ID CVE-2014-7842 Type cve Reporter NVD Modified 2017-01-02T21:59:12
Description
Race condition in arch/x86/kvm/x86.c in the Linux kernel before 3.17.4 allows guest OS users to cause a denial of service (guest OS crash) via a crafted application that performs an MMIO transaction or a PIO transaction to trigger a guest userspace emulation error report, a similar issue to CVE-2010-5313.
{"f5": [{"lastseen": "2017-11-09T20:46:30", "references": [], "edition": 1, "description": "\nF5 Product Development has assigned ID 493756 to this vulnerability, and has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| 12.0.0 \n11.0.0 - 11.6.0| 10.1.0 - 10.2.4| Medium| vCMP guests \nBIG-IP AAM| 12.0.0 \n11.4.0 - 11.6.0| None| Medium| vCMP guests \nBIG-IP AFM| 12.0.0 \n11.3.0 - 11.6.0| None| Medium| vCMP guests \nBIG-IP Analytics| 12.0.0 \n11.0.0 - 11.6.0| None| Medium| vCMP guests \nBIG-IP APM| 12.0.0 \n11.0.0 - 11.6.0| 10.1.0 - 10.2.4| Medium| vCMP guests \nBIG-IP ASM| 12.0.0 \n11.0.0 - 11.6.0| 10.1.0 - 10.2.4| Medium| vCMP guests \nBIG-IP DNS| 12.0.0| None| Medium| vCMP guests \nBIG-IP Edge Gateway| 11.0.0 - 11.3.0| 10.1.0 - 10.2.4| Medium| vCMP guests \nBIG-IP GTM| 11.0.0 - 11.6.0| 10.1.0 - 10.2.4| Medium| vCMP guests \nBIG-IP Link Controller| 12.0.0 \n11.0.0 - 11.6.0| 10.1.0 - 10.2.4| Medium| vCMP guests \nBIG-IP PEM| 12.0.0 \n11.3.0 - 11.6.0| None| Medium| vCMP guests \nBIG-IP PSM| 11.0.0 - 11.4.1| 10.1.0 - 10.2.4| Medium| vCMP guests \nBIG-IP WebAccelerator| 11.0.0 - 11.3.0| 10.1.0 - 10.2.4| Medium| vCMP guests \nBIG-IP WOM| 11.0.0 - 11.3.0| 10.1.0 - 10.2.4| Medium| vCMP guests \nARX| None| 6.2.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.1.1| Not vulnerable| None \nFirePass| None| 7.0.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1| Not vulnerable| None\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the **Severity** values published in the previous table. The **Severity** values and other security vulnerability parameters are defined in [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\nTo mitigate this vulnerability, you can limit access to the Linux shell to trusted users only.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 12.x)](<https://support.f5.com/csp/article/K13123>)\n * [K9502: BIG-IP hotfix matrix](<https://support.f5.com/csp/article/K9502>)\n", "reporter": "f5", "published": "2016-01-22T03:51:00", "title": "Linux kernel vulnerabilities CVE-2010-5313 and CVE-2014-7842", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "affectedSoftware": [], "bulletinFamily": "software", "cvelist": ["CVE-2010-5313", "CVE-2014-7842"], "modified": "2017-11-09T19:52:00", "id": "F5:K62700573", "href": "https://support.f5.com/csp/article/K62700573", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-26T17:23:27", "references": ["https://support.f5.com/kb/en-us/solutions/public/13000/100/sol13123.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html", "https://support.f5.com/kb/en-us/solutions/public/9000/500/sol9502.html", "https://support.f5.com/kb/en-us/solutions/public/0000/100/sol167.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the **Severity** values published in the previous table. The **Severity** values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability, you can limit access to the Linux shell to trusted users only.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x - 12.x)\n * SOL9502: BIG-IP hotfix matrix\n", "reporter": "f5", "published": "2016-01-21T00:00:00", "title": "SOL62700573 - Linux kernel vulnerabilities CVE-2010-5313 and CVE-2014-7842", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "BIG-IP AAM", "version": "12.0.0", "operator": "le"}, {"name": "BIG-IP AFM", "version": "12.0.0", "operator": "le"}, {"name": "BIG-IP APM", "version": "12.0.0", "operator": "le"}, {"name": "BIG-IP Link Controller", "version": "11.6.0", "operator": "le"}, {"name": "BIG-IP Edge Gateway", "version": "11.3.0", "operator": "le"}, {"name": "BIG-IP GTM", "version": "11.6.0", "operator": "le"}, {"name": "BIG-IP PEM", "version": "11.6.0", "operator": "le"}, {"name": "BIG-IP Analytics", "version": "11.6.0", "operator": "le"}, {"name": "BIG-IP WebAccelerator", "version": "11.3.0", "operator": "le"}, {"name": "BIG-IP Analytics", "version": "12.0.0", "operator": "le"}, {"name": "BIG-IP ASM", "version": "11.6.0", "operator": "le"}, {"name": "BIG-IP PSM", "version": "11.4.1", "operator": "le"}, {"name": "BIG-IP LTM", "version": "11.6.0", "operator": "le"}, {"name": "BIG-IP AAM", "version": "11.6.0", "operator": "le"}, {"name": "BIG-IP PEM", "version": "12.0.0", "operator": "le"}, {"name": "BIG-IP DNS", "version": "12.0.0", "operator": "le"}, {"name": "BIG-IP AFM", "version": "11.6.0", "operator": "le"}, {"name": "BIG-IP APM", "version": "11.6.0", "operator": "le"}, {"name": "BIG-IP Link Controller", "version": "12.0.0", "operator": "le"}, {"name": "BIG-IP LTM", "version": "12.0.0", "operator": "le"}, {"name": "BIG-IP WOM", "version": "11.3.0", "operator": "le"}, {"name": "BIG-IP ASM", "version": "12.0.0", "operator": "le"}], "cvelist": ["CVE-2010-5313", "CVE-2014-7842"], "modified": "2016-03-01T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/k/62/sol62700573.html", "id": "SOL62700573", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:10:16", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7842", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8369"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-75.110", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-75-omap", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-75.110", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-75-powerpc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-75.110", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-75-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-75.110", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-75-highbank", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-75.110", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-75-powerpc-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-75.110", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-75-virtual", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-75.110", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-75-generic-pae", "operator": "lt"}], "description": "A race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842)\n\nThe KVM (kernel virtual machine) subsystem of the Linux kernel miscalculates the number of memory pages during the handling of a mapping failure. A guest OS user could exploit this to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveraging guest OS privileges. (CVE-2014-8369)", "edition": 3, "reporter": "Ubuntu", "published": "2015-01-13T00:00:00", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-8369", "CVE-2014-7842"], "modified": "2015-01-13T00:00:00", "id": "USN-2463-1", "href": "https://usn.ubuntu.com/2463-1/", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:10:28", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7842", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8134", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-9322", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-9090", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8369"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-1458.78", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-1458-omap4", "operator": "lt"}], "description": "Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment (SS) register in the x86 architecture. A local attacker could exploit this flaw to gain administrative privileges. (CVE-2014-9322)\n\nAn information leak in the Linux kernel was discovered that could leak the high 16 bits of the kernel stack address on 32-bit Kernel Virtual Machine (KVM) paravirt guests. A user in the guest OS could exploit this leak to obtain information that could potentially be used to aid in attacking the kernel. (CVE-2014-8134)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842)\n\nThe KVM (kernel virtual machine) subsystem of the Linux kernel miscalculates the number of memory pages during the handling of a mapping failure. A guest OS user could exploit this to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveraging guest OS privileges. (CVE-2014-8369)\n\nAndy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment (SS) register on the x86 architecture. A local attacker could exploit this flaw to cause a denial of service (panic). (CVE-2014-9090)", "edition": 3, "reporter": "Ubuntu", "published": "2015-01-13T00:00:00", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-8369", "CVE-2014-8134", "CVE-2014-9090", "CVE-2014-9322", "CVE-2014-7842"], "modified": "2015-01-13T00:00:00", "id": "USN-2464-1", "href": "https://usn.ubuntu.com/2464-1/", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:28", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7842", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7843", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8884", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7841"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.13.0-44.73~precise1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-44-generic-lpae", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.13.0-44.73~precise1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-44-generic", "operator": "lt"}], "description": "A null pointer dereference flaw was discovered in the the Linux kernel\u2019s SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842)\n\nMilo\u0161 Prchl\u00edk reported a flaw in how the ARM64 platform handles a single byte overflow in __clear_user. A local user could exploit this flaw to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling for the Technotrend/Hauppauge USB DEC devices driver. A local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges. (CVE-2014-8884)", "edition": 3, "reporter": "Ubuntu", "published": "2015-01-13T00:00:00", "title": "Linux kernel (Trusty HWE) vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-7841", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "modified": "2015-01-13T00:00:00", "id": "USN-2465-1", "href": "https://usn.ubuntu.com/2465-1/", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:09:57", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7842", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7843", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8884", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7841"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-44.73", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-44-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-44.73", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-44-generic-lpae", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-44.73", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-44-powerpc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-44.73", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-44-lowlatency", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-44.73", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-44-powerpc64-emb", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-44.73", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-44-powerpc-e500mc", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-44.73", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-44-powerpc-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-44.73", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-44-powerpc-e500", "operator": "lt"}], "description": "A null pointer dereference flaw was discovered in the the Linux kernel\u2019s SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842)\n\nMilo\u0161 Prchl\u00edk reported a flaw in how the ARM64 platform handles a single byte overflow in __clear_user. A local user could exploit this flaw to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling for the Technotrend/Hauppauge USB DEC devices driver. A local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges. (CVE-2014-8884)", "edition": 3, "reporter": "Ubuntu", "published": "2015-01-13T00:00:00", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-7841", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "modified": "2015-01-13T00:00:00", "id": "USN-2466-1", "href": "https://usn.ubuntu.com/2466-1/", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:55", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7842", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7843", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8884", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7841"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.16.0-29.39~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-lowlatency", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.16.0-29.39~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.16.0-29.39~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-generic-lpae", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.16.0-29.39~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-powerpc-e500mc", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.16.0-29.39~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-powerpc-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.16.0-29.39~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-powerpc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.16.0-29.39~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-powerpc64-emb", "operator": "lt"}], "description": "A null pointer dereference flaw was discovered in the the Linux kernel\u2019s SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842)\n\nMilo\u0161 Prchl\u00edk reported a flaw in how the ARM64 platform handles a single byte overflow in __clear_user. A local user could exploit this flaw to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling for the Technotrend/Hauppauge USB DEC devices driver. A local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges. (CVE-2014-8884)", "edition": 3, "reporter": "Ubuntu", "published": "2015-01-13T00:00:00", "title": "Linux kernel (Utopic HWE) vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-7841", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "modified": "2015-01-13T00:00:00", "id": "USN-2467-1", "href": "https://usn.ubuntu.com/2467-1/", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:23", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7842", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7843", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8884", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7841"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "14.10", "packageVersion": "3.16.0-29.39", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-powerpc-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.10", "packageVersion": "3.16.0-29.39", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-powerpc-e500mc", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.10", "packageVersion": "3.16.0-29.39", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-powerpc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.10", "packageVersion": "3.16.0-29.39", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-powerpc64-emb", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.10", "packageVersion": "3.16.0-29.39", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.10", "packageVersion": "3.16.0-29.39", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-lowlatency", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.10", "packageVersion": "3.16.0-29.39", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-generic-lpae", "operator": "lt"}], "description": "A null pointer dereference flaw was discovered in the the Linux kernel\u2019s SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842)\n\nMilo\u0161 Prchl\u00edk reported a flaw in how the ARM64 platform handles a single byte overflow in __clear_user. A local user could exploit this flaw to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling for the Technotrend/Hauppauge USB DEC devices driver. A local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges. (CVE-2014-8884)", "edition": 3, "reporter": "Ubuntu", "published": "2015-01-13T00:00:00", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-7841", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "modified": "2015-01-13T00:00:00", "id": "USN-2468-1", "href": "https://usn.ubuntu.com/2468-1/", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}], "nessus": [{"lastseen": "2018-09-01T23:35:47", "references": ["https://support.f5.com/csp/#/article/K62700573"], "pluginID": "88066", "description": "CVE-2010-5313 Race condition in arch/x86/kvm/x86.c in the Linux kernel before 2.6.38 allows L2 guest OS users to cause a denial of service (L1 guest OS crash) via a crafted instruction that triggers an L2 emulation failure report, a similar issue to CVE-2014-7842.\n\nCVE-2014-7842 Race condition in arch/x86/kvm/x86.c in the Linux kernel before 3.17.4 allows guest OS users to cause a denial of service (guest OS crash) via a crafted application that performs an MMIO transaction or a PIO transaction to trigger a guest userspace emulation error report, a similar issue to CVE-2010-5313.", "edition": 8, "reporter": "Tenable", "published": "2016-01-22T00:00:00", "title": "F5 Networks BIG-IP : Linux kernel vulnerabilities (K62700573)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "F5 Networks Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-5313", "CVE-2014-7842"], "modified": "2018-07-10T00:00:00", "cpe": ["cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/h:f5:big-ip_protocol_security_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/h:f5:big-ip", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/a:f5:big-ip_access_policy_manager"], "id": "F5_BIGIP_SOL62700573.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=88066", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K62700573.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(88066);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2018/07/10 14:27:33\");\n\n script_cve_id(\"CVE-2010-5313\", \"CVE-2014-7842\");\n script_bugtraq_id(71078, 71363);\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerabilities (K62700573)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2010-5313 Race condition in arch/x86/kvm/x86.c in the Linux kernel\nbefore 2.6.38 allows L2 guest OS users to cause a denial of service\n(L1 guest OS crash) via a crafted instruction that triggers an L2\nemulation failure report, a similar issue to CVE-2014-7842.\n\nCVE-2014-7842 Race condition in arch/x86/kvm/x86.c in the Linux kernel\nbefore 3.17.4 allows guest OS users to cause a denial of service\n(guest OS crash) via a crafted application that performs an MMIO\ntransaction or a PIO transaction to trigger a guest userspace\nemulation error report, a similar issue to CVE-2010-5313.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/#/article/K62700573\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K62700573.