-5300\", \"CVE-2008-5700\", \"CVE-2008-5702\", \"CVE-2008-5713\");\n script_bugtraq_id(32676);\n script_xref(name:\"USN\", value:\"714-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 7.10 / 8.04 LTS : linux-source-2.6.15/22, linux vulnerabilities (USN-714-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Hugo Dias discovered that the ATM subsystem did not correctly manage\nsocket counts. A local attacker could exploit this to cause a system\nhang, leading to a denial of service. (CVE-2008-5079)\n\nIt was discovered that the libertas wireless driver did not correctly\nhandle beacon and probe responses. A physically near-by attacker could\ngenerate specially crafted wireless network traffic and cause a denial\nof service. Ubuntu 6.06 was not affected. (CVE-2008-5134)\n\nIt was discovered that the inotify subsystem contained watch removal\nrace conditions. A local attacker could exploit this to crash the\nsystem, leading to a denial of service. (CVE-2008-5182)\n\nDann Frazier discovered that in certain situations sendmsg did not\ncorrectly release allocated memory. A local attacker could exploit\nthis to force the system to run out of free memory, leading to a\ndenial of service. Ubuntu 6.06 was not affected. (CVE-2008-5300)\n\nIt was discovered that the ATA subsystem did not correctly set\ntimeouts. A local attacker could exploit this to cause a system hang,\nleading to a denial of service. (CVE-2008-5700)\n\nIt was discovered that the ib700 watchdog timer did not correctly\ncheck buffer sizes. A local attacker could send a specially crafted\nioctl to the device to cause a system crash, leading to a denial of\nservice. (CVE-2008-5702)\n\nIt was discovered that in certain situations the network scheduler did\nnot correctly handle very large levels of traffic. A local attacker\ncould produce a high volume of UDP traffic resulting in a system hang,\nleading to a denial of service. Ubuntu 8.04 was not affected.\n(CVE-2008-5713).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-cell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2016 Canonical, Inc. / NASL script (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|7\\.10|8\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 7.10 / 8.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-doc-2.6.15\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-386\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-686\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-amd64-generic\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-amd64-k8\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-amd64-server\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-amd64-xeon\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-server\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-386\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-686\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-amd64-generic\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-amd64-k8\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-amd64-server\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-amd64-xeon\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-server\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-source-2.6.15\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-doc-2.6.22\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-386\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-generic\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-rt\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-server\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-ume\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-virtual\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-xen\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-386\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-cell\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-generic\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-lpia\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-lpiacompat\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-rt\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-server\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-ume\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-virtual\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-xen\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-386\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-generic\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-server\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-virtual\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-source-2.6.22\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-doc-2.6.24\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-386\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-generic\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-openvz\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-rt\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-server\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-virtual\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-xen\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-386\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-generic\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-lpia\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-lpiacompat\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-openvz\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-rt\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-server\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-virtual\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-xen\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-23-386\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-23-generic\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-23-server\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-23-virtual\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-source-2.6.24\", pkgver:\"2.6.24-23.48\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-doc-2.6.15 / linux-doc-2.6.22 / linux-doc-2.6.24 / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:44:09", "references": ["http://www.nessus.org/u?1d6e2f00", "http://www.nessus.org/u?acdc3510"], "pluginID": "43727", "description": "Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update addresses the following security issues :\n\n* the sendmsg() function in the Linux kernel did not block during UNIX socket garbage collection. This could, potentially, lead to a local denial of service. (CVE-2008-5300, Important)\n\n* when fput() was called to close a socket, the __scm_destroy() function in the Linux kernel could make indirect recursive calls to itself. This could, potentially, lead to a local denial of service.\n(CVE-2008-5029, Important)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS) implementation. This could allow a local, unprivileged user to make a series of file creations within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\n* a buffer underflow flaw was found in the Linux kernel IB700 SBC watchdog timer driver. This deficiency could lead to a possible information leak. By default, the '/dev/watchdog' device is accessible only to the root user. (CVE-2008-5702, Low)\n\n* the hfs and hfsplus file systems code failed to properly handle corrupted data structures. This could, potentially, lead to a local denial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the hfsplus file system implementation. This could, potentially, lead to a local denial of service when write operations were performed. (CVE-2008-4934, Low)\n\nThis update also fixes the following bugs :\n\n* when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems running Intel(r) CPUs, the cpuspeed daemon did not run, preventing the CPU speed from being changed, such as not being reduced to an idle state when not in use.\n\n* mmap() could be used to gain access to beyond the first megabyte of RAM, due to insufficient checks in the Linux kernel code. Checks have been added to prevent this.\n\n* attempting to turn keyboard LEDs on and off rapidly on keyboards with slow keyboard controllers, may have caused key presses to fail.\n\n* after migrating a hypervisor guest, the MAC address table was not updated, causing packet loss and preventing network connections to the guest. Now, a gratuitous ARP request is sent after migration. This refreshes the ARP caches, minimizing network downtime.\n\n* writing crash dumps with diskdump may have caused a kernel panic on Non-Uniform Memory Access (NUMA) systems with certain memory configurations.\n\n* on big-endian systems, such as PowerPC, the getsockopt() function incorrectly returned 0 depending on the parameters passed to it when the time to live (TTL) value equaled 255, possibly causing memory corruption and application crashes.\n\n* a problem in the kernel packages provided by the RHSA-2008:0508 advisory caused the Linux kernel's built-in memory copy procedure to return the wrong error code after recovering from a page fault on AMD64 and Intel 64 systems. This may have caused other Linux kernel functions to return wrong error codes.\n\n* a divide-by-zero bug in the Linux kernel process scheduler, which may have caused kernel panics on certain systems, has been resolved.\n\n* the netconsole kernel module caused the Linux kernel to hang when slave interfaces of bonded network interfaces were started, resulting in a system hang or kernel panic when restarting the network.\n\n* the '/proc/xen/' directory existed even if systems were not running Red Hat Virtualization. This may have caused problems for third-party software that checks virtualization-ability based on the existence of '/proc/xen/'. Note: this update will remove the '/proc/xen/' directory on systems not running Red Hat Virtualization.\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated packages, which contain backported patches to resolve these issues.", "edition": 6, "reporter": "Tenable", "published": "2010-01-06T00:00:00", "title": "CentOS 4 : kernel (CESA-2009:0014)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5702", "CVE-2008-5029", "CVE-2008-5025", "CVE-2008-5300", "CVE-2008-4933", "CVE-2008-3275", "CVE-2008-4934"], "modified": "2018-06-27T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel-xenU-devel", "p-cpe:/a:centos:centos:kernel-largesmp", "p-cpe:/a:centos:centos:kernel-hugemem", "p-cpe:/a:centos:centos:kernel-doc", "cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:kernel-smp", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-smp-devel", "p-cpe:/a:centos:centos:kernel-largesmp-devel", "p-cpe:/a:centos:centos:kernel-xenU", "p-cpe:/a:centos:centos:kernel-hugemem-devel"], "id": "CENTOS_RHSA-2009-0014.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=43727", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0014 and \n# CentOS Errata and Security Advisory 2009:0014 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(43727);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/06/27 18:42:25\");\n\n script_cve_id(\"CVE-2008-3275\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2008-5702\");\n script_bugtraq_id(30647, 32093, 32154, 32289);\n script_xref(name:\"RHSA\", value:\"2009:0014\");\n\n script_name(english:\"CentOS 4 : kernel (CESA-2009:0014)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update addresses the following security issues :\n\n* the sendmsg() function in the Linux kernel did not block during UNIX\nsocket garbage collection. This could, potentially, lead to a local\ndenial of service. (CVE-2008-5300, Important)\n\n* when fput() was called to close a socket, the __scm_destroy()\nfunction in the Linux kernel could make indirect recursive calls to\nitself. This could, potentially, lead to a local denial of service.\n(CVE-2008-5029, Important)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS)\nimplementation. This could allow a local, unprivileged user to make a\nseries of file creations within deleted directories, possibly causing\na denial of service. (CVE-2008-3275, Moderate)\n\n* a buffer underflow flaw was found in the Linux kernel IB700 SBC\nwatchdog timer driver. This deficiency could lead to a possible\ninformation leak. By default, the '/dev/watchdog' device is accessible\nonly to the root user. (CVE-2008-5702, Low)\n\n* the hfs and hfsplus file systems code failed to properly handle\ncorrupted data structures. This could, potentially, lead to a local\ndenial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the hfsplus file system implementation. This\ncould, potentially, lead to a local denial of service when write\noperations were performed. (CVE-2008-4934, Low)\n\nThis update also fixes the following bugs :\n\n* when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems\nrunning Intel(r) CPUs, the cpuspeed daemon did not run, preventing the\nCPU speed from being changed, such as not being reduced to an idle\nstate when not in use.\n\n* mmap() could be used to gain access to beyond the first megabyte of\nRAM, due to insufficient checks in the Linux kernel code. Checks have\nbeen added to prevent this.\n\n* attempting to turn keyboard LEDs on and off rapidly on keyboards\nwith slow keyboard controllers, may have caused key presses to fail.\n\n* after migrating a hypervisor guest, the MAC address table was not\nupdated, causing packet loss and preventing network connections to the\nguest. Now, a gratuitous ARP request is sent after migration. This\nrefreshes the ARP caches, minimizing network downtime.\n\n* writing crash dumps with diskdump may have caused a kernel panic on\nNon-Uniform Memory Access (NUMA) systems with certain memory\nconfigurations.\n\n* on big-endian systems, such as PowerPC, the getsockopt() function\nincorrectly returned 0 depending on the parameters passed to it when\nthe time to live (TTL) value equaled 255, possibly causing memory\ncorruption and application crashes.\n\n* a problem in the kernel packages provided by the RHSA-2008:0508\nadvisory caused the Linux kernel's built-in memory copy procedure to\nreturn the wrong error code after recovering from a page fault on\nAMD64 and Intel 64 systems. This may have caused other Linux kernel\nfunctions to return wrong error codes.\n\n* a divide-by-zero bug in the Linux kernel process scheduler, which\nmay have caused kernel panics on certain systems, has been resolved.\n\n* the netconsole kernel module caused the Linux kernel to hang when\nslave interfaces of bonded network interfaces were started, resulting\nin a system hang or kernel panic when restarting the network.\n\n* the '/proc/xen/' directory existed even if systems were not running\nRed Hat Virtualization. This may have caused problems for third-party\nsoftware that checks virtualization-ability based on the existence of\n'/proc/xen/'. Note: this update will remove the '/proc/xen/' directory\non systems not running Red Hat Virtualization.\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated\npackages, which contain backported patches to resolve these issues.\"\n );\n # http://lists.centos.org/pipermail/centos-announce/2009-January/015556.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1d6e2f00\"\n );\n # http://lists.centos.org/pipermail/centos-announce/2009-January/015557.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?acdc3510\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-doc-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-doc-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-smp-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-smp-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-xenU-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-xenU-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-78.0.13.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:52:06", "references": ["http://www.nessus.org/u?72598625"], "pluginID": "60520", "description": "This update addresses the following security issues :\n\n - the sendmsg() function in the Linux kernel did not block during UNIX socket garbage collection. This could, potentially, lead to a local denial of service.\n (CVE-2008-5300, Important)\n\n - when fput() was called to close a socket, the\n __scm_destroy() function in the Linux kernel could make indirect recursive calls to itself. This could, potentially, lead to a local denial of service.\n (CVE-2008-5029, Important)\n\n - a deficiency was found in the Linux kernel virtual file system (VFS) implementation. This could allow a local, unprivileged user to make a series of file creations within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\n - a buffer underflow flaw was found in the Linux kernel IB700 SBC watchdog timer driver. This deficiency could lead to a possible information leak. By default, the '/dev/watchdog' device is accessible only to the root user. (CVE-2008-5702, Low)\n\n - the hfs and hfsplus file systems code failed to properly handle corrupted data structures. This could, potentially, lead to a local denial of service.\n (CVE-2008-4933, CVE-2008-5025, Low)\n\n - a flaw was found in the hfsplus file system implementation. This could, potentially, lead to a local denial of service when write operations were performed.\n (CVE-2008-4934, Low)\n\nThis update also fixes the following bugs :\n\n - when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems running Intel® CPUs, the cpuspeed daemon did not run, preventing the CPU speed from being changed, such as not being reduced to an idle state when not in use.\n\n - mmap() could be used to gain access to beyond the first megabyte of RAM, due to insufficient checks in the Linux kernel code. Checks have been added to prevent this.\n\n - attempting to turn keyboard LEDs on and off rapidly on keyboards with slow keyboard controllers, may have caused key presses to fail.\n\n - after migrating a hypervisor guest, the MAC address table was not updated, causing packet loss and preventing network connections to the guest. Now, a gratuitous ARP request is sent after migration. This refreshes the ARP caches, minimizing network downtime.\n\n - writing crash dumps with diskdump may have caused a kernel panic on Non-Uniform Memory Access (NUMA) systems with certain memory configurations.\n\n - on big-endian systems, such as PowerPC, the getsockopt() function incorrectly returned 0 depending on the parameters passed to it when the time to live (TTL) value equaled 255, possibly causing memory corruption and application crashes.\n\n - a problem in the kernel packages provided by the RHSA-2008:0508 advisory caused the Linux kernel's built-in memory copy procedure to return the wrong error code after recovering from a page fault on AMD64 and Intel 64 systems. This may have caused other Linux kernel functions to return wrong error codes.\n\n - a divide-by-zero bug in the Linux kernel process scheduler, which may have caused kernel panics on certain systems, has been resolved.\n\n - the netconsole kernel module caused the Linux kernel to hang when slave interfaces of bonded network interfaces were started, resulting in a system hang or kernel panic when restarting the network.\n\n - the '/proc/xen/' directory existed even if systems were not running Red Hat Virtualization. This may have caused problems for third-party software that checks virtualization-ability based on the existence of '/proc/xen/'. Note: this update will remove the '/proc/xen/' directory on systems not running Red Hat Virtualization.\n\nThis updated kernel-utils package adds an enhancement in the way of proper support for user-space frequency-scaling on multi-core systems.", "edition": 5, "reporter": "Tenable", "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : kernel on SL4.x i386/x86_64", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Scientific Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5702", "CVE-2008-5029", "CVE-2008-5025", "CVE-2008-5300", "CVE-2008-4933", "CVE-2008-3275", "CVE-2008-4934"], "modified": "2016-12-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090114_KERNEL_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=60520", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60520);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2016/12/14 20:22:13 $\");\n\n script_cve_id(\"CVE-2008-3275\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2008-5702\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL4.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update addresses the following security issues :\n\n - the sendmsg() function in the Linux kernel did not block\n during UNIX socket garbage collection. This could,\n potentially, lead to a local denial of service.\n (CVE-2008-5300, Important)\n\n - when fput() was called to close a socket, the\n __scm_destroy() function in the Linux kernel could make\n indirect recursive calls to itself. This could,\n potentially, lead to a local denial of service.\n (CVE-2008-5029, Important)\n\n - a deficiency was found in the Linux kernel virtual file\n system (VFS) implementation. This could allow a local,\n unprivileged user to make a series of file creations\n within deleted directories, possibly causing a denial of\n service. (CVE-2008-3275, Moderate)\n\n - a buffer underflow flaw was found in the Linux kernel\n IB700 SBC watchdog timer driver. This deficiency could\n lead to a possible information leak. By default, the\n '/dev/watchdog' device is accessible only to the root\n user. (CVE-2008-5702, Low)\n\n - the hfs and hfsplus file systems code failed to properly\n handle corrupted data structures. This could,\n potentially, lead to a local denial of service.\n (CVE-2008-4933, CVE-2008-5025, Low)\n\n - a flaw was found in the hfsplus file system\n implementation. This could, potentially, lead to a local\n denial of service when write operations were performed.\n (CVE-2008-4934, Low)\n\nThis update also fixes the following bugs :\n\n - when running Red Hat Enterprise Linux 4.6 and 4.7 on\n some systems running Intel® CPUs, the cpuspeed\n daemon did not run, preventing the CPU speed from being\n changed, such as not being reduced to an idle state when\n not in use.\n\n - mmap() could be used to gain access to beyond the first\n megabyte of RAM, due to insufficient checks in the Linux\n kernel code. Checks have been added to prevent this.\n\n - attempting to turn keyboard LEDs on and off rapidly on\n keyboards with slow keyboard controllers, may have\n caused key presses to fail.\n\n - after migrating a hypervisor guest, the MAC address\n table was not updated, causing packet loss and\n preventing network connections to the guest. Now, a\n gratuitous ARP request is sent after migration. This\n refreshes the ARP caches, minimizing network downtime.\n\n - writing crash dumps with diskdump may have caused a\n kernel panic on Non-Uniform Memory Access (NUMA) systems\n with certain memory configurations.\n\n - on big-endian systems, such as PowerPC, the getsockopt()\n function incorrectly returned 0 depending on the\n parameters passed to it when the time to live (TTL)\n value equaled 255, possibly causing memory corruption\n and application crashes.\n\n - a problem in the kernel packages provided by the\n RHSA-2008:0508 advisory caused the Linux kernel's\n built-in memory copy procedure to return the wrong error\n code after recovering from a page fault on AMD64 and\n Intel 64 systems. This may have caused other Linux\n kernel functions to return wrong error codes.\n\n - a divide-by-zero bug in the Linux kernel process\n scheduler, which may have caused kernel panics on\n certain systems, has been resolved.\n\n - the netconsole kernel module caused the Linux kernel to\n hang when slave interfaces of bonded network interfaces\n were started, resulting in a system hang or kernel panic\n when restarting the network.\n\n - the '/proc/xen/' directory existed even if systems were\n not running Red Hat Virtualization. This may have caused\n problems for third-party software that checks\n virtualization-ability based on the existence of\n '/proc/xen/'. Note: this update will remove the\n '/proc/xen/' directory on systems not running Red Hat\n Virtualization.\n\nThis updated kernel-utils package adds an enhancement in the way of\nproper support for user-space frequency-scaling on multi-core systems.\"\n );\n # http://listserv.fnal.gov/scripts/wa.exe?A2=ind0901&L=scientific-linux-errata&T=0&P=1314\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?72598625\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(20, 119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"kernel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-doc-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-smp-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-smp-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-utils-2.4-14.1.117.2.1\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-xenU-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-xenU-devel-2.6.9-78.0.13.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:11:23", "references": ["https://oss.oracle.com/pipermail/el-errata/2009-January/000864.html"], "pluginID": "67790", "description": "From Red Hat Security Advisory 2009:0014 :\n\nUpdated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update addresses the following security issues :\n\n* the sendmsg() function in the Linux kernel did not block during UNIX socket garbage collection. This could, potentially, lead to a local denial of service. (CVE-2008-5300, Important)\n\n* when fput() was called to close a socket, the __scm_destroy() function in the Linux kernel could make indirect recursive calls to itself. This could, potentially, lead to a local denial of service.\n(CVE-2008-5029, Important)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS) implementation. This could allow a local, unprivileged user to make a series of file creations within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\n* a buffer underflow flaw was found in the Linux kernel IB700 SBC watchdog timer driver. This deficiency could lead to a possible information leak. By default, the '/dev/watchdog' device is accessible only to the root user. (CVE-2008-5702, Low)\n\n* the hfs and hfsplus file systems code failed to properly handle corrupted data structures. This could, potentially, lead to a local denial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the hfsplus file system implementation. This could, potentially, lead to a local denial of service when write operations were performed. (CVE-2008-4934, Low)\n\nThis update also fixes the following bugs :\n\n* when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems running Intel(r) CPUs, the cpuspeed daemon did not run, preventing the CPU speed from being changed, such as not being reduced to an idle state when not in use.\n\n* mmap() could be used to gain access to beyond the first megabyte of RAM, due to insufficient checks in the Linux kernel code. Checks have been added to prevent this.\n\n* attempting to turn keyboard LEDs on and off rapidly on keyboards with slow keyboard controllers, may have caused key presses to fail.\n\n* after migrating a hypervisor guest, the MAC address table was not updated, causing packet loss and preventing network connections to the guest. Now, a gratuitous ARP request is sent after migration. This refreshes the ARP caches, minimizing network downtime.\n\n* writing crash dumps with diskdump may have caused a kernel panic on Non-Uniform Memory Access (NUMA) systems with certain memory configurations.\n\n* on big-endian systems, such as PowerPC, the getsockopt() function incorrectly returned 0 depending on the parameters passed to it when the time to live (TTL) value equaled 255, possibly causing memory corruption and application crashes.\n\n* a problem in the kernel packages provided by the RHSA-2008:0508 advisory caused the Linux kernel's built-in memory copy procedure to return the wrong error code after recovering from a page fault on AMD64 and Intel 64 systems. This may have caused other Linux kernel functions to return wrong error codes.\n\n* a divide-by-zero bug in the Linux kernel process scheduler, which may have caused kernel panics on certain systems, has been resolved.\n\n* the netconsole kernel module caused the Linux kernel to hang when slave interfaces of bonded network interfaces were started, resulting in a system hang or kernel panic when restarting the network.\n\n* the '/proc/xen/' directory existed even if systems were not running Red Hat Virtualization. This may have caused problems for third-party software that checks virtualization-ability based on the existence of '/proc/xen/'. Note: this update will remove the '/proc/xen/' directory on systems not running Red Hat Virtualization.\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated packages, which contain backported patches to resolve these issues.", "edition": 6, "reporter": "Tenable", "published": "2013-07-12T00:00:00", "title": "Oracle Linux 4 : kernel (ELSA-2009-0014)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5702", "CVE-2008-5029", "CVE-2008-5025", "CVE-2008-5300", "CVE-2008-4933", "CVE-2008-3275", "CVE-2008-4934"], "modified": "2018-07-18T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel-hugemem", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-xenU-devel", "p-cpe:/a:oracle:linux:kernel-xenU", "p-cpe:/a:oracle:linux:kernel-smp-devel", "p-cpe:/a:oracle:linux:kernel-largesmp", "p-cpe:/a:oracle:linux:kernel-smp", "p-cpe:/a:oracle:linux:kernel-hugemem-devel", "cpe:/o:oracle:linux:4", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-largesmp-devel"], "id": "ORACLELINUX_ELSA-2009-0014.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=67790", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:0014 and \n# Oracle Linux Security Advisory ELSA-2009-0014 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67790);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/07/18 17:43:56\");\n\n script_cve_id(\"CVE-2008-3275\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2008-5702\");\n script_bugtraq_id(30647, 32093, 32154, 32289);\n script_xref(name:\"RHSA\", value:\"2009:0014\");\n\n script_name(english:\"Oracle Linux 4 : kernel (ELSA-2009-0014)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:0014 :\n\nUpdated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update addresses the following security issues :\n\n* the sendmsg() function in the Linux kernel did not block during UNIX\nsocket garbage collection. This could, potentially, lead to a local\ndenial of service. (CVE-2008-5300, Important)\n\n* when fput() was called to close a socket, the __scm_destroy()\nfunction in the Linux kernel could make indirect recursive calls to\nitself. This could, potentially, lead to a local denial of service.\n(CVE-2008-5029, Important)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS)\nimplementation. This could allow a local, unprivileged user to make a\nseries of file creations within deleted directories, possibly causing\na denial of service. (CVE-2008-3275, Moderate)\n\n* a buffer underflow flaw was found in the Linux kernel IB700 SBC\nwatchdog timer driver. This deficiency could lead to a possible\ninformation leak. By default, the '/dev/watchdog' device is accessible\nonly to the root user. (CVE-2008-5702, Low)\n\n* the hfs and hfsplus file systems code failed to properly handle\ncorrupted data structures. This could, potentially, lead to a local\ndenial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the hfsplus file system implementation. This\ncould, potentially, lead to a local denial of service when write\noperations were performed. (CVE-2008-4934, Low)\n\nThis update also fixes the following bugs :\n\n* when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems\nrunning Intel(r) CPUs, the cpuspeed daemon did not run, preventing the\nCPU speed from being changed, such as not being reduced to an idle\nstate when not in use.\n\n* mmap() could be used to gain access to beyond the first megabyte of\nRAM, due to insufficient checks in the Linux kernel code. Checks have\nbeen added to prevent this.\n\n* attempting to turn keyboard LEDs on and off rapidly on keyboards\nwith slow keyboard controllers, may have caused key presses to fail.\n\n* after migrating a hypervisor guest, the MAC address table was not\nupdated, causing packet loss and preventing network connections to the\nguest. Now, a gratuitous ARP request is sent after migration. This\nrefreshes the ARP caches, minimizing network downtime.\n\n* writing crash dumps with diskdump may have caused a kernel panic on\nNon-Uniform Memory Access (NUMA) systems with certain memory\nconfigurations.\n\n* on big-endian systems, such as PowerPC, the getsockopt() function\nincorrectly returned 0 depending on the parameters passed to it when\nthe time to live (TTL) value equaled 255, possibly causing memory\ncorruption and application crashes.\n\n* a problem in the kernel packages provided by the RHSA-2008:0508\nadvisory caused the Linux kernel's built-in memory copy procedure to\nreturn the wrong error code after recovering from a page fault on\nAMD64 and Intel 64 systems. This may have caused other Linux kernel\nfunctions to return wrong error codes.\n\n* a divide-by-zero bug in the Linux kernel process scheduler, which\nmay have caused kernel panics on certain systems, has been resolved.\n\n* the netconsole kernel module caused the Linux kernel to hang when\nslave interfaces of bonded network interfaces were started, resulting\nin a system hang or kernel panic when restarting the network.\n\n* the '/proc/xen/' directory existed even if systems were not running\nRed Hat Virtualization. This may have caused problems for third-party\nsoftware that checks virtualization-ability based on the existence of\n'/proc/xen/'. Note: this update will remove the '/proc/xen/' directory\non systems not running Red Hat Virtualization.\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated\npackages, which contain backported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-January/000864.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-devel-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-devel-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-doc-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-doc-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-hugemem-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-hugemem-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"ia64\", reference:\"kernel-largesmp-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"ia64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-smp-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-smp-devel-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-xenU-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-xenU-devel-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-78.0.13.0.1.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:56:16", "references": [], "pluginID": "35446", "description": "The openSUSE 10.3 kernel was updated to fix various security problems and bugs. Following security bugs were fixed :\n\nCVE-2008-5702: Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.\n\nCVE-2008-5079: net/atm/svc.c in the ATM subsystem allowed local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, related to corruption of the vcc table.\n\nCVE-2008-5029: The __scm_destroy function in net/core/scm.c makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors.\n\nCVE-2008-5134: Buffer overflow in the lbs_process_bss function in drivers/net/wireless/libertas/scan.c in the libertas subsystem allowed remote attackers to have an unknown impact via an 'invalid beacon/probe response.'\n\nCVE-2008-4933: Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c allowed attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog namelength field, related to the hfsplus_cat_build_key_uni function.\n\nCVE-2008-5025: Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c allowed attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008-4933.\n\nCVE-2008-5182: The inotify functionality might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount.", "edition": 5, "reporter": "Tenable", "published": "2009-01-22T00:00:00", "title": "openSUSE 10 Security Update : kernel (kernel-5920)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5702", "CVE-2008-5029", "CVE-2008-5134", "CVE-2008-5182", "CVE-2008-5079", "CVE-2008-5025", "CVE-2008-4933"], "modified": "2016-12-22T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-bigsmp", "cpe:/o:novell:opensuse:10.3", "p-cpe:/a:novell:opensuse:kernel-xenpae", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-debug"], "id": "SUSE_KERNEL-5920.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=35446", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-5920.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(35446);\n script_version (\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2016/12/22 20:32:47 $\");\n\n script_cve_id(\"CVE-2008-4933\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5079\", \"CVE-2008-5134\", \"CVE-2008-5182\", \"CVE-2008-5702\");\n\n script_name(english:\"openSUSE 10 Security Update : kernel (kernel-5920)\");\n script_summary(english:\"Check for the kernel-5920 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE 10.3 kernel was updated to fix various security problems\nand bugs. Following security bugs were fixed :\n\nCVE-2008-5702: Buffer underflow in the ibwdt_ioctl function in\ndrivers/watchdog/ib700wdt.c might allow local users to have an unknown\nimpact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.\n\nCVE-2008-5079: net/atm/svc.c in the ATM subsystem allowed local users\nto cause a denial of service (kernel infinite loop) by making two\ncalls to svc_listen for the same socket, and then reading a\n/proc/net/atm/*vc file, related to corruption of the vcc table.\n\nCVE-2008-5029: The __scm_destroy function in net/core/scm.c makes\nindirect recursive calls to itself through calls to the fput function,\nwhich allows local users to cause a denial of service (panic) via\nvectors related to sending an SCM_RIGHTS message through a UNIX domain\nsocket and closing file descriptors.\n\nCVE-2008-5134: Buffer overflow in the lbs_process_bss function in\ndrivers/net/wireless/libertas/scan.c in the libertas subsystem allowed\nremote attackers to have an unknown impact via an 'invalid\nbeacon/probe response.'\n\nCVE-2008-4933: Buffer overflow in the hfsplus_find_cat function in\nfs/hfsplus/catalog.c allowed attackers to cause a denial of service\n(memory corruption or system crash) via an hfsplus filesystem image\nwith an invalid catalog namelength field, related to the\nhfsplus_cat_build_key_uni function.\n\nCVE-2008-5025: Stack-based buffer overflow in the hfs_cat_find_brec\nfunction in fs/hfs/catalog.c allowed attackers to cause a denial of\nservice (memory corruption or system crash) via an hfs filesystem\nimage with an invalid catalog namelength field, a related issue to\nCVE-2008-4933.\n\nCVE-2008-5182: The inotify functionality might allow local users to\ngain privileges via unknown vectors related to race conditions in\ninotify watch removal and umount.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-bigsmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xenpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/01/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-bigsmp-2.6.22.19-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-debug-2.6.22.19-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-default-2.6.22.19-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-source-2.6.22.19-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-syms-2.6.22.19-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-xen-2.6.22.19-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-xenpae-2.6.22.19-0.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-bigsmp / kernel-debug / kernel-default / kernel-source / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:39:45", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=447406", "https://bugzilla.novell.com/show_bug.cgi?id=439461", "https://bugzilla.novell.com/show_bug.cgi?id=457896", "https://bugzilla.novell.com/show_bug.cgi?id=405546", "https://bugzilla.novell.com/show_bug.cgi?id=446973", "https://bugzilla.novell.com/show_bug.cgi?id=457898", "https://bugzilla.novell.com/show_bug.cgi?id=419250", "https://bugzilla.novell.com/show_bug.cgi?id=371657", "https://bugzilla.novell.com/show_bug.cgi?id=362850", "https://bugzilla.novell.com/show_bug.cgi?id=429919", "https://bugzilla.novell.com/show_bug.cgi?id=399966", "https://bugzilla.novell.com/show_bug.cgi?id=442364", "https://bugzilla.novell.com/show_bug.cgi?id=450417", "https://bugzilla.novell.com/show_bug.cgi?id=447241", "https://bugzilla.novell.com/show_bug.cgi?id=457897", "https://bugzilla.novell.com/show_bug.cgi?id=445569", "https://bugzilla.novell.com/show_bug.cgi?id=442594", "https://bugzilla.novell.com/show_bug.cgi?id=443640", "https://bugzilla.novell.com/show_bug.cgi?id=443661"], "pluginID": "40011", "description": "This update fixes various security issues and several bugs in the openSUSE 11.0 kernel. It was also updated to the stable version 2.6.25.20.\n\nCVE-2008-5702: Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.\n\nCVE-2008-5700: libata did not set minimum timeouts for SG_IO requests, which allows local users to cause a denial of service (Programmed I/O mode on drives) via multiple simultaneous invocations of an unspecified test program.\n\nCVE-2008-5079: net/atm/svc.c in the ATM subsystem allowed local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, related to corruption of the vcc table.\n\nCVE-2008-5300: Linux kernel 2.6.28 allows local users to cause a denial of service ('soft lockup' and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029.\n\nCVE-2008-5029: The __scm_destroy function in net/core/scm.c makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors.\n\nCVE-2008-4933: Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c allowed attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog namelength field, related to the hfsplus_cat_build_key_uni function.\n\nCVE-2008-5025: Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c allowed attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008-4933.\n\nCVE-2008-5182: The inotify functionality might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount.\n\nCVE-2008-3831: The i915 driver in drivers/char/drm/i915_dma.c does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager (DRM) master, which allows local users to cause a denial of service (memory corruption) via a crafted ioctl call, related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl's configuration.\n\nCVE-2008-4554: The do_splice_from function in fs/splice.c did not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file.", "edition": 5, "reporter": "Tenable", "published": "2009-07-21T00:00:00", "title": "openSUSE Security Update : kernel (kernel-423)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5702", "CVE-2008-4554", "CVE-2008-5700", "CVE-2008-5029", "CVE-2008-3831", "CVE-2008-5182", "CVE-2008-5079", "CVE-2008-5025", "CVE-2008-5300", "CVE-2008-4933"], "modified": "2016-12-21T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-source", "cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:kernel-rt", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-rt_debug", "p-cpe:/a:novell:opensuse:kernel-debug"], "id": "SUSE_11_0_KERNEL-090114.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=40011", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-423.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40011);\n script_version(\"$Revision: 1.10 $\");\n script_cvs_date(\"$Date: 2016/12/21 20:09:50 $\");\n\n script_cve_id(\"CVE-2008-3831\", \"CVE-2008-4554\", \"CVE-2008-4933\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5079\", \"CVE-2008-5182\", \"CVE-2008-5300\", \"CVE-2008-5700\", \"CVE-2008-5702\");\n\n script_name(english:\"openSUSE Security Update : kernel (kernel-423)\");\n script_summary(english:\"Check for the kernel-423 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes various security issues and several bugs in the\nopenSUSE 11.0 kernel. It was also updated to the stable version\n2.6.25.20.\n\nCVE-2008-5702: Buffer underflow in the ibwdt_ioctl function in\ndrivers/watchdog/ib700wdt.c might allow local users to have an unknown\nimpact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.\n\nCVE-2008-5700: libata did not set minimum timeouts for SG_IO requests,\nwhich allows local users to cause a denial of service (Programmed I/O\nmode on drives) via multiple simultaneous invocations of an\nunspecified test program.\n\nCVE-2008-5079: net/atm/svc.c in the ATM subsystem allowed local users\nto cause a denial of service (kernel infinite loop) by making two\ncalls to svc_listen for the same socket, and then reading a\n/proc/net/atm/*vc file, related to corruption of the vcc table.\n\nCVE-2008-5300: Linux kernel 2.6.28 allows local users to cause a\ndenial of service ('soft lockup' and process loss) via a large number\nof sendmsg function calls, which does not block during AF_UNIX garbage\ncollection and triggers an OOM condition, a different vulnerability\nthan CVE-2008-5029.\n\nCVE-2008-5029: The __scm_destroy function in net/core/scm.c makes\nindirect recursive calls to itself through calls to the fput function,\nwhich allows local users to cause a denial of service (panic) via\nvectors related to sending an SCM_RIGHTS message through a UNIX domain\nsocket and closing file descriptors.\n\nCVE-2008-4933: Buffer overflow in the hfsplus_find_cat function in\nfs/hfsplus/catalog.c allowed attackers to cause a denial of service\n(memory corruption or system crash) via an hfsplus filesystem image\nwith an invalid catalog namelength field, related to the\nhfsplus_cat_build_key_uni function.\n\nCVE-2008-5025: Stack-based buffer overflow in the hfs_cat_find_brec\nfunction in fs/hfs/catalog.c allowed attackers to cause a denial of\nservice (memory corruption or system crash) via an hfs filesystem\nimage with an invalid catalog namelength field, a related issue to\nCVE-2008-4933.\n\nCVE-2008-5182: The inotify functionality might allow local users to\ngain privileges via unknown vectors related to race conditions in\ninotify watch removal and umount.\n\nCVE-2008-3831: The i915 driver in drivers/char/drm/i915_dma.c does not\nrestrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager\n(DRM) master, which allows local users to cause a denial of service\n(memory corruption) via a crafted ioctl call, related to absence of\nthe DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl's configuration.\n\nCVE-2008-4554: The do_splice_from function in fs/splice.c did not\nreject file descriptors that have the O_APPEND flag set, which allows\nlocal users to bypass append mode and make arbitrary changes to other\nlocations in the file.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=362850\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=371657\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=399966\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=405546\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=419250\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=429919\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=439461\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=442364\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=442594\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=443640\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=443661\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=445569\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=446973\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=447241\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=447406\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=450417\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=457896\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=457897\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=457898\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-rt_debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-debug-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-default-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-pae-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-rt-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-rt_debug-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-source-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-syms-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-vanilla-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-xen-2.6.25.20-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-debug / kernel-default / kernel-pae / kernel-rt / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:34:41", "references": [], "pluginID": "39335", "description": "This kernel update for openSUSE 10.3 fixes some bugs and several security problems.\n\nThe following security issues are fixed: A local denial of service problem in the splice(2) system call.\n\nCVE-2009-0834: The audit_syscall_entry function in the Linux kernel on the x86_64 platform did not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls.\n\nCVE-2009-1072: nfsd in the Linux kernel did not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option.\n\nCVE-2009-0835 The __secure_computing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel on the x86_64 platform, when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass intended access restrictions via crafted syscalls that are misinterpreted as (a) stat or (b) chmod.\n\nCVE-2009-1439: Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) or potential code execution via a long nativeFileSystem field in a Tree Connect response to an SMB mount request.\n\nThis requires that kernel can be made to mount a 'cifs' filesystem from a malicious CIFS server.\n\nCVE-2009-1337: The exit_notify function in kernel/exit.c in the Linux kernel did not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n\nCVE-2009-0859: The shm_get_stat function in ipc/shm.c in the shm subsystem in the Linux kernel, when CONFIG_SHMEM is disabled, misinterprets the data type of an inode, which allows local users to cause a denial of service (system hang) via an SHM_INFO shmctl call, as demonstrated by running the ipcs program. (SUSE is enabling CONFIG_SHMEM, so is by default not affected, the fix is just for completeness).\n\nCVE-2009-1265: Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel might allow attackers to obtain sensitive information via a large length value, which causes 'garbage' memory to be sent.\n\nCVE-2009-0028: The clone system call in the Linux kernel allows local users to send arbitrary signals to a parent process from an unprivileged child process by launching an additional child process with the CLONE_PARENT flag, and then letting this new process exit.\n\nCVE-2009-0676: The sock_getsockopt function in net/core/sock.c in the Linux kernel does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt request.\n\nCVE-2009-0322: drivers/firmware/dell_rbu.c in the Linux kernel allows local users to cause a denial of service (system crash) via a read system call that specifies zero bytes from the (1) image_type or (2) packet_size file in /sys/devices/platform/dell_rbu/.\n\nCVE-2009-0269: fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel allows local users to cause a denial of service (fault or memory corruption), or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array index.\n\nCVE-2009-0065: Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large stream ID.\n\nCVE-2008-5702: Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c in the Linux kernel might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.\n\nCVE-2008-4554: The do_splice_from function in fs/splice.c in the Linux kernel does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file.\n\nSome other non-security bugs were fixed, please see the RPM changelog.", "edition": 5, "reporter": "Tenable", "published": "2009-06-09T00:00:00", "title": "openSUSE 10 Security Update : kernel (kernel-6274)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5702", "CVE-2008-4554", "CVE-2009-0859", "CVE-2009-0028", "CVE-2009-1072", "CVE-2009-0835", "CVE-2009-0322", "CVE-2009-0676", "CVE-2009-0065", "CVE-2009-1337", "CVE-2009-0269", "CVE-2009-0834", "CVE-2009-1265", "CVE-2009-1439"], "modified": "2016-12-22T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-bigsmp", "cpe:/o:novell:opensuse:10.3", "p-cpe:/a:novell:opensuse:kernel-xenpae", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-debug"], "id": "SUSE_KERNEL-6274.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=39335", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-6274.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(39335);\n script_version (\"$Revision: 1.10 $\");\n script_cvs_date(\"$Date: 2016/12/22 20:32:47 $\");\n\n script_cve_id(\"CVE-2008-4554\", \"CVE-2008-5702\", \"CVE-2009-0028\", \"CVE-2009-0065\", \"CVE-2009-0269\", \"CVE-2009-0322\", \"CVE-2009-0676\", \"CVE-2009-0834\", \"CVE-2009-0835\", \"CVE-2009-0859\", \"CVE-2009-1072\", \"CVE-2009-1265\", \"CVE-2009-1337\", \"CVE-2009-1439\");\n\n script_name(english:\"openSUSE 10 Security Update : kernel (kernel-6274)\");\n script_summary(english:\"Check for the kernel-6274 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This kernel update for openSUSE 10.3 fixes some bugs and several\nsecurity problems.\n\nThe following security issues are fixed: A local denial of service\nproblem in the splice(2) system call.\n\nCVE-2009-0834: The audit_syscall_entry function in the Linux kernel on\nthe x86_64 platform did not properly handle (1) a 32-bit process\nmaking a 64-bit syscall or (2) a 64-bit process making a 32-bit\nsyscall, which allows local users to bypass certain syscall audit\nconfigurations via crafted syscalls.\n\nCVE-2009-1072: nfsd in the Linux kernel did not drop the CAP_MKNOD\ncapability before handling a user request in a thread, which allows\nlocal users to create device nodes, as demonstrated on a filesystem\nthat has been exported with the root_squash option.\n\nCVE-2009-0835 The __secure_computing function in kernel/seccomp.c in\nthe seccomp subsystem in the Linux kernel on the x86_64 platform, when\nCONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit\nprocess making a 64-bit syscall or (2) a 64-bit process making a\n32-bit syscall, which allows local users to bypass intended access\nrestrictions via crafted syscalls that are misinterpreted as (a) stat\nor (b) chmod.\n\nCVE-2009-1439: Buffer overflow in fs/cifs/connect.c in CIFS in the\nLinux kernel 2.6.29 and earlier allows remote attackers to cause a\ndenial of service (crash) or potential code execution via a long\nnativeFileSystem field in a Tree Connect response to an SMB mount\nrequest.\n\nThis requires that kernel can be made to mount a 'cifs' filesystem\nfrom a malicious CIFS server.\n\nCVE-2009-1337: The exit_notify function in kernel/exit.c in the Linux\nkernel did not restrict exit signals when the CAP_KILL capability is\nheld, which allows local users to send an arbitrary signal to a\nprocess by running a program that modifies the exit_signal field and\nthen uses an exec system call to launch a setuid application.