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K62700573\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.0.0-11.6.0\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"10.1.0-10.2.4\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.0.0-11.6.0\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"10.1.0-10.2.4\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"10.1.0-10.2.4\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"12.0.0\",\"11.0.0-11.6.0\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"10.1.0-10.2.4\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.0.0-11.6.0\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"10.1.0-10.2.4\");\n\n# PSM\nvmatrix[\"PSM\"] = make_array();\nvmatrix[\"PSM\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\");\nvmatrix[\"PSM\"][\"unaffected\"] = make_list(\"10.1.0-10.2.4\");\n\n# WAM\nvmatrix[\"WAM\"] = make_array();\nvmatrix[\"WAM\"][\"affected\" ] = make_list(\"11.0.0-11.3.0\");\nvmatrix[\"WAM\"][\"unaffected\"] = make_list(\"10.1.0-10.2.4\");\n\n# WOM\nvmatrix[\"WOM\"] = make_array();\nvmatrix[\"WOM\"][\"affected\" ] = make_list(\"11.0.0-11.3.0\");\nvmatrix[\"WOM\"][\"unaffected\"] = make_list(\"10.1.0-10.2.4\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-12-02T15:44:55", "references": ["https://usn.ubuntu.com/2463-1/"], "pluginID": "80511", "description": "A race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842)\n\nThe KVM (kernel virtual machine) subsystem of the Linux kernel miscalculates the number of memory pages during the handling of a mapping failure. A guest OS user could exploit this to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveraging guest OS privileges. (CVE-2014-8369).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 7, "reporter": "Tenable", "published": "2015-01-14T00:00:00", "title": "Ubuntu 12.04 LTS : linux vulnerabilities (USN-2463-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8369", "CVE-2014-7842"], "modified": "2018-12-01T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2463-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=80511", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2463-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80511);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/12/01 15:12:39\");\n\n script_cve_id(\"CVE-2014-7842\", \"CVE-2014-8369\");\n script_bugtraq_id(70749, 71078);\n script_xref(name:\"USN\", value:\"2463-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux vulnerabilities (USN-2463-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A race condition with MMIO and PIO transactions in the KVM (Kernel\nVirtual Machine) subsystem of the Linux kernel was discovered. A guest\nOS user could exploit this flaw to cause a denial of service (guest OS\ncrash) via a specially crafted application. (CVE-2014-7842)\n\nThe KVM (kernel virtual machine) subsystem of the Linux kernel\nmiscalculates the number of memory pages during the handling of a\nmapping failure. A guest OS user could exploit this to cause a denial\nof service (host OS page unpinning) or possibly have unspecified other\nimpact by leveraging guest OS privileges. (CVE-2014-8369).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2463-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-75-generic\", pkgver:\"3.2.0-75.110\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-75-generic-pae\", pkgver:\"3.2.0-75.110\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-75-highbank\", pkgver:\"3.2.0-75.110\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-75-virtual\", pkgver:\"3.2.0-75.110\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.2-generic / linux-image-3.2-generic-pae / etc\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-12-02T15:48:08", "references": ["https://usn.ubuntu.com/2465-1/"], "pluginID": "80512", "description": "A NULL pointer dereference flaw was discovered in the the Linux kernel's SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842)\n\nMilos Prchlik reported a flaw in how the ARM64 platform handles a single byte overflow in __clear_user. A local user could exploit this flaw to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling for the Technotrend/Hauppauge USB DEC devices driver. A local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges. (CVE-2014-8884).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 7, "reporter": "Tenable", "published": "2015-01-14T00:00:00", "title": "Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2465-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7841", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "modified": "2018-12-01T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2465-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=80512", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2465-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80512);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/12/01 15:12:39\");\n\n script_cve_id(\"CVE-2014-7841\", \"CVE-2014-7842\", \"CVE-2014-7843\", \"CVE-2014-8884\");\n script_bugtraq_id(71078, 71081, 71082, 71097);\n script_xref(name:\"USN\", value:\"2465-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2465-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A NULL pointer dereference flaw was discovered in the the Linux\nkernel's SCTP implementation when ASCONF is used. A remote attacker\ncould exploit this flaw to cause a denial of service (system crash)\nvia a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel\nVirtual Machine) subsystem of the Linux kernel was discovered. A guest\nOS user could exploit this flaw to cause a denial of service (guest OS\ncrash) via a specially crafted application. (CVE-2014-7842)\n\nMilos Prchlik reported a flaw in how the ARM64 platform handles a\nsingle byte overflow in __clear_user. A local user could exploit this\nflaw to cause a denial of service (system crash) by reading one byte\nbeyond a /dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling\nfor the Technotrend/Hauppauge USB DEC devices driver. A local user\ncould exploit this flaw to cause a denial of service (system crash) or\npossibly gain privileges. (CVE-2014-8884).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2465-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.13-generic and / or\nlinux-image-3.13-generic-lpae packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-44-generic\", pkgver:\"3.13.0-44.73~precise1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-44-generic-lpae\", pkgver:\"3.13.0-44.73~precise1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae\");\n}\n", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-12-02T15:28:11", "references": ["https://usn.ubuntu.com/2466-1/"], "pluginID": "80513", "description": "A NULL pointer dereference flaw was discovered in the the Linux kernel's SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842)\n\nMilos Prchlik reported a flaw in how the ARM64 platform handles a single byte overflow in __clear_user. A local user could exploit this flaw to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling for the Technotrend/Hauppauge USB DEC devices driver. A local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges. (CVE-2014-8884).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 7, "reporter": "Tenable", "published": "2015-01-14T00:00:00", "title": "Ubuntu 14.04 LTS : linux vulnerabilities (USN-2466-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7841", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "modified": "2018-12-01T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2466-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=80513", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2466-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80513);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/12/01 15:12:39\");\n\n script_cve_id(\"CVE-2014-7841\", \"CVE-2014-7842\", \"CVE-2014-7843\", \"CVE-2014-8884\");\n script_bugtraq_id(71078, 71081, 71082, 71097);\n script_xref(name:\"USN\", value:\"2466-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux vulnerabilities (USN-2466-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A NULL pointer dereference flaw was discovered in the the Linux\nkernel's SCTP implementation when ASCONF is used. A remote attacker\ncould exploit this flaw to cause a denial of service (system crash)\nvia a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel\nVirtual Machine) subsystem of the Linux kernel was discovered. A guest\nOS user could exploit this flaw to cause a denial of service (guest OS\ncrash) via a specially crafted application. (CVE-2014-7842)\n\nMilos Prchlik reported a flaw in how the ARM64 platform handles a\nsingle byte overflow in __clear_user. A local user could exploit this\nflaw to cause a denial of service (system crash) by reading one byte\nbeyond a /dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling\nfor the Technotrend/Hauppauge USB DEC devices driver. A local user\ncould exploit this flaw to cause a denial of service (system crash) or\npossibly gain privileges. (CVE-2014-8884).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2466-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.13-generic,\nlinux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-44-generic\", pkgver:\"3.13.0-44.73\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-44-generic-lpae\", pkgver:\"3.13.0-44.73\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-44-lowlatency\", pkgver:\"3.13.0-44.73\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae / etc\");\n}\n", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:10:08", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1163087", "https://bugzilla.redhat.com/show_bug.cgi?id=1163744", "https://bugzilla.redhat.com/show_bug.cgi?id=1161565", "http://www.nessus.org/u?3b5b6c61", "https://bugzilla.redhat.com/show_bug.cgi?id=1163762"], "pluginID": "79319", "description": "Latest upstream stable release, Linux v3.17.3. A wide variety of fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "reporter": "Tenable", "published": "2014-11-19T00:00:00", "title": "Fedora 21 : kernel-3.17.3-300.fc21 (2014-15159)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7825", "CVE-2014-7841", "CVE-2014-7843", "CVE-2014-7842", "CVE-2014-7826"], "modified": "2015-10-19T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:21"], "id": "FEDORA_2014-15159.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79319", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-15159.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79319);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:14:43 $\");\n\n script_cve_id(\"CVE-2014-7825\", \"CVE-2014-7826\", \"CVE-2014-7841\", \"CVE-2014-7842\", \"CVE-2014-7843\");\n script_bugtraq_id(70971, 70972, 71078, 71081, 71082);\n script_xref(name:\"FEDORA\", value:\"2014-15159\");\n\n script_name(english:\"Fedora 21 : kernel-3.17.3-300.fc21 (2014-15159)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Latest upstream stable release, Linux v3.17.3. A wide variety of fixes\nacross the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1161565\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1163087\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1163744\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1163762\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-November/144193.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3b5b6c61\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"kernel-3.17.3-300.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-12-02T15:28:52", "references": ["https://usn.ubuntu.com/2467-1/"], "pluginID": "80514", "description": "A NULL pointer dereference flaw was discovered in the the Linux kernel's SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842)\n\nMilos Prchlik reported a flaw in how the ARM64 platform handles a single byte overflow in __clear_user. A local user could exploit this flaw to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling for the Technotrend/Hauppauge USB DEC devices driver. A local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges. (CVE-2014-8884).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 7, "reporter": "Tenable", "published": "2015-01-14T00:00:00", "title": "Ubuntu 14.04 LTS : linux-lts-utopic vulnerabilities (USN-2467-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7841", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "modified": "2018-12-01T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2467-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=80514", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2467-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80514);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/12/01 15:12:39\");\n\n script_cve_id(\"CVE-2014-7841\", \"CVE-2014-7842\", \"CVE-2014-7843\", \"CVE-2014-8884\");\n script_bugtraq_id(71078, 71081, 71082, 71097);\n script_xref(name:\"USN\", value:\"2467-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-utopic vulnerabilities (USN-2467-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A NULL pointer dereference flaw was discovered in the the Linux\nkernel's SCTP implementation when ASCONF is used. A remote attacker\ncould exploit this flaw to cause a denial of service (system crash)\nvia a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel\nVirtual Machine) subsystem of the Linux kernel was discovered. A guest\nOS user could exploit this flaw to cause a denial of service (guest OS\ncrash) via a specially crafted application. (CVE-2014-7842)\n\nMilos Prchlik reported a flaw in how the ARM64 platform handles a\nsingle byte overflow in __clear_user. A local user could exploit this\nflaw to cause a denial of service (system crash) by reading one byte\nbeyond a /dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling\nfor the Technotrend/Hauppauge USB DEC devices driver. A local user\ncould exploit this flaw to cause a denial of service (system crash) or\npossibly gain privileges. (CVE-2014-8884).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2467-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.16-generic,\nlinux-image-3.16-generic-lpae and / or linux-image-3.16-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-29-generic\", pkgver:\"3.16.0-29.39~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-29-generic-lpae\", pkgver:\"3.16.0-29.39~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-29-lowlatency\", pkgver:\"3.16.0-29.39~14.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.16-generic / linux-image-3.16-generic-lpae / etc\");\n}\n", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:44:25", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1163087", "https://bugzilla.redhat.com/show_bug.cgi?id=1163744", "https://bugzilla.redhat.com/show_bug.cgi?id=1161565", "https://bugzilla.redhat.com/show_bug.cgi?id=1163762", "http://www.nessus.org/u?127cad7b"], "pluginID": "79363", "description": "The 3.17.3 stable update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "reporter": "Tenable", "published": "2014-11-21T00:00:00", "title": "Fedora 20 : kernel-3.17.3-200.fc20 (2014-15200)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7825", "CVE-2014-7841", "CVE-2014-7843", "CVE-2014-7842", "CVE-2014-7826"], "modified": "2015-10-19T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2014-15200.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79363", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-15200.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79363);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:14:43 $\");\n\n script_cve_id(\"CVE-2014-7825\", \"CVE-2014-7826\", \"CVE-2014-7841\", \"CVE-2014-7842\", \"CVE-2014-7843\");\n script_xref(name:\"FEDORA\", value:\"2014-15200\");\n\n script_name(english:\"Fedora 20 : kernel-3.17.3-200.fc20 (2014-15200)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 3.17.3 stable update contains a number of important fixes across\nthe tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1161565\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1163087\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1163744\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1163762\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-November/144691.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?127cad7b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"kernel-3.17.3-200.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-12-02T15:35:04", "references": ["https://usn.ubuntu.com/2468-1/"], "pluginID": "80515", "description": "A NULL pointer dereference flaw was discovered in the the Linux kernel's SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842)\n\nMilos Prchlik reported a flaw in how the ARM64 platform handles a single byte overflow in __clear_user. A local user could exploit this flaw to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling for the Technotrend/Hauppauge USB DEC devices driver. A local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges. (CVE-2014-8884).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 7, "reporter": "Tenable", "published": "2015-01-14T00:00:00", "title": "Ubuntu 14.10 : linux vulnerabilities (USN-2468-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7841", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "modified": "2018-12-01T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.10"], "id": "UBUNTU_USN-2468-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=80515", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2468-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80515);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/12/01 15:12:39\");\n\n script_cve_id(\"CVE-2014-7841\", \"CVE-2014-7842\", \"CVE-2014-7843\", \"CVE-2014-8884\");\n script_bugtraq_id(71078, 71081, 71082, 71097);\n script_xref(name:\"USN\", value:\"2468-1\");\n\n script_name(english:\"Ubuntu 14.10 : linux vulnerabilities (USN-2468-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A NULL pointer dereference flaw was discovered in the the Linux\nkernel's SCTP implementation when ASCONF is used. A remote attacker\ncould exploit this flaw to cause a denial of service (system crash)\nvia a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel\nVirtual Machine) subsystem of the Linux kernel was discovered. A guest\nOS user could exploit this flaw to cause a denial of service (guest OS\ncrash) via a specially crafted application. (CVE-2014-7842)\n\nMilos Prchlik reported a flaw in how the ARM64 platform handles a\nsingle byte overflow in __clear_user. A local user could exploit this\nflaw to cause a denial of service (system crash) by reading one byte\nbeyond a /dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling\nfor the Technotrend/Hauppauge USB DEC devices driver. A local user\ncould exploit this flaw to cause a denial of service (system crash) or\npossibly gain privileges. (CVE-2014-8884).