\n\nCVE-2009-0859: The shm_get_stat function in ipc/shm.c in the shm\nsubsystem in the Linux kernel, when CONFIG_SHMEM is disabled,\nmisinterprets the data type of an inode, which allows local users to\ncause a denial of service (system hang) via an SHM_INFO shmctl call,\nas demonstrated by running the ipcs program. (SUSE is enabling\nCONFIG_SHMEM, so is by default not affected, the fix is just for\ncompleteness).\n\nCVE-2009-1265: Integer overflow in rose_sendmsg (sys/net/af_rose.c) in\nthe Linux kernel might allow attackers to obtain sensitive information\nvia a large length value, which causes 'garbage' memory to be sent.\n\nCVE-2009-0028: The clone system call in the Linux kernel allows local\nusers to send arbitrary signals to a parent process from an\nunprivileged child process by launching an additional child process\nwith the CLONE_PARENT flag, and then letting this new process exit.\n\nCVE-2009-0676: The sock_getsockopt function in net/core/sock.c in the\nLinux kernel does not initialize a certain structure member, which\nallows local users to obtain potentially sensitive information from\nkernel memory via an SO_BSDCOMPAT getsockopt request.\n\nCVE-2009-0322: drivers/firmware/dell_rbu.c in the Linux kernel allows\nlocal users to cause a denial of service (system crash) via a read\nsystem call that specifies zero bytes from the (1) image_type or (2)\npacket_size file in /sys/devices/platform/dell_rbu/.\n\nCVE-2009-0269: fs/ecryptfs/inode.c in the eCryptfs subsystem in the\nLinux kernel allows local users to cause a denial of service (fault or\nmemory corruption), or possibly have unspecified other impact, via a\nreadlink call that results in an error, leading to use of a -1 return\nvalue as an array index.\n\nCVE-2009-0065: Buffer overflow in net/sctp/sm_statefuns.c in the\nStream Control Transmission Protocol (sctp) implementation in the\nLinux kernel allows remote attackers to have an unknown impact via an\nFWD-TSN (aka FORWARD-TSN) chunk with a large stream ID.\n\nCVE-2008-5702: Buffer underflow in the ibwdt_ioctl function in\ndrivers/watchdog/ib700wdt.c in the Linux kernel might allow local\nusers to have an unknown impact via a certain /dev/watchdog\nWDIOC_SETTIMEOUT IOCTL call.\n\nCVE-2008-4554: The do_splice_from function in fs/splice.c in the Linux\nkernel does not reject file descriptors that have the O_APPEND flag\nset, which allows local users to bypass append mode and make arbitrary\nchanges to other locations in the file.\n\nSome other non-security bugs were fixed, please see the RPM changelog.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(16, 20, 119, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-bigsmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xenpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-bigsmp-2.6.22.19-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-debug-2.6.22.19-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-default-2.6.22.19-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-source-2.6.22.19-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-syms-2.6.22.19-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-xen-2.6.22.19-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-xenpae-2.6.22.19-0.3\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-bigsmp / kernel-debug / kernel-default / kernel-source / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:58:59", "references": ["https://security-tracker.debian.org/tracker/CVE-2009-1192", "https://security-tracker.debian.org/tracker/CVE-2009-0322", "https://security-tracker.debian.org/tracker/CVE-2008-5702", "https://security-tracker.debian.org/tracker/CVE-2009-1265", "https://security-tracker.debian.org/tracker/CVE-2008-4307", "http://www.debian.org/security/2009/dsa-1794", "https://security-tracker.debian.org/tracker/CVE-2009-0834", "https://security-tracker.debian.org/tracker/CVE-2008-5713", "https://security-tracker.debian.org/tracker/CVE-2009-1439", "https://security-tracker.debian.org/tracker/CVE-2009-1337", "https://security-tracker.debian.org/tracker/CVE-2009-0065", "https://security-tracker.debian.org/tracker/CVE-2008-5395", "https://security-tracker.debian.org/tracker/CVE-2008-5701", "https://security-tracker.debian.org/tracker/CVE-2009-0675", "https://security-tracker.debian.org/tracker/CVE-2009-0859", "https://security-tracker.debian.org/tracker/CVE-2009-0031", "https://security-tracker.debian.org/tracker/CVE-2009-0029", "https://security-tracker.debian.org/tracker/CVE-2009-0676", "https://security-tracker.debian.org/tracker/CVE-2009-0028", "https://security-tracker.debian.org/tracker/CVE-2009-1336"], "pluginID": "38722", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to denial of service, privilege escalation, or information leak. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2008-4307 Bryn M. Reeves reported a denial of service in the NFS filesystem. Local users can trigger a kernel BUG() due to a race condition in the do_setlk function.\n\n - CVE-2008-5395 Helge Deller discovered a denial of service condition that allows local users on PA-RISC to crash the system by attempting to unwind a stack containing userspace addresses.\n\n - CVE-2008-5701 Vlad Malov reported an issue on 64-bit MIPS where a local user could cause a system crash by crafting a malicious binary which makes o32 syscalls with a number less than 4000.\n\n - CVE-2008-5702 Zvonimir Rakamaric reported an off-by-one error in the ib700wdt watchdog driver which allows local users to cause a buffer underflow by making a specially crafted WDIOC_SETTIMEOUT ioctl call.\n\n - CVE-2008-5713 Flavio Leitner discovered that a local user can cause a denial of service by generating large amounts of traffic on a large SMP system, resulting in soft lockups.\n\n - CVE-2009-0028 Chris Evans discovered a situation in which a child process can send an arbitrary signal to its parent.\n\n - CVE-2009-0029 Christian Borntraeger discovered an issue effecting the alpha, mips, powerpc, s390 and sparc64 architectures that allows local users to cause a denial of service or potentially gain elevated privileges.\n\n - CVE-2009-0031 Vegard Nossum discovered a memory leak in the keyctl subsystem that allows local users to cause a denial of service by consuming all available kernel memory.\n\n - CVE-2009-0065 Wei Yongjun discovered a memory overflow in the SCTP implementation that can be triggered by remote users, permitting remote code execution.\n\n - CVE-2009-0322 Pavel Roskin provided a fix for an issue in the dell_rbu driver that allows a local user to cause a denial of service (oops) by reading 0 bytes from a sysfs entry.\n\n - CVE-2009-0675 Roel Kluin discovered inverted logic in the skfddi driver that permits local, unprivileged users to reset the driver statistics.\n\n - CVE-2009-0676 Clement LECIGNE discovered a bug in the sock_getsockopt function that may result in leaking sensitive kernel memory.\n\n - CVE-2009-0834 Roland McGrath discovered an issue on amd64 kernels that allows local users to circumvent system call audit configurations which filter based on the syscall numbers or argument details.\n\n - CVE-2009-0859 Jiri Olsa discovered that a local user can cause a denial of service (system hang) using a SHM_INFO shmctl call on kernels compiled with CONFIG_SHMEM disabled.\n This issue does not affect prebuilt Debian kernels.\n\n - CVE-2009-1192 Shaohua Li reported an issue in the AGP subsystem that may allow local users to read sensitive kernel memory due to a leak of uninitialized memory.\n\n - CVE-2009-1265 Thomas Pollet reported an overflow in the af_rose implementation that allows remote attackers to retrieve uninitialized kernel memory that may contain sensitive data.\n\n - CVE-2009-1336 Trond Myklebust reported an issue in the encode_lookup() function in the nfs server subsystem that allows local users to cause a denial of service (oops in encode_lookup()) by use of a long filename.\n\n - CVE-2009-1337 Oleg Nesterov discovered an issue in the exit_notify function that allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n\n - CVE-2009-1439 Pavan Naregundi reported an issue in the CIFS filesystem code that allows remote users to overwrite memory via a long nativeFileSystem field in a Tree Connect response during mount.", "edition": 5, "reporter": "Tenable", "published": "2009-05-11T00:00:00", "title": "Debian DSA-1794-1 : linux-2.6 - denial of service/privilege escalation/information leak", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5702", "CVE-2008-5395", "CVE-2009-0859", "CVE-2008-5713", "CVE-2009-0675", "CVE-2008-4307", "CVE-2009-0028", "CVE-2009-0322", "CVE-2009-0676", "CVE-2009-1192", "CVE-2009-0065", "CVE-2009-1337", "CVE-2009-0834", "CVE-2009-1265", "CVE-2009-0031", "CVE-2009-1439", "CVE-2009-1336", "CVE-2009-0029", "CVE-2008-5701"], "modified": "2016-12-06T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:4.0", "p-cpe:/a:debian:debian_linux:linux-2.6"], "id": "DEBIAN_DSA-1794.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=38722", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1794. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(38722);\n script_version(\"$Revision: 1.20 $\");\n script_cvs_date(\"$Date: 2016/12/06 20:12:51 $\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2008-5395\", \"CVE-2008-5701\", \"CVE-2008-5702\", \"CVE-2008-5713\", \"CVE-2009-0028\", \"CVE-2009-0029\", \"CVE-2009-0031\", \"CVE-2009-0065\", \"CVE-2009-0322\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-0834\", \"CVE-2009-0859\", \"CVE-2009-1192\", \"CVE-2009-1265\", \"CVE-2009-1336\", \"CVE-2009-1337\", \"CVE-2009-1439\");\n script_bugtraq_id(33113, 33846, 33951, 34020, 34405, 34453, 34654, 34673);\n script_xref(name:\"DSA\", value:\"1794\");\n\n script_name(english:\"Debian DSA-1794-1 : linux-2.6 - denial of service/privilege escalation/information leak\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to denial of service, privilege escalation, or information\nleak. The Common Vulnerabilities and Exposures project identifies the\nfollowing problems :\n\n - CVE-2008-4307\n Bryn M. Reeves reported a denial of service in the NFS\n filesystem. Local users can trigger a kernel BUG() due\n to a race condition in the do_setlk function.\n\n - CVE-2008-5395\n Helge Deller discovered a denial of service condition\n that allows local users on PA-RISC to crash the system\n by attempting to unwind a stack containing userspace\n addresses.\n\n - CVE-2008-5701\n Vlad Malov reported an issue on 64-bit MIPS where a\n local user could cause a system crash by crafting a\n malicious binary which makes o32 syscalls with a number\n less than 4000.\n\n - CVE-2008-5702\n Zvonimir Rakamaric reported an off-by-one error in the\n ib700wdt watchdog driver which allows local users to\n cause a buffer underflow by making a specially crafted\n WDIOC_SETTIMEOUT ioctl call.\n\n - CVE-2008-5713\n Flavio Leitner discovered that a local user can cause a\n denial of service by generating large amounts of traffic\n on a large SMP system, resulting in soft lockups.\n\n - CVE-2009-0028\n Chris Evans discovered a situation in which a child\n process can send an arbitrary signal to its parent.\n\n - CVE-2009-0029\n Christian Borntraeger discovered an issue effecting the\n alpha, mips, powerpc, s390 and sparc64 architectures\n that allows local users to cause a denial of service or\n potentially gain elevated privileges.\n\n - CVE-2009-0031\n Vegard Nossum discovered a memory leak in the keyctl\n subsystem that allows local users to cause a denial of\n service by consuming all available kernel memory.\n\n - CVE-2009-0065\n Wei Yongjun discovered a memory overflow in the SCTP\n implementation that can be triggered by remote users,\n permitting remote code execution.\n\n - CVE-2009-0322\n Pavel Roskin provided a fix for an issue in the dell_rbu\n driver that allows a local user to cause a denial of\n service (oops) by reading 0 bytes from a sysfs entry.\n\n - CVE-2009-0675\n Roel Kluin discovered inverted logic in the skfddi\n driver that permits local, unprivileged users to reset\n the driver statistics.\n\n - CVE-2009-0676\n Clement LECIGNE discovered a bug in the sock_getsockopt\n function that may result in leaking sensitive kernel\n memory.\n\n - CVE-2009-0834\n Roland McGrath discovered an issue on amd64 kernels that\n allows local users to circumvent system call audit\n configurations which filter based on the syscall numbers\n or argument details.\n\n - CVE-2009-0859\n Jiri Olsa discovered that a local user can cause a\n denial of service (system hang) using a SHM_INFO shmctl\n call on kernels compiled with CONFIG_SHMEM disabled.\n This issue does not affect prebuilt Debian kernels.\n\n - CVE-2009-1192\n Shaohua Li reported an issue in the AGP subsystem that\n may allow local users to read sensitive kernel memory\n due to a leak of uninitialized memory.\n\n - CVE-2009-1265\n Thomas Pollet reported an overflow in the af_rose\n implementation that allows remote attackers to retrieve\n uninitialized kernel memory that may contain sensitive\n data.\n\n - CVE-2009-1336\n Trond Myklebust reported an issue in the encode_lookup()\n function in the nfs server subsystem that allows local\n users to cause a denial of service (oops in\n encode_lookup()) by use of a long filename.\n\n - CVE-2009-1337\n Oleg Nesterov discovered an issue in the exit_notify\n function that allows local users to send an arbitrary\n signal to a process by running a program that modifies\n the exit_signal field and then uses an exec system call\n to launch a setuid application.\n\n - CVE-2009-1439\n Pavan Naregundi reported an issue in the CIFS filesystem\n code that allows remote users to overwrite memory via a\n long nativeFileSystem field in a Tree Connect response\n during mount.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4307\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5395\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5701\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5702\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5713\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0028\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0029\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0031\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0322\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0675\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0676\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0859\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1192\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1265\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1336\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1337\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1439\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2009/dsa-1794\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux-2.6, fai-kernels, and user-mode-linux packages.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 2.6.18.dfsg.1-24etch2.\n\nNote: Debian carefully tracks all known security issues across every\nlinux kernel package in all releases under active security support.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, updates for lower priority issues will normally not\nbe released for all kernels at the same time. Rather, they will be\nreleased in a staggered or 'leap-frog' fashion.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 119, 189, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"fai-kernels\", reference:\"1.17+etch.24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-doc-2.6.18\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-486\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-686\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-686-bigmem\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-alpha\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-arm\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-hppa\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-i386\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-ia64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-mips\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-mipsel\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-powerpc\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-s390\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-sparc\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-generic\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-legacy\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-smp\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-footbridge\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-iop32x\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-itanium\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-ixp4xx\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-k7\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-mckinley\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc-smp\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc64-smp\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc-miboot\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc-smp\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-prep\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-qemu\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r3k-kn02\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r4k-ip22\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r4k-kn04\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r5k-cobalt\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r5k-ip32\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-rpc\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s390\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s390x\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s3c2410\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sb1-bcm91250a\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sb1a-bcm91480b\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc32\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc64-smp\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-686\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-alpha\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-k7\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-powerpc\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-powerpc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-s390x\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-sparc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-486\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-686\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-686-bigmem\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-generic\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-legacy\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-smp\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-footbridge\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-iop32x\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-itanium\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-ixp4xx\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-k7\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-mckinley\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc-smp\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc64-smp\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc-miboot\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc-smp\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-prep\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-qemu\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r3k-kn02\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r4k-ip22\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r4k-kn04\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r5k-cobalt\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r5k-ip32\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-rpc\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390-tape\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390x\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s3c2410\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sb1-bcm91250a\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sb1a-bcm91480b\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc32\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc64-smp\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-686\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-alpha\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-amd64\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-k7\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-powerpc\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-powerpc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-s390x\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-sparc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-manual-2.6.18\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-patch-debian-2.6.18\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-source-2.6.18\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-support-2.6.18-6\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-tree-2.6.18\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"user-mode-linux\", reference:\"2.6.18-1um-2etch.24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:08:32", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2008-5395", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-5702", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-5700", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-5079", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-5300", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-5182"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "8.10", "packageVersion": "2.6.27-11.27", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.27-11-virtual", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.10", "packageVersion": "2.6.27-11.27", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.27-11-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.10", "packageVersion": "2.6.27-11.27", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.27-11-server", "operator": "lt"}], "description": "Hugo Dias discovered that the ATM subsystem did not correctly manage socket counts. A local attacker could exploit this to cause a system hang, leading to a denial of service. (CVE-2008-5079)\n\nIt was discovered that the inotify subsystem contained watch removal race conditions. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-5182)\n\nDann Frazier discovered that in certain situations sendmsg did not correctly release allocated memory. A local attacker could exploit this to force the system to run out of free memory, leading to a denial of service. (CVE-2008-5300)\n\nHelge Deller discovered that PA-RISC stack unwinding was not handled correctly. A local attacker could exploit this to crash the system, leading do a denial of service. This did not affect official Ubuntu kernels, but was fixed in the source for anyone performing HPPA kernel builds. (CVE-2008-5395)\n\nIt was discovered that the ATA subsystem did not correctly set timeouts. A local attacker could exploit this to cause a system hang, leading to a denial of service. (CVE-2008-5700)\n\nIt was discovered that the ib700 watchdog timer did not correctly check buffer sizes. A local attacker could send a specially crafted ioctl to the device to cause a system crash, leading to a denial of service. (CVE-2008-5702)", "edition": 3, "reporter": "Ubuntu", "published": "2009-01-29T00:00:00", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "bulletinFamily": "unix", "cvelist": ["CVE-2008-5702", "CVE-2008-5395", "CVE-2008-5700", "CVE-2008-5182", "CVE-2008-5079", "CVE-2008-5300"], "modified": "2009-01-29T00:00:00", "id": "USN-715-1", "href": "https://usn.ubuntu.com/715-1/", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:09:29", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2008-5713", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-5702", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-5700", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-5079", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-5300", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-5182", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-5134"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "7.10", "packageVersion": "2.6.22-16.61", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.22-16-itanium", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "2.6.24-23.48", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.24-23-rt", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "2.6.24-23.48", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.24-23-server", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.10", "packageVersion": "2.6.22-16.61", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.22-16-mckinley", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "2.6.24-23.48", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.24-23-lpia", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "2.6.15-53.75", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.15-53-sparc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "2.6.15-53.75", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.15-53-itanium", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.10", "packageVersion": "2.6.22-16.61", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.22-16-hppa64", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.10", "packageVersion": "2.6.22-16.61", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.22-16-sparc64", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "2.6.24-23.48", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.24-23-hppa64", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.10", "packageVersion": "2.6.22-16.61", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.22-16-powerpc-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "2.6.15-53.75", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.15-53-hppa32", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "2.6.15-53.75", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.15-53-amd64-xeon", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "2.6.24-23.48", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.24-23-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "2.6.15-53.75", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.15-53-itanium-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "2.6.15-53.75", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.15-53-mckinley", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.10", "packageVersion": "2.6.22-16.61", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.22-16-ume", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "2.6.15-53.75", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.15-53-hppa32-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "2.6.24-23.48", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.24-23-powerpc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "2.6.24-23.48", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.24-23-itanium", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.10", "packageVersion": "2.6.22-16.61", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.22-16-powerpc", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "2.6.15-53.75", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.15-53-686", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "2.6.24-23.48", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.24-23-386", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "2.6.15-53.75", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.15-53-powerpc-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "2.6.15-53.75", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.15-53-k7", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "2.6.15-53.75", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.15-53-server-bigiron", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.10", "packageVersion": "2.6.22-16.61", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.22-16-server", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "2.6.24-23.48", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.24-23-sparc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.10", "packageVersion": "2.6.22-16.61", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.22-16-xen", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "2.6.15-53.75", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.15-53-amd64-server", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "2.6.15-53.75", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.15-53-server", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "2.6.24-23.48", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.24-23-lpiacompat", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "2.6.24-23.48", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.24-23-powerpc", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.10", "packageVersion": "2.6.22-16.61", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.22-16-hppa32", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.10", "packageVersion": "2.6.22-16.61", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.22-16-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.10", "packageVersion": "2.6.22-16.61", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.22-16-lpia", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.10", "packageVersion": "2.6.22-16.61", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.22-16-sparc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "2.6.15-53.75", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.15-53-powerpc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.10", "packageVersion": "2.6.22-16.61", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.22-16-cell", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "2.6.24-23.48", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.24-23-hppa32", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "2.6.15-53.75", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.15-53-powerpc", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.10", "packageVersion": "2.6.22-16.61", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.22-16-virtual", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "2.6.15-53.75", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.15-53-hppa64", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "2.6.24-23.48", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.24-23-sparc64", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "2.6.15-53.75", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.15-53-sparc64", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.10", "packageVersion": "2.6.22-16.61", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.22-16-386", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "2.6.15-53.75", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.15-53-386", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "2.6.24-23.48", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.24-23-mckinley", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "2.6.24-23.48", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.24-23-virtual", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "2.6.24-23.48", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.24-23-powerpc-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "2.6.24-23.48", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.24-23-openvz", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "2.6.15-53.75", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.15-53-hppa64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.10", "packageVersion": "2.6.22-16.61", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.22-16-lpiacompat", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "2.6.15-53.75", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.15-53-amd64-k8", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "2.6.24-23.48", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.24-23-xen", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.10", "packageVersion": "2.6.22-16.61", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.22-16-powerpc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "2.6.15-53.75", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.15-53-amd64-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "2.6.15-53.75", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.15-53-mckinley-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.10", "packageVersion": "2.6.22-16.61", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.22-16-rt", "operator": "lt"}], "description": "Hugo Dias discovered that the ATM subsystem did not correctly manage socket counts. A local attacker could exploit this to cause a system hang, leading to a denial of service. (CVE-2008-5079)\n\nIt was discovered that the libertas wireless driver did not correctly handle beacon and probe responses. A physically near-by attacker could generate specially crafted wireless network traffic and cause a denial of service. Ubuntu 6.06 was not affected. (CVE-2008-5134)\n\nIt was discovered that the inotify subsystem contained watch removal race conditions. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-5182)\n\nDann Frazier discovered that in certain situations sendmsg did not correctly release allocated memory. A local attacker could exploit this to force the system to run out of free memory, leading to a denial of service. Ubuntu 6.06 was not affected. (CVE-2008-5300)\n\nIt was discovered that the ATA subsystem did not correctly set timeouts. A local attacker could exploit this to cause a system hang, leading to a denial of service. (CVE-2008-5700)\n\nIt was discovered that the ib700 watchdog timer did not correctly check buffer sizes. A local attacker could send a specially crafted ioctl to the device to cause a system crash, leading to a denial of service. (CVE-2008-5702)\n\nIt was discovered that in certain situations the network scheduler did not correctly handle very large levels of traffic. A local attacker could produce a high volume of UDP traffic resulting in a system hang, leading to a denial of service. Ubuntu 8.04 was not affected. (CVE-2008-5713)", "edition": 3, "reporter": "Ubuntu", "published": "2009-01-29T00:00:00", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "bulletinFamily": "unix", "cvelist": ["CVE-2008-5702", "CVE-2008-5700", "CVE-2008-5713", "CVE-2008-5134", "CVE-2008-5182", "CVE-2008-5079", "CVE-2008-5300"], "modified": "2009-01-29T00:00:00", "id": "USN-714-1", "href": "https://usn.ubuntu.com/714-1/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T12:13:25", "references": [], "affectedPackage": [{"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-vanilla", "packageFilename": "kernel-vanilla-2.6.27.19-3.2.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-syms", "packageFilename": "kernel-syms-2.6.27.19-3.2.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-default", "packageFilename": "kernel-default-2.6.27.19-3.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-source", "packageFilename": "kernel-source-2.6.27.19-3.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-default-base", "packageFilename": "kernel-default-base-2.6.27.19-3.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-trace-extra", "packageFilename": "kernel-trace-extra-2.6.27.19-3.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-source", "packageFilename": "kernel-source-2.6.27.19-3.2.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-default", "packageFilename": "kernel-default-2.6.27.19-3.2.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-xen-extra", "packageFilename": "kernel-xen-extra-2.6.27.19-3.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-syms", "packageFilename": "kernel-syms-2.6.27.19-3.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-default-extra", "packageFilename": "kernel-default-extra-2.6.27.19-3.2.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-vanilla", "packageFilename": "kernel-vanilla-2.6.27.19-3.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-xen-extra", "packageFilename": "kernel-xen-extra-2.6.27.19-3.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-xen", "packageFilename": "kernel-xen-2.6.27.19-3.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-debug-base", "packageFilename": "kernel-debug-base-2.6.27.19-3.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-default-base", "packageFilename": "kernel-default-base-2.6.27.19-3.2.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-pae", "packageFilename": "kernel-pae-2.6.27.19-3.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-xen", "packageFilename": "kernel-xen-2.6.27.19-3.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-xen-base", "packageFilename": "kernel-xen-base-2.6.27.19-3.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-syms", "packageFilename": "kernel-syms-2.6.27.19-3.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-vanilla", "packageFilename": "kernel-vanilla-2.6.27.19-3.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-default-extra", "packageFilename": "kernel-default-extra-2.6.27.19-3.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-kdump", "packageFilename": "kernel-kdump-2.6.27.19-3.2.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-trace-base", "packageFilename": "kernel-trace-base-2.6.27.19-3.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-default-base", "packageFilename": "kernel-default-base-2.6.27.19-3.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-trace", "packageFilename": "kernel-trace-2.6.27.19-3.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-trace", "packageFilename": "kernel-trace-2.6.27.19-3.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-trace-base", "packageFilename": "kernel-trace-base-2.6.27.19-3.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-ppc64", "packageFilename": "kernel-ppc64-2.6.27.19-3.2.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.27.19-3.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-pae-extra", "packageFilename": "kernel-pae-extra-2.6.27.19-3.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-ps3", "packageFilename": "kernel-ps3-2.6.27.19-3.2.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-source", "packageFilename": "kernel-source-2.6.27.19-3.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-default-extra", "packageFilename": "kernel-default-extra-2.6.27.19-3.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-pae-base", "packageFilename": "kernel-pae-base-2.6.27.19-3.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-default", "packageFilename": "kernel-default-2.6.27.19-3.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.3-3.13.5", "packageName": "kernel-docs", "packageFilename": "kernel-docs-2.6.3-3.13.5.noarch.rpm", "arch": "noarch", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-ppc64-extra", "packageFilename": "kernel-ppc64-extra-2.6.27.19-3.2.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-ppc64-base", "packageFilename": "kernel-ppc64-base-2.6.27.19-3.2.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-debug-extra", "packageFilename": "kernel-debug-extra-2.6.27.19-3.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-debug-extra", "packageFilename": "kernel-debug-extra-2.6.27.19-3.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.27.19-3.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-trace-extra", "packageFilename": "kernel-trace-extra-2.6.27.19-3.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-xen-base", "packageFilename": "kernel-xen-base-2.6.27.19-3.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.6.27.19-3.2.1", "packageName": "kernel-debug-base", "packageFilename": "kernel-debug-base-2.6.27.19-3.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}], "description": "This update fixes several security issues and lots of bugs in the openSUSE 11.1 kernel.\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "reporter": "Suse", "published": "2009-02-26T17:06:24", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "suse", "title": "local privilege escalation in kernel", "bulletinFamily": "unix", "cvelist": ["CVE-2008-5702", "CVE-2008-5700", "CVE-2009-0028", "CVE-2009-0322", "CVE-2008-5079", "CVE-2009-0065", "CVE-2009-0269", "CVE-2009-0031", "CVE-2009-0029"], "modified": "2009-02-26T17:06:24", "id": "SUSE-SA:2009:010", "href": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:09:51", "references": [], "affectedPackage": [{"OS": "openSUSE", "OSVersion": "11.0", "packageVersion": "2.6.25.20-0.1", "packageName": "kernel-kdump", "packageFilename": "kernel-kdump-2.6.25.20-0.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.0", "packageVersion": "2.6.25.20-0.1", "packageName": "kernel-vanilla", "packageFilename": "kernel-vanilla-2.6.25.20-0.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.0", "packageVersion": "2.6.25.20-0.1", "packageName": "kernel-syms", "packageFilename": "kernel-syms-2.6.25.20-0.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.0", "packageVersion": "2.6.25.20-0.1", "packageName": "kernel-default", "packageFilename": "kernel-default-2.6.25.20-0.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.0", "packageVersion": "2.6.25.20-0.1", "packageName": "kernel-default", "packageFilename": "kernel-default-2.6.25.20-0.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.0", "packageVersion": "2.6.25.20-0.1", "packageName": "kernel-rt_debug", "packageFilename": "kernel-rt_debug-2.6.25.20-0.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.0", "packageVersion": "2.6.25.20-0.1", "packageName": "kernel-vanilla", "packageFilename": "kernel-vanilla-2.6.25.20-0.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.0", "packageVersion": "2.6.25.20-0.1", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.25.20-0.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.0", "packageVersion": "2.6.25.20-0.1", "packageName": "kernel-syms", "packageFilename": "kernel-syms-2.6.25.20-0.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.0", "packageVersion": "2.6.25.20-0.1", "packageName": "kernel-xen", "packageFilename": "kernel-xen-2.6.25.20-0.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.0", "packageVersion": "2.6.25.20-0.1", "packageName": "kernel-ppc64", "packageFilename": "kernel-ppc64-2.6.25.20-0.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.0", "packageVersion": "2.6.25.20-0.1", "packageName": "kernel-rt", "packageFilename": "kernel-rt-2.6.25.20-0.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.0", "packageVersion": "2.6.25.20-0.1", "packageName": "kernel-pae", "packageFilename": "kernel-pae-2.6.25.20-0.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.0", "packageVersion": "2.6.25.20-0.1", "packageName": "kernel-syms", "packageFilename": "kernel-syms-2.6.25.20-0.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.0", "packageVersion": "2.6.25.20-0.1", "packageName": "kernel-xen", "packageFilename": "kernel-xen-2.6.25.20-0.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.0", "packageVersion": "2.6.25.20-0.1", "packageName": "kernel-source", "packageFilename": "kernel-source-2.6.25.20-0.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.0", "packageVersion": "2.6.25.20-0.1", "packageName": "kernel-vanilla", "packageFilename": "kernel-vanilla-2.6.25.20-0.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.0", "packageVersion": "2.6.25.20-0.1", "packageName": "kernel-docs", "packageFilename": "kernel-docs-2.6.25.20-0.1.noarch.rpm", "arch": "noarch", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.0", "packageVersion": "2.6.25.20-0.1", "packageName": "kernel-ps3", "packageFilename": "kernel-ps3-2.6.25.20-0.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.0", "packageVersion": "2.6.25.20-0.1", "packageName": "kernel-source", "packageFilename": "kernel-source-2.6.25.20-0.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.0", "packageVersion": "2.6.25.20-0.1", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.25.20-0.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.0", "packageVersion": "2.6.25.20-0.1", "packageName": "kernel-rt", "packageFilename": "kernel-rt-2.6.25.20-0.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.0", "packageVersion": "2.6.25.20-0.1", "packageName": "kernel-default", "packageFilename": "kernel-default-2.6.25.20-0.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.0", "packageVersion": "2.6.25.20-0.1", "packageName": "kernel-rt_debug", "packageFilename": "kernel-rt_debug-2.6.25.20-0.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.0", "packageVersion": "2.6.25.20-0.1", "packageName": "kernel-source", "packageFilename": "kernel-source-2.6.25.20-0.1.ppc.rpm", "arch": "ppc", "operator": "lt"}], "description": "This update fixes various security issues and several bugs in the openSUSE 11.0 kernel.\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "reporter": "Suse", "published": "2009-01-20T17:01:02", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "suse", "title": "local privilege escalation in kernel-debug", "bulletinFamily": "unix", "cvelist": ["CVE-2008-5702", "CVE-2008-4554", "CVE-2008-5700", "CVE-2008-5029", "CVE-2008-3831", "CVE-2008-5182", "CVE-2008-5079", "CVE-2008-5025", "CVE-2008-5300", "CVE-2008-4933"], "modified": "2009-01-20T17:01:02", "id": "SUSE-SA:2009:003", "href": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00005.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:13:40", "references": [], "affectedPackage": [{"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "2.6.22.19-0.3", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.22.19-0.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "2.6.22.19-0.3", "packageName": "kernel-syms", "packageFilename": "kernel-syms-2.6.22.19-0.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "2.6.22.19-0.3", "packageName": "kernel-bigsmp", "packageFilename": "kernel-bigsmp-2.6.22.19-0.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "2.6.22.19-0.3", "packageName": "kernel-default", "packageFilename": "kernel-default-2.6.22.19-0.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "2.6.22.19-0.3", "packageName": "kernel-source", "packageFilename": "kernel-source-2.6.22.19-0.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "2.6.22.19-0.3", "packageName": "kernel-xen", "packageFilename": "kernel-xen-2.6.22.19-0.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "2.6.22.19-0.3", "packageName": "kernel-kdump", "packageFilename": "kernel-kdump-2.6.22.19-0.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "2.6.22.19-0.3", "packageName": "kernel-syms", "packageFilename": "kernel-syms-2.6.22.19-0.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "2.6.22.19-0.3", "packageName": "kernel-xen", "packageFilename": "kernel-xen-2.6.22.19-0.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "2.6.22.19-0.3", "packageName": "kernel-syms", "packageFilename": "kernel-syms-2.6.22.19-0.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "2.6.22.19-0.3", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.22.19-0.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "2.6.22.19-0.3", "packageName": "kernel-source", "packageFilename": "kernel-source-2.6.22.19-0.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "2.6.22.19-0.3", "packageName": "kernel-xenpae", "packageFilename": "kernel-xenpae-2.6.22.19-0.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "2.6.22.19-0.3", "packageName": "kernel-default", "packageFilename": "kernel-default-2.6.22.19-0.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "2.6.22.19-0.3", "packageName": "kernel-default", "packageFilename": "kernel-default-2.6.22.19-0.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "2.6.22.19-0.3", "packageName": "kernel-ppc64", "packageFilename": "kernel-ppc64-2.6.22.19-0.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.3", "packageVersion": "2.6.22.19-0.3", "packageName": "kernel-source", "packageFilename": "kernel-source-2.6.22.19-0.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}], "description": "This kernel update for openSUSE 10.3 fixes some bugs and several security problems.\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "reporter": "Suse", "published": "2009-06-08T17:54:43", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "type": "suse", "title": "remote code execution in kernel", "bulletinFamily": "unix", "cvelist": ["CVE-2008-5702", "CVE-2008-4554", "CVE-2009-1961", "CVE-2009-0859", "CVE-2009-0028", "CVE-2009-1072", "CVE-2009-0835", "CVE-2009-0322", "CVE-2009-0676", "CVE-2009-0065", "CVE-2009-1337", "CVE-2009-0269", "CVE-2009-0834", "CVE-2009-1265", "CVE-2009-1439"], "modified": "2009-06-08T17:54:43", "id": "SUSE-SA:2009:030", "href": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2017-10-12T14:44:56", "references": ["https://rhn.redhat.com/errata/RHSA-2009-0014.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.EL", "arch": "i686", "packageName": "kernel-smp-devel", "packageFilename": "kernel-smp-devel-2.6.9-78.0.13.EL.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.EL", "arch": "i686", "packageName": "kernel-xenU", "packageFilename": "kernel-xenU-2.6.9-78.0.13.EL.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.EL", "arch": "x86_64", "packageName": "kernel", "packageFilename": "kernel-2.6.9-78.0.13.EL.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.EL", "arch": "i686", "packageName": "kernel-hugemem", "packageFilename": "kernel-hugemem-2.6.9-78.0.13.EL.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.EL", "arch": "x86_64", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.9-78.0.13.EL.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.EL", "arch": "any", "packageName": "kernel", "packageFilename": "kernel-2.6.9-78.0.13.EL.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.EL", "arch": "any", "packageName": "kernel", "packageFilename": "kernel-2.6.9-78.0.13.EL.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.EL", "arch": "i686", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.9-78.0.13.EL.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.EL", "arch": "i686", "packageName": "kernel-hugemem-devel", "packageFilename": "kernel-hugemem-devel-2.6.9-78.0.13.EL.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.EL", "arch": "i686", "packageName": "kernel-xenU-devel", "packageFilename": "kernel-xenU-devel-2.6.9-78.0.13.EL.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.EL", "arch": "i586", "packageName": "kernel-smp", "packageFilename": "kernel-smp-2.6.9-78.0.13.EL.i586.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.EL", "arch": "x86_64", "packageName": "kernel-xenU-devel", "packageFilename": "kernel-xenU-devel-2.6.9-78.0.13.EL.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.EL", "arch": "x86_64", "packageName": "kernel-smp", "packageFilename": "kernel-smp-2.6.9-78.0.13.EL.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.EL", "arch": "noarch", "packageName": "kernel-doc", "packageFilename": "kernel-doc-2.6.9-78.0.13.EL.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.EL", "arch": "noarch", "packageName": "kernel-doc", "packageFilename": "kernel-doc-2.6.9-78.0.13.EL.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.EL", "arch": "x86_64", "packageName": "kernel-xenU", "packageFilename": "kernel-xenU-2.6.9-78.0.13.EL.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.EL", "arch": "x86_64", "packageName": "kernel-largesmp-devel", "packageFilename": "kernel-largesmp-devel-2.6.9-78.0.13.EL.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.EL", "arch": "i686", "packageName": "kernel-smp", "packageFilename": "kernel-smp-2.6.9-78.0.13.EL.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.EL", "arch": "x86_64", "packageName": "kernel-largesmp", "packageFilename": "kernel-largesmp-2.6.9-78.0.13.EL.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.EL", "arch": "i586", "packageName": "kernel-smp-devel", "packageFilename": "kernel-smp-devel-2.6.9-78.0.13.EL.i586.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.EL", "arch": "i586", "packageName": "kernel", "packageFilename": "kernel-2.6.9-78.0.13.EL.i586.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.EL", "arch": "i586", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.9-78.0.13.EL.i586.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.EL", "arch": "i686", "packageName": "kernel", "packageFilename": "kernel-2.6.9-78.0.13.EL.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.EL", "arch": "x86_64", "packageName": "kernel-smp-devel", "packageFilename": "kernel-smp-devel-2.6.9-78.0.13.EL.x86_64.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2009:0014\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update addresses the following security issues:\n\n* the sendmsg() function in the Linux kernel did not block during UNIX\nsocket garbage collection. This could, potentially, lead to a local denial\nof service. (CVE-2008-5300, Important)\n\n* when fput() was called to close a socket, the __scm_destroy() function in\nthe Linux kernel could make indirect recursive calls to itself. This could,\npotentially, lead to a local denial of service. (CVE-2008-5029, Important)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS)\nimplementation. This could allow a local, unprivileged user to make a\nseries of file creations within deleted directories, possibly causing a\ndenial of service. (CVE-2008-3275, Moderate)\n\n* a buffer underflow flaw was found in the Linux kernel IB700 SBC watchdog\ntimer driver. This deficiency could lead to a possible information leak. By\ndefault, the \"/dev/watchdog\" device is accessible only to the root user.\n(CVE-2008-5702, Low)\n\n* the hfs and hfsplus file systems code failed to properly handle corrupted\ndata structures. This could, potentially, lead to a local denial of\nservice. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the hfsplus file system implementation. This could,\npotentially, lead to a local denial of service when write operations were\nperformed. (CVE-2008-4934, Low)\n\nThis update also fixes the following bugs:\n\n* when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems running\nIntel\u00ae CPUs, the cpuspeed daemon did not run, preventing the CPU speed from\nbeing changed, such as not being reduced to an idle state when not in use.\n\n* mmap() could be used to gain access to beyond the first megabyte of RAM,\ndue to insufficient checks in the Linux kernel code. Checks have been added\nto prevent this.\n\n* attempting to turn keyboard LEDs on and off rapidly on keyboards with\nslow keyboard controllers, may have caused key presses to fail.\n\n* after migrating a hypervisor guest, the MAC address table was not\nupdated, causing packet loss and preventing network connections to the\nguest. Now, a gratuitous ARP request is sent after migration. This\nrefreshes the ARP caches, minimizing network downtime.\n\n* writing crash dumps with diskdump may have caused a kernel panic on\nNon-Uniform Memory Access (NUMA) systems with certain memory\nconfigurations.\n\n* on big-endian systems, such as PowerPC, the getsockopt() function\nincorrectly returned 0 depending on the parameters passed to it when the\ntime to live (TTL) value equaled 255, possibly causing memory corruption\nand application crashes.\n\n* a problem in the kernel packages provided by the RHSA-2008:0508 advisory\ncaused the Linux kernel's built-in memory copy procedure to return the\nwrong error code after recovering from a page fault on AMD64 and Intel 64\nsystems. This may have caused other Linux kernel functions to return wrong\nerror codes.