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2468-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.16-generic,\nlinux-image-3.16-generic-lpae and / or linux-image-3.16-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(14\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.10\", pkgname:\"linux-image-3.16.0-29-generic\", pkgver:\"3.16.0-29.39\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"linux-image-3.16.0-29-generic-lpae\", pkgver:\"3.16.0-29.39\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"linux-image-3.16.0-29-lowlatency\", pkgver:\"3.16.0-29.39\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.16-generic / linux-image-3.16-generic-lpae / etc\");\n}\n", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:48:18", "references": ["http://www.nessus.org/u?76283b05"], "pluginID": "91643", "description": "Security Fix(es) :\n\n - It was found that reporting emulation failures to user space could lead to either a local (CVE-2014-7842) or a L2->L1 (CVE-2010-5313) denial of service. In the case of a local denial of service, an attacker must have access to the MMIO area or be able to access an I/O port.\n Please note that on certain systems, HPET is mapped to userspace as part of vdso (vvar) and thus an unprivileged user may generate MMIO transactions (and enter the emulator) this way. (CVE-2010-5313, CVE-2014-7842, Moderate)\n\n - It was found that the Linux kernel did not properly account file descriptors passed over the unix socket against the process limit. A local user could use this flaw to exhaust all available memory on the system.\n (CVE-2013-4312, Moderate)\n\n - A buffer overflow flaw was found in the way the Linux kernel's virtio- net subsystem handled certain fraglists when the GRO (Generic Receive Offload) functionality was enabled in a bridged network configuration. An attacker on the local network could potentially use this flaw to crash the system, or, although unlikely, elevate their privileges on the system. (CVE-2015-5156, Moderate)\n\n - It was found that the Linux kernel's IPv6 network stack did not properly validate the value of the MTU variable when it was set. A remote attacker could potentially use this flaw to disrupt a target system's networking (packet loss) by setting an invalid MTU value, for example, via a NetworkManager daemon that is processing router advertisement packets running on the target system. (CVE-2015-8215, Moderate)\n\n - A NULL pointer dereference flaw was found in the way the Linux kernel's network subsystem handled socket creation with an invalid protocol identifier. A local user could use this flaw to crash the system. (CVE-2015-8543, Moderate)\n\n - It was found that the espfix functionality does not work for 32-bit KVM paravirtualized guests. A local, unprivileged guest user could potentially use this flaw to leak kernel stack addresses. (CVE-2014-8134, Low)\n\n - A flaw was found in the way the Linux kernel's ext4 file system driver handled non-journal file systems with an orphan list. An attacker with physical access to the system could use this flaw to crash the system or, although unlikely, escalate their privileges on the system. (CVE-2015-7509, Low)\n\n - A NULL pointer dereference flaw was found in the way the Linux kernel's ext4 file system driver handled certain corrupted file system images. An attacker with physical access to the system could use this flaw to crash the system. (CVE-2015-8324, Low)\n\nNotes :\n\n - Problems have been reported with this kernel and VirtualBox. More info is available in the notes for the VirtualBox ticket here: <a href='https://www.virtualbox.org/ticket/14866' target='_blank'>https://www.virtualbox.org/ticket/14866< /a>", "edition": 5, "reporter": "Tenable", "published": "2016-06-17T00:00:00", "title": "Scientific Linux Security Update : kernel on SL6.x i386/x86_64", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Scientific Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-5313", "CVE-2014-8134", "CVE-2015-7509", "CVE-2015-8215", "CVE-2015-8324", "CVE-2015-5156", "CVE-2015-8543", "CVE-2013-4312", "CVE-2014-7842"], "modified": "2016-10-19T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20160510_KERNEL_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=91643", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91643);\n script_version(\"$Revision: 2.2 $\");\n script_cvs_date(\"$Date: 2016/10/19 14:25:13 $\");\n\n script_cve_id(\"CVE-2010-5313\", \"CVE-2013-4312\", \"CVE-2014-7842\", \"CVE-2014-8134\", \"CVE-2015-5156\", \"CVE-2015-7509\", \"CVE-2015-8215\", \"CVE-2015-8324\", \"CVE-2015-8543\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - It was found that reporting emulation failures to user\n space could lead to either a local (CVE-2014-7842) or a\n L2->L1 (CVE-2010-5313) denial of service. In the case of\n a local denial of service, an attacker must have access\n to the MMIO area or be able to access an I/O port.\n Please note that on certain systems, HPET is mapped to\n userspace as part of vdso (vvar) and thus an\n unprivileged user may generate MMIO transactions (and\n enter the emulator) this way. (CVE-2010-5313,\n CVE-2014-7842, Moderate)\n\n - It was found that the Linux kernel did not properly\n account file descriptors passed over the unix socket\n against the process limit. A local user could use this\n flaw to exhaust all available memory on the system.\n (CVE-2013-4312, Moderate)\n\n - A buffer overflow flaw was found in the way the Linux\n kernel's virtio- net subsystem handled certain fraglists\n when the GRO (Generic Receive Offload) functionality was\n enabled in a bridged network configuration. An attacker\n on the local network could potentially use this flaw to\n crash the system, or, although unlikely, elevate their\n privileges on the system. (CVE-2015-5156, Moderate)\n\n - It was found that the Linux kernel's IPv6 network stack\n did not properly validate the value of the MTU variable\n when it was set. A remote attacker could potentially use\n this flaw to disrupt a target system's networking\n (packet loss) by setting an invalid MTU value, for\n example, via a NetworkManager daemon that is processing\n router advertisement packets running on the target\n system. (CVE-2015-8215, Moderate)\n\n - A NULL pointer dereference flaw was found in the way the\n Linux kernel's network subsystem handled socket creation\n with an invalid protocol identifier. A local user could\n use this flaw to crash the system. (CVE-2015-8543,\n Moderate)\n\n - It was found that the espfix functionality does not work\n for 32-bit KVM paravirtualized guests. A local,\n unprivileged guest user could potentially use this flaw\n to leak kernel stack addresses. (CVE-2014-8134, Low)\n\n - A flaw was found in the way the Linux kernel's ext4 file\n system driver handled non-journal file systems with an\n orphan list. An attacker with physical access to the\n system could use this flaw to crash the system or,\n although unlikely, escalate their privileges on the\n system. (CVE-2015-7509, Low)\n\n - A NULL pointer dereference flaw was found in the way the\n Linux kernel's ext4 file system driver handled certain\n corrupted file system images. An attacker with physical\n access to the system could use this flaw to crash the\n system. (CVE-2015-8324, Low)\n\nNotes :\n\n - Problems have been reported with this kernel and\n VirtualBox. More info is available in the notes for the\n VirtualBox ticket here: <a\n href='https://www.virtualbox.org/ticket/14866'\n target='_blank'>https://www.virtualbox.org/ticket/14866<\n /a>\"\n );\n # http://listserv.fnal.gov/scripts/wa.exe?A2=ind1606&L=scientific-linux-errata&F=&S=&P=3658\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?76283b05\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016 Tenable Network Security, Inc.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"kernel-2.6.32-642.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-abi-whitelists-2.6.32-642.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-2.6.32-642.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-debuginfo-2.6.32-642.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-devel-2.6.32-642.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debuginfo-2.6.32-642.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debuginfo-common-i686-2.6.32-642.el6\")) flag++;\nif (rpm_check(release:\"SL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-642.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-devel-2.6.32-642.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-doc-2.6.32-642.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-firmware-2.6.32-642.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-headers-2.6.32-642.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"perf-2.6.32-642.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"perf-debuginfo-2.6.32-642.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"python-perf-2.6.32-642.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"python-perf-debuginfo-2.6.32-642.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:57:30", "references": ["https://oss.oracle.com/pipermail/el-errata/2016-January/005677.html", "https://oss.oracle.com/pipermail/el-errata/2016-January/005678.html"], "pluginID": "87835", "description": "Description of changes:\n\n[2.6.39-400.264.13.el6uek]\n- KEYS: Don't permit request_key() to construct a new keyring (David Howells) [Orabug: 22373449] {CVE-2015-7872}\n\n[2.6.39-400.264.12.el6uek]\n- crypto: add missing crypto module aliases (Mathias Krause) [Orabug: 22249656] {CVE-2013-7421} {CVE-2014-9644}\n- crypto: include crypto- module prefix in template (Kees Cook) [Orabug: 22249656] {CVE-2013-7421} {CVE-2014-9644}\n- crypto: prefix module autoloading with 'crypto-' (Kees Cook) [Orabug: 22249656] {CVE-2013-7421} {CVE-2014-9644}\n\n[2.6.39-400.264.11.el6uek]\n- KVM: x86: Don't report guest userspace emulation error to userspace (Nadav Amit) [Orabug: 22249615] {CVE-2010-5313} {CVE-2014-7842}\n\n[2.6.39-400.264.9.el6uek]\n- msg_unlock() in wrong spot after applying 'Initialize msg/shm IPC objects before doing ipc_addid()' (Chuck Anderson) [Orabug: 22250044] {CVE-2015-7613} {CVE-2015-7613}\n\n[2.6.39-400.264.8.el6uek]\n- ipc/sem.c: fully initialize sem_array before making it visible (Manfred Spraul) [Orabug: 22250044] {CVE-2015-7613}\n- Initialize msg/shm IPC objects before doing ipc_addid() (Linus Torvalds) [Orabug: 22250044] {CVE-2015-7613}\n\n[2.6.39-400.264.7.el6uek]\n- KVM: svm: unconditionally intercept #DB (Paolo Bonzini) [Orabug: 22333698] {CVE-2015-8104} {CVE-2015-8104}\n- KVM: x86: work around infinite loop in microcode when #AC is delivered (Eric Northup) [Orabug: 22333689] {CVE-2015-5307} {CVE-2015-5307}\n\n[2.6.39-400.264.6.el6uek]\n- mlx4_core: Introduce restrictions for PD update (Ajaykumar Hotchandani) - IPoIB: Drop priv->lock before calling ipoib_send() (Wengang Wang) - IPoIB: serialize changing on tx_outstanding (Wengang Wang) [Orabug: 21861366] - IB/mlx4: Implement IB_QP_CREATE_USE_GFP_NOIO (Jiri Kosina) - IB: Add a QP creation flag to use GFP_NOIO allocations (Or Gerlitz) - IB: Return error for unsupported QP creation flags (Or Gerlitz) - IB/ipoib: Calculate csum only when skb->ip_summed is CHECKSUM_PARTIAL (Yuval Shaia) [Orabug: 20873175]", "edition": 5, "reporter": "Tenable", "published": "2016-01-11T00:00:00", "title": "Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2016-3502)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-9644", "CVE-2010-5313", "CVE-2015-7872", "CVE-2015-5307", "CVE-2015-7613", "CVE-2013-7421", "CVE-2014-7842", "CVE-2015-8104"], "modified": "2016-10-28T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-uek-firmware", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-debug"], "id": "ORACLELINUX_ELSA-2016-3502.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=87835", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2016-3502.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87835);\n script_version(\"$Revision: 2.3 $\");\n script_cvs_date(\"$Date: 2016/10/28 21:03:37 $\");\n\n script_cve_id(\"CVE-2010-5313\", \"CVE-2013-7421\", \"CVE-2014-7842\", \"CVE-2014-9644\", \"CVE-2015-5307\", \"CVE-2015-7613\", \"CVE-2015-7872\", \"CVE-2015-8104\");\n\n script_name(english:\"Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2016-3502)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Description of changes:\n\n[2.6.39-400.264.13.el6uek]\n- KEYS: Don't permit request_key() to construct a new keyring (David \nHowells) [Orabug: 22373449] {CVE-2015-7872}\n\n[2.6.39-400.264.12.el6uek]\n- crypto: add missing crypto module aliases (Mathias Krause) [Orabug: \n22249656] {CVE-2013-7421} {CVE-2014-9644}\n- crypto: include crypto- module prefix in template (Kees Cook) \n[Orabug: 22249656] {CVE-2013-7421} {CVE-2014-9644}\n- crypto: prefix module autoloading with 'crypto-' (Kees Cook) [Orabug: \n22249656] {CVE-2013-7421} {CVE-2014-9644}\n\n[2.6.39-400.264.11.el6uek]\n- KVM: x86: Don't report guest userspace emulation error to userspace \n(Nadav Amit) [Orabug: 22249615] {CVE-2010-5313} {CVE-2014-7842}\n\n[2.6.39-400.264.9.el6uek]\n- msg_unlock() in wrong spot after applying 'Initialize msg/shm IPC \nobjects before doing ipc_addid()' (Chuck Anderson) [Orabug: 22250044] \n{CVE-2015-7613} {CVE-2015-7613}\n\n[2.6.39-400.264.8.el6uek]\n- ipc/sem.c: fully initialize sem_array before making it visible \n(Manfred Spraul) [Orabug: 22250044] {CVE-2015-7613}\n- Initialize msg/shm IPC objects before doing ipc_addid() (Linus \nTorvalds) [Orabug: 22250044] {CVE-2015-7613}\n\n[2.6.39-400.264.7.el6uek]\n- KVM: svm: unconditionally intercept #DB (Paolo Bonzini) [Orabug: \n22333698] {CVE-2015-8104} {CVE-2015-8104}\n- KVM: x86: work around infinite loop in microcode when #AC is delivered \n(Eric Northup) [Orabug: 22333689] {CVE-2015-5307} {CVE-2015-5307}\n\n[2.6.39-400.264.6.el6uek]\n- mlx4_core: Introduce restrictions for PD update (Ajaykumar \nHotchandani) - IPoIB: Drop priv->lock before calling ipoib_send() \n(Wengang Wang) - IPoIB: serialize changing on tx_outstanding (Wengang \nWang) [Orabug: 21861366] - IB/mlx4: Implement IB_QP_CREATE_USE_GFP_NOIO \n(Jiri Kosina) - IB: Add a QP creation flag to use GFP_NOIO allocations \n(Or Gerlitz) - IB: Return error for unsupported QP creation flags (Or \nGerlitz) - IB/ipoib: Calculate csum only when skb->ip_summed is \nCHECKSUM_PARTIAL (Yuval Shaia) [Orabug: 20873175]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2016-January/005677.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2016-January/005678.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected unbreakable enterprise kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-2.6.39-400.264.13.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-debug-2.6.39-400.264.13.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-devel-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-debug-devel-2.6.39-400.264.13.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-devel-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-devel-2.6.39-400.264.13.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-doc-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-doc-2.6.39-400.264.13.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-firmware-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-firmware-2.6.39-400.264.13.el5uek\")) flag++;\n\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-2.6.39-400.264.13.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-2.6.39-400.264.13.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-devel-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-devel-2.6.39-400.264.13.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-devel-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-devel-2.6.39-400.264.13.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-doc-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-doc-2.6.39-400.264.13.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-firmware-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-firmware-2.6.39-400.264.13.el6uek\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-11-19T13:02:36", "references": ["http://www.ubuntu.com/usn/usn-2463-1/", "2463-1"], "pluginID": "1361412562310842048", "description": "The remote host is missing an update for the ", "edition": 8, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-01-23T00:00:00", "title": "Ubuntu Update for linux USN-2463-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 10.0}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8369", "CVE-2014-7842"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310842048", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842048", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux USN-2463-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842048\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-23 12:58:06 +0100 (Fri, 23 Jan 2015)\");\n script_cve_id(\"CVE-2014-7842\", \"CVE-2014-8369\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Ubuntu Update for linux USN-2463-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"A race condition with MMIO and PIO\ntransactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel\nwas discovered. A guest OS user could exploit this flaw to cause a denial of service\n(guest OS crash) via a specially crafted application. (CVE-2014-7842)\n\nThe KVM (kernel virtual machine) subsystem of the Linux kernel\nmiscalculates the number of memory pages during the handling of a mapping\nfailure. A guest OS user could exploit this to cause a denial of service\n(host OS page unpinning) or possibly have unspecified other impact by\nleveraging guest OS privileges. (CVE-2014-8369)\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2463-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2463-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-75-generic\", ver:\"3.2.0-75.110\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-75-generic-pae\", ver:\"3.2.0-75.110\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-75-highbank\", ver:\"3.2.0-75.110\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-75-omap\", ver:\"3.2.0-75.110\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-75-powerpc-smp\", ver:\"3.2.0-75.110\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-75-powerpc64-smp\", ver:\"3.2.0-75.110\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-75-virtual\", ver:\"3.2.0-75.110\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-11-19T13:02:08", "references": ["http://www.ubuntu.com/usn/usn-2465-1/", "2465-1"], "pluginID": "1361412562310842038", "description": "The remote host is missing an update for the ", "edition": 8, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-01-23T00:00:00", "title": "Ubuntu Update for linux-lts-trusty USN-2465-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7841", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310842038", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842038", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-lts-trusty USN-2465-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842038\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-23 12:57:45 +0100 (Fri, 23 Jan 2015)\");\n script_cve_id(\"CVE-2014-7841\", \"CVE-2014-7842\", \"CVE-2014-7843\", \"CVE-2014-8884\");\n script_tag(name:\"cvss_base\", value:\"6.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:C\");\n script_name(\"Ubuntu Update for linux-lts-trusty USN-2465-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-trusty'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"A null pointer dereference flaw was discovered\nin the the Linux kernel's SCTP implementation when ASCONF is used. A remote attacker\ncould exploit this flaw to cause a denial of service (system crash) via a malformed\nINIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual\nMachine) subsystem of the Linux kernel was discovered. A guest OS user\ncould exploit this flaw to cause a denial of service (guest OS crash) via a\nspecially crafted application. (CVE-2014-7842)\n\nMiloš Prchlí k reported a flaw in how the ARM64 platform handles a single\nbyte overflow in __clear_user. A local user could exploit this flaw to\ncause a denial of service (system crash) by reading one byte beyond a\n/dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling for\nthe Technotrend/Hauppauge USB DEC devices driver. A local user could\nexploit this flaw to cause a denial of service (system crash) or possibly\ngain privileges. (CVE-2014-8884)\");\n script_tag(name:\"affected\", value:\"linux-lts-trusty on Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2465-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2465-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-44-generic\", ver:\"3.13.0-44.73~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-44-generic-lpae\", ver:\"3.13.0-44.73~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-11-19T13:01:48", "references": ["http://www.ubuntu.com/usn/usn-2464-1/", "2464-1"], "pluginID": "1361412562310842058", "description": "The remote host is missing an update for the ", "edition": 9, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-01-23T00:00:00", "title": "Ubuntu Update for linux-ti-omap4 USN-2464-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8369", "CVE-2014-8134", "CVE-2014-9090", "CVE-2014-9322", "CVE-2014-7842"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310842058", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842058", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-ti-omap4 USN-2464-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842058\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-23 12:58:43 +0100 (Fri, 23 Jan 2015)\");\n script_cve_id(\"CVE-2014-9322\", \"CVE-2014-8134\", \"CVE-2014-7842\", \"CVE-2014-8369\", \"CVE-2014-9090\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-2464-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-ti-omap4'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Andy Lutomirski discovered that the Linux\nkernel does not properly handle faults associated with the Stack Segment (SS)\nregister in the x86 architecture. A local attacker could exploit this flaw to gain\nadministrative privileges. (CVE-2014-9322)\n\nAn information leak in the Linux kernel was discovered that could leak the\nhigh 16 bits of the kernel stack address on 32-bit Kernel Virtual Machine\n(KVM) paravirt guests. A user in the guest OS could exploit this leak to\nobtain information that could potentially be used to aid in attacking the\nkernel. (CVE-2014-8134)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual\nMachine) subsystem of the Linux kernel was discovered. A guest OS user\ncould exploit this flaw to cause a denial of service (guest OS crash) via a\nspecially crafted application. (CVE-2014-7842)\n\nThe KVM (kernel virtual machine) subsystem of the Linux kernel\nmiscalculates the number of memory pages during the handling of a mapping\nfailure. A guest OS user could exploit this to cause a denial of service\n(host OS page unpinning) or possibly have unspecified other impact by\nleveraging guest OS privileges. (CVE-2014-8369)\n\nAndy Lutomirski discovered that the Linux kernel does not properly handle\nfaults associated with the Stack Segment (SS) register on the x86\narchitecture. A local attacker could exploit this flaw to cause a denial of\nservice (panic). (CVE-2014-9090)\");\n script_tag(name:\"affected\", value:\"linux-ti-omap4 on Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2464-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2464-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-1458-omap4\", ver:\"3.2.0-1458.78\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-19T13:02:41", "references": ["http://www.ubuntu.com/usn/usn-2467-1/", "2467-1"], "pluginID": "1361412562310842044", "description": "The remote host is missing an update for the ", "edition": 8, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-01-23T00:00:00", "title": "Ubuntu Update for linux-lts-utopic USN-2467-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7841", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310842044", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842044", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-lts-utopic USN-2467-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842044\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-23 12:58:01 +0100 (Fri, 23 Jan 2015)\");\n script_cve_id(\"CVE-2014-7841\", \"CVE-2014-7842\", \"CVE-2014-7843\", \"CVE-2014-8884\");\n script_tag(name:\"cvss_base\", value:\"6.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:C\");\n script_name(\"Ubuntu Update for linux-lts-utopic USN-2467-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-utopic'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"A null pointer dereference flaw was discovered\nin the the Linux kernel's SCTP implementation when ASCONF is used. A remote attacker\ncould exploit this flaw to cause a denial of service (system crash) via a malformed\nINIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual\nMachine) subsystem of the Linux kernel was discovered. A guest OS user\ncould exploit this flaw to cause a denial of service (guest OS crash) via a\nspecially crafted application. (CVE-2014-7842)\n\nMiloš Prchlí k reported a flaw in how the ARM64 platform handles a single\nbyte overflow in __clear_user. A local user could exploit this flaw to\ncause a denial of service (system crash) by reading one byte beyond a\n/dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling for\nthe Technotrend/Hauppauge USB DEC devices driver. A local user could\nexploit this flaw to cause a denial of service (system crash) or possibly\ngain privileges. (CVE-2014-8884)\");\n script_tag(name:\"affected\", value:\"linux-lts-utopic on Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2467-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2467-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-generic\", ver:\"3.16.0-29.39~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-generic-lpae\", ver:\"3.16.0-29.39~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-lowlatency\", ver:\"3.16.0-29.39~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-powerpc-e500mc\", ver:\"3.16.0-29.39~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-powerpc-smp\", ver:\"3.16.0-29.39~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-powerpc64-emb\", ver:\"3.16.0-29.39~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-powerpc64-smp\", ver:\"3.16.0-29.39~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-11-19T13:01:29", "references": ["2468-1", "http://www.ubuntu.com/usn/usn-2468-1/"], "pluginID": "1361412562310842039", "description": "The remote host is missing an update for the ", "edition": 9, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-01-23T00:00:00", "title": "Ubuntu Update for linux USN-2468-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7841", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310842039", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842039", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux USN-2468-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842039\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-23 12:57:49 +0100 (Fri, 23 Jan 2015)\");\n script_cve_id(\"CVE-2014-7841\", \"CVE-2014-7842\", \"CVE-2014-7843\", \"CVE-2014-8884\");\n script_tag(name:\"cvss_base\", value:\"6.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:C\");\n script_name(\"Ubuntu Update for linux USN-2468-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"A null pointer dereference flaw was discovered\nin the the Linux kernel's SCTP implementation when ASCONF is used. A remote attacker\ncould exploit this flaw to cause a denial of service (system crash) via a malformed\nINIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual\nMachine) subsystem of the Linux kernel was discovered. A guest OS user\ncould exploit this flaw to cause a denial of service (guest OS crash) via a\nspecially crafted application. (CVE-2014-7842)\n\nMiloš Prchlí k reported a flaw in how the ARM64 platform handles a single\nbyte overflow in __clear_user. A local user could exploit this flaw to\ncause a denial of service (system crash) by reading one byte beyond a\n/dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling for\nthe Technotrend/Hauppauge USB DEC devices driver. A local user could\nexploit this flaw to cause a denial of service (system crash) or possibly\ngain privileges. (CVE-2014-8884)\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 14.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2468-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2468-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.10\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU14.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-generic\", ver:\"3.16.0-29.39\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-generic-lpae\", ver:\"3.16.0-29.39\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-lowlatency\", ver:\"3.16.0-29.39\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-powerpc-e500mc\", ver:\"3.16.0-29.39\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-powerpc-smp\", ver:\"3.16.0-29.39\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-powerpc64-emb\", ver:\"3.16.0-29.39\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-powerpc64-smp\", ver:\"3.16.0-29.39\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-11-19T13:03:05", "references": ["http://www.ubuntu.com/usn/usn-2466-1/", "2466-1"], "pluginID": "1361412562310842043", "description": "The remote host is missing an update for the ", "edition": 8, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-01-23T00:00:00", "title": "Ubuntu Update for linux USN-2466-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7841", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310842043", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842043", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux USN-2466-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842043\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-23 12:57:58 +0100 (Fri, 23 Jan 2015)\");\n script_cve_id(\"CVE-2014-7841\", \"CVE-2014-7842\", \"CVE-2014-7843\", \"CVE-2014-8884\");\n script_tag(name:\"cvss_base\", value:\"6.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:C\");\n script_name(\"Ubuntu Update for linux USN-2466-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"A null pointer dereference flaw was\ndiscovered in the the Linux kernel's SCTP implementation when ASCONF is used. A\nremote attacker could exploit this flaw to cause a denial of service (system crash)\nvia a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual\nMachine) subsystem of the Linux kernel was discovered. A guest OS user\ncould exploit this flaw to cause a denial of service (guest OS crash) via a\nspecially crafted application. (CVE-2014-7842)\n\nMiloš Prchlí k reported a flaw in how the ARM64 platform handles a single\nbyte overflow in __clear_user. A local user could exploit this flaw to\ncause a denial of service (system crash) by reading one byte beyond a\n/dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling for\nthe Technotrend/Hauppauge USB DEC devices driver. A local user could\nexploit this flaw to cause a denial of service (system crash) or possibly\ngain privileges. (CVE-2014-8884)\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2466-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2466-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-44-generic\", ver:\"3.13.0-44.73\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-44-generic-lpae\", ver:\"3.13.0-44.73\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-44-lowlatency\", ver:\"3.13.0-44.73\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-44-powerpc-e500\", ver:\"3.13.0-44.73\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-44-powerpc-e500mc\", ver:\"3.13.0-44.73\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-44-powerpc-smp\", ver:\"3.13.0-44.73\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-44-powerpc64-emb\", ver:\"3.13.0-44.73\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-44-powerpc64-smp\", ver:\"3.13.0-44.73\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-09-28T18:21:49", "references": ["http://linux.oracle.com/errata/ELSA-2016-3502.html"], "pluginID": "1361412562310122822", "description": "Oracle Linux Local Security Checks ELSA-2016-3502", "edition": 5, "reporter": "Eero Volotinen", "published": "2016-01-11T00:00:00", "title": "Oracle Linux Local Check: ELSA-2016-3502", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-9644", "CVE-2015-5307", "CVE-2015-7613", "CVE-2013-7421", "CVE-2014-7842", "CVE-2015-8104"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122822", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122822", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2016-3502.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122822\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2016-01-11 11:11:58 +0200 (Mon, 11 Jan 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2016-3502\");\n script_tag(name:\"insight\", value:\"ELSA-2016-3502 - Unbreakable Enterprise kernel security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2016-3502\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2016-3502.html\");\n script_cve_id(\"CVE-2013-7421\", \"CVE-2014-9644\", \"CVE-2014-7842\", \"CVE-2015-7613\", \"CVE-2015-5307\", \"CVE-2015-8104\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.39~400.264.13.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.39~400.264.13.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.39~400.264.13.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.39~400.264.13.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.39~400.264.13.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.39~400.264.13.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.39~400.264.13.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.39~400.264.13.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.39~400.264.13.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.39~400.264.13.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.39~400.264.13.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.39~400.264.13.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-23T15:10:44", "references": ["2016:0855-01", "https://www.redhat.com/archives/rhsa-announce/2016-May/msg00023.html"], "pluginID": "1361412562310871611", "description": "The remote host is missing an update for the ", "edition": 7, "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "published": "2016-05-11T00:00:00", "title": "RedHat Update for kernel RHSA-2016:0855-01", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-5313", "CVE-2014-8134", "CVE-2015-7509", "CVE-2015-8215", "CVE-2015-8324", "CVE-2015-5156", "CVE-2015-8543", "CVE-2013-4312", "CVE-2014-7842"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871611", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871611", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2016:0855-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871611\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-11 05:22:55 +0200 (Wed, 11 May 2016)\");\n script_cve_id(\"CVE-2010-5313\", \"CVE-2013-4312\", \"CVE-2014-7842\", \"CVE-2014-8134\", \"CVE-2015-5156\", \"CVE-2015-7509\", \"CVE-2015-8215\", \"CVE-2015-8324\", \"CVE-2015-8543\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for kernel RHSA-2016:0855-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es):\n\n * It was found that reporting emulation failures to user space could lead\nto either a local (CVE-2014-7842) or a L2- L1 (CVE-2010-5313) denial of\nservice. In the case of a local denial of service, an attacker must have\naccess to the MMIO area or be able to access an I/O port. Please note that\non certain systems, HPET is mapped to userspace as part of vdso (vvar) and\nthus an unprivileged user may generate MMIO transactions (and enter the\nemulator) this way. (CVE-2010-5313, CVE-2014-7842, Moderate)\n\n * It was found that the Linux kernel did not properly account file\ndescriptors passed over the unix socket against the process limit. A local\nuser could use this flaw to exhaust all available memory on the system.\n(CVE-2013-4312, Moderate)\n\n * A buffer overflow flaw was found in the way the Linux kernel's virtio-net\nsubsystem handled certain fraglists when the GRO (Generic Receive Offload)\nfunctionality was enabled in a bridged network configuration. An attacker\non the local network could potentially use this flaw to crash the system,\nor, although unlikely, elevate their privileges on the system.\n(CVE-2015-5156, Moderate)\n\n * It was found that the Linux kernel's IPv6 network stack did not properly\nvalidate the value of the MTU variable when it was set. A remote attacker\ncould potentially use this flaw to disrupt a target system's networking\n(packet loss) by setting an invalid MTU value, for example, via a\nNetworkManager daemon that is processing router advertisement packets\nrunning on the target system. (CVE-2015-8215, Moderate)\n\n * A NULL pointer dereference flaw was found in the way the Linux kernel's\nnetwork subsystem handled socket creation with an invalid protocol\nidentifier. A local user could use this flaw to crash the system.\n(CVE-2015-8543, Moderate)\n\n * It was found that the espfix functionality does not work for 32-bit KVM\nparavirtualized guests. A local, unprivileged guest user could potentially\nuse this flaw to leak kernel stack addresses. (CVE-2014-8134, Low)\n\n * A flaw was found in the way the Linux kernel's ext4 file system driver\nhandled non-journal file systems with an orphan list. An attacker with\nphysical access to the system could use this flaw to crash the system or,\nalthough unlikely, escalate their privileges on the system. (CVE-2015-7509,\nLow)\n\n * A NULL pointer dereference flaw was found in the way the Linux kernel's\next4 file system driver handled certain corrup ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2016:0855-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2016-May/msg00023.