\n\n* a divide-by-zero bug in the Linux kernel process scheduler, which may\nhave caused kernel panics on certain systems, has been resolved.\n\n* the netconsole kernel module caused the Linux kernel to hang when slave\ninterfaces of bonded network interfaces were started, resulting in a system\nhang or kernel panic when restarting the network.\n\n* the \"/proc/xen/\" directory existed even if systems were not running Red\nHat Virtualization. This may have caused problems for third-party software\nthat checks virtualization-ability based on the existence of \"/proc/xen/\".\nNote: this update will remove the \"/proc/xen/\" directory on systems not\nrunning Red Hat Virtualization.\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated\npackages, which contain backported patches to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-January/015556.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-January/015557.html\n\n**Affected packages:**\nkernel\nkernel-devel\nkernel-doc\nkernel-hugemem\nkernel-hugemem-devel\nkernel-largesmp\nkernel-largesmp-devel\nkernel-smp\nkernel-smp-devel\nkernel-xenU\nkernel-xenU-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-0014.html", "edition": 2, "reporter": "CentOS Project", "published": "2009-01-15T13:41:46", "title": "kernel security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2008-5702", "CVE-2008-5029", "CVE-2008-5025", "CVE-2008-5300", "CVE-2008-4933", "CVE-2008-3275", "CVE-2008-4934"], "modified": "2009-01-15T13:41:46", "href": "http://lists.centos.org/pipermail/centos-announce/2009-January/015556.html", "id": "CESA-2009:0014", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:38:02", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.0.1.EL", "arch": "src", "packageFilename": "kernel-2.6.9-78.0.13.0.1.EL.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.0.1.EL", "arch": "src", "packageFilename": "kernel-2.6.9-78.0.13.0.1.EL.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.0.1.EL", "arch": "src", "packageFilename": "kernel-2.6.9-78.0.13.0.1.EL.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.2.9-1.el4", "arch": "ia64", "packageFilename": "ocfs2-2.6.9-78.0.13.0.1.EL-1.2.9-1.el4.ia64.rpm", "packageName": "ocfs2-2.6.9-78.0.13.0.1.EL", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.0.1.EL", "arch": "i686", "packageFilename": "kernel-hugemem-devel-2.6.9-78.0.13.0.1.EL.i686.rpm", "packageName": "kernel-hugemem-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.0.1.EL", "arch": "x86_64", "packageFilename": "kernel-2.6.9-78.0.13.0.1.EL.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.2.9-1.el4", "arch": "i686", "packageFilename": "ocfs2-2.6.9-78.0.13.0.1.ELhugemem-1.2.9-1.el4.i686.rpm", "packageName": "ocfs2-2.6.9-78.0.13.0.1.ELhugemem", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.2.9-1.el4", "arch": "x86_64", "packageFilename": "ocfs2-2.6.9-78.0.13.0.1.ELxenU-1.2.9-1.el4.x86_64.rpm", "packageName": "ocfs2-2.6.9-78.0.13.0.1.ELxenU", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.0.5-1.el4", "arch": "x86_64", "packageFilename": "oracleasm-2.6.9-78.0.13.0.1.ELlargesmp-2.0.5-1.el4.x86_64.rpm", "packageName": "oracleasm-2.6.9-78.0.13.0.1.ELlargesmp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.2.9-1.el4", "arch": "x86_64", "packageFilename": "ocfs2-2.6.9-78.0.13.0.1.ELsmp-1.2.9-1.el4.x86_64.rpm", "packageName": "ocfs2-2.6.9-78.0.13.0.1.ELsmp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.0.5-1.el4", "arch": "ia64", "packageFilename": "oracleasm-2.6.9-78.0.13.0.1.ELlargesmp-2.0.5-1.el4.ia64.rpm", "packageName": "oracleasm-2.6.9-78.0.13.0.1.ELlargesmp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.0.1.EL", "arch": "i686", "packageFilename": "kernel-xenU-2.6.9-78.0.13.0.1.EL.i686.rpm", "packageName": "kernel-xenU", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.0.5-1.el4", "arch": "x86_64", "packageFilename": "oracleasm-2.6.9-78.0.13.0.1.EL-2.0.5-1.el4.x86_64.rpm", "packageName": "oracleasm-2.6.9-78.0.13.0.1.EL", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.0.1.EL", "arch": "i686", "packageFilename": "kernel-2.6.9-78.0.13.0.1.EL.i686.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.0.1.EL", "arch": "i686", "packageFilename": "kernel-hugemem-2.6.9-78.0.13.0.1.EL.i686.rpm", "packageName": "kernel-hugemem", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.0.1.EL", "arch": "ia64", "packageFilename": "kernel-devel-2.6.9-78.0.13.0.1.EL.ia64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.2.9-1.el4", "arch": "i686", "packageFilename": "ocfs2-2.6.9-78.0.13.0.1.ELxenU-1.2.9-1.el4.i686.rpm", "packageName": "ocfs2-2.6.9-78.0.13.0.1.ELxenU", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.0.1.EL", "arch": "x86_64", "packageFilename": "kernel-largesmp-2.6.9-78.0.13.0.1.EL.x86_64.rpm", "packageName": "kernel-largesmp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.0.1.EL", "arch": "i686", "packageFilename": "kernel-smp-2.6.9-78.0.13.0.1.EL.i686.rpm", "packageName": "kernel-smp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.0.1.EL", "arch": "x86_64", "packageFilename": "kernel-xenU-devel-2.6.9-78.0.13.0.1.EL.x86_64.rpm", "packageName": "kernel-xenU-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.0.5-1.el4", "arch": "src", "packageFilename": "oracleasm-2.6.9-78.0.13.0.1.EL-2.0.5-1.el4.src.rpm", "packageName": "oracleasm-2.6.9-78.0.13.0.1.EL", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.0.5-1.el4", "arch": "src", "packageFilename": "oracleasm-2.6.9-78.0.13.0.1.EL-2.0.5-1.el4.src.rpm", "packageName": "oracleasm-2.6.9-78.0.13.0.1.EL", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.0.5-1.el4", "arch": "src", "packageFilename": "oracleasm-2.6.9-78.0.13.0.1.EL-2.0.5-1.el4.src.rpm", "packageName": "oracleasm-2.6.9-78.0.13.0.1.EL", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.2.9-1.el4", "arch": "src", "packageFilename": "ocfs2-2.6.9-78.0.13.0.1.EL-1.2.9-1.el4.src.rpm", "packageName": "ocfs2-2.6.9-78.0.13.0.1.EL", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.2.9-1.el4", "arch": "src", "packageFilename": "ocfs2-2.6.9-78.0.13.0.1.EL-1.2.9-1.el4.src.rpm", "packageName": "ocfs2-2.6.9-78.0.13.0.1.EL", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.2.9-1.el4", "arch": "src", "packageFilename": "ocfs2-2.6.9-78.0.13.0.1.EL-1.2.9-1.el4.src.rpm", "packageName": "ocfs2-2.6.9-78.0.13.0.1.EL", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.0.1.EL", "arch": "ia64", "packageFilename": "kernel-2.6.9-78.0.13.0.1.EL.ia64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.2.9-1.el4", "arch": "x86_64", "packageFilename": "ocfs2-2.6.9-78.0.13.0.1.EL-1.2.9-1.el4.x86_64.rpm", "packageName": "ocfs2-2.6.9-78.0.13.0.1.EL", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.0.1.EL", "arch": "x86_64", "packageFilename": "kernel-largesmp-devel-2.6.9-78.0.13.0.1.EL.x86_64.rpm", "packageName": "kernel-largesmp-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.2.9-1.el4", "arch": "i686", "packageFilename": "ocfs2-2.6.9-78.0.13.0.1.ELsmp-1.2.9-1.el4.i686.rpm", "packageName": "ocfs2-2.6.9-78.0.13.0.1.ELsmp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.0.1.EL", "arch": "i686", "packageFilename": "kernel-smp-devel-2.6.9-78.0.13.0.1.EL.i686.rpm", "packageName": "kernel-smp-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.0.1.EL", "arch": "ia64", "packageFilename": "kernel-largesmp-devel-2.6.9-78.0.13.0.1.EL.ia64.rpm", "packageName": "kernel-largesmp-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.0.5-1.el4", "arch": "i686", "packageFilename": "oracleasm-2.6.9-78.0.13.0.1.ELsmp-2.0.5-1.el4.i686.rpm", "packageName": "oracleasm-2.6.9-78.0.13.0.1.ELsmp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.0.5-1.el4", "arch": "i686", "packageFilename": "oracleasm-2.6.9-78.0.13.0.1.ELhugemem-2.0.5-1.el4.i686.rpm", "packageName": "oracleasm-2.6.9-78.0.13.0.1.ELhugemem", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.0.1.EL", "arch": "x86_64", "packageFilename": "kernel-smp-devel-2.6.9-78.0.13.0.1.EL.x86_64.rpm", "packageName": "kernel-smp-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.0.5-1.el4", "arch": "x86_64", "packageFilename": "oracleasm-2.6.9-78.0.13.0.1.ELxenU-2.0.5-1.el4.x86_64.rpm", "packageName": "oracleasm-2.6.9-78.0.13.0.1.ELxenU", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.0.1.EL", "arch": "noarch", "packageFilename": "kernel-doc-2.6.9-78.0.13.0.1.EL.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.0.1.EL", "arch": "noarch", "packageFilename": "kernel-doc-2.6.9-78.0.13.0.1.EL.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.0.1.EL", "arch": "noarch", "packageFilename": "kernel-doc-2.6.9-78.0.13.0.1.EL.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.0.5-1.el4", "arch": "x86_64", "packageFilename": "oracleasm-2.6.9-78.0.13.0.1.ELsmp-2.0.5-1.el4.x86_64.rpm", "packageName": "oracleasm-2.6.9-78.0.13.0.1.ELsmp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.0.5-1.el4", "arch": "ia64", "packageFilename": "oracleasm-2.6.9-78.0.13.0.1.EL-2.0.5-1.el4.ia64.rpm", "packageName": "oracleasm-2.6.9-78.0.13.0.1.EL", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.0.1.EL", "arch": "x86_64", "packageFilename": "kernel-xenU-2.6.9-78.0.13.0.1.EL.x86_64.rpm", "packageName": "kernel-xenU", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.2.9-1.el4", "arch": "i686", "packageFilename": "ocfs2-2.6.9-78.0.13.0.1.EL-1.2.9-1.el4.i686.rpm", "packageName": "ocfs2-2.6.9-78.0.13.0.1.EL", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.0.5-1.el4", "arch": "i686", "packageFilename": "oracleasm-2.6.9-78.0.13.0.1.EL-2.0.5-1.el4.i686.rpm", "packageName": "oracleasm-2.6.9-78.0.13.0.1.EL", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.0.1.EL", "arch": "x86_64", "packageFilename": "kernel-smp-2.6.9-78.0.13.0.1.EL.x86_64.rpm", "packageName": "kernel-smp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.0.5-1.el4", "arch": "i686", "packageFilename": "oracleasm-2.6.9-78.0.13.0.1.ELxenU-2.0.5-1.el4.i686.rpm", "packageName": "oracleasm-2.6.9-78.0.13.0.1.ELxenU", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.0.1.EL", "arch": "x86_64", "packageFilename": "kernel-devel-2.6.9-78.0.13.0.1.EL.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.2.9-1.el4", "arch": "x86_64", "packageFilename": "ocfs2-2.6.9-78.0.13.0.1.ELlargesmp-1.2.9-1.el4.x86_64.rpm", "packageName": "ocfs2-2.6.9-78.0.13.0.1.ELlargesmp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.2.9-1.el4", "arch": "ia64", "packageFilename": "ocfs2-2.6.9-78.0.13.0.1.ELlargesmp-1.2.9-1.el4.ia64.rpm", "packageName": "ocfs2-2.6.9-78.0.13.0.1.ELlargesmp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.0.1.EL", "arch": "i686", "packageFilename": "kernel-xenU-devel-2.6.9-78.0.13.0.1.EL.i686.rpm", "packageName": "kernel-xenU-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.0.1.EL", "arch": "ia64", "packageFilename": "kernel-largesmp-2.6.9-78.0.13.0.1.EL.ia64.rpm", "packageName": "kernel-largesmp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.6.9-78.0.13.0.1.EL", "arch": "i686", "packageFilename": "kernel-devel-2.6.9-78.0.13.0.1.EL.i686.rpm", "packageName": "kernel-devel", "operator": "lt"}], "description": "[2.6.9-78.0.13.0.1.EL]\n- fix entropy flag in bnx2 driver to generate entropy pool (John Sobecki) \n [orabug 5931647]\n- fix skb alignment that was causing sendto() to fail with EFAULT (Olaf Kirch) \n [orabug 6845794]\n- fix enomem due to larger mtu size page alloc (Zach Brown) [orabug 5486128]\n- fix per_cpu() api bug_on with rds (Zach Brown) [orabug 5760648]\n- backout patch sysrq-b that queues upto keventd thread (Guru Anbalagane) \n [orabug 6125546]\n- netrx/netpoll race avoidance (Tina Yang) [orabug 6143381]\n- fix guest spinning in xen (Herbert van den Bergh) [orabug 7004010]\n- fix serial port lock recursion (Herbert van den Bergh) [orabug 6761872]\n- [XEN] Fix elf_core_dump (Tina Yang) [orabug 6995928]\n- fix in nfs_attribute_timeout() (Trond Myklebust) [orabug 7378108]\n- use lfence instead of cpuid instruction to implement memory barriers\n (Herbert van den Bergh) [orabug 7452412]\n- add netpoll support to xen netfront (Tina Yang) [orabz 7261]\n- [xen] execshield: fix endless GPF fault loop (Stephen Tweedie) [orabug 7175395]\n- port Red Hat bug 472572: HVM crash in net/core/dev.c during boot [orabug 7653948]\n The following Red Hat patches were ported from the source RPM at:\n http://people.redhat.com/vgoyal/rhel4/SRPMS.kernel/kernel-2.6.9-78.22.EL.src.rpm\n linux-2.6.9-xen-fix-netfront-mem-leak.patch\n linux-2.6.9-xen-xen-vnif-stops-working-on-reception-of-duplicat.patch\n linux-2.6.9-xen-guest-will-crash-if-rtl8139-nic-is-only-one-spe.patch\n- fix kernel null dereference in ap_suspend() during migration [orabug 7635625]\n Ported from the el5u2 xenpv-0.1-9.0.1.el5 patch\n ovs-bugz7262-fix-migration-hang-due-to-write-lock-starvation.patch.\n In el5u2, the fix is to the xenpv driver. For el4u7, the xenpv driver\n was moved into the kernel.\n- port el4u6 xenpv patch (orabug 7442030) for live migration hang \n [orabug 7458244]\n- [xen]: port el5u2 patch that allows 64-bit PVHVM guest to boot with 32-bit \n dom0 [orabug 7452107]\n- [mm] update shrink_zone patch to allow 100% swap utilization (John Sobecki, \n Chris Mason, Chuck Anderson, Dave McCracken) [orabug 7566319,6086839] \n- [nfs] update fix for attribute caching when using actimeo=0 (Chuck Lever, \n John Sobecki) [ORABUG 7131141,7156607,7388056] [RHBZ 446083,476726]\n- [kernel] backport report_lost_ticks patch from EL5.2 (John Sobecki) \n [orabug 6110605]\n[2.6.9-78.0.13]\n-net: fix unix socket panic patch missing hunk (Neil Horman) [473267 473268] {CVE-2008-5300}\n[2.6.9-78.0.12]\n-revert: fix race between poll_napi and net_rx_action (Andy Gospodarek) [475970 463815]\n[2.6.9-78.0.11]\n-net: fix unix socket panic patch regression (Neil Horman) [470433 470434 473267 473268] {CVE-2008-5029 CVE-2008-5300}\n-net: fix race between poll_napi and net_rx_action (Andy Gospodarek) [475970 463815]\n-kernel: watchdog: fix buffer_underflow bug (Eugene Teo) [475738 475739]\n-xen: fix lost packets when live migrating (Don Dutile) [469891 460874]\n-xen: remove /proc/xen from fv and bare metal kernels (Don Dutile) [476534 460984]\n[2.6.9-78.0.10]\n-fix cpuspeed not working on intel based servers (Tony Camuso) [458156 440267]\n-fix regression in cpuspeed (Prarit Bhargava) [458156 440267]\n-cpuspeed: fix transition of p-states (Tony Camuso) [458156 440267]\n-net: fix unix socket panic (Neil Horman) [470433 470434] {CVE-2008-5029}\n-hfsplus: fix buffer overflow with a corrupted image (Anton Arapov) [469635 469636] {CVE-2008-4933}\n-hfsplus: check read_mapping_page return value (Anton Arapov) [469642 469643] {CVE-2008-4934}\n-hfs: fix namelength memory corruption (Anton Arapov) [470770 470771] {CVE-2008-5025}\n-add range_is_allowed check to mmap_mem (Eugene Teo) [460862 460859]\n-fix add range_is_allowed check regression (Vitaly Mayatskikh) [460862 460859]\n[2.6.9-78.0.9]\n-atkbd: cancel delayed work before freeing its structure (Jiri Pirko) [461239 461240]\n-atkbd: delay executing of led switching request (Jiri Pirko) [461239 461240]\n-kernel: fix copy_user on x86_64 for read of < 8 bytes (Larry Woodman) [471015 453053]\n-fix diskdump failure when numa is on (Takao Indoh) [470034 457736]\n-ipv4: fix byte value boundary check in ip_getsockopt (Jiri Pirko) [470196 462741]\n-fix linux kernel local filesystem dos (Eugene Teo) [457863 457864] {CVE-2008-3275}\n-netpoll: play nicely with bonding (Andy Gospodarek) [471391 248374]\n-sched: fix isolcpus vs balance bug (Peter Zijlstra) [471222 461156]", "edition": 3, "reporter": "Oracle", "published": "2009-01-15T00:00:00", "title": "kernel security and bug fix update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2008-5702", "CVE-2008-5029", "CVE-2008-5025", "CVE-2008-5300", "CVE-2008-4933", "CVE-2008-3275", "CVE-2008-4934"], "modified": "2009-01-15T00:00:00", "id": "ELSA-2009-0014", "href": "http://linux.oracle.com/errata/ELSA-2009-0014.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2017-09-09T07:19:49", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "ia64", "packageFilename": "kernel-largesmp-2.6.9-78.0.13.EL.ia64.rpm", "packageName": "kernel-largesmp", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "noarch", "packageFilename": "kernel-doc-2.6.9-78.0.13.EL.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "ia64", "packageFilename": "kernel-2.6.9-78.0.13.EL.ia64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "ia64", "packageFilename": "kernel-devel-2.6.9-78.0.13.EL.ia64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "ia64", "packageFilename": "kernel-largesmp-devel-2.6.9-78.0.13.EL.ia64.rpm", "packageName": "kernel-largesmp-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "src", "packageFilename": "kernel-2.6.9-78.0.13.EL.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "x86_64", "packageFilename": "kernel-xenU-devel-2.6.9-78.0.13.EL.x86_64.rpm", "packageName": "kernel-xenU-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "x86_64", "packageFilename": "kernel-devel-2.6.9-78.0.13.EL.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "x86_64", "packageFilename": "kernel-xenU-2.6.9-78.0.13.EL.x86_64.rpm", "packageName": "kernel-xenU", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "x86_64", "packageFilename": "kernel-2.6.9-78.0.13.EL.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "x86_64", "packageFilename": "kernel-largesmp-devel-2.6.9-78.0.13.EL.x86_64.rpm", "packageName": "kernel-largesmp-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "x86_64", "packageFilename": "kernel-smp-devel-2.6.9-78.0.13.EL.x86_64.rpm", "packageName": "kernel-smp-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "x86_64", "packageFilename": "kernel-largesmp-2.6.9-78.0.13.EL.x86_64.rpm", "packageName": "kernel-largesmp", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "x86_64", "packageFilename": "kernel-smp-2.6.9-78.0.13.EL.x86_64.rpm", "packageName": "kernel-smp", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "i686", "packageFilename": "kernel-smp-2.6.9-78.0.13.EL.i686.rpm", "packageName": "kernel-smp", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "i686", "packageFilename": "kernel-xenU-2.6.9-78.0.13.EL.i686.rpm", "packageName": "kernel-xenU", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "i686", "packageFilename": "kernel-2.6.9-78.0.13.EL.i686.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "i686", "packageFilename": "kernel-xenU-devel-2.6.9-78.0.13.EL.i686.rpm", "packageName": "kernel-xenU-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "i686", "packageFilename": "kernel-hugemem-devel-2.6.9-78.0.13.EL.i686.rpm", "packageName": "kernel-hugemem-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "i686", "packageFilename": "kernel-hugemem-2.6.9-78.0.13.EL.i686.rpm", "packageName": "kernel-hugemem", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "i686", "packageFilename": "kernel-devel-2.6.9-78.0.13.EL.i686.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "i686", "packageFilename": "kernel-smp-devel-2.6.9-78.0.13.EL.i686.rpm", "packageName": "kernel-smp-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "ppc64iseries", "packageFilename": "kernel-devel-2.6.9-78.0.13.EL.ppc64iseries.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "ppc64", "packageFilename": "kernel-largesmp-2.6.9-78.0.13.EL.ppc64.rpm", "packageName": "kernel-largesmp", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "ppc64", "packageFilename": "kernel-2.6.9-78.0.13.EL.ppc64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "ppc64", "packageFilename": "kernel-devel-2.6.9-78.0.13.EL.ppc64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "ppc64", "packageFilename": "kernel-largesmp-devel-2.6.9-78.0.13.EL.ppc64.rpm", "packageName": "kernel-largesmp-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "ppc64iseries", "packageFilename": "kernel-2.6.9-78.0.13.EL.ppc64iseries.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "s390", "packageFilename": "kernel-2.6.9-78.0.13.EL.s390.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "s390", "packageFilename": "kernel-devel-2.6.9-78.0.13.EL.s390.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "s390x", "packageFilename": "kernel-2.6.9-78.0.13.EL.s390x.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.6.9-78.0.13.EL", "arch": "s390x", "packageFilename": "kernel-devel-2.6.9-78.0.13.EL.s390x.rpm", "packageName": "kernel-devel", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update addresses the following security issues:\n\n* the sendmsg() function in the Linux kernel did not block during UNIX\nsocket garbage collection. This could, potentially, lead to a local denial\nof service. (CVE-2008-5300, Important)\n\n* when fput() was called to close a socket, the __scm_destroy() function in\nthe Linux kernel could make indirect recursive calls to itself. This could,\npotentially, lead to a local denial of service. (CVE-2008-5029, Important)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS)\nimplementation. This could allow a local, unprivileged user to make a\nseries of file creations within deleted directories, possibly causing a\ndenial of service. (CVE-2008-3275, Moderate)\n\n* a buffer underflow flaw was found in the Linux kernel IB700 SBC watchdog\ntimer driver. This deficiency could lead to a possible information leak. By\ndefault, the \"/dev/watchdog\" device is accessible only to the root user.\n(CVE-2008-5702, Low)\n\n* the hfs and hfsplus file systems code failed to properly handle corrupted\ndata structures. This could, potentially, lead to a local denial of\nservice. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the hfsplus file system implementation. This could,\npotentially, lead to a local denial of service when write operations were\nperformed. (CVE-2008-4934, Low)\n\nThis update also fixes the following bugs:\n\n* when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems running\nIntel\u00ae CPUs, the cpuspeed daemon did not run, preventing the CPU speed from\nbeing changed, such as not being reduced to an idle state when not in use.\n\n* mmap() could be used to gain access to beyond the first megabyte of RAM,\ndue to insufficient checks in the Linux kernel code. Checks have been added\nto prevent this.\n\n* attempting to turn keyboard LEDs on and off rapidly on keyboards with\nslow keyboard controllers, may have caused key presses to fail.\n\n* after migrating a hypervisor guest, the MAC address table was not\nupdated, causing packet loss and preventing network connections to the\nguest. Now, a gratuitous ARP request is sent after migration. This\nrefreshes the ARP caches, minimizing network downtime.\n\n* writing crash dumps with diskdump may have caused a kernel panic on\nNon-Uniform Memory Access (NUMA) systems with certain memory\nconfigurations.\n\n* on big-endian systems, such as PowerPC, the getsockopt() function\nincorrectly returned 0 depending on the parameters passed to it when the\ntime to live (TTL) value equaled 255, possibly causing memory corruption\nand application crashes.\n\n* a problem in the kernel packages provided by the RHSA-2008:0508 advisory\ncaused the Linux kernel's built-in memory copy procedure to return the\nwrong error code after recovering from a page fault on AMD64 and Intel 64\nsystems. This may have caused other Linux kernel functions to return wrong\nerror codes.\n\n* a divide-by-zero bug in the Linux kernel process scheduler, which may\nhave caused kernel panics on certain systems, has been resolved.\n\n* the netconsole kernel module caused the Linux kernel to hang when slave\ninterfaces of bonded network interfaces were started, resulting in a system\nhang or kernel panic when restarting the network.\n\n* the \"/proc/xen/\" directory existed even if systems were not running Red\nHat Virtualization. This may have caused problems for third-party software\nthat checks virtualization-ability based on the existence of \"/proc/xen/\".\nNote: this update will remove the \"/proc/xen/\" directory on systems not\nrunning Red Hat Virtualization.