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~642.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~642.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~642.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~642.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~642.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~642.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~642.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~642.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~642.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~2.6.32~642.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~2.6.32~642.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~642.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~642.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~642.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~642.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-28T18:25:41", "references": ["http://linux.oracle.com/errata/ELSA-2015-2152.html"], "pluginID": "1361412562310122785", "description": "Oracle Linux Local Security Checks ELSA-2015-2152", "edition": 5, "reporter": "Eero Volotinen", "published": "2015-11-25T00:00:00", "title": "Oracle Linux Local Check: ELSA-2015-2152", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-9644", "CVE-2015-4170", "CVE-2010-5313", "CVE-2015-2925", "CVE-2015-3339", "CVE-2014-3647", "CVE-2015-6526", "CVE-2015-7613", "CVE-2015-0239", "CVE-2013-7421", "CVE-2015-7837", "CVE-2015-5283", "CVE-2014-8171", "CVE-2014-9419", "CVE-2014-7842"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122785", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122785", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-2152.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122785\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-11-25 13:18:51 +0200 (Wed, 25 Nov 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-2152\");\n script_tag(name:\"insight\", value:\"ELSA-2015-2152 - kernel security, bug fix, and enhancement update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-2152\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-2152.html\");\n script_cve_id(\"CVE-2013-7421\", \"CVE-2014-9644\", \"CVE-2014-8171\", \"CVE-2010-5313\", \"CVE-2014-3647\", \"CVE-2014-7842\", \"CVE-2015-2925\", \"CVE-2015-4170\", \"CVE-2015-5283\", \"CVE-2015-6526\", \"CVE-2015-7613\", \"CVE-2015-7837\", \"CVE-2014-9419\", \"CVE-2015-0239\", \"CVE-2015-3339\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~327.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~3.10.0~327.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~327.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~327.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~327.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~3.10.0~327.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~327.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~327.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~327.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~327.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~327.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~327.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-19T13:02:34", "references": ["2015:0652_1"], "pluginID": "1361412562310850994", "description": "The remote host is missing an update for the ", "edition": 7, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-10-16T00:00:00", "title": "SuSE Update for Linux SUSE-SU-2015:0652-1 (Linux)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-5313", "CVE-2014-9420", "CVE-2014-3673", "CVE-2014-3688", "CVE-2014-8160", "CVE-2014-7841", "CVE-2014-8709", "CVE-2014-3185", "CVE-2014-9584", "CVE-2013-7263", "CVE-2014-0181", "CVE-2012-6657", "CVE-2014-7842", "CVE-2014-9585", "CVE-2013-4299", "CVE-2014-3184", "CVE-2014-3687"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310850994", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850994", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2015_0652_1.nasl 12381 2018-11-16 11:16:30Z cfischer $\n#\n# SuSE Update for Linux SUSE-SU-2015:0652-1 (Linux)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850994\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-16 16:19:17 +0200 (Fri, 16 Oct 2015)\");\n script_cve_id(\"CVE-2010-5313\", \"CVE-2012-6657\", \"CVE-2013-4299\", \"CVE-2013-7263\", \"CVE-2014-0181\", \"CVE-2014-3184\", \"CVE-2014-3185\", \"CVE-2014-3673\", \"CVE-2014-3687\", \"CVE-2014-3688\", \"CVE-2014-7841\", \"CVE-2014-7842\", \"CVE-2014-8160\", \"CVE-2014-8709\", \"CVE-2014-9420\", \"CVE-2014-9584\", \"CVE-2014-9585\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SuSE Update for Linux SUSE-SU-2015:0652-1 (Linux)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The SUSE Linux Enterprise 11 Service Pack 1 LTSS kernel was updated to fix\n security issues on kernels on the x86_64 architecture.\n\n The following security bugs have been fixed:\n\n * CVE-2013-4299: Interpretation conflict in\n drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6\n allowed remote authenticated users to obtain sensitive information\n or modify data via a crafted mapping to a snapshot block device\n (bnc#846404).\n\n * CVE-2014-8160: SCTP firewalling failed until the SCTP module was\n loaded (bnc#913059).\n\n * CVE-2014-9584: The parse_rock_ridge_inode_internal function in\n fs/isofs/rock.c in the Linux kernel before 3.18.2 did not validate a\n length value in the Extensions Reference (ER) System Use Field,\n which allowed local users to obtain sensitive information from\n kernel memory via a crafted iso9660 image (bnc#912654).\n\n * CVE-2014-9585: The vdso_addr function in arch/x86/vdso/vma.c in the\n Linux kernel through 3.18.2 did not properly choose memory locations\n for the vDSO area, which made it easier for local users to bypass\n the ASLR protection mechanism by guessing a location at the end of a\n PMD (bnc#912705).\n\n * CVE-2014-9420: The rock_continue function in fs/isofs/rock.c in the\n Linux kernel through 3.18.1 did not restrict the number of Rock\n Ridge continuation entries, which allowed local users to cause a\n denial of service (infinite loop, and system crash or hang) via a\n crafted iso9660 image (bnc#911325).\n\n * CVE-2014-0181: The Netlink implementation in the Linux kernel\n through 3.14.1 did not provide a mechanism for authorizing socket\n operations based on the opener of a socket, which allowed local\n users to bypass intended access restrictions and modify network\n configurations by using a Netlink socket for the (1) stdout or (2)\n stderr of a setuid program (bnc#875051).\n\n * CVE-2010-5313: Race condition in arch/x86/kvm/x86.c in the Linux\n kernel before 2.6.38 allowed L2 guest OS users to cause a denial of\n service (L1 guest OS crash) via a crafted instruction that triggers\n an L2 emulation failure report, a similar issue to CVE-2014-7842\n (bnc#907822).\n\n * CVE-2014-7842: Race condition in arch/x86/kvm/x86.c in the Linux\n kernel before 3.17.4 allowed guest OS users to cause a denial of\n service (guest OS crash) via a crafted application that performs an\n MMIO transaction or a PIO transaction to trigger a guest userspace\n emulation error report, a similar issue to CVE-2010-5313\n (bnc#905312).\n\n * CVE-2014-3688: The SCTP implementation in the Linux kernel before\n 3.17.4 allowed remote attackers to caus ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"Linux on SUSE Linux Enterprise Server 11 SP1 LTSS\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"SUSE-SU\", value:\"2015:0652_1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLES11\\.0SP1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"SLES11.0SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.32.59~0.19.1\", rls:\"SLES11.0SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.32.59~0.19.1\", rls:\"SLES11.0SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~2.6.32.59~0.19.1\", rls:\"SLES11.0SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.32.59~0.19.1\", rls:\"SLES11.0SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.32.59~0.19.1\", rls:\"SLES11.0SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~2.6.32.59~0.19.1\", rls:\"SLES11.0SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~2.6.32.59~0.19.1\", rls:\"SLES11.0SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace-devel\", rpm:\"kernel-trace-devel~2.6.32.59~0.19.1\", rls:\"SLES11.0SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2\", rpm:\"kernel-ec2~2.6.32.59~0.19.1\", rls:\"SLES11.0SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2-base\", rpm:\"kernel-ec2-base~2.6.32.59~0.19.1\", rls:\"SLES11.0SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2-devel\", rpm:\"kernel-ec2-devel~2.6.32.59~0.19.1\", rls:\"SLES11.0SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.32.59~0.19.1\", rls:\"SLES11.0SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.32.59~0.19.1\", rls:\"SLES11.0SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.32.59~0.19.1\", rls:\"SLES11.0SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-kmp-default\", rpm:\"xen-kmp-default~4.0.3_21548_18_2.6.32.59_0.19~0.9.17\", rls:\"SLES11.0SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-kmp-trace\", rpm:\"xen-kmp-trace~4.0.3_21548_18_2.6.32.59_0.19~0.9.17\", rls:\"SLES11.0SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-man\", rpm:\"kernel-default-man~2.6.32.59~0.19.1\", rls:\"SLES11.0SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.32.59~0.19.1\", rls:\"SLES11.0SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.32.59~0.19.1\", rls:\"SLES11.0SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-devel\", rpm:\"kernel-pae-devel~2.6.32.59~0.19.1\", rls:\"SLES11.0SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-kmp-pae\", rpm:\"xen-kmp-pae~4.0.3_21548_18_2.6.32.59_0.19~0.9.17\", rls:\"SLES11.0SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:58", "references": ["https://vulners.com/securityvulns/securityvulns:doc:31493", "https://vulners.com/securityvulns/securityvulns:doc:31502", "https://vulners.com/securityvulns/securityvulns:doc:31490"], "description": "DoS via SCTP, TechnoTrend/Hauppauge DEC USB driver buffer overflow, invalid registers handling in x86, ASLR bypass.", "edition": 1, "reporter": "BUGTRAQ", "published": "2014-12-21T00:00:00", "title": "Linux kernel multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:58", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "kernel", "version": "3.17", "operator": "eq"}], "cvelist": ["CVE-2014-8369", "CVE-2014-9090", "CVE-2014-7841", "CVE-2014-8709", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "modified": "2014-12-21T00:00:00", "id": "SECURITYVULNS:VULN:14146", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14146", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:56", "references": [], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2015:027\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : kernel\r\n Date : January 16, 2015\r\n Affected: Business Server 1.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Multiple vulnerabilities has been found and corrected in the Linux\r\n kernel:\r\n \r\n The SCTP implementation in the Linux kernel before 3.17.4 allows\r\n remote attackers to cause a denial of service (memory consumption) by\r\n triggering a large number of chunks in an association's output queue,\r\n as demonstrated by ASCONF probes, related to net/sctp/inqueue.c and\r\n net/sctp/sm_statefuns.c (CVE-2014-3688=.\r\n \r\n Buffer overflow in net/ceph/auth_x.c in Ceph, as used in the Linux\r\n kernel before 3.16.3, allows remote attackers to cause a denial of\r\n service (memory corruption and panic) or possibly have unspecified\r\n other impact via a long unencrypted auth ticket (CVE-2014-6416).\r\n \r\n net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3,\r\n does not properly consider the possibility of kmalloc failure, which\r\n allows remote attackers to cause a denial of service (system crash)\r\n or possibly have unspecified other impact via a long unencrypted auth\r\n ticket (CVE-2014-6417).\r\n \r\n net/ceph/auth_x.c in Ceph, as used in the Linux kernel before\r\n 3.16.3, does not properly validate auth replies, which allows remote\r\n attackers to cause a denial of service (system crash) or possibly\r\n have unspecified other impact via crafted data from the IP address\r\n of a Ceph Monitor (CVE-2014-6418).\r\n \r\n The sctp_process_param function in net/sctp/sm_make_chunk.c in the\r\n SCTP implementation in the Linux kernel before 3.17.4, when ASCONF\r\n is used, allows remote attackers to cause a denial of service (NULL\r\n pointer dereference and system crash) via a malformed INIT chunk\r\n (CVE-2014-7841).\r\n \r\n Race condition in arch/x86/kvm/x86.c in the Linux kernel before 3.17.4\r\n allows guest OS users to cause a denial of service (guest OS crash)\r\n via a crafted application that performs an MMIO transaction or a\r\n PIO transaction to trigger a guest userspace emulation error report,\r\n a similar issue to CVE-2010-5313 (CVE-2014-7842).\r\n \r\n arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation\r\n in the Linux kernel through 3.18.1 allows local users to bypass the\r\n espfix protection mechanism, and consequently makes it easier for\r\n local users to bypass the ASLR protection mechanism, via a crafted\r\n application that makes a set_thread_area system call and later reads\r\n a 16-bit value (CVE-2014-8133).\r\n \r\n Stack-based buffer overflow in the\r\n ttusbdecfe_dvbs_diseqc_send_master_cmd function in\r\n drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before\r\n 3.17.4 allows local users to cause a denial of service (system crash)\r\n or possibly gain privileges via a large message length in an ioctl call\r\n (CVE-2014-8884).\r\n \r\n The do_double_fault function in arch/x86/kernel/traps.c in the Linux\r\n kernel through 3.17.4 does not properly handle faults associated with\r\n the Stack Segment (SS) segment register, which allows local users\r\n to cause a denial of service (panic) via a modify_ldt system call,\r\n as demonstrated by sigreturn_32 in the linux-clock-tests test suite\r\n (CVE-2014-9090).\r\n \r\n arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does\r\n not properly handle faults associated with the Stack Segment (SS)\r\n segment register, which allows local users to gain privileges by\r\n triggering an IRET instruction that leads to access to a GS Base\r\n address from the wrong space (CVE-2014-9322).\r\n \r\n The __switch_to function in arch/x86/kernel/process_64.c in the Linux\r\n kernel through 3.18.1 does not ensure that Thread Local Storage (TLS)\r\n descriptors are loaded before proceeding with other steps, which makes\r\n it easier for local users to bypass the ASLR protection mechanism via\r\n a crafted application that reads a TLS base address (CVE-2014-9419).\r\n \r\n The rock_continue function in fs/isofs/rock.c in the Linux kernel\r\n through 3.18.1 does not restrict the number of Rock Ridge continuation\r\n entries, which allows local users to cause a denial of service\r\n (infinite loop, and system crash or hang) via a crafted iso9660 image\r\n (CVE-2014-9420).\r\n \r\n Race condition in the key_gc_unused_keys function in security/keys/gc.c\r\n in the Linux kernel through 3.18.2 allows local users to cause a denial\r\n of service (memory corruption or panic) or possibly have unspecified\r\n other impact via keyctl commands that trigger access to a key structure\r\n member during garbage collection of a key (CVE-2014-9529).\r\n \r\n The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in\r\n the Linux kernel before 3.18.2 does not validate a length value in\r\n the Extensions Reference (ER) System Use Field, which allows local\r\n users to obtain sensitive information from kernel memory via a crafted\r\n iso9660 image (CVE-2014-9584).\r\n \r\n The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel\r\n through 3.18.2 does not properly choose memory locations for the\r\n vDSO area, which makes it easier for local users to bypass the ASLR\r\n protection mechanism by guessing a location at the end of a PMD\r\n (CVE-2014-9585).\r\n \r\n The updated packages provides a solution for these security issues.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3688\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6416\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6417\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6418\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7841\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7842\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8133\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8884\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9090\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9322\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9419\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9420\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9529\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9584\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9585\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Business Server 1/X86_64:\r\n 84b2f7fd994f5ed9738484492cf1f6fb mbs1/x86_64/cpupower-3.4.105-2.1.mbs1.x86_64.rpm\r\n 3b7822069fb7f64c5954038f2a352816 mbs1/x86_64/kernel-firmware-3.4.105-2.1.mbs1.noarch.rpm\r\n 137bd01930fe4bdc9d1b7f095fd3237e mbs1/x86_64/kernel-headers-3.4.105-2.1.mbs1.x86_64.rpm\r\n 66eb79923df892f0492dc8b4011e3f47 mbs1/x86_64/kernel-server-3.4.105-2.1.mbs1.x86_64.rpm\r\n 6f24362ea683103e480874c2ff93407a mbs1/x86_64/kernel-server-devel-3.4.105-2.1.mbs1.x86_64.rpm\r\n 36aee1a085a5083200a7ffbd5da543f6 mbs1/x86_64/kernel-source-3.4.105-2.mbs1.noarch.rpm\r\n 93aef55bcc1f02263e07541db93b45ce mbs1/x86_64/lib64cpupower0-3.4.105-2.1.mbs1.x86_64.rpm\r\n f73d1f80d3d0db90a63d3889b71cc60f mbs1/x86_64/lib64cpupower-devel-3.4.105-2.1.mbs1.x86_64.rpm\r\n 854eb4e04b196c33441ce932ba48dfc7 mbs1/x86_64/perf-3.4.105-2.1.mbs1.x86_64.rpm \r\n 4727802fbd1d77523b157b7fd36177ea mbs1/SRPMS/cpupower-3.4.105-2.1.mbs1.src.rpm\r\n 1f2e120416115a646e0026e6079ac9df mbs1/SRPMS/kernel-firmware-3.4.105-2.1.mbs1.src.rpm\r\n cf4f1bbc72cb9369162703efa7b5adc3 mbs1/SRPMS/kernel-headers-3.4.105-2.1.mbs1.src.rpm\r\n 145c57c74bc2346e9435284873062057 mbs1/SRPMS/kernel-server-3.4.105-2.1.mbs1.src.rpm\r\n 7154bb874ff6fd31772fa2e03fc0a186 mbs1/SRPMS/kernel-source-3.4.105-2.mbs1.src.rpm\r\n acd00535b878c07c70ac0b2680d1b9cc mbs1/SRPMS/perf-3.4.105-2.1.mbs1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (GNU/Linux)\r\n\r\niD8DBQFUuULOmqjQ0CJFipgRAmTfAJ40ZrILR8XPoduEMKuokkZuOV2rXwCg424o\r\nPM+ddh+qKQrHCeweXyb+AdU=\r\n=zMRK\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2015-01-18T00:00:00", "title": "[ MDVSA-2015:027 ] kernel", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:56", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2010-5313", "CVE-2014-9529", "CVE-2014-9420", "CVE-2014-9090", "CVE-2014-3688", "CVE-2014-7841", "CVE-2014-6417", "CVE-2014-9322", "CVE-2014-6416", "CVE-2014-8884", "CVE-2014-6418", "CVE-2014-9584", "CVE-2014-8133", "CVE-2014-9419", "CVE-2014-7842", "CVE-2014-9585"], "modified": "2015-01-18T00:00:00", "id": "SECURITYVULNS:DOC:31621", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31621", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:43:57", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.264.13.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.264.13.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.264.13.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.264.13.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.264.13.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.264.13.el5uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.264.13.el5uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "i686", "packageFilename": "kernel-uek-devel-2.6.39-400.264.13.el6uek.i686.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-2.6.39-400.264.13.el5uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.264.13.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.264.13.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-2.6.39-400.264.13.el6uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "i686", "packageFilename": "kernel-uek-debug-2.6.39-400.264.13.el6uek.i686.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.264.13.el5uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "i686", "packageFilename": "kernel-uek-2.6.39-400.264.13.el5uek.i686.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.264.13.el5uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.264.13.el5uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-2.6.39-400.264.13.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "i686", "packageFilename": "kernel-uek-devel-2.6.39-400.264.13.el5uek.i686.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-2.6.39-400.264.13.el5uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.264.13.el5uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.264.13.el5uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "i686", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.264.13.el5uek.i686.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-2.6.39-400.264.13.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "i686", "packageFilename": "kernel-uek-debug-2.6.39-400.264.13.el5uek.i686.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-2.6.39-400.264.13.el5uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "i686", "packageFilename": "kernel-uek-2.6.39-400.264.13.el6uek.i686.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "i686", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.264.13.el6uek.i686.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}], "description": "[2.6.39-400.264.13]\n- KEYS: Don't permit request_key() to construct a new keyring (David Howells) [Orabug: 22373449] {CVE-2015-7872}\n[2.6.39-400.264.12]\n- crypto: add missing crypto module aliases (Mathias Krause) [Orabug: 22249656] {CVE-2013-7421} {CVE-2014-9644}\n- crypto: include crypto- module prefix in template (Kees Cook) [Orabug: 22249656] {CVE-2013-7421} {CVE-2014-9644}\n- crypto: prefix module autoloading with 'crypto-' (Kees Cook) [Orabug: 22249656] {CVE-2013-7421} {CVE-2014-9644}\n[2.6.39-400.264.11]\n- KVM: x86: Don't report guest userspace emulation error to userspace (Nadav Amit) [Orabug: 22249615] {CVE-2010-5313} {CVE-2014-7842}\n[2.6.39-400.264.9]\n- msg_unlock() in wrong spot after applying 'Initialize msg/shm IPC objects before doing ipc_addid()' (Chuck Anderson) [Orabug: 22250044] {CVE-2015-7613} {CVE-2015-7613}\n[2.6.39-400.264.8]\n- ipc/sem.c: fully initialize sem_array before making it visible (Manfred Spraul) [Orabug: 22250044] {CVE-2015-7613}\n- Initialize msg/shm IPC objects before doing ipc_addid() (Linus Torvalds) [Orabug: 22250044] {CVE-2015-7613}\n[2.6.39-400.264.7]\n- KVM: svm: unconditionally intercept #DB (Paolo Bonzini) [Orabug: 22333698] {CVE-2015-8104} {CVE-2015-8104}\n- KVM: x86: work around infinite loop in microcode when #AC is delivered (Eric Northup) [Orabug: 22333689] {CVE-2015-5307} {CVE-2015-5307}\n[2.6.39-400.264.6]\n- mlx4_core: Introduce restrictions for PD update (Ajaykumar Hotchandani) \n- IPoIB: Drop priv->lock before calling ipoib_send() (Wengang Wang) \n- IPoIB: serialize changing on tx_outstanding (Wengang Wang) [Orabug: 21861366] \n- IB/mlx4: Implement IB_QP_CREATE_USE_GFP_NOIO (Jiri Kosina) \n- IB: Add a QP creation flag to use GFP_NOIO allocations (Or Gerlitz) \n- IB: Return error for unsupported QP creation flags (Or Gerlitz) \n- IB/ipoib: Calculate csum only when skb->ip_summed is CHECKSUM_PARTIAL (Yuval Shaia) [Orabug: 20873175]", "edition": 3, "reporter": "Oracle", "published": "2016-01-08T00:00:00", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-9644", "CVE-2010-5313", "CVE-2015-7872", "CVE-2015-5307", "CVE-2015-7613", "CVE-2013-7421", "CVE-2014-7842", "CVE-2015-8104"], "modified": "2016-01-08T00:00:00", "id": "ELSA-2016-3502", "href": "http://linux.oracle.com/errata/ELSA-2016-3502.html", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:44:44", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "i686", "packageFilename": "perf-2.6.32-642.el6.i686.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "i686", "packageFilename": "kernel-devel-2.6.32-642.el6.i686.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "i686", "packageFilename": "python-perf-2.6.32-642.el6.i686.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "noarch", "packageFilename": "kernel-firmware-2.6.32-642.el6.noarch.rpm", "packageName": "kernel-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "noarch", "packageFilename": "kernel-firmware-2.6.32-642.el6.noarch.rpm", "packageName": "kernel-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "i686", "packageFilename": "kernel-debug-2.6.32-642.el6.i686.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "src", "packageFilename": "kernel-2.6.32-642.el6.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "src", "packageFilename": "kernel-2.6.32-642.el6.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "x86_64", "packageFilename": "kernel-2.6.32-642.el6.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "x86_64", "packageFilename": "perf-2.6.32-642.el6.x86_64.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "x86_64", "packageFilename": "kernel-headers-2.6.32-642.el6.x86_64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "x86_64", "packageFilename": "kernel-debug-2.6.32-642.el6.x86_64.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "i686", "packageFilename": "kernel-headers-2.6.32-642.el6.i686.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "i686", "packageFilename": "kernel-debug-devel-2.6.32-642.el6.i686.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "i686", "packageFilename": "kernel-debug-devel-2.6.32-642.el6.i686.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-2.6.32-642.el6.noarch.rpm", "packageName": "kernel-abi-whitelists", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-2.6.32-642.el6.noarch.rpm", "packageName": "kernel-abi-whitelists", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "noarch", "packageFilename": "kernel-doc-2.6.32-642.el6.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "noarch", "packageFilename": "kernel-doc-2.6.32-642.el6.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "i686", "packageFilename": "kernel-2.6.32-642.el6.i686.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "x86_64", "packageFilename": "python-perf-2.6.32-642.el6.x86_64.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "x86_64", "packageFilename": "kernel-debug-devel-2.6.32-642.el6.x86_64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "x86_64", "packageFilename": "kernel-devel-2.6.32-642.el6.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}], "description": "[2.6.32-642]\n- [scsi] fc: revert - ensure scan_work isnt active when freeing fc_rport (Ewan Milne) [1326447]\n- [netdrv] ixgbe: Update ixgbe driver to use __netdev_pick_tx in ixgbe_select_queue (John Greene) [1310749]\n- [netdrv] mlx5e: Fix adding vlan rule with vid zero twice (Kamal Heib) [1322809]\n[2.6.32-641]\n- [netdrv] ixgbe: restore proper CHECKSUM_UNNECESSARY behavior for LRO packets (Neil Horman) [1318426]\n- [netdrv] revert ' net/mlx5_core: Add pci error handlers to mlx5_core driver' (Don Dutile) [1324599]\n- [x86] kernel: espfix not working for 32-bit KVM paravirt guests (Jacob Tanenbaum) [1172767] {CVE-2014-8134}\n[2.6.32-640]\n- [net] use GFP_ATOMIC in dst_ops_extend_register (Sabrina Dubroca) [1323252]\n- [kernel] revert 'sched: core: Use hrtimer_start_expires' (Jiri Olsa) [1324318]\n- [kernel] Revert 'Cleanup bandwidth timers' (Jiri Olsa) [1324318]\n- [kernel] revert 'fair: Test list head instead of list entry in throttle_cfs_rq' (Jiri Olsa) [1324318]\n- [kernel] revert 'sched, perf: Fix periodic timers' (Jiri Olsa) [1324318]\n- [kernel] Revert 'fix KABI break' (Jiri Olsa) [1324318]\n[2.6.32-639]\n- [input] wacom: fix ExpressKeys remote events (Aristeu Rozanski) [1318027]\n- [fs] revert 'writeback: remove wb_list' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: bdi_writeback_task must set task state before calling schedule' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: merge bdi_writeback_task and bdi_start_fn' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: harmonize writeback threads naming' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: fix possible race when creating bdi threads' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: do not lose wake-ups in the forker thread - 1' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: do not lose wake-ups in the forker thread - 2' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: do not lose wake-ups in bdi threads' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: simplify bdi code a little' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: do not remove bdi from bdi_list' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: move last_active to bdi' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: restructure bdi forker loop a little' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: move bdi threads exiting logic to the forker thread' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: prevent unnecessary bdi threads wakeups' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: optimize periodic bdi thread wakeups' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: remove unnecessary init_timer call' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: cleanup bdi_register' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: fix bad _bh spinlock nesting' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: do not lose wakeup events when forking bdi threads' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: Fix lost wake-up shutting down writeback thread' (Jeff Moyer) [1322297]\n- [mm] revert 'backing-dev: ensure wakeup_timer is deleted' (Jeff Moyer) [1322297]\n- [perf] revert: perf changes out of 'sched, perf: Fix periodic timers' (Jiri Olsa) [1322488]\n[2.6.32-638]\n- [mm] hugetlb: prevent BUG_ON in hugetlb_fault -> hugetlb_cow (Dave Anderson) [1303495]\n- [mm] hugetlb: fix race condition in hugetlb_fault (Dave Anderson) [1303495]\n- [s390] kdump: fix wrong BUG_ON statement (Hendrik Brueckner) [1321316]\n- [scsi] cxgb4i: Increased the value of MAX_IMM_TX_PKT_LEN from 128 to 256 bytes (Sai Vemuri) [1320193]\n- [fs] nfs: fix a regression causing deadlock in nfs_wb_page_cancel() (Benjamin Coddington) [1135601]\n- [netdrv] cxgb4/ethtool: Get/set rx checksum (Sai Vemuri) [1225167]\n- [netdrv] cxgb4vf:The RX checksum feature was not completely ported to cxgb4vf driver (Sai Vemuri) [1225167]\n- [netdrv] cxgb4/cxgb4vf: Enable GRO (Sai Vemuri) [1225167]\n- [netdrv] cxgb4: Enable RX checksum offload flag (Sai Vemuri) [1225167]\n- [netdrv] cxgb4: Report correct link speed for unsupported ones (Sai Vemuri) [1296467]\n- [netdrv] cxgb4: Use vmalloc, if kmalloc fails (Sai Vemuri) [1296473]\n- [netdrv] cxgb4: Enhance driver to update FW, when FW is too old (Sai Vemuri) [1296472]\n[2.6.32-637]\n- [netdrv] mlx4-en: add missing patch to init rss_rings in get_profile (Don Dutile) [1321164]\n- [netdrv] mlx4-en: disable traffic class queueing by default (Don Dutile) [1321164]\n- [netdrv] mlx4_core: Fix mailbox leak in error flow when performing update qp (Don Dutile) [1321164]\n- [x86] nmi/64: Fix a paravirt stack-clobbering bug in the NMI code (Denys Vlasenko) [1259581] {CVE-2015-5157}\n- [x86] nmi/64: Switch stacks on userspace NMI entry (Denys Vlasenko) [1259581] {CVE-2015-5157}\n[2.6.32-636]\n- [netdrv] mlx4_en: Choose time-stamping shift value according to HW frequency (Kamal Heib) [1320448]\n- [fs] anon_inodes implement dname (Aristeu Rozanski) [1296019]\n- [net] packet: set transport header before doing xmit (John Greene) [1309526]\n- [net] tuntap: set transport header before passing it to kernel (John Greene) [1309526]\n- [netdrv] macvtap: set transport header before passing skb to lower device (John Greene) [1309526]\n- [net] ipv6: tcp: add rcu locking in tcp_v6_send_synack() (Jakub Sitnicki) [1312740]\n- [net] ipv6: sctp: add rcu protection around np->opt (Jakub Sitnicki) [1312740]\n- [net] ipv6: add complete rcu protection around np->opt (Jakub Sitnicki) [1312740]\n- [net] dccp: remove unnecessary codes in ipv6.c (Jakub Sitnicki) [1312740]\n- [net] ipv6: remove unnecessary codes in tcp_ipv6.c (Jakub Sitnicki) [1312740]\n- [net] ipv6: Refactor update of IPv6 flowi destination address for srcrt (RH) option (Jakub Sitnicki) [1312740]\n- [net] ipv6: protect flow label renew against GC (Sabrina Dubroca) [1313231]\n- [net] ipv6: fix possible deadlock in ip6_fl_purge / ip6_fl_gc (Sabrina Dubroca) [1313231]\n- [perf] annotate: Support full source file paths for srcline fix (Jiri Olsa) [1304472 1304479]\n- [perf] tools: Support full source file paths for srcline (Jiri Olsa) [1304472 1304479]\n- [perf] annotate: Fix -i option, which is currently ignored (Jiri Olsa) [1304472 1304479]\n[2.6.32-635]\n- [mm] backing-dev: ensure wakeup_timer is deleted (Jeff Moyer) [1318930]\n- [hv] vss: run only on supported host versions (Vitaly Kuznetsov) [1319813]\n- [sound] hda: Fix internal speaker for HP Z240 (Jaroslav Kysela) [1316673]\n- [perf] trace: Fix race condition at the end of started workloads (Jiri Olsa) [1302928]\n- [fs] nfsd: Combine decode operations for v4 and v4.1 (J. Bruce Fields) [1314536]\n- [hv] revert 'vmbus: avoid scheduling in interrupt context in vmbus_initiate_unload' (Vitaly Kuznetsov) [1318882]\n- [hv] revert 'vmbus: dont loose HVMSG_TIMER_EXPIRED messages' (Vitaly Kuznetsov) [1318882]\n- [hv] revert 'vmbus: avoid unneeded compiler optimizations in vmbus_wait_for_unload' (Vitaly Kuznetsov) [1318882]\n- [hv] revert 'vmbus: remove code duplication in message handling' (Vitaly Kuznetsov) [1318882]\n- [hv] revert 'vmbus: avoid wait_for_completion on crash' (Vitaly Kuznetsov) [1318882]\n[2.6.32-634]\n- [scsi] cxgbi: Convert over to dst_neigh_lookup (Sai Vemuri) [1296461]\n- [netdrv] cxgb4: For T4, dont read the Firmware Mailbox Control register (Sai Vemuri) [1296469]\n- [netdrv] cxgb4: Use ACCES_ONCE macro to read queues consumer index (Sai Vemuri) [1296484]\n- [netdrv] cxgb4: prevent simultaneous execution of service_ofldq (Sai Vemuri) [1296483]\n- [netdrv] cxgb4: Adds PCI device id for new T5 adapters (Sai Vemuri) [1296481]\n- [netdrv] cxgb4: Dont disallow turning off auto-negotiation (Sai Vemuri) [1296476]\n- [mm] check if section present during memory block registering (Xunlei Pang) [1297840]\n- [tty] ldisc: Close/Reopen race prevention should check tty->ldisc (Denys Vlasenko) [1312383]\n- [fs] proc-vmcore: wrong data type casting fix (Baoquan He) [1312206]\n- [infiniband] iw_cxgb3: Ignore positive return values from the ofld send functions (Sai Vemuri) [1296999]\n- [netdrv] cxgb4: Deal with wrap-around of queue for Work request (Sai Vemuri) [1296482]\n- [infiniband] iw_cxgb4: detect fatal errors while creating listening filters (Sai Vemuri) [1296480]\n- [md] dm snapshot: suspend merging snapshot when doing exception handover (Mike Snitzer) [1177389]\n- [md] dm snapshot: suspend origin when doing exception handover (Mike Snitzer) [1177389]\n- [md] dm snapshot: allocate a per-target structure for snapshot-origin target (Mike Snitzer) [1177389]\n- [md] dm: fix a race condition in dm_get_md (Mike Snitzer) [1177389]\n- [infiniband] iw_cxgb4: pass the ord/ird in connect reply events (Sai Vemuri) [1296478]\n- [infiniband] iw_cxgb4: fix misuse of ep->ord for minimum ird calculation (Sai Vemuri) [1296478]\n- [infiniband] iw_cxgb4: reverse the ord/ird in the ESTABLISHED upcall (Sai Vemuri) [1296478]\n- [usb] Revert 'Revert 'Update USB default wakeup settings'' (Torez Smith) [1319081]\n- [netdrv] ibmveth: add support for TSO6 (Gustavo Duarte) [1318412]\n[2.6.32-633]\n- [s390] lib: export udelay_simple for systemtap (Hendrik Brueckner) [1233912]\n- [netdrv] ixgbe: fix RSS limit for X550 (John Greene) [1314583]\n- [netdrv] mlx4_core: Fix error message deprecation for ConnectX-2 cards (Don Dutile) [1316013]\n- [dm] thin metadata: dont issue prefetches if a transaction abort has failed (Mike Snitzer) [1310661]\n- [scsi] be2iscsi: Add warning message for unsupported adapter (Maurizio Lombardi) [1253016]\n- [scsi] be2iscsi: Revert 'Add warning message for, unsupported adapter' (Maurizio Lombardi) [1253016]\n- [scsi] hpsa: update copyright information (Joseph Szczypek) [1315469]\n- [scsi] hpsa: correct abort tmf for hba devices (Joseph Szczypek) [1315469]\n- [scsi] hpsa: correct ioaccel2 sg chain len (Joseph Szczypek) [1315469]\n- [scsi] hpsa: fix physical target reset (Joseph Szczypek) [1315469]\n- [scsi] hpsa: fix hpsa_adjust_hpsa_scsi_table (Joseph Szczypek) [1315469]\n- [scsi] hpsa: correct transfer length for 6 byte read/write commands (Joseph Szczypek) [1315469]\n- [scsi] hpsa: abandon rescans on memory alloaction failures (Joseph Szczypek) [1315469]\n- [scsi] hpsa: allow driver requested rescans (Joseph Szczypek) [1315469]\n[2.6.32-632]\n- [s390] dasd: fix incorrect locking order for LCU device add/remove (Hendrik Brueckner) [1315740]\n- [s390] dasd: fix hanging device after LCU change (Hendrik Brueckner) [1315729]\n- [s390] dasd: prevent incorrect length error under z/VM after PAV changes (Hendrik Brueckner) [1313774]\n- [netdrv] igb: Fix VLAN tag stripping on Intel i350 (Corinna Vinschen) [1210699]\n- [netdrv] 3c59x: mask LAST_FRAG bit from length field in ring (Neil Horman) [1309210]\n- [ata] ahci: Remove obsolete Intel Lewisburg SATA RAID device IDs (Steve Best) [1317045]\n- [pci] fix truncation of resource size to 32 bits (Myron Stowe) [1316345]\n- [pci] fix pci_resource_alignment prototype (Myron Stowe) [1316345]\n- [sound] hda: Fix headphone mic input on a few Dell ALC293 machines (Jaroslav Kysela) [1315932]\n- [sound] hda: Add some FIXUP quirks for white noise on Dell laptop (Jaroslav Kysela) [1315932]\n- [sound] hda: Fix the white noise on Dell laptop (Jaroslav Kysela) [1315932]\n- [sound] hda: one Dell machine needs the headphone white noise fixup (Jaroslav Kysela) [1315932]\n- [sound] hda: Fix audio crackles on Dell Latitude E7x40 (Jaroslav Kysela) [1315932]\n- [fs] xfs: Avoid pathological backwards allocation (Bill ODonnell) [1302777]\n[2.6.32-631]\n- [input] synaptics: handle spurious release of trackstick buttons, again (Benjamin Tissoires) [1317808]\n- [hv] kvp: fix IP Failover (Vitaly Kuznetsov) [1312290]\n- [hv] util: Pass the channel information during the init call (Vitaly Kuznetsov) [1312290]\n- [hv] utils: Invoke the poll function after handshake (Vitaly Kuznetsov) [1312290]\n- [hv] utils: run polling callback always in interrupt context (Vitaly Kuznetsov) [1312290]\n- [hv] util: Increase the timeout for util services (Vitaly Kuznetsov) [1312290]\n[2.6.32-630]\n- [mm] avoid hangs in lru_add_drain_all (Vitaly Kuznetsov) [1314683]\n- [net] esp{4, 6}: fix potential MTU calculation overflows (Herbert Xu) [1304313]\n- [net] xfrm: take net hdr len into account for esp payload size calculation (Herbert Xu) [1304313]\n[2.6.32-629]\n- [x86] acpi: Avoid SRAT table checks for Hyper-V VMs (Vi t a l y K u z n e t s o v ) [ 1 3 1 2 7 1 1 ] b r > - [ i n f i n i b a n d ] i p o i b : F o r s e n d o n l y j o i n f r e e t h e m u l t i c a s t g r o u p o n l e a v e ( D o n D u t i l e ) [ 1 3 1 5 3 8 2 ] b r > - [ i n f i n i b a n d ] i p o i b : i n c r e a s e t h e m a x m c a s t b a c k l o g q u e u e ( D o n D u t i l e ) [ 1 3 1 5 3 8 2 ] b r > - [ i n f i n i b a n d ] i p o i b : M a k e s e n d o n l y m u l t i c a s t j o i n s c r e a t e t h e m c a s t g r o u p ( D o n D u t i l e ) [ 1 3 1 5 3 8 2 ] b r > - [ i n f i n i b a n d ] i p o i b : E x p i r e s e n d o n l y m u l t i c a s t j o i n s ( D o n D u t i l e ) [ 1 3 1 5 3 8 2 ] b r > - [ i n f i n i b a n d ] i p o i b : C l e a n u p s e n d - o n l y m u l t i c a s t j o i n s ( D o n D u t i l e ) [ 1 3 1 5 3 8 2 ] b r > - [ i n f i n i b a n d ] i p o i b : S u p p r e s s w a r n i n g f o r s e n d o n l y j o i n f a i l u r e s ( D o n D u t i l e ) [ 1 3 1 5 3 8 2 ] b r > - [ d r m ] i 9 1 5 : s h u t u p g e n 8 + S D E i r q d m e s g n o i s e ( R o b C l a r k ) [ 1 3 1 3 6 8 1 ] b r > - [ d r m ] i 9 1 5 : f i x t h e S D E i r q d m e s g w a r n i n g s p r o p e r l y ( R o b C l a r k ) [ 1 3 1 3 6 8 1 ] b r > - [ h v ] v m b u s : a v o i d w a i t _ f o r _ c o m p l e t i o n o n c r a s h ( V i t a l y K u z n e t s o v ) [ 1 3 0 1 9 0 3 ] b r > - [ h v ] v m b u s : r e m o v e c o d e d u p l i c a t i o n i n m e s s a g e h a n d l i n g ( V i t a l y K u z n e t s o v ) [ 1 3 0 1 9 0 3 ] b r > - [ h v ] v m b u s : a v o i d u n n e e d e d c o m p i l e r o p t i m i z a t i o n s i n v m b u s _ w a i t _ f o r _ u n l o a d ( V i t a l y K u z n e t s o v ) [ 1 3 0 1 9 0 3 ] b r > - [ h v ] v m b u s : d o n t l o o s e H V M S G _ T I M E R _ E X P I R E D m e s s a g e s ( V i t a l y K u z n e t s o v ) [ 1 3 0 1 9 0 3 ] b r > - [ h v ] v m b u s : a v o i d s c h e d u l i n g i n i n t e r r u p t c o n t e x t i n v m b u s _ i n i t i a t e _ u n l o a d ( V i t a l y K u z n e t s o v ) [ 1 3 0 1 9 0 3 ] b r > b r > [ 2 . 6 . 3 2 - 6 2 8 ] b r > - [ n e t d r v ] b n x 2 x : f i x c r a s h o n b i g - e n d i a n w h e n a d d i n g V L A N ( M i c h a l S c h m i d t ) [ 1 3 1 1 4 3 3 ] b r > - [ s o u n d ] a l s a h d a : o n l y s y n c B C L K t o t h e d i s p l a y c l o c k f o r H a s w e l l & B r o a d w e l l ( J a r o s l a v K y s e l a ) [ 1 3 1 3 6 7 2 ] b r > - [ s o u n d ] a l s a h d a : a d d c o m p o n e n t s u p p o r t ( J a r o s l a v K y s e l a ) [ 1 3 1 3 6 7 2 ] b r > - [ s o u n d ] a l s a h d a : p a s s i n t e l _ h d a t o a l l i 9 1 5 i n t e r f a c e f u n c t i o n s ( J a r o s l a v K y s e l a ) [ 1 3 1 3 6 7 2 ] b r > - [ n e t d r v ] i g b : f i x r a c e a c c e s s i n g p a g e - > _ c o u n t ( C o r i n n a V i n s c h e n ) [ 1 3 1 5 4 0 2 ] b r > - [ n e t d r v ] i g b : f i x r e c e n t V L A N c h a n g e s t h a t w o u l d l e a v e V L A N s d i s a b l e d a f t e r r e s e t ( C o r i n n a V i n s c h e n ) [ 1 3 0 9 9 6 8 ] b r > - [ m m ] a l w a y s d e c r e m e n t a n o n _ v m a d e g r e e w h e n t h e v m a l i s t i s e m p t y ( J e r o m e M a r c h a n d ) [ 1 3 0 9 8 9 8 ] b r > b r > [ 2 . 6 . 3 2 - 6 2 7 ] b r > - [ n e t ] r d s : r e s t o r e r e t u r n v a l u e i n r d s _ c m s g _ r d m a _ a r g s ( D o n D u t i l e ) [ 1 3 1 3 0 8 9 ] b r > - [ n e t ] r d s : F i x a s s e r t i o n l e v e l f r o m f a t a l t o w a r n i n g ( D o n D u t i l e ) [ 1 3 1 3 0 8 9 ] b r > - [ n e t d r v ] b e 2 n e t : d o n t e n a b l e m u l t i c a s t f l a g i n b e _ e n a b l e _ i f _ f i l t e r s r o u t i n e ( I v a n V e c e r a ) [ 1 3 0 9 1 5 7 ] b r > - [ n e t ] u n i x : c o r r e c t l y t r a c k i n - f l i g h t f d s i n s e n d i n g p r o c e s s u s e r _ s t r u c t ( H a n n e s F r e d e r i c S o w a ) [ 1 3 1 3 0 5 2 ] { C V E - 2 0 1 6 - 2 5 5 0 } b r > - [ n e t ] s c t p : P r e v e n t s o f t l o c k u p w h e n s c t p _ a c c e p t ( ) i s c a l l e d d u r i n g a t i m e o u t e v e n t ( J a c o b T a n e n b a u m ) [ 1 2 9 7 4 2 2 ] { C V E - 2 0 1 5 - 8 7 6 7 } b r > b r > [ 2 . 6 . 3 2 - 6 2 6 ] b r > - [ f s ] n f s v 4 : O P E N m u s t h a n d l e t h e N F S 4 E R R _ I O r e t u r n c o d e c o r r e c t l y ( B e n j a m i n C o d d i n g t o n ) [ 1 2 7 2 6 8 7 ] b r > - [ f s ] q u o t a : f i x u n w a n t e d s o f t l i m i t e n f o r c e m e n t ( L u k a s C z e r n e r ) [ 1 3 0 4 6 0 3 ] b r > - [ f s ] x f s : f l u s h e n t i r e l a s t p a g e o f o l d E O F o n t r u n c a t e u p ( B r i a n F o s t e r ) [ 1 3 0 8 4 8 2 ] b r > - [ f s ] x f s : t r u n c a t e _ s e t s i z e s h o u l d b e o u t s i d e t r a n s a c t i o n s ( B r i a n F o s t e r ) [ 1 3 0 8 4 8 2 ] b r > - [ s c s i ] m e g a r a i d : o v e r c o m e a f w d e f i c i e n c y ( M a u r i z i o L o m b a r d i ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : A d d a n i / o b a r r i e r ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : F i x S M A P i s s u e ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : F i x f o r I O f a i l i n g p o s t O C R i n S R I O V e n v i r o n m e n t ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d : f i x n u l l p o i n t e r c h e c k i n m e g a s a s _ d e t a c h _ o n e ( ) ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : d r i v e r v e r s i o n u p g r a d e ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : S P E R C O C R c h a n g e s ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : I n t r o d u c e m o d u l e p a r a m e t e r f o r S C S I c o m m a n d t i m e o u t ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : M F I a d a p t e r O C R c h a n g e s ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : M a k e a d p r e c o v e r y v a r i a b l e a t o m i c ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : I O t h r o t t l i n g s u p p o r t ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : D u a l q u e u e d e p t h s u p p o r t ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : C o d e o p t i m i z a t i o n b u i l d _ a n d _ i s s u e _ c m d r e t u r n - t y p e ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : R e p l y D e s c r i p t o r P o s t Q u e u e ( R D P Q ) s u p p o r t ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : F a s t p a t h r e g i o n l o c k b y p a s s ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : U p d a t e d e v i c e q u e u e d e p t h b a s e d o n i n t e r f a c e t y p e ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : T a s k m a n a g e m e n t s u p p o r t ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : S y n c i n g r e q u e s t f l a g s m a c r o n a m e s w i t h f i r m w a r e ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : M F I I O t i m e o u t h a n d l i n g ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : D o n o t a l l o w P C I a c c e s s d u r i n g O C R ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] h p s a : c h e c k f o r a n u l l p h y s _ d i s k p o i n t e r i n i o a c c e l 2 p a t h ( J o s e p h S z c z y p e k ) [ 1 3 1 1 7 2 8 ] b r > b r > [ 2 . 6 . 3 2 - 6 2 5 ] b r > - [ n e t d r v ] c x g b 4 : P a t c h t o f i x k e r n e l p a n i c o n p i n g i n g o v e r v l a n i n t e r f a c e ( S a i V e m u r i ) [ 1 3 0 3 4 9 3 ] b r > - [ x 8 6 ] m m : I m p r o v e A M D B u l l d o z e r A S L R w o r k a r o u n d ( R i k v a n R i e l ) [ 1 2 4 0 8 8 3 ] b r > - [ x 8 6 ] P r o p e r l y e x p o r t M S R v a l u e s i n k e r n e l h e a d e r s ( J a c o b T a n e n b a u m ) [ 1 2 9 8 2 5 5 ] b r > - [ n e t d r v ] t e h u t i : F i r m w a r e f i l e n a m e i s t e h u t i / b d x . b i n ( I v a n V e c e r a ) [ 1 2 3 5 9 6 1 ] b r > - [ n e t d r v ] i x g b e : c o n v e r t t o n d o _ f i x _ f e a t u r e s ( J o h n G r e e n e ) [ 1 2 7 9 5 2 2 ] b r > - [ d r m ] r e v e r t ' d r m : U s e v b l a n k t i m e s t a m p s t o g u e s s t i m a t e h o w m a n y v b l a n k s w e r e m i s s e d ' ( L y u d e P a u l ) [ 1 3 0 0 0 8 6 ] b r > - [ f s ] w r i t e b a c k : F i x l o s t w a k e - u p s h u t t i n g d o w n w r i t e b a c k t h r e a d ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : d o n o t l o s e w a k e u p e v e n t s w h e n f o r k i n g b d i t h r e a d s ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : f i x b a d _ b h s p i n l o c k n e s t i n g ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : c l e a n u p b d i _ r e g i s t e r ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : r e m o v e u n n e c e s s a r y i n i t _ t i m e r c a l l ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : o p t i m i z e p e r i o d i c b d i t h r e a d w a k e u p s ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : p r e v e n t u n n e c e s s a r y b d i t h r e a d s w a k e u p s ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : m o v e b d i t h r e a d s e x i t i n g l o g i c t o t h e f o r k e r t h r e a d ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : r e s t r u c t u r e b d i f o r k e r l o o p a l i t t l e ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : m o v e l a s t _ a c t i v e t o b d i ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : d o n o t r e m o v e b d i f r o m b d i _ l i s t ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : s i m p l i f y b d i c o d e a l i t t l e ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : d o n o t l o s e w a k e - u p s i n b d i t h r e a d s ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : d o n o t l o s e w a k e - u p s i n t h e f o r k e r t h r e a d - 2 ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : d o n o t l o s e w a k e - u p s i n t h e f o r k e r t h r e a d - 1 ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : f i x p o s s i b l e r a c e w h e n c r e a t i n g b d i t h r e a d s ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : h a r m o n i z e w r i t e b a c k t h r e a d s n a m i n g ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : m e r g e b d i _ w r i t e b a c k _ t a s k a n d b d i _ s t a r t _ f n ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : b d i _ w r i t e b a c k _ t a s k m u s t s e t t a s k s t a t e b e f o r e c a l l i n g s c h e d u l e ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : r e m o v e w b _ l i s t ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ d r m ] i 9 1 5 : C h a n g e W A R N _ O N ( ! w m _ c h a n g e d ) t o I 9 1 5 _ S T A T E _ W A R N _ O N ( L y u d e P a u l ) [ 1 3 0 9 8 8 8 ] b r > - [ d r m ] i 9 1 5 : Q u i e t d o w n s t a t e c h e c k s ( L y u d e P a u l ) [ 1 3 0 9 8 8 8 ] b r > - [ d r m ] i 9 1 5 : F i x a f e w o f t h e ! w m _ c h a n g e d w a r n i n g s ( L y u d e P a u l ) [ 1 3 0 9 8 8 8 ] b r > b r > [ 2 . 6 . 3 2 - 6 2 4 ] b r > - [ n e t d r v ] t g 3 : F i x f o r t g 3 t r a n s m i t q u e u e 0 t i m e d o u t w h e n t o o m a n y g s o _ s e g s ( I v a n V e c e r a ) [ 1 2 2 2 4 2 6 ] b r > - [ n e t d r v ] b n a : f i x l i s t c o r r u p t i o n ( I v a n V e c e r a ) [ 1 3 1 0 9 5 7 ] b r > - [ n e t d r v ] c x g b 4 : A d d c x g b 4 T 4 / T 5 f i r m w a r e v e r s i o n 1 . 1 4 . 4 . 0 , h a r d c o d e d r i v e r t o t h e s a m e ( S a i V e m u r i ) [ 1 2 7 0 3 4 7 ] b r > - [ d r m ] i 9 1 5 : W a R s D i s a b l e C o a r s e P o w e r G a t i n g ( R o b C l a r k ) [ 1 3 0 2 2 6 9 ] b r > - [ d r m ] i 9 1 5 / s k l : A d d S K L G T 4 P C I I D s ( R o b C l a r k ) [ 1 3 0 2 2 6 9 ] b r > b r > [ 2 . 6 . 3 2 - 6 2 3 ] b r > - [ p e r f ] r e v e r t ' p e r f / x 8 6 / i n t e l u n c o r e : M o v e u n c o r e _ b o x _ i n i t ( ) o u t o f d r i v e r i n i t i a l i z a t i o n ' ( J i r i O l s a ) [ 1 3 1 3 0 6 2 ] b r > - [ n e t ] u d p : m o v e l o g i c o u t o f u d p [ 4 6 ] _ u f o _ s e n d _ c h e c k ( S a b r i n a D u b r o c a ) [ 1 2 9 9 9 7 5 ] b r > - [ n e t d r v ] h v _ n e t v s c : R e s t o r e n e e d e d _ h e a d r o o m r e q u e s t ( V i t a l y K u z n e t s o v ) [ 1 3 0 5 0 0 0 ] b r > - [ n e t ] p k t g e n : f i x n u l l p t r d e r e f i n s k b a l l o c a t i o n ( V i t a l y K u z n e t s o v ) [ 1 3 0 5 0 0 0 ] b r > - [ n e t ] p k t g e n : O b s e r v e n e e d e d _ h e a d r o o m o f t h e d e v i c e ( V i t a l y K u z n e t s o v ) [ 1 3 0 5 0 0 0 ] b r > - [ n e t ] p k t g e n : i p v 6 : n u m a : c o n s o l i d a t e s k b a l l o c a t i o n t o p k t g e n _ a l l o c _ s k b ( V i t a l y K u z n e t s o v ) [ 1 3 0 5 0 0 0 ] b r > - [ n e t ] p k t g e n : f i x c r a s h w i t h v l a n a n d p a c k e t s i z e l e s s t h a n 4 6 ( V i t a l y K u z n e t s o v ) [ 1 3 0 5 0 0 0 ] b r > - [ n e t ] p k t g e n : s p e e d u p f r a g m e n t e d s k b s ( V i t a l y K u z n e t s o v ) [ 1 3 0 5 0 0 0 ] b r > - [ n e t ] p k t g e n : c o r r e c t u n i n i t i a l i z e d q u e u e _ m a p ( V i t a l y K u z n e t s o v ) [ 1 3 0 5 0 0 0 ] b r > - [ n e t ] p k t g e n n o d e a l l o c a t i o n ( V i t a l y K u z n e t s o v ) [ 1 3 0 5 0 0 0 ] b r > - [ n e t ] a f _ u n i x : G u a r d a g a i n s t o t h e r = = s k i n u n i x _ d g r a m _ s e n d m s g ( J a k u b S i t n i c k i ) [ 1 3 0 9 2 4 1 ] b r > - [ n e t ] v e t h : d o n t m o d i f y i p _ s u m m e d ; d o i n g s o t r e a t s p a c k e t s w i t h b a d c h e c k s u m s a s g o o d ( S a b r i n a D u b r o c a ) [ 1 3 0 8 5 8 6 ] b r > - [ n e t ] i p v 6 : u d p : u s e s t i c k y p k t i n f o e g r e s s i f i n d e x o n c o n n e c t ( ) ( X i n L o n g ) [ 1 3 0 1 4 7 5 ] b r > - [ n e t ] p r o v i d e d e f a u l t _ a d v m s s ( ) m e t h o d s t o b l a c k h o l e d s t _ o p s ( P a o l o A b e n i ) [ 1 3 0 5 0 6 8 ] b r > - [ n e t ] s c t p : t r a n s l a t e n e t w o r k o r d e r t o h o s t o r d e r w h e n u s e r s g e t a h m a c i d ( X i n L o n g ) [ 1 3 0 3 8 2 2 ] b r > - [ p o w e r p c ] p s e r i e s : M a k e 3 2 - b i t M S I q u i r k w o r k o n s y s t e m s l a c k i n g f i r m w a r e s u p p o r t ( O d e d G a b b a y ) [ 1 3 0 3 6 7 8 ] b r > - [ p o w e r p c ] p s e r i e s : F o r c e 3 2 b i t M S I s f o r d e v i c e s t h a t r e q u i r e i t ( O d e d G a b b a y ) [ 1 3 0 3 6 7 8 ] b r > - [ n e t d r v ] b n x t _ e n : F i x z e r o p a d d i n g o f t x p u s h d a t a ( J o h n L i n v i l l e ) [ 1 3 1 0 3 0 1 ] b r > - [ n e t d r v ] b n x t _ e n : F a i l u r e t o u p d a t e P H Y i s n o t f a t a l c o n d i t i o n ( J o h n L i n v i l l e ) [ 1 3 1 0 3 0 1 ] b r > - [ n e t d r v ] b n x t _ e n : R e m o v e u n n e c e s s a r y c a l l t o u p d a t e P H Y s e t t i n g s ( J o h n L i n v i l l e ) [ 1 3 1 0 3 0 1 ] b r > - [ n e t d r v ] b n x t _ e n : P o l l l i n k a t t h e e n d o f _ _ b n x t _ o p e n _ n i c ( J o h n L i n v i l l e ) [ 1 3 1 0 3 0 1 ] b r > - [ n e t d r v ] b n x t _ e n : R e d u c e d e f a u l t r i n g s i z e s ( J o h n L i n v i l l e ) [ 1 3 1 0 3 0 1 ] b r > - [ n e t d r v ] b n x t _ e n : F i x i m p l e m e n t a t i o n o f t x p u s h o p e r a t i o n ( J o h n L i n v i l l e ) [ 1 3 1 0 3 0 1 ] b r > - [ n e t d r v ] b n x t _ e n : R e m o v e 2 0 G s u p p o r t a n d a d v e r t i s e o n l y 4 0 G b a s e C R 4 ( J o h n L i n v i l l e ) [ 1 3 1 0 3 0 1 ] b r > - [ n e t d r v ] b n x t _ e n : C l e a n u p a n d F i x f l o w c o n t r o l s e t u p l o g i c ( J o h n L i n v i l l e ) [ 1 3 1 0 3 0 1 ] b r > - [ n e t d r v ] b n x t _ e n : F i x e t h t o o l a u t o n e g l o g i c ( J o h n L i n v i l l e ) [ 1 3 1 0 3 0 1 ] b r > b r > [ 2 . 6 . 