\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated\npackages, which contain backported patches to resolve these issues.", "reporter": "RedHat", "published": "2009-01-14T05:00:00", "type": "redhat", "title": "(RHSA-2009:0014) Important: kernel security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "bulletinFamily": "unix", "cvelist": ["CVE-2008-3275", "CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5300", "CVE-2008-5702"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T12:18:05", "id": "RHSA-2009:0014", "href": "https://access.redhat.com/errata/RHSA-2009:0014", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "debian": [{"lastseen": "2016-09-02T18:23:38", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "ppc", "packageFilename": "linux-image-2.6.18-6-powerpc64_2.6.18.dfsg.1-24etch1_powerpc.deb", "packageName": "linux-image-2.6.18-6-powerpc64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "x86-64", "packageFilename": "xen-linux-system-2.6.18-6-xen-amd64_2.6.18.dfsg.1-24etch1_amd64.deb", "packageName": "xen-linux-system-2.6.18-6-xen-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "alpha", "packageFilename": "linux-image-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-24etch2_alpha.deb", "packageName": "linux-image-2.6.18-6-vserver-alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "arm", "packageFilename": "linux-image-2.6.18-6-iop32x_2.6.18.dfsg.1-24etch2_arm.deb", "packageName": "linux-image-2.6.18-6-iop32x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-all-i386_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "linux-headers-2.6.18-6-all-i386", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "s390x", "packageFilename": "linux-image-2.6.18-6-s390-tape_2.6.18.dfsg.1-24etch2_s390.deb", "packageName": "linux-image-2.6.18-6-s390-tape", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "alpha", "packageFilename": "linux-image-2.6.18-6-alpha-generic_2.6.18.dfsg.1-24etch2_alpha.deb", "packageName": "linux-image-2.6.18-6-alpha-generic", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "sparc", "packageFilename": "linux-headers-2.6.18-6-sparc64_2.6.18.dfsg.1-24etch1_sparc.deb", "packageName": "linux-headers-2.6.18-6-sparc64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-686_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "linux-headers-2.6.18-6-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-xen-686_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "linux-headers-2.6.18-6-xen-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mipsel", "packageFilename": "linux-headers-2.6.18-6-qemu_2.6.18.dfsg.1-24etch2_mipsel.deb", "packageName": "linux-headers-2.6.18-6-qemu", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "linux-headers-2.6.18-6-all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "linux-image-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "linux-image-2.6.18-6-xen-vserver-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mipsel", "packageFilename": "linux-headers-2.6.18-6-r4k-kn04_2.6.18.dfsg.1-24etch2_mipsel.deb", "packageName": "linux-headers-2.6.18-6-r4k-kn04", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "arm", "packageFilename": "linux-headers-2.6.18-6-all-arm_2.6.18.dfsg.1-24etch1_arm.deb", "packageName": "linux-headers-2.6.18-6-all-arm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "sparc", "packageFilename": "linux-headers-2.6.18-6_2.6.18.dfsg.1-24etch1_sparc.deb", "packageName": "linux-headers-2.6.18-6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.17+etch.24etch2", "arch": "ppc", "packageFilename": "fai-kernels_1.17+etch.24etch2_powerpc.deb", "packageName": "fai-kernels", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mips", "packageFilename": "linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24etch2_mips.deb", "packageName": "linux-headers-2.6.18-6-all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "linux-headers-2.6.18-6-xen-vserver", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-686_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "linux-headers-2.6.18-6-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "linux-headers-2.6.18-6-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mipsel", "packageFilename": "linux-image-2.6.18-6-r5k-cobalt_2.6.18.dfsg.1-24etch2_mipsel.deb", "packageName": "linux-image-2.6.18-6-r5k-cobalt", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "x86-64", "packageFilename": "linux-modules-2.6.18-6-xen-amd64_2.6.18.dfsg.1-24etch1_amd64.deb", "packageName": "linux-modules-2.6.18-6-xen-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mips", "packageFilename": "linux-image-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-24etch2_mips.deb", "packageName": "linux-image-2.6.18-6-sb1a-bcm91480b", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "hppa", "packageFilename": "linux-headers-2.6.18-6-all-hppa_2.6.18.dfsg.1-24etch1_hppa.deb", "packageName": "linux-headers-2.6.18-6-all-hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18-1um-2etch.24etch2", "arch": "i686", "packageFilename": "user-mode-linux_2.6.18-1um-2etch.24etch2_i386.deb", "packageName": "user-mode-linux", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "s390x", "packageFilename": "linux-image-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-24etch1_s390.deb", "packageName": "linux-image-2.6.18-6-vserver-s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "s390x", "packageFilename": "linux-image-2.6.18-6-s390-tape_2.6.18.dfsg.1-24etch1_s390.deb", "packageName": "linux-image-2.6.18-6-s390-tape", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "linux-image-2.6.18-6-vserver-k7_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "linux-image-2.6.18-6-vserver-k7", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "linux-image-2.6.18-6-k7_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "linux-image-2.6.18-6-k7", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "linux-headers-2.6.18-6-all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mips", "packageFilename": "linux-headers-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-24etch2_mips.deb", "packageName": "linux-headers-2.6.18-6-sb1a-bcm91480b", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "sparc", "packageFilename": "linux-headers-2.6.18-6-all-sparc_2.6.18.dfsg.1-24etch2_sparc.deb", "packageName": "linux-headers-2.6.18-6-all-sparc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "linux-image-2.6.18-6-vserver-686_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "linux-image-2.6.18-6-vserver-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "hppa", "packageFilename": "linux-headers-2.6.18-6_2.6.18.dfsg.1-24etch2_hppa.deb", "packageName": "linux-headers-2.6.18-6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "x86-64", "packageFilename": "linux-modules-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-24etch1_amd64.deb", "packageName": "linux-modules-2.6.18-6-xen-vserver-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "x86-64", "packageFilename": "xen-linux-system-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-24etch1_amd64.deb", "packageName": "xen-linux-system-2.6.18-6-xen-vserver-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "ppc", "packageFilename": "linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24etch1_powerpc.deb", "packageName": "linux-headers-2.6.18-6-all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "x86-64", "packageFilename": "linux-image-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-24etch2_amd64.deb", "packageName": "linux-image-2.6.18-6-vserver-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "x86-64", "packageFilename": "xen-linux-system-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-24etch2_amd64.deb", "packageName": "xen-linux-system-2.6.18-6-xen-vserver-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "all", "packageFilename": "linux-support-2.6.18-6_2.6.18.dfsg.1-24etch1_all.deb", "packageName": "linux-support-2.6.18-6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "linux-headers-2.6.18-6-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "all", "packageFilename": "linux-manual-2.6.18_2.6.18.dfsg.1-24etch2_all.deb", "packageName": "linux-manual-2.6.18", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mips", "packageFilename": "linux-headers-2.6.18-6-qemu_2.6.18.dfsg.1-24etch2_mips.deb", "packageName": "linux-headers-2.6.18-6-qemu", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "sparc", "packageFilename": "linux-headers-2.6.18-6-vserver-sparc64_2.6.18.dfsg.1-24etch1_sparc.deb", "packageName": "linux-headers-2.6.18-6-vserver-sparc64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "alpha", "packageFilename": "linux-headers-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-24etch1_alpha.deb", "packageName": "linux-headers-2.6.18-6-alpha-legacy", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "arm", "packageFilename": "linux-headers-2.6.18-6_2.6.18.dfsg.1-24etch2_arm.deb", "packageName": "linux-headers-2.6.18-6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "ppc", "packageFilename": "linux-image-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-24etch1_powerpc.deb", "packageName": "linux-image-2.6.18-6-vserver-powerpc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "s390x", "packageFilename": "linux-headers-2.6.18-6-all-s390_2.6.18.dfsg.1-24etch1_s390.deb", "packageName": "linux-headers-2.6.18-6-all-s390", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-k7_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "linux-headers-2.6.18-6-k7", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "sparc", "packageFilename": "linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24etch1_sparc.deb", "packageName": "linux-headers-2.6.18-6-all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "s390x", "packageFilename": "linux-headers-2.6.18-6-s390_2.6.18.dfsg.1-24etch1_s390.deb", "packageName": "linux-headers-2.6.18-6-s390", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "all", "packageFilename": "linux-source-2.6.18_2.6.18.dfsg.1-24etch2_all.deb", "packageName": "linux-source-2.6.18", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "ia64", "packageFilename": "linux-headers-2.6.18-6-mckinley_2.6.18.dfsg.1-24etch2_ia64.deb", "packageName": "linux-headers-2.6.18-6-mckinley", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "xen-linux-system-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "xen-linux-system-2.6.18-6-xen-vserver-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "x86-64", "packageFilename": "linux-image-2.6.18-6-xen-amd64_2.6.18.dfsg.1-24etch2_amd64.deb", "packageName": "linux-image-2.6.18-6-xen-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "sparc", "packageFilename": "linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-24etch2_sparc.deb", "packageName": "linux-headers-2.6.18-6-vserver", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mipsel", "packageFilename": "linux-headers-2.6.18-6-r5k-cobalt_2.6.18.dfsg.1-24etch2_mipsel.deb", "packageName": "linux-headers-2.6.18-6-r5k-cobalt", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "x86-64", "packageFilename": "linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24etch1_amd64.deb", "packageName": "linux-headers-2.6.18-6-all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "x86-64", "packageFilename": "linux-modules-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-24etch2_amd64.deb", "packageName": "linux-modules-2.6.18-6-xen-vserver-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "x86-64", "packageFilename": "linux-headers-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-24etch1_amd64.deb", "packageName": "linux-headers-2.6.18-6-vserver-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "s390x", "packageFilename": "linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-24etch2_s390.deb", "packageName": "linux-headers-2.6.18-6-vserver", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "xen-linux-system-2.6.18-6-xen-686_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "xen-linux-system-2.6.18-6-xen-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "x86-64", "packageFilename": "linux-modules-2.6.18-6-xen-amd64_2.6.18.dfsg.1-24etch2_amd64.deb", "packageName": "linux-modules-2.6.18-6-xen-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "x86-64", "packageFilename": "linux-headers-2.6.18-6-all-amd64_2.6.18.dfsg.1-24etch1_amd64.deb", "packageName": "linux-headers-2.6.18-6-all-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "alpha", "packageFilename": "linux-headers-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-24etch2_alpha.deb", "packageName": "linux-headers-2.6.18-6-alpha-legacy", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "all", "packageFilename": "linux-doc-2.6.18_2.6.18.dfsg.1-24etch2_all.deb", "packageName": "linux-doc-2.6.18", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "x86-64", "packageFilename": "linux-image-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-24etch2_amd64.deb", "packageName": "linux-image-2.6.18-6-xen-vserver-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "sparc", "packageFilename": "linux-headers-2.6.18-6-sparc64-smp_2.6.18.dfsg.1-24etch2_sparc.deb", "packageName": "linux-headers-2.6.18-6-sparc64-smp", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "s390x", "packageFilename": "linux-image-2.6.18-6-s390x_2.6.18.dfsg.1-24etch1_s390.deb", "packageName": "linux-image-2.6.18-6-s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "hppa", "packageFilename": "linux-headers-2.6.18-6-parisc64_2.6.18.dfsg.1-24etch1_hppa.deb", "packageName": "linux-headers-2.6.18-6-parisc64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mipsel", "packageFilename": "linux-headers-2.6.18-6-r3k-kn02_2.6.18.dfsg.1-24etch2_mipsel.deb", "packageName": "linux-headers-2.6.18-6-r3k-kn02", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "linux-modules-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "linux-modules-2.6.18-6-xen-vserver-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "arm", "packageFilename": "linux-image-2.6.18-6-footbridge_2.6.18.dfsg.1-24etch2_arm.deb", "packageName": "linux-image-2.6.18-6-footbridge", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "arm", "packageFilename": "linux-headers-2.6.18-6-rpc_2.6.18.dfsg.1-24etch2_arm.deb", "packageName": "linux-headers-2.6.18-6-rpc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "alpha", "packageFilename": "linux-image-2.6.18-6-alpha-generic_2.6.18.dfsg.1-24etch1_alpha.deb", "packageName": "linux-image-2.6.18-6-alpha-generic", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "src", "packageFilename": "linux-2.6_2.6.18.dfsg.1-24etch2.dsc", "packageName": "linux-2.6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "linux-image-2.6.18-6-vserver-k7_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "linux-image-2.6.18-6-vserver-k7", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "linux-image-2.6.18-6-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "arm", "packageFilename": "linux-headers-2.6.18-6-iop32x_2.6.18.dfsg.1-24etch2_arm.deb", "packageName": "linux-headers-2.6.18-6-iop32x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "x86-64", "packageFilename": "linux-headers-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-24etch2_amd64.deb", "packageName": "linux-headers-2.6.18-6-vserver-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "ppc", "packageFilename": "linux-image-2.6.18-6-powerpc_2.6.18.dfsg.1-24etch1_powerpc.deb", "packageName": "linux-image-2.6.18-6-powerpc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.17+etch.24etch2", "arch": "src", "packageFilename": "fai-kernels_1.17+etch.24etch2.tar.gz", "packageName": "fai-kernels", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mipsel", "packageFilename": "linux-headers-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-24etch2_mipsel.deb", "packageName": "linux-headers-2.6.18-6-sb1-bcm91250a", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "x86-64", "packageFilename": "linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-24etch2_amd64.deb", "packageName": "linux-headers-2.6.18-6-vserver", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "ppc", "packageFilename": "linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-24etch1_powerpc.deb", "packageName": "linux-headers-2.6.18-6-vserver", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "hppa", "packageFilename": "linux-image-2.6.18-6-parisc_2.6.18.dfsg.1-24etch1_hppa.deb", "packageName": "linux-image-2.6.18-6-parisc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-k7_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "linux-headers-2.6.18-6-k7", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "all", "packageFilename": "linux-patch-debian-2.6.18_2.6.18.dfsg.1-24etch1_all.deb", "packageName": "linux-patch-debian-2.6.18", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "ia64", "packageFilename": "linux-headers-2.6.18-6_2.6.18.dfsg.1-24etch1_ia64.deb", "packageName": "linux-headers-2.6.18-6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "linux-headers-2.6.18-6-xen-vserver-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "s390x", "packageFilename": "linux-headers-2.6.18-6-s390x_2.6.18.dfsg.1-24etch1_s390.deb", "packageName": "linux-headers-2.6.18-6-s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "sparc", "packageFilename": "linux-image-2.6.18-6-sparc32_2.6.18.dfsg.1-24etch1_sparc.deb", "packageName": "linux-image-2.6.18-6-sparc32", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "ia64", "packageFilename": "linux-headers-2.6.18-6_2.6.18.dfsg.1-24etch2_ia64.deb", "packageName": "linux-headers-2.6.18-6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mipsel", "packageFilename": "linux-image-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-24etch2_mipsel.deb", "packageName": "linux-image-2.6.18-6-sb1a-bcm91480b", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "sparc", "packageFilename": "linux-headers-2.6.18-6-vserver-sparc64_2.6.18.dfsg.1-24etch2_sparc.deb", "packageName": "linux-headers-2.6.18-6-vserver-sparc64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mipsel", "packageFilename": "linux-image-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-24etch2_mipsel.deb", "packageName": "linux-image-2.6.18-6-sb1-bcm91250a", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "x86-64", "packageFilename": "linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-24etch1_amd64.deb", "packageName": "linux-headers-2.6.18-6-xen", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "sparc", "packageFilename": "linux-image-2.6.18-6-vserver-sparc64_2.6.18.dfsg.1-24etch1_sparc.deb", "packageName": "linux-image-2.6.18-6-vserver-sparc64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "arm", "packageFilename": "linux-headers-2.6.18-6-s3c2410_2.6.18.dfsg.1-24etch1_arm.deb", "packageName": "linux-headers-2.6.18-6-s3c2410", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "hppa", "packageFilename": "linux-headers-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-24etch1_hppa.deb", "packageName": "linux-headers-2.6.18-6-parisc64-smp", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "ppc", "packageFilename": "linux-image-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-24etch1_powerpc.deb", "packageName": "linux-image-2.6.18-6-vserver-powerpc64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-686-bigmem_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "linux-headers-2.6.18-6-686-bigmem", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "hppa", "packageFilename": "linux-image-2.6.18-6-parisc64_2.6.18.dfsg.1-24etch2_hppa.deb", "packageName": "linux-image-2.6.18-6-parisc64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "sparc", "packageFilename": "linux-headers-2.6.18-6-sparc32_2.6.18.dfsg.1-24etch1_sparc.deb", "packageName": "linux-headers-2.6.18-6-sparc32", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "all", "packageFilename": "linux-patch-debian-2.6.18_2.6.18.dfsg.1-24etch2_all.deb", "packageName": "linux-patch-debian-2.6.18", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "arm", "packageFilename": "linux-headers-2.6.18-6-footbridge_2.6.18.dfsg.1-24etch2_arm.deb", "packageName": "linux-headers-2.6.18-6-footbridge", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "hppa", "packageFilename": "linux-headers-2.6.18-6-parisc_2.6.18.dfsg.1-24etch2_hppa.deb", "packageName": "linux-headers-2.6.18-6-parisc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "ppc", "packageFilename": "linux-headers-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-24etch1_powerpc.deb", "packageName": "linux-headers-2.6.18-6-vserver-powerpc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "hppa", "packageFilename": "linux-headers-2.6.18-6-parisc_2.6.18.dfsg.1-24etch1_hppa.deb", "packageName": "linux-headers-2.6.18-6-parisc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "hppa", "packageFilename": "linux-image-2.6.18-6-parisc_2.6.18.dfsg.1-24etch2_hppa.deb", "packageName": "linux-image-2.6.18-6-parisc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "x86-64", "packageFilename": "linux-headers-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-24etch2_amd64.deb", "packageName": "linux-headers-2.6.18-6-xen-vserver-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "linux-modules-2.6.18-6-xen-686_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "linux-modules-2.6.18-6-xen-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "alpha", "packageFilename": "linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-24etch1_alpha.deb", "packageName": "linux-headers-2.6.18-6-vserver", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "sparc", "packageFilename": "linux-image-2.6.18-6-sparc64-smp_2.6.18.dfsg.1-24etch1_sparc.deb", "packageName": "linux-image-2.6.18-6-sparc64-smp", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "sparc", "packageFilename": "linux-image-2.6.18-6-sparc64_2.6.18.dfsg.1-24etch1_sparc.deb", "packageName": "linux-image-2.6.18-6-sparc64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "arm", "packageFilename": "linux-headers-2.6.18-6_2.6.18.dfsg.1-24etch1_arm.deb", "packageName": "linux-headers-2.6.18-6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "ppc", "packageFilename": "linux-headers-2.6.18-6-all-powerpc_2.6.18.dfsg.1-24etch1_powerpc.deb", "packageName": "linux-headers-2.6.18-6-all-powerpc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "sparc", "packageFilename": "linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-24etch1_sparc.deb", "packageName": "linux-headers-2.6.18-6-vserver", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "linux-headers-2.6.18-6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-686-bigmem_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "linux-headers-2.6.18-6-686-bigmem", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "linux-image-2.6.18-6-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mips", "packageFilename": "linux-image-2.6.18-6-qemu_2.6.18.dfsg.1-24etch2_mips.deb", "packageName": "linux-image-2.6.18-6-qemu", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "alpha", "packageFilename": "linux-headers-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-24etch2_alpha.deb", "packageName": "linux-headers-2.6.18-6-vserver-alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "ia64", "packageFilename": "linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24etch1_ia64.deb", "packageName": "linux-headers-2.6.18-6-all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "hppa", "packageFilename": "linux-headers-2.6.18-6-parisc-smp_2.6.18.dfsg.1-24etch2_hppa.deb", "packageName": "linux-headers-2.6.18-6-parisc-smp", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "x86-64", "packageFilename": "linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-24etch2_amd64.deb", "packageName": "linux-headers-2.6.18-6-xen-vserver", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-xen-686_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "linux-headers-2.6.18-6-xen-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "x86-64", "packageFilename": "linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-24etch2_amd64.deb", "packageName": "linux-headers-2.6.18-6-xen", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "ppc", "packageFilename": "linux-headers-2.6.18-6-powerpc_2.6.18.dfsg.1-24etch1_powerpc.deb", "packageName": "linux-headers-2.6.18-6-powerpc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "ppc", "packageFilename": "linux-image-2.6.18-6-prep_2.6.18.dfsg.1-24etch1_powerpc.deb", "packageName": "linux-image-2.6.18-6-prep", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "hppa", "packageFilename": "linux-headers-2.6.18-6-all-hppa_2.6.18.dfsg.1-24etch2_hppa.deb", "packageName": "linux-headers-2.6.18-6-all-hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-486_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "linux-headers-2.6.18-6-486", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "sparc", "packageFilename": "linux-image-2.6.18-6-sparc64-smp_2.6.18.dfsg.1-24etch2_sparc.deb", "packageName": "linux-image-2.6.18-6-sparc64-smp", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "s390x", "packageFilename": "linux-headers-2.6.18-6_2.6.18.dfsg.1-24etch2_s390.deb", "packageName": "linux-headers-2.6.18-6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "s390x", "packageFilename": "linux-headers-2.6.18-6-s390x_2.6.18.dfsg.1-24etch2_s390.deb", "packageName": "linux-headers-2.6.18-6-s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "linux-headers-2.6.18-6-xen-vserver-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "hppa", "packageFilename": "linux-headers-2.6.18-6-parisc-smp_2.6.18.dfsg.1-24etch1_hppa.deb", "packageName": "linux-headers-2.6.18-6-parisc-smp", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "x86-64", "packageFilename": "linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-24etch1_amd64.deb", "packageName": "linux-image-2.6.18-6-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "linux-headers-2.6.18-6-vserver", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "linux-modules-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "linux-modules-2.6.18-6-xen-vserver-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "alpha", "packageFilename": "linux-image-2.6.18-6-alpha-smp_2.6.18.dfsg.1-24etch2_alpha.deb", "packageName": "linux-image-2.6.18-6-alpha-smp", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "hppa", "packageFilename": "linux-headers-2.6.18-6-parisc64_2.6.18.dfsg.1-24etch2_hppa.deb", "packageName": "linux-headers-2.6.18-6-parisc64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-vserver-k7_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "linux-headers-2.6.18-6-vserver-k7", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1.orig", "arch": "src", "packageFilename": "linux-2.6_2.6.18.dfsg.1.orig.tar.gz", "packageName": "linux-2.6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "alpha", "packageFilename": "linux-headers-2.6.18-6-alpha-generic_2.6.18.dfsg.1-24etch2_alpha.deb", "packageName": "linux-headers-2.6.18-6-alpha-generic", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "linux-image-2.6.18-6-686-bigmem_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "linux-image-2.6.18-6-686-bigmem", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "s390x", "packageFilename": "linux-headers-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-24etch1_s390.deb", "packageName": "linux-headers-2.6.18-6-vserver-s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1.diff", "arch": "src", "packageFilename": "linux-2.6_2.6.18.dfsg.1-24etch1.diff.gz", "packageName": "linux-2.6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "alpha", "packageFilename": "linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-24etch2_alpha.deb", "packageName": "linux-headers-2.6.18-6-vserver", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-vserver-686_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "linux-headers-2.6.18-6-vserver-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "alpha", "packageFilename": "linux-headers-2.6.18-6_2.6.18.dfsg.1-24etch1_alpha.deb", "packageName": "linux-headers-2.6.18-6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "arm", "packageFilename": "linux-image-2.6.18-6-ixp4xx_2.6.18.dfsg.1-24etch1_arm.deb", "packageName": "linux-image-2.6.18-6-ixp4xx", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "sparc", "packageFilename": "linux-image-2.6.18-6-vserver-sparc64_2.6.18.dfsg.1-24etch2_sparc.deb", "packageName": "linux-image-2.6.18-6-vserver-sparc64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "hppa", "packageFilename": "linux-image-2.6.18-6-parisc-smp_2.6.18.dfsg.1-24etch2_hppa.deb", "packageName": "linux-image-2.6.18-6-parisc-smp", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "linux-image-2.6.18-6-686_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "linux-image-2.6.18-6-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "hppa", "packageFilename": "linux-image-2.6.18-6-parisc64_2.6.18.dfsg.1-24etch1_hppa.deb", "packageName": "linux-image-2.6.18-6-parisc64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "alpha", "packageFilename": "linux-image-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-24etch1_alpha.deb", "packageName": "linux-image-2.6.18-6-vserver-alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "arm", "packageFilename": "linux-headers-2.6.18-6-footbridge_2.6.18.dfsg.1-24etch1_arm.deb", "packageName": "linux-headers-2.6.18-6-footbridge", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "linux-image-2.6.18-6-xen-686_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "linux-image-2.6.18-6-xen-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "arm", "packageFilename": "linux-image-2.6.18-6-ixp4xx_2.6.18.dfsg.1-24etch2_arm.deb", "packageName": "linux-image-2.6.18-6-ixp4xx", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "linux-image-2.6.18-6-486_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "linux-image-2.6.18-6-486", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "arm", "packageFilename": "linux-image-2.6.18-6-footbridge_2.6.18.dfsg.1-24etch1_arm.deb", "packageName": "linux-image-2.6.18-6-footbridge", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "hppa", "packageFilename": "linux-image-2.6.18-6-parisc-smp_2.6.18.dfsg.1-24etch1_hppa.deb", "packageName": "linux-image-2.6.18-6-parisc-smp", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "alpha", "packageFilename": "linux-headers-2.6.18-6-all-alpha_2.6.18.dfsg.1-24etch1_alpha.deb", "packageName": "linux-headers-2.6.18-6-all-alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "alpha", "packageFilename": "linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24etch2_alpha.deb", "packageName": "linux-headers-2.6.18-6-all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "sparc", "packageFilename": "linux-headers-2.6.18-6-sparc64-smp_2.6.18.dfsg.1-24etch1_sparc.deb", "packageName": "linux-headers-2.6.18-6-sparc64-smp", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "all", "packageFilename": "linux-doc-2.6.18_2.6.18.dfsg.1-24etch1_all.deb", "packageName": "linux-doc-2.6.18", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "alpha", "packageFilename": "linux-image-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-24etch2_alpha.deb", "packageName": "linux-image-2.6.18-6-alpha-legacy", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-all-i386_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "linux-headers-2.6.18-6-all-i386", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "alpha", "packageFilename": "linux-headers-2.6.18-6-all-alpha_2.6.18.dfsg.1-24etch2_alpha.deb", "packageName": "linux-headers-2.6.18-6-all-alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.17+etch.24etch2", "arch": "x86-64", "packageFilename": "fai-kernels_1.17+etch.24etch2_amd64.deb", "packageName": "fai-kernels", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "linux-image-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "linux-image-2.6.18-6-xen-vserver-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "s390x", "packageFilename": "linux-headers-2.6.18-6-all-s390_2.6.18.dfsg.1-24etch2_s390.deb", "packageName": "linux-headers-2.6.18-6-all-s390", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18-1um-2etch.24etch2", "arch": "src", "packageFilename": "user-mode-linux_2.6.18-1um-2etch.24etch2.dsc", "packageName": "user-mode-linux", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "all", "packageFilename": "linux-manual-2.6.18_2.6.18.dfsg.1-24etch1_all.deb", "packageName": "linux-manual-2.6.18", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "x86-64", "packageFilename": "linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-24etch2_amd64.deb", "packageName": "linux-headers-2.6.18-6-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "all", "packageFilename": "linux-tree-2.6.18_2.6.18.dfsg.1-24etch1_all.deb", "packageName": "linux-tree-2.6.18", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "ia64", "packageFilename": "linux-headers-2.6.18-6-itanium_2.6.18.dfsg.1-24etch2_ia64.deb", "packageName": "linux-headers-2.6.18-6-itanium", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "linux-image-2.6.18-6-vserver-686_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "linux-image-2.6.18-6-vserver-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "arm", "packageFilename": "linux-image-2.6.18-6-rpc_2.6.18.dfsg.1-24etch2_arm.deb", "packageName": "linux-image-2.6.18-6-rpc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "arm", "packageFilename": "linux-headers-2.6.18-6-iop32x_2.6.18.dfsg.1-24etch1_arm.deb", "packageName": "linux-headers-2.6.18-6-iop32x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "ia64", "packageFilename": "linux-image-2.6.18-6-mckinley_2.6.18.dfsg.1-24etch2_ia64.deb", "packageName": "linux-image-2.6.18-6-mckinley", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "x86-64", "packageFilename": "linux-headers-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-24etch1_amd64.deb", "packageName": "linux-headers-2.6.18-6-xen-vserver-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "linux-headers-2.6.18-6-xen", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-vserver-686_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "linux-headers-2.6.18-6-vserver-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "ppc", "packageFilename": "linux-headers-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-24etch1_powerpc.deb", "packageName": "linux-headers-2.6.18-6-powerpc-smp", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "x86-64", "packageFilename": "linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-24etch2_amd64.deb", "packageName": "linux-image-2.6.18-6-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "sparc", "packageFilename": "linux-image-2.6.18-6-sparc64_2.6.18.dfsg.1-24etch2_sparc.deb", "packageName": "linux-image-2.6.18-6-sparc64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "x86-64", "packageFilename": "linux-headers-2.6.18-6-xen-amd64_2.6.18.dfsg.1-24etch1_amd64.deb", "packageName": "linux-headers-2.6.18-6-xen-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "ppc", "packageFilename": "linux-headers-2.6.18-6-prep_2.6.18.dfsg.1-24etch1_powerpc.deb", "packageName": "linux-headers-2.6.18-6-prep", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "linux-headers-2.6.18-6-xen-vserver", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "x86-64", "packageFilename": "linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-24etch1_amd64.deb", "packageName": "linux-headers-2.6.18-6-vserver", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "sparc", "packageFilename": "linux-headers-2.6.18-6-sparc32_2.6.18.dfsg.1-24etch2_sparc.deb", "packageName": "linux-headers-2.6.18-6-sparc32", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "arm", "packageFilename": "linux-image-2.6.18-6-s3c2410_2.6.18.dfsg.1-24etch1_arm.deb", "packageName": "linux-image-2.6.18-6-s3c2410", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "ppc", "packageFilename": "linux-headers-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-24etch1_powerpc.deb", "packageName": "linux-headers-2.6.18-6-powerpc-miboot", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mipsel", "packageFilename": "linux-image-2.6.18-6-r3k-kn02_2.6.18.dfsg.1-24etch2_mipsel.deb", "packageName": "linux-image-2.6.18-6-r3k-kn02", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "s390x", "packageFilename": "linux-image-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-24etch2_s390.deb", "packageName": "linux-image-2.6.18-6-vserver-s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "s390x", "packageFilename": "linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-24etch1_s390.deb", "packageName": "linux-headers-2.6.18-6-vserver", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-486_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "linux-headers-2.6.18-6-486", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "all", "packageFilename": "linux-tree-2.6.18_2.6.18.dfsg.1-24etch2_all.deb", "packageName": "linux-tree-2.6.18", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "sparc", "packageFilename": "linux-headers-2.6.18-6-all-sparc_2.6.18.dfsg.1-24etch1_sparc.deb", "packageName": "linux-headers-2.6.18-6-all-sparc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "alpha", "packageFilename": "linux-headers-2.6.18-6-alpha-smp_2.6.18.dfsg.1-24etch1_alpha.deb", "packageName": "linux-headers-2.6.18-6-alpha-smp", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "ppc", "packageFilename": "linux-headers-2.6.18-6-powerpc64_2.6.18.dfsg.1-24etch1_powerpc.deb", "packageName": "linux-headers-2.6.18-6-powerpc64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mipsel", "packageFilename": "linux-headers-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-24etch2_mipsel.deb", "packageName": "linux-headers-2.6.18-6-sb1a-bcm91480b", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "linux-headers-2.6.18-6-vserver", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "x86-64", "packageFilename": "linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24etch2_amd64.deb", "packageName": "linux-headers-2.6.18-6-all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "ia64", "packageFilename": "linux-headers-2.6.18-6-itanium_2.6.18.dfsg.1-24etch1_ia64.deb", "packageName": "linux-headers-2.6.18-6-itanium", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "x86-64", "packageFilename": "linux-image-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-24etch1_amd64.deb", "packageName": "linux-image-2.6.18-6-vserver-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "x86-64", "packageFilename": "linux-headers-2.6.18-6-xen-amd64_2.6.18.dfsg.1-24etch2_amd64.deb", "packageName": "linux-headers-2.6.18-6-xen-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18-1um.orig", "arch": "src", "packageFilename": "user-mode-linux_2.6.18-1um.orig.tar.gz", "packageName": "user-mode-linux", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "sparc", "packageFilename": "linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24etch2_sparc.deb", "packageName": "linux-headers-2.6.18-6-all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mipsel", "packageFilename": "linux-headers-2.6.18-6-all-mipsel_2.6.18.dfsg.1-24etch2_mipsel.deb", "packageName": "linux-headers-2.6.18-6-all-mipsel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "arm", "packageFilename": "linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24etch1_arm.deb", "packageName": "linux-headers-2.6.18-6-all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mips", "packageFilename": "linux-headers-2.6.18-6-all-mips_2.6.18.dfsg.1-24etch2_mips.deb", "packageName": "linux-headers-2.6.18-6-all-mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "src", "packageFilename": "linux-2.6_2.6.18.dfsg.1-24etch1.dsc", "packageName": "linux-2.6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "arm", "packageFilename": "linux-image-2.6.18-6-s3c2410_2.6.18.dfsg.1-24etch2_arm.deb", "packageName": "linux-image-2.6.18-6-s3c2410", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "alpha", "packageFilename": "linux-headers-2.6.18-6-alpha-smp_2.6.18.dfsg.1-24etch2_alpha.deb", "packageName": "linux-headers-2.6.18-6-alpha-smp", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-vserver-k7_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "linux-headers-2.6.18-6-vserver-k7", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "linux-headers-2.6.18-6-xen", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "linux-image-2.6.18-6-xen-686_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "linux-image-2.6.18-6-xen-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "alpha", "packageFilename": "linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24etch1_alpha.deb", "packageName": "linux-headers-2.6.18-6-all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "x86-64", "packageFilename": "linux-image-2.6.18-6-xen-amd64_2.6.18.dfsg.1-24etch1_amd64.deb", "packageName": "linux-image-2.6.18-6-xen-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "ia64", "packageFilename": "linux-image-2.6.18-6-itanium_2.6.18.dfsg.1-24etch2_ia64.deb", "packageName": "linux-image-2.6.18-6-itanium", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "alpha", "packageFilename": "linux-headers-2.6.18-6_2.6.18.dfsg.1-24etch2_alpha.deb", "packageName": "linux-headers-2.6.18-6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mips", "packageFilename": "linux-image-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-24etch2_mips.deb", "packageName": "linux-image-2.6.18-6-sb1-bcm91250a", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "arm", "packageFilename": "linux-headers-2.6.18-6-ixp4xx_2.6.18.dfsg.1-24etch1_arm.deb", "packageName": "linux-headers-2.6.18-6-ixp4xx", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "linux-image-2.6.18-6-486_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "linux-image-2.6.18-6-486", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "s390x", "packageFilename": "linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24etch2_s390.deb", "packageName": "linux-headers-2.6.18-6-all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "xen-linux-system-2.6.18-6-xen-686_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "xen-linux-system-2.6.18-6-xen-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "ia64", "packageFilename": "linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24etch2_ia64.deb", "packageName": "linux-headers-2.6.18-6-all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "hppa", "packageFilename": "linux-image-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-24etch1_hppa.deb", "packageName": "linux-image-2.6.18-6-parisc64-smp", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "arm", "packageFilename": "linux-headers-2.6.18-6-s3c2410_2.6.18.dfsg.1-24etch2_arm.deb", "packageName": "linux-headers-2.6.18-6-s3c2410", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "s390x", "packageFilename": "linux-headers-2.6.18-6-s390_2.6.18.dfsg.1-24etch2_s390.deb", "packageName": "linux-headers-2.6.18-6-s390", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "x86-64", "packageFilename": "linux-headers-2.6.18-6-all-amd64_2.6.18.dfsg.1-24etch2_amd64.deb", "packageName": "linux-headers-2.6.18-6-all-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "sparc", "packageFilename": "linux-headers-2.6.18-6_2.6.18.dfsg.1-24etch2_sparc.deb", "packageName": "linux-headers-2.6.18-6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "all", "packageFilename": "linux-support-2.6.18-6_2.6.18.dfsg.1-24etch2_all.deb", "packageName": "linux-support-2.6.18-6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "s390x", "packageFilename": "linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24etch1_s390.deb", "packageName": "linux-headers-2.6.18-6-all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "hppa", "packageFilename": "linux-image-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-24etch2_hppa.deb", "packageName": "linux-image-2.6.18-6-parisc64-smp", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18-1um-2etch.24etch2.diff", "arch": "src", "packageFilename": "user-mode-linux_2.6.18-1um-2etch.24etch2.diff.gz", "packageName": "user-mode-linux", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "arm", "packageFilename": "linux-headers-2.6.18-6-ixp4xx_2.6.18.dfsg.1-24etch2_arm.deb", "packageName": "linux-headers-2.6.18-6-ixp4xx", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "x86-64", "packageFilename": "linux-image-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-24etch1_amd64.deb", "packageName": "linux-image-2.6.18-6-xen-vserver-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "s390x", "packageFilename": "linux-image-2.6.18-6-s390_2.6.18.dfsg.1-24etch1_s390.deb", "packageName": "linux-image-2.6.18-6-s390", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.17+etch.24etch2", "arch": "i686", "packageFilename": "fai-kernels_1.17+etch.24etch2_i386.deb", "packageName": "fai-kernels", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "hppa", "packageFilename": "linux-headers-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-24etch2_hppa.deb", "packageName": "linux-headers-2.6.18-6-parisc64-smp", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "x86-64", "packageFilename": "linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-24etch1_amd64.deb", "packageName": "linux-headers-2.6.18-6-xen-vserver", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "alpha", "packageFilename": "linux-headers-2.6.18-6-alpha-generic_2.6.18.dfsg.1-24etch1_alpha.deb", "packageName": "linux-headers-2.6.18-6-alpha-generic", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "s390x", "packageFilename": "linux-headers-2.6.18-6_2.6.18.dfsg.1-24etch1_s390.deb", "packageName": "linux-headers-2.6.18-6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "hppa", "packageFilename": "linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24etch2_hppa.deb", "packageName": "linux-headers-2.6.18-6-all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "linux-image-2.6.18-6-686-bigmem_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "linux-image-2.6.18-6-686-bigmem", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "arm", "packageFilename": "linux-headers-2.6.18-6-all-arm_2.6.18.dfsg.1-24etch2_arm.deb", "packageName": "linux-headers-2.6.18-6-all-arm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "x86-64", "packageFilename": "linux-headers-2.6.18-6_2.6.18.dfsg.1-24etch2_amd64.deb", "packageName": "linux-headers-2.6.18-6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "hppa", "packageFilename": "linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24etch1_hppa.deb", "packageName": "linux-headers-2.6.18-6-all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "arm", "packageFilename": "linux-image-2.6.18-6-iop32x_2.6.18.dfsg.1-24etch1_arm.deb", "packageName": "linux-image-2.6.18-6-iop32x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "ia64", "packageFilename": "linux-image-2.6.18-6-mckinley_2.6.18.dfsg.1-24etch1_ia64.deb", "packageName": "linux-image-2.6.18-6-mckinley", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "i686", "packageFilename": "xen-linux-system-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-24etch1_i386.deb", "packageName": "xen-linux-system-2.6.18-6-xen-vserver-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "hppa", "packageFilename": "linux-headers-2.6.18-6_2.6.18.dfsg.1-24etch1_hppa.deb", "packageName": "linux-headers-2.6.18-6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "s390x", "packageFilename": "linux-image-2.6.18-6-s390_2.6.18.dfsg.1-24etch2_s390.deb", "packageName": "linux-image-2.6.18-6-s390", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "all", "packageFilename": "linux-source-2.6.18_2.6.18.dfsg.1-24etch1_all.deb", "packageName": "linux-source-2.6.18", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mips", "packageFilename": "linux-headers-2.6.18-6_2.6.18.dfsg.1-24etch2_mips.deb", "packageName": "linux-headers-2.6.18-6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "ppc", "packageFilename": "linux-headers-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-24etch1_powerpc.deb", "packageName": "linux-headers-2.6.18-6-vserver-powerpc64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mips", "packageFilename": "linux-headers-2.6.18-6-r5k-ip32_2.6.18.dfsg.1-24etch2_mips.deb", "packageName": "linux-headers-2.6.18-6-r5k-ip32", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mips", "packageFilename": "linux-image-2.6.18-6-r5k-ip32_2.6.18.dfsg.1-24etch2_mips.deb", "packageName": "linux-image-2.6.18-6-r5k-ip32", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "arm", "packageFilename": "linux-headers-2.6.18-6-rpc_2.6.18.dfsg.1-24etch1_arm.deb", "packageName": "linux-headers-2.6.18-6-rpc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "ia64", "packageFilename": "linux-headers-2.6.18-6-mckinley_2.6.18.dfsg.1-24etch1_ia64.deb", "packageName": "linux-headers-2.6.18-6-mckinley", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "sparc", "packageFilename": "linux-image-2.6.18-6-sparc32_2.6.18.dfsg.1-24etch2_sparc.deb", "packageName": "linux-image-2.6.18-6-sparc32", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "s390x", "packageFilename": "linux-image-2.6.18-6-s390x_2.6.18.dfsg.1-24etch2_s390.deb", "packageName": "linux-image-2.6.18-6-s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mips", "packageFilename": "linux-headers-2.6.18-6-r4k-ip22_2.6.18.dfsg.1-24etch2_mips.deb", "packageName": "linux-headers-2.6.18-6-r4k-ip22", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "x86-64", "packageFilename": "xen-linux-system-2.6.18-6-xen-amd64_2.6.18.dfsg.1-24etch2_amd64.deb", "packageName": "xen-linux-system-2.6.18-6-xen-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mipsel", "packageFilename": "linux-image-2.6.18-6-r4k-kn04_2.6.18.dfsg.1-24etch2_mipsel.deb", "packageName": "linux-image-2.6.18-6-r4k-kn04", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "ia64", "packageFilename": "linux-image-2.6.18-6-itanium_2.6.18.dfsg.1-24etch1_ia64.deb", "packageName": "linux-image-2.6.18-6-itanium", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "ia64", "packageFilename": "linux-headers-2.6.18-6-all-ia64_2.6.18.dfsg.1-24etch1_ia64.deb", "packageName": "linux-headers-2.6.18-6-all-ia64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "arm", "packageFilename": "linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24etch2_arm.deb", "packageName": "linux-headers-2.6.18-6-all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "linux-headers-2.6.18-6_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "linux-headers-2.6.18-6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "alpha", "packageFilename": "linux-image-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-24etch1_alpha.deb", "packageName": "linux-image-2.6.18-6-alpha-legacy", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "ppc", "packageFilename": "linux-image-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-24etch1_powerpc.deb", "packageName": "linux-image-2.6.18-6-powerpc-smp", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mipsel", "packageFilename": "linux-image-2.6.18-6-qemu_2.6.18.dfsg.1-24etch2_mipsel.deb", "packageName": "linux-image-2.6.18-6-qemu", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "ppc", "packageFilename": "linux-headers-2.6.18-6_2.6.18.dfsg.1-24etch1_powerpc.deb", "packageName": "linux-headers-2.6.18-6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mips", "packageFilename": "linux-image-2.6.18-6-r4k-ip22_2.6.18.dfsg.1-24etch2_mips.deb", "packageName": "linux-image-2.6.18-6-r4k-ip22", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2.diff", "arch": "src", "packageFilename": "linux-2.6_2.6.18.dfsg.1-24etch2.diff.gz", "packageName": "linux-2.6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "alpha", "packageFilename": "linux-headers-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-24etch1_alpha.deb", "packageName": "linux-headers-2.6.18-6-vserver-alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "arm", "packageFilename": "linux-image-2.6.18-6-rpc_2.6.18.dfsg.1-24etch1_arm.deb", "packageName": "linux-image-2.6.18-6-rpc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "linux-image-2.6.18-6-686_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "linux-image-2.6.18-6-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "x86-64", "packageFilename": "linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-24etch1_amd64.deb", "packageName": "linux-headers-2.6.18-6-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "x86-64", "packageFilename": "linux-headers-2.6.18-6_2.6.18.dfsg.1-24etch1_amd64.deb", "packageName": "linux-headers-2.6.18-6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mipsel", "packageFilename": "linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24etch2_mipsel.deb", "packageName": "linux-headers-2.6.18-6-all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "sparc", "packageFilename": "linux-headers-2.6.18-6-sparc64_2.6.18.dfsg.1-24etch2_sparc.deb", "packageName": "linux-headers-2.6.18-6-sparc64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "ppc", "packageFilename": "linux-image-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-24etch1_powerpc.deb", "packageName": "linux-image-2.6.18-6-powerpc-miboot", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mips", "packageFilename": "linux-headers-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-24etch2_mips.deb", "packageName": "linux-headers-2.6.18-6-sb1-bcm91250a", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "s390x", "packageFilename": "linux-headers-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-24etch2_s390.deb", "packageName": "linux-headers-2.6.18-6-vserver-s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch1", "arch": "alpha", "packageFilename": "linux-image-2.6.18-6-alpha-smp_2.6.18.dfsg.1-24etch1_alpha.deb", "packageName": "linux-image-2.6.18-6-alpha-smp", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "ia64", "packageFilename": "linux-headers-2.6.18-6-all-ia64_2.6.18.dfsg.1-24etch2_ia64.deb", "packageName": "linux-headers-2.6.18-6-all-ia64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "linux-modules-2.6.18-6-xen-686_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "linux-modules-2.6.18-6-xen-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "mipsel", "packageFilename": "linux-headers-2.6.18-6_2.6.18.dfsg.1-24etch2_mipsel.deb", "packageName": "linux-headers-2.6.18-6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.17+etch.24etch2", "arch": "src", "packageFilename": "fai-kernels_1.17+etch.24etch2.dsc", "packageName": "fai-kernels", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.18.dfsg.1-24etch2", "arch": "i686", "packageFilename": "linux-image-2.6.18-6-k7_2.6.18.dfsg.1-24etch2_i386.deb", "packageName": "linux-image-2.6.18-6-k7", "operator": "lt"}], "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to denial of service, privilege escalation, or information leak. The Common Vulnerabilities and Exposures project identifies the following problems:\n\n * [CVE-2008-4307](<https://security-tracker.debian.org/tracker/CVE-2008-4307>)\n\nBryn M. Reeves reported a denial of service in the NFS filesystem. Local users can trigger a kernel BUG() due to a race condition in the do_setlk function.\n\n * [CVE-2008-5395](<https://security-tracker.debian.org/tracker/CVE-2008-5395>)\n\nHelge Deller discovered a denial of service condition that allows local users on PA-RISC to crash the system by attempting to unwind a stack containing userspace addresses.\n\n * [CVE-2008-5701](<https://security-tracker.debian.org/tracker/CVE-2008-5701>)\n\nVlad Malov reported an issue on 64-bit MIPS where a local user could cause a system crash by crafting a malicious binary which makes o32 syscalls with a number less than 4000.\n\n * [CVE-2008-5702](<https://security-tracker.debian.org/tracker/CVE-2008-5702>)\n\nZvonimir Rakamaric reported an off-by-one error in the ib700wdt watchdog driver which allows local users to cause a buffer underflow by making a specially crafted WDIOC_SETTIMEOUT ioctl call.\n\n * [CVE-2008-5713](<https://security-tracker.debian.org/tracker/CVE-2008-5713>)\n\nFlavio Leitner discovered that a local user can cause a denial of service by generating large amounts of traffic on a large SMP system, resulting in soft lockups.\n\n * [CVE-2009-0028](<https://security-tracker.debian.org/tracker/CVE-2009-0028>)\n\nChris Evans discovered a situation in which a child process can send an arbitrary signal to its parent.\n\n * [CVE-2009-0029](<https://security-tracker.debian.org/tracker/CVE-2009-0029>)\n\nChristian Borntraeger discovered an issue effecting the alpha, mips, powerpc, s390 and sparc64 architectures that allows local users to cause a denial of service or potentially gain elevated privileges.\n\n * [CVE-2009-0031](<https://security-tracker.debian.org/tracker/CVE-2009-0031>)\n\nVegard Nossum discovered a memory leak in the keyctl subsystem that allows local users to cause a denial of service by consuming all available kernel memory.\n\n * [CVE-2009-0065](<https://security-tracker.debian.org/tracker/CVE-2009-0065>)\n\nWei Yongjun discovered a memory overflow in the SCTP implementation that can be triggered by remote users, permitting remote code execution.\n\n * [CVE-2009-0322](<https://security-tracker.debian.org/tracker/CVE-2009-0322>)\n\nPavel Roskin provided a fix for an issue in the dell_rbu driver that allows a local user to cause a denial of service (oops) by reading 0 bytes from a sysfs entry.\n\n * [CVE-2009-0675](<https://security-tracker.debian.org/tracker/CVE-2009-0675>)\n\nRoel Kluin discovered inverted logic in the skfddi driver that permits local, unprivileged users to reset the driver statistics.\n\n * [CVE-2009-0676](<https://security-tracker.debian.org/tracker/CVE-2009-0676>)\n\nClement LECIGNE discovered a bug in the sock_getsockopt function that may result in leaking sensitive kernel memory.\n\n * [CVE-2009-0834](<https://security-tracker.debian.org/tracker/CVE-2009-0834>)\n\nRoland McGrath discovered an issue on amd64 kernels that allows local users to circumvent system call audit configurations which filter based on the syscall numbers or argument details.\n\n * [CVE-2009-0859](<https://security-tracker.debian.org/tracker/CVE-2009-0859>)\n\nJiri Olsa discovered that a local user can cause a denial of service (system hang) using a SHM_INFO shmctl call on kernels compiled with CONFIG_SHMEM disabled. This issue does not affect prebuilt Debian kernels.\n\n * [CVE-2009-1192](<https://security-tracker.debian.org/tracker/CVE-2009-1192>)\n\nShaohua Li reported an issue in the AGP subsystem that may allow local users to read sensitive kernel memory due to a leak of uninitialized memory.\n\n * [CVE-2009-1265](<https://security-tracker.debian.org/tracker/CVE-2009-1265>)\n\nThomas Pollet reported an overflow in the af_rose implementation that allows remote attackers to retrieve uninitialized kernel memory that may contain sensitive data.\n\n * [CVE-2009-1336](<https://security-tracker.debian.org/tracker/CVE-2009-1336>)\n\nTrond Myklebust reported an issue in the encode_lookup() function in the nfs server subsystem that allows local users to cause a denial of service (oops in encode_lookup()) by use of a long filename.\n\n * [CVE-2009-1337](<https://security-tracker.debian.org/tracker/CVE-2009-1337>)\n\nOleg Nesterov discovered an issue in the exit_notify function that allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n\n * [CVE-2009-1439](<https://security-tracker.debian.org/tracker/CVE-2009-1439>)\n\nPavan Naregundi reported an issue in the CIFS filesystem code that allows remote users to overwrite memory via a long nativeFileSystem field in a Tree Connect response during mount.\n\nFor the oldstable distribution (etch), this problem has been fixed in version 2.6.18.dfsg.1-24etch2.\n\nWe recommend that you upgrade your linux-2.6, fai-kernels, and user-mode-linux packages.\n\nNote: Debian carefully tracks all known security issues across every linux kernel package in all releases under active security support. However, given the high frequency at which low-severity security issues are discovered in the kernel and the resource requirements of doing an update, updates for lower priority issues will normally not be released for all kernels at the same time. Rather, they will be released in a staggered or \"leap-frog\" fashion.", "edition": 1, "reporter": "Debian", "published": "2009-05-06T00:00:00", "title": "linux-2.6 -- denial of service/privilege escalation/information leak", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "debian", "bulletinFamily": "unix", "cvelist": ["CVE-2008-5702", "CVE-2008-5395", "CVE-2009-0859", "CVE-2008-5713", "CVE-2009-0675", "CVE-2008-4307", "CVE-2009-0028", "CVE-2009-0322", "CVE-2009-0676", "CVE-2009-1192", "CVE-2009-0065", "CVE-2009-1337", "CVE-2009-0834", "CVE-2009-1265", "CVE-2009-0031", "CVE-2009-1439", "CVE-2009-1336", "CVE-2009-0029", "CVE-2008-5701"], "modified": "2009-05-06T00:00:00", "id": "DSA-1794", "href": "http://www.debian.org/security/dsa-1794", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-02T18:20:34", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-686-bigmem_2.6.24-6~etchnhalf.8etch1_i386.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-686-bigmem", "arch": "i686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_ia64.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-common", "arch": "ia64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-ixp4xx_2.6.24-6~etchnhalf.8etch1_arm.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-ixp4xx", "arch": "arm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-alpha-legacy_2.6.24-6~etchnhalf.8etch1_alpha.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-alpha-legacy", "arch": "alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-parisc64-smp_2.6.24-6~etchnhalf.8etch1_hppa.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-parisc64-smp", "arch": "hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-parisc_2.6.24-6~etchnhalf.8etch1_hppa.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-parisc", "arch": "hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-mckinley_2.6.24-6~etchnhalf.8etch1_ia64.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-mckinley", "arch": "ia64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_sparc.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-common", "arch": "sparc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-r4k-ip22_2.6.24-6~etchnhalf.8etch1_mips.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-r4k-ip22", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-powerpc64_2.6.24-6~etchnhalf.8etch1_powerpc.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-powerpc64", "arch": "ppc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-s390x_2.6.24-6~etchnhalf.8etch1_s390.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-s390x", "arch": "s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8etch1_mipsel.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-4kc-malta", "arch": "mipsel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-itanium_2.6.24-6~etchnhalf.8etch1_ia64.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-itanium", "arch": "ia64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-r5k-ip32_2.6.24-6~etchnhalf.8etch1_mips.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-r5k-ip32", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-486_2.6.24-6~etchnhalf.8etch1_i386.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-486", "arch": "i686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_amd64.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-common", "arch": "x86-64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8etch1_amd64.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-amd64", "arch": "x86-64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-alpha-generic_2.6.24-6~etchnhalf.8etch1_alpha.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-alpha-generic", "arch": "alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8etch1_mipsel.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a", "arch": "mipsel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8etch1_mips.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-4kc-malta", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8etch1_mips.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-5kc-malta", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-parisc-smp_2.6.24-6~etchnhalf.8etch1_hppa.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-parisc-smp", "arch": "hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-all-i386_2.6.24-6~etchnhalf.8etch1_i386.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-all-i386", "arch": "i686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-tree-2.6.24_2.6.24-6~etchnhalf.8etch1_all.deb", "packageName": "linux-tree-2.6.24", "arch": "all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_amd64.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-all", "arch": "x86-64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8etch1_mipsel.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-5kc-malta", "arch": "mipsel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-powerpc-miboot_2.6.24-6~etchnhalf.8etch1_powerpc.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-powerpc-miboot", "arch": "ppc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8etch1_mips.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-powerpc-smp_2.6.24-6~etchnhalf.8etch1_powerpc.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-powerpc-smp", "arch": "ppc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8etch1_mips.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8etch1_mips.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-5kc-malta", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-2.6.24_2.6.24-6~etchnhalf.8etch1.dsc", "packageName": "linux-2.6.24", "arch": "src", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-powerpc-smp_2.6.24-6~etchnhalf.8etch1_powerpc.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-powerpc-smp", "arch": "ppc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-alpha-smp_2.6.24-6~etchnhalf.8etch1_alpha.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-alpha-smp", "arch": "alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-sparc64-smp_2.6.24-6~etchnhalf.8etch1_sparc.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-sparc64-smp", "arch": "sparc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-r5k-ip32_2.6.24-6~etchnhalf.8etch1_mips.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-r5k-ip32", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_s390.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-all", "arch": "s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-parisc-smp_2.6.24-6~etchnhalf.8etch1_hppa.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-parisc-smp", "arch": "hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-sparc64_2.6.24-6~etchnhalf.8etch1_sparc.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-sparc64", "arch": "sparc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-iop32x_2.6.24-6~etchnhalf.8etch1_arm.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-iop32x", "arch": "arm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8etch1_mipsel.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-5kc-malta", "arch": "mipsel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-manual-2.6.24_2.6.24-6~etchnhalf.8etch1_all.deb", "packageName": "linux-manual-2.6.24", "arch": "all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-alpha-smp_2.6.24-6~etchnhalf.8etch1_alpha.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-alpha-smp", "arch": "alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-all-amd64_2.6.24-6~etchnhalf.8etch1_amd64.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-all-amd64", "arch": "x86-64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_hppa.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-common", "arch": "hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-686-bigmem_2.6.24-6~etchnhalf.8etch1_i386.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-686-bigmem", "arch": "i686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-r5k-cobalt_2.6.24-6~etchnhalf.8etch1_mipsel.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-r5k-cobalt", "arch": "mipsel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8etch1_mips.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-4kc-malta", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-patch-debian-2.6.24_2.6.24-6~etchnhalf.8etch1_all.deb", "packageName": "linux-patch-debian-2.6.24", "arch": "all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-sparc64-smp_2.6.24-6~etchnhalf.8etch1_sparc.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-sparc64-smp", "arch": "sparc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8etch1_amd64.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-amd64", "arch": "x86-64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_alpha.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-common", "arch": "alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_hppa.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-all", "arch": "hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-ixp4xx_2.6.24-6~etchnhalf.8etch1_arm.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-ixp4xx", "arch": "arm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-all-s390_2.6.24-6~etchnhalf.8etch1_s390.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-all-s390", "arch": "s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8etch1_mipsel.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b", "arch": "mipsel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_ia64.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-all", "arch": "ia64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-alpha-legacy_2.6.24-6~etchnhalf.8etch1_alpha.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-alpha-legacy", "arch": "alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8etch1_i386.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-amd64", "arch": "i686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-all-hppa_2.6.24-6~etchnhalf.8etch1_hppa.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-all-hppa", "arch": "hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_powerpc.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-all", "arch": "ppc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_i386.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-all", "arch": "i686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-686_2.6.24-6~etchnhalf.8etch1_i386.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-686", "arch": "i686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_i386.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-common", "arch": "i686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-alpha-generic_2.6.24-6~etchnhalf.8etch1_alpha.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-alpha-generic", "arch": "alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-sparc64_2.6.24-6~etchnhalf.8etch1_sparc.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-sparc64", "arch": "sparc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_mips.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-common", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_mipsel.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-all", "arch": "mipsel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-s390_2.6.24-6~etchnhalf.8etch1_s390.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-s390", "arch": "s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-mckinley_2.6.24-6~etchnhalf.8etch1_ia64.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-mckinley", "arch": "ia64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-source-2.6.24_2.6.24-6~etchnhalf.8etch1_all.deb", "packageName": "linux-source-2.6.24", "arch": "all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_sparc.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-all", "arch": "sparc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-r5k-cobalt_2.6.24-6~etchnhalf.8etch1_mipsel.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-r5k-cobalt", "arch": "mipsel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-parisc64_2.6.24-6~etchnhalf.8etch1_hppa.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-parisc64", "arch": "hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-486_2.6.24-6~etchnhalf.8etch1_i386.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-486", "arch": "i686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-powerpc_2.6.24-6~etchnhalf.8etch1_powerpc.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-powerpc", "arch": "ppc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_mips.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-all", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-all-ia64_2.6.24-6~etchnhalf.8etch1_ia64.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-all-ia64", "arch": "ia64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_alpha.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-all", "arch": "alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-s390-tape_2.6.24-6~etchnhalf.8etch1_s390.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-s390-tape", "arch": "s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-parisc_2.6.24-6~etchnhalf.8etch1_hppa.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-parisc", "arch": "hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24.orig", "packageFilename": "linux-2.6.24_2.6.24.orig.tar.gz", "packageName": "linux-2.6.24", "arch": "src", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-all-alpha_2.6.24-6~etchnhalf.8etch1_alpha.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-all-alpha", "arch": "alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-s390x_2.6.24-6~etchnhalf.8etch1_s390.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-s390x", "arch": "s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1.diff", "packageFilename": "linux-2.6.24_2.6.24-6~etchnhalf.8etch1.diff.gz", "packageName": "linux-2.6.24", "arch": "src", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_mipsel.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-common", "arch": "mipsel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-powerpc_2.6.24-6~etchnhalf.8etch1_powerpc.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-powerpc", "arch": "ppc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-all-arm_2.6.24-6~etchnhalf.8etch1_arm.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-all-arm", "arch": "arm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-powerpc64_2.6.24-6~etchnhalf.8etch1_powerpc.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-powerpc64", "arch": "ppc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-footbridge_2.6.24-6~etchnhalf.8etch1_arm.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-footbridge", "arch": "arm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-support-2.6.24-etchnhalf.1_2.6.24-6~etchnhalf.8etch1_all.deb", "packageName": "linux-support-2.6.24-etchnhalf.1", "arch": "all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8etch1_mipsel.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a", "arch": "mipsel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_powerpc.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-common", "arch": "ppc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-all-mipsel_2.6.24-6~etchnhalf.8etch1_mipsel.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-all-mipsel", "arch": "mipsel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-doc-2.6.24_2.6.24-6~etchnhalf.8etch1_all.deb", "packageName": "linux-doc-2.6.24", "arch": "all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8etch1_mipsel.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-4kc-malta", "arch": "mipsel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-686_2.6.24-6~etchnhalf.8etch1_i386.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-686", "arch": "i686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-all-sparc_2.6.24-6~etchnhalf.8etch1_sparc.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-all-sparc", "arch": "sparc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_arm.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-all", "arch": "arm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-powerpc-miboot_2.6.24-6~etchnhalf.8etch1_powerpc.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-powerpc-miboot", "arch": "ppc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8etch1_mipsel.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b", "arch": "mipsel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8etch1_mips.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-parisc64_2.6.24-6~etchnhalf.8etch1_hppa.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-parisc64", "arch": "hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8etch1_i386.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-amd64", "arch": "i686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-itanium_2.6.24-6~etchnhalf.8etch1_ia64.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-itanium", "arch": "ia64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8etch1_mips.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_arm.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-common", "arch": "arm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-s390_2.6.24-6~etchnhalf.8etch1_s390.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-s390", "arch": "s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-footbridge_2.6.24-6~etchnhalf.8etch1_arm.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-footbridge", "arch": "arm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-parisc64-smp_2.6.24-6~etchnhalf.8etch1_hppa.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-parisc64-smp", "arch": "hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-all-powerpc_2.6.24-6~etchnhalf.8etch1_powerpc.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-all-powerpc", "arch": "ppc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-r4k-ip22_2.6.24-6~etchnhalf.8etch1_mips.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-r4k-ip22", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-image-2.6.24-etchnhalf.1-iop32x_2.6.24-6~etchnhalf.8etch1_arm.deb", "packageName": "linux-image-2.6.24-etchnhalf.1-iop32x", "arch": "arm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-all-mips_2.6.24-6~etchnhalf.8etch1_mips.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-all-mips", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.6.24-6~etchnhalf.8etch1", "packageFilename": "linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_s390.deb", "packageName": "linux-headers-2.6.24-etchnhalf.1-common", "arch": "s390x", "operator": "lt"}], "edition": 1, "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems:\n\n * [CVE-2008-4307](<https://security-tracker.debian.org/tracker/CVE-2008-4307>)\n\nBryn M. Reeves reported a denial of service in the NFS filesystem. Local users can trigger a kernel BUG() due to a race condition in the do_setlk function.\n\n * [CVE-2008-5079](<https://security-tracker.debian.org/tracker/CVE-2008-5079>)\n\nHugo Dias reported a DoS condition in the ATM subsystem that can be triggered by a local user by calling the svc_listen function twice on the same socket and reading /proc/net/atm/*vc.\n\n * [CVE-2008-5395](<https://security-tracker.debian.org/tracker/CVE-2008-5395>)\n\nHelge Deller discovered a denial of service condition that allows local users on PA-RISC systems to crash a system by attempting to unwind a stack containing userspace addresses.\n\n * [CVE-2008-5700](<https://security-tracker.debian.org/tracker/CVE-2008-5700>)\n\nAlan Cox discovered a lack of minimum timeouts on SG_IO requests, which allows local users of systems using ATA to cause a denial of service by forcing drives into PIO mode.\n\n * [CVE-2008-5701](<https://security-tracker.debian.org/tracker/CVE-2008-5701>)\n\nVlad Malov reported an issue on 64-bit MIPS systems where a local user could cause a system crash by crafing a malicious binary which makes o32 syscalls with a number less than 4000.\n\n * [CVE-2008-5702](<https://security-tracker.debian.org/tracker/CVE-2008-5702>)\n\nZvonimir Rakamaric reported an off-by-one error in the ib700wdt watchdog driver which allows local users to cause a buffer underflow by making a specially crafted WDIOC_SETTIMEOUT ioctl call.\n\n * [CVE-2009-0028](<https://security-tracker.debian.org/tracker/CVE-2009-0028>)\n\nChris Evans discovered a situation in which a child process can send an arbitrary signal to its parent.\n\n * [CVE-2009-0029](<https://security-tracker.debian.org/tracker/CVE-2009-0029>)\n\nChristian Borntraeger discovered an issue effecting the alpha, mips, powerpc, s390 and sparc64 architectures that allows local users to cause a denial of service or potentially gain elevated privileges.\n\n * [CVE-2009-0031](<https://security-tracker.debian.org/tracker/CVE-2009-0031>)\n\nVegard Nossum discovered a memory leak in the keyctl subsystem that allows local users to cause a denial of service by consuming all of kernel memory.\n\n * [CVE-2009-0065](<https://security-tracker.debian.org/tracker/CVE-2009-0065>)\n\nWei Yongjun discovered a memory overflow in the SCTP implementation that can be triggered by remote users, permitting remote code execution.\n\n * [CVE-2009-0269](<https://security-tracker.debian.org/tracker/CVE-2009-0269>)\n\nDuane Griffin provided a fix for an issue in the eCryptfs subsystem which allows local users to cause a denial of service (fault or memory corruption).\n\n * [CVE-2009-0322](<https://security-tracker.debian.org/tracker/CVE-2009-0322>)\n\nPavel Roskin provided a fix for an issue in the dell_rbu driver that allows a local user to cause a denial of service (oops) by reading 0 bytes from a sysfs entry.\n\n * [CVE-2009-0675](<https://security-tracker.debian.org/tracker/CVE-2009-0675>)\n\nRoel Kluin discovered inverted logic in the skfddi driver that permits local, unprivileged users to reset the driver statistics.\n\n * [CVE-2009-0676](<https://security-tracker.debian.org/tracker/CVE-2009-0676>)\n\nClement LECIGNE discovered a bug in the sock_getsockopt function that may result in leaking sensitive kernel memory.\n\n * [CVE-2009-0745](<https://security-tracker.debian.org/tracker/CVE-2009-0745>)\n\nPeter Kerwien discovered an issue in the ext4 filesystem that allows local users to cause a denial of service (kernel oops) during a resize operation.\n\n * [CVE-2009-0834](<https://security-tracker.debian.org/tracker/CVE-2009-0834>)\n\nRoland McGrath discovered an issue on amd64 kernels that allows local users to circumvent system call audit configurations which filter based on the syscall numbers or argument details.\n\n * [CVE-2009-0859](<https://security-tracker.debian.org/tracker/CVE-2009-0859>)\n\nJiri Olsa discovered that a local user can cause a denial of service (system hang) using a SHM_INFO shmctl call on kernels compiled with CONFIG_SHMEM disabled. This issue does not affect prebuilt Debian kernels.\n\n * [CVE-2009-1046](<https://security-tracker.debian.org/tracker/CVE-2009-1046>)\n\nMikulas Patocka reported an issue in the console subsystem that allows a local user to cause memory corruption by selecting a small number of 3-byte UTF-8 characters.\n\n * [CVE-2009-1192](<https://security-tracker.debian.org/tracker/CVE-2009-1192>)\n\nShaohua Li reported an issue in the AGP subsystem that may allow local users to read sensitive kernel memory due to a leak of uninitialized memory.\n\n * [CVE-2009-1242](<https://security-tracker.debian.org/tracker/CVE-2009-1242>)\n\nBenjamin Gilbert reported a local denial of service vulnerability in the KVM VMX implementation that allows local users to trigger an oops.\n\n * [CVE-2009-1265](<https://security-tracker.debian.org/tracker/CVE-2009-1265>)\n\nThomas Pollet reported an overflow in the af_rose implementation that allows remote attackers to retrieve uninitialized kernel memory that may contain sensitive data.\n\n * [CVE-2009-1337](<https://security-tracker.debian.org/tracker/CVE-2009-1337>)\n\nOleg Nesterov discovered an issue in the exit_notify function that allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n\n * [CVE-2009-1338](<https://security-tracker.debian.org/tracker/CVE-2009-1338>)\n\nDaniel Hokka Zakrisson discovered that a kill(-1) is permitted to reach processes outside of the current process namespace.\n\n * [CVE-2009-1439](<https://security-tracker.debian.org/tracker/CVE-2009-1439>)\n\nPavan Naregundi reported an issue in the CIFS filesystem code that allows remote users to overwrite memory via a long nativeFileSystem field in a Tree Connect response during mount.\n\nFor the oldstable distribution (etch), these problems have been fixed in version 2.6.24-6~etchnhalf.8etch1.\n\nWe recommend that you upgrade your linux-2.6.24 packages.\n\nNote: Debian 'etch' includes linux kernel packages based upon both the 2.6.18 and 2.6.24 linux releases. All known security issues are carefully tracked against both packages and both packages will receive security updates until security support for Debian 'etch' concludes. However, given the high frequency at which low-severity security issues are discovered in the kernel and the resource requirements of doing an update, lower severity 2.6.18 and 2.6.24 updates will typically release in a staggered or \"leap-frog\" fashion.", "reporter": "Debian", "published": "2009-05-02T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "title": "linux-2.6.24 -- denial of service/privilege escalation/information leak", "type": "debian", "bulletinFamily": "unix", "cvelist": ["CVE-2008-5702", "CVE-2009-1046", "CVE-2008-5395", "CVE-2008-5700", "CVE-2009-0859", "CVE-2009-0675", "CVE-2008-4307", "CVE-2009-0028", "CVE-2009-1242", "CVE-2009-0322", "CVE-2009-0676", "CVE-2009-1192", "CVE-2008-5079", "CVE-2009-0065", "CVE-2009-0745", "CVE-2009-1338", "CVE-2009-1337", "CVE-2009-0269", "CVE-2009-0834", "CVE-2009-1265", "CVE-2009-0031", "CVE-2009-1439", "CVE-2009-0029", "CVE-2008-5701"], "modified": "2009-05-02T00:00:00", "href": "http://www.debian.org/security/dsa-1787", "id": "DSA-1787", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