3 2 - 6 2 2 ] b r > - [ n e t d r v ] b o n d i n g : F i x A R P m o n i t o r v a l i d a t i o n ( J a r o d W i l s o n ) [ 1 2 4 4 1 7 0 ] b r > - [ n e t d r v ] s f c : o n l y u s e R S S f i l t e r s i f w e r e u s i n g R S S ( J a r o d W i l s o n ) [ 1 3 0 4 3 1 1 ] b r > - [ d m ] d e l a y : f i x R H E L 6 s p e c i f i c b u g w h e n e s t a b l i s h i n g f u t u r e ' e x p i r e s ' t i m e ( M i k e S n i t z e r ) [ 1 3 1 1 6 1 5 ] b r > - [ a t a ] A d d i n g I n t e l L e w i s b u r g d e v i c e I D s f o r S A T A ( S t e v e B e s t ) [ 1 3 1 0 2 3 7 ] b r > - [ i 2 c ] i 8 0 1 : A d d i n g I n t e l L e w i s b u r g s u p p o r t f o r i T C O ( R u i W a n g ) [ 1 3 0 4 8 7 2 ] b r > - [ x 8 6 ] M a r k G r a n g e v i l l e i x g b e P C I I D 1 5 A E ( 1 g i g P H Y ) u n s u p p o r t e d ( S t e v e B e s t ) [ 1 3 1 0 5 8 5 ] b r > - [ k e r n e l ] l o c k d : p r o p e r l y c o n v e r t b e 3 2 v a l u e s i n d e b u g m e s s a g e s ( H a r s h u l a J a y a s u r i y a ) [ 1 2 8 9 8 4 8 ] b r > - [ i 2 c ] c o n v e r t i 2 c - i s c h t o p l a t f o r m _ d e v i c e ( P r a r i t B h a r g a v a ) [ 1 2 1 1 7 4 7 ] b r > - [ t t y ] d o n o t r e s e t m a s t e r s p a c k e t m o d e ( D e n y s V l a s e n k o ) [ 1 3 0 8 6 6 0 ] b r > - [ b l o c k ] d o n t a s s u m e l a s t p u t o f s h a r e d t a g s i s f o r t h e h o s t ( J e f f M o y e r ) [ 1 3 0 0 5 3 8 ] b r > - [ n e t d r v ] i 4 0 e v f : u s e p a g e s c o r r e c t l y i n R x ( S t e f a n A s s m a n n ) [ 1 2 9 3 7 5 4 ] b r > - [ n e t d r v ] i 4 0 e : f i x b u g i n d m a s y n c ( S t e f a n A s s m a n n ) [ 1 2 9 3 7 5 4 ] b r > - [ s c h e d ] f i x K A B I b r e a k ( S e t h J e n n i n g s ) [ 1 2 3 0 3 1 0 ] b r > - [ s c h e d ] f a i r : T e s t l i s t h e a d i n s t e a d o f l i s t e n t r y i n t h r o t t l e _ c f s _ r q ( S e t h J e n n i n g s ) [ 1 2 3 0 3 1 0 ] b r > - [ s c h e d ] s c h e d , p e r f : F i x p e r i o d i c t i m e r s ( S e t h J e n n i n g s ) [ 1 2 3 0 3 1 0 ] b r > - [ s c h e d ] s c h e d : d e b u g : R e m o v e t h e c f s b a n d w i d t h t i m e r _ a c t i v e p r i n t o u t ( S e t h J e n n i n g s ) [ 1 2 3 0 3 1 0 ] b r > - [ s c h e d ] C l e a n u p b a n d w i d t h t i m e r s ( S e t h J e n n i n g s ) [ 1 2 3 0 3 1 0 ] b r > - [ s c h e d ] s c h e d : c o r e : U s e h r t i m e r _ s t a r t _ e x p i r e s ( S e t h J e n n i n g s ) [ 1 2 3 0 3 1 0 ] b r > - [ s c h e d ] f a i r : F i x u n l o c k e d r e a d s o f s o m e c f s _ b - > q u o t a / p e r i o d ( S e t h J e n n i n g s ) [ 1 2 3 0 3 1 0 ] b r > - [ s c h e d ] F i x p o t e n t i a l n e a r - i n f i n i t e d i s t r i b u t e _ c f s _ r u n t i m e l o o p ( S e t h J e n n i n g s ) [ 1 2 3 0 3 1 0 ] b r > - [ s c h e d ] f a i r : F i x t g _ s e t _ c f s _ b a n d w i d t h d e a d l o c k o n r q - > l o c k ( S e t h J e n n i n g s ) [ 1 2 3 0 3 1 0 ] b r > - [ s c h e d ] F i x h r t i m e r _ c a n c e l / r q - > l o c k d e a d l o c k ( S e t h J e n n i n g s ) [ 1 2 3 0 3 1 0 ] b r > - [ s c h e d ] F i x c f s _ b a n d w i d t h m i s u s e o f h r t i m e r _ e x p i r e s _ r e m a i n i n g ( S e t h J e n n i n g s ) [ 1 2 3 0 3 1 0 ] b r > - [ s c h e d ] R e f i n e t h e c o d e i n u n t h r o t t l e _ c f s _ r q ( S e t h J e n n i n g s ) [ 1 2 3 0 3 1 0 ] b r > - [ s c h e d ] U p d a t e r q c l o c k e a r l i e r i n u n t h r o t t l e _ c f s _ r q ( S e t h J e n n i n g s ) [ 1 2 3 0 3 1 0 ] b r > - [ d r m ] r a d e o n : m a s k o u t W C f r o m B O o n u n s u p p o r t e d a r c h e s ( O d e d G a b b a y ) [ 1 3 0 3 6 7 8 ] b r > - [ d r m ] a d d h e l p e r t o c h e c k f o r w c m e m o r y s u p p o r t ( O d e d G a b b a y ) [ 1 3 0 3 6 7 8 ] b r > - [ a c p i ] p c i : A c c o u n t f o r A R I i n _ P R T l o o k u p s ( I v a n V e c e r a ) [ 1 3 1 1 4 2 1 ] b r > - [ p c i ] M o v e p c i _ a r i _ e n a b l e d ( ) t o g l o b a l h e a d e r ( I v a n V e c e r a ) [ 1 3 1 1 4 2 1 ] b r > - [ a c p i ] t p m , t p m _ t i s : f i x t p m _ t i s A C P I d e t e c t i o n i s s u e w i t h T P M 2 . 0 ( J e r r y S n i t s e l a a r ) [ 1 3 0 9 6 4 1 ] b r > - [ a c p i ] C e n t r a l i z e d p r o c e s s i n g o f A C P I d e v i c e r e s o u r c e s ( J e r r y S n i t s e l a a r ) [ 1 3 0 9 6 4 1 ] b r > - [ a c p i ] a c p i : A d d d e v i c e r e s o u r c e s i n t e r p r e t a t i o n c o d e t o A C P I c o r e ( J e r r y S n i t s e l a a r ) [ 1 3 0 9 6 4 1 ] b r > - [ n e t d r v ] c x g b 4 : F i x f o r t h e k e r n e l p a n i c c a u s e d b y c a l l i n g t 4 _ e n a b l e _ v i _ p a r a m s ( S a i V e m u r i ) [ 1 3 0 3 4 9 3 ] b r > - [ m m ] R e m o v e f a l s e W A R N _ O N f r o m p a g e c a c h e _ i s i z e _ e x t e n d e d ( B r i a n F o s t e r ) [ 1 2 0 5 0 1 4 ] b r > b r > [ 2 . 6 . 3 2 - 6 2 1 ] b r > - [ n e t d r v ] n e t / m l x 4 _ e n : W a k e T X q u e u e s o n l y w h e n t h e r e s e n o u g h r o o m ( D o n D u t i l e ) [ 1 3 0 9 8 9 3 ] b r > - [ n e t d r v ] r e v e r t ' n e t / m l x 4 _ c o r e : F i x m a i l b o x l e a k i n e r r o r f l o w w h e n p e r f o r m i n g u p d a t e q p ' ( D o n D u t i l e ) [ 1 3 0 9 8 9 3 ] b r > - [ n e t d r v ] r e v e r t ' m l x 4 - e n : a d d m i s s i n g p a t c h t o i n i t r s s _ r i n g s i n g e t _ p r o f i l e ' ( D o n D u t i l e ) [ 1 3 0 9 8 9 3 ] b r > - [ n e t d r v ] r e v e r t ' m l x 4 - e n : d i s a b l e t r a f f i c c l a s s q u e u e i n g b y d e f a u l t ' ( D o n D u t i l e ) [ 1 3 0 9 8 9 3 ] b r > b r > [ 2 . 6 . 3 2 - 6 2 0 ] b r > - [ n e t d r v ] m l x 4 - e n : d i s a b l e t r a f f i c c l a s s q u e u e i n g b y d e f a u l t ( D o n D u t i l e ) [ 1 3 0 9 8 9 3 ] b r > - [ n e t d r v ] m l x 4 - e n : a d d m i s s i n g p a t c h t o i n i t r s s _ r i n g s i n g e t _ p r o f i l e ( D o n D u t i l e ) [ 1 3 0 9 8 9 3 ] b r > - [ n e t d r v ] n e t / m l x 4 _ c o r e : F i x m a i l b o x l e a k i n e r r o r f l o w w h e n p e r f o r m i n g u p d a t e q p ( D o n D u t i l e ) [ 1 3 0 9 8 9 3 ] b r > b r > [ 2 . 6 . 3 2 - 6 1 9 ] b r > - [ n e t d r v ] c x g b 4 : a d d d e v i c e I D f o r f e w T 5 a d a p t e r s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : F i x f o r w r i t e - c o m b i n i n g s t a t s c o n f i g u r a t i o n ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : F i x t x f l i t c a l c u l a t i o n ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : c h a n g e s f o r n e w f i r m w a r e 1 . 1 4 . 4 . 0 ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : m e m o r y c o r r u p t i o n i n d e b u g f s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : F o r c e u n i n i t i a l i z e d s t a t e i f F W i n a d a p t e r i s u n s u p p o r t e d ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d M P S t r a c i n g s u p p o r t ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d s o m e m o r e d e t a i l s t o s g e q i n f o ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : m i s s i n g c u r l y b r a c e s i n t 4 _ s e t u p _ d e b u g f s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d s u p p o r t t o d u m p e d c b i s t s t a t u s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d d e b u g f s s u p p o r t t o d u m p m e m i n f o ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 v f : R e a d c o r r e c t F L c o n g e s t i o n t h r e s h o l d f o r T 5 a n d T 6 ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A l l o w f i r m w a r e f l a s h , o n l y i f c x g b 4 i s t h e m a s t e r d r i v e r ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d d e b u g f s e n t r y t o e n a b l e b a c k d o o r a c c e s s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 v f : F i x c h e c k t o u s e n e w U s e r D o o r b e l l m e c h a n i s m ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : E n a b l e c i m _ l a d u m p t o s u p p o r t T 6 ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : R e a d s t a t s f o r o n l y a v a i l a b l e c h a n n e l s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : U p d a t e r e g i s t e r r a n g e s f o r T 6 a d a p t e r ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : D o n t u s e e n t i r e L 2 T t a b l e , u s e o n l y i t s s l i c e ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d P C I d e v i c e i d s f o r f e w m o r e T 5 a n d T 6 a d a p t e r s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : F i x i n c o r r e c t s e q u e n c e n u m b e r s s h o w n i n d e v l o g ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d P C I d e v i c e I D f o r c u s t o m T 5 2 2 & T 5 2 0 a d a p t e r ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ i n f i n i b a n d ] i w _ c x g b 4 : s u p p o r t f o r b a r 2 q i d d e n s i t i e s e x c e e d i n g t h e p a g e s i z e ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : S u p p o r t f o r u s e r m o d e b a r 2 m a p p i n g s w i t h T 4 ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d d e b u g f s e n t r y t o d u m p c h a n n e l r a t e ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d d e b u g f s e n t r y t o d u m p C I M P I F l o g i c a n a l y z e r c o n t e n t s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d a d e b u g f s e n t r y t o d u m p C I M M A l o g i c a n a l y z e r l o g s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : F i x s t a t i c c h e c k e r w a r n i n g ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : U s e F W L D S T c m d t o a c c e s s T P _ P I O _ A D D R , T P _ P I O _ D A T A r e g i s t e r f i r s t ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : p r o g r a m p c i c o m p l e t i o n t i m e o u t ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : S e t m a c a d d r f r o m v p d , w h e n w e c a n t c o n t a c t f i r m w a r e ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : R e n a m e t 4 _ l i n k _ s t a r t t o t 4 _ l i n k _ l 1 c f g ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d s g e e c c o n t e x t f l u s h s e r v i c e ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : F r e e V i r t u a l I n t e r f a c e s i n r e m o v e r o u t i n e ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : R e m o v e W O L g e t / s e t e t h t o o l s u p p o r t ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d s u p p o r t t o d u m p l o o p b a c k p o r t s t a t s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d s u p p o r t i n e t h t o o l t o d u m p c h a n n e l s t a t s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d e t h t o o l s u p p o r t t o g e t a d a p t e r s t a t s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 v f : A d d s S R I O V d r i v e r c h a n g e s f o r T 6 a d a p t e r ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d s s u p p o r t f o r T 6 a d a p t e r ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d i s _ t 6 m a c r o a n d T 6 r e g i s t e r r a n g e s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : r e m o v e u n u s e d f n t o e n a b l e / d i s a b l e d b c o a l e s c i n g ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 v f : f u n c t i o n a n d a r g u m e n t n a m e c l e a n u p ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d d e b u g f s f a c i l i t y t o i n j e c t F L s t a r v a t i o n ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d P H Y f i r m w a r e s u p p o r t f o r T 4 2 0 - B T c a r d s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : U p d a t e T 4 / T 5 a d a p t e r r e g i s t e r r a n g e s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : O p t i m i z e a n d c l e a n u p s e t u p m e m o r y w i n d o w c o d e ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : r e p l a c e n t o h s , n t o h l a n d h t o n s , h t o n l c a l l s w i t h t h e g e n e r i c b y t e o r d e r ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : R e m o v e d e a d f u n c t i o n t 4 _ r e a d _ e d c a n d t 4 _ r e a d _ m c ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 v f : C l e a n u p m a c r o s , a d d c o m m e n t s a n d a d d n e w M A C R O S ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : I n i t i a l i z e R S S m o d e f o r a l l P o r t s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : D i s c a r d t h e p a c k e t i f t h e l e n g t h i s g r e a t e r t h a n m t u ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : M o v e S G E I n g r e s s D M A s t a t e m o n i t o r ( D o n D u t i l e ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d d e v i c e n o d e t o U L D i n f o ( D o n D u t i l e ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : P a s s i n a C o n g e s t i o n C h a n n e l M a p t o t 4 _ s g e _ a l l o c _ r x q ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : E n a b l e c o n g e s t i o n n o t i f i c a t i o n f r o m S G E f o r I Q s a n d F L s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : M a k e s u r e t h a t F r e e l i s t s i z e i s l a r g e r t h a n E g r e s s C o n g e s t i o n T h r e s h o l d ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ i n f i n i b a n d ] i w _ c x g b 4 : C l e a n u p r e g i s t e r d e f i n e s / M A C R O S ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 v f : F i x s p a r s e w a r n i n g s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : I m p r o v e I E E E D C B x s u p p o r t , o t h e r m i n o r o p e n - l l d p f i x e s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ s c s i ] c x g b 4 i : C a l l i n t o r e c e n t l y a d d e d c x g b 4 i p v 6 a p i ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 v f : F i x q u e u e a l l o c a t i o n f o r 4 0 G a d a p t e r ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 v f : I n i t i a l i z e m d i o _ a d d r b e f o r e u s i n g i t ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 v f : F i x e t h t o o l g e t _ s e t t i n g s f o r V F d r i v e r ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c s i o s t o r : C l e a n u p m a c r o s / r e g i s t e r d e f i n e s r e l a t e d t o p o r t a n d V I ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : F i x D C B p r i o r i t y g r o u p s b e i n g r e t u r n e d i n w r o n g o r d e r ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : d c b o p e n - l l d p i n t e r o p f i x e s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : F i x b u g i n D C B a p p d e l e t i o n ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : H a n d l e d c b e n a b l e c o r r e c t l y ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : I m p r o v e h a n d l i n g o f D C B n e g o t i a t i o n o r l o s s t h e r e o f ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : I E E E f i x e s f o r D C B x s t a t e m a c h i n e ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : F i x e n d i a n b u g i n t r o d u c e d i n c x g b 4 d c b p a t c h s e t ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : M a k e f i l e & K c o n f i g c h a n g e s f o r D C B x s u p p o r t ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : I n t e g r a t e D C B x s u p p o r t i n t o c x g b 4 m o d u l e . R e g i s t e r d b c n l _ o p s t o g i v e a c c e s s t o D C B x f u n c t i o n s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d D C B x s u p p o r t c o d e b a s e a n d d c b n l _ o p s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : U p d a t e f w i n t e r f a c e f i l e f o r D C B x s u p p o r t . A d d s a l l t h e r e q u i r e d f i e l d s t o f w i n t e r f a c e t o c o m m u n i c a t e D C B x i n f o ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > b r > [ 2 . 6 . 3 2 - 6 1 8 ] b r > - [ d o c u m e n t a t i o n ] f i l e s y s t e m s : d e s c r i b e t h e s h a r e d m e m o r y u s a g e / a c c o u n t i n g ( R o d r i g o F r e i r e ) [ 1 2 9 3 6 1 5 ] b r > - [ k e r n e l ] F i x c g c l e a r f a i l u r e w h e n e n c o u n t e r i n g t h e r p c i o d k e r n e l t h r e a d ( L a r r y W o o d m a n ) [ 1 2 2 0 8 2 8 ] b r > - [ n e t d r v ] q l c n i c : c o n s t i f y q l c n i c _ m b x _ o p s s t r u c t u r e ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] n e t : q l c n i c : d e l e t e r e d u n d a n t m e m s e t s ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] q l c n i c : U p d a t e v e r s i o n t o 5 . 3 . 6 3 ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] q l c n i c : D o n t u s e k z a l l o c u n n c e c e s s a r i l y f o r a l l o c a t i n g l a r g e c h u n k o f m e m o r y ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] q l c n i c : A d d n e w V F d e v i c e I D 0 x 8 C 3 0 ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] q l c n i c : P r i n t f i r m w a r e m i n i d u m p b u f f e r a n d t e m p l a t e h e a d e r a d d r e s s e s ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] q l c n i c : A d d s u p p o r t t o e n a b l e c a p a b i l i t y t o e x t e n d m i n i d u m p f o r i S C S I ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] q l c n i c : R e a r r a n g e o r d e r i n g o f h e a d e r f i l e s i n c l u s i o n ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] q l c n i c : F i x c o r r u p t i o n w h i l e c o p y i n g ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] n e t : q l c n i c : D e l e t i o n o f u n n e c e s s a r y m e m s e t ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] n e t : q l c n i c : c l e a n u p s y s f s e r r o r c o d e s ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] q l c n i c : c o d e s p e l l c o m m e n t s p e l l i n g f i x e s ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] q l c n i c : F i x t y p o i n p r i n t k m e s s a g e s ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] q l c n i c : F i x t r i v i a l t y p o i n c o m m e n t ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] q l o g i c : D e l e t i o n o f u n n e c e s s a r y c h e c k s b e f o r e t w o f u n c t i o n c a l l s ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] q l c n i c : F i x d u m p _ s k b o u t p u t ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ v i r t ] k v m : x 8 6 : D o n t r e p o r t g u e s t u s e r s p a c e e m u l a t i o n e r r o r t o u s e r s p a c e ( B a n d a n D a s ) [ 1 1 6 3 7 6 4 ] { C V E - 2 0 1 0 - 5 3 1 3 C V E - 2 0 1 4 - 7 8 4 2 } b r > - [ v i r t ] k v m : i n j e c t # U D i f i n s t r u c t i o n e m u l a t i o n f a i l s a n d e x i t t o u s e r s p a c e ( B a n d a n D a s ) [ 1 1 6 3 7 6 4 ] { C V E - 2 0 1 0 - 5 3 1 3 C V E - 2 0 1 4 - 7 8 4 2 } b r > - [ n e t d r v ] i w l w i f i : A d d n e w P C I I D s f o r t h e 8 2 6 0 s e r i e s ( J o h n L i n v i l l e ) [ 1 2 8 6 8 7 1 1 3 0 8 6 3 6 ] b r > - [ n e t d r v ] i w l w i f i : p c i e : f i x ( a g a i n ) p r e p a r e c a r d f l o w ( J o h n L i n v i l l e ) [ 1 2 8 6 8 7 1 1 3 0 8 6 3 6 ] b r > - [ n e t d r v ] n l 8 0 2 1 1 : F i x p o t e n t i a l m e m o r y l e a k f r o m p a r s e _ a c l _ d a t a ( J o h n L i n v i l l e ) [ 1 2 8 6 8 7 1 1 3 0 8 6 3 6 ] b r > - [ n e t d r v ] m a c 8 0 2 1 1 : f i x d i v i d e b y z e r o w h e n N O A u p d a t e ( J o h n L i n v i l l e ) [ 1 2 8 6 8 7 1 1 3 0 8 6 3 6 ] b r > - [ n e t d r v ] m a c 8 0 2 1 1 : a l l o w n u l l c h a n d e f i n t r a c i n g ( J o h n L i n v i l l e ) [ 1 2 8 6 8 7 1 1 3 0 8 6 3 6 ] b r > - [ n e t d r v ] m a c 8 0 2 1 1 : f i x d r i v e r R S S I e v e n t c a l c u l a t i o n s ( J o h n L i n v i l l e ) [ 1 2 8 6 8 7 1 1 3 0 8 6 3 6 ] b r > - [ n e t d r v ] m a c 8 0 2 1 1 : F i x l o c a l d e a u t h w h i l e a s s o c i a t i n g ( J o h n L i n v i l l e ) [ 1 2 8 6 8 7 1 1 3 0 8 6 3 6 ] b r > - [ f s ] x f s : e n s u r e W B _ S Y N C _ A L L w r i t e b a c k h a n d l e s p a r t i a l p a g e s c o r r e c t l y ( B r i a n F o s t e r ) [ 7 4 7 5 6 4 ] b r > - [ f s ] m m : i n t r o d u c e s e t _ p a g e _ w r i t e b a c k _ k e e p w r i t e ( ) ( B r i a n F o s t e r ) [ 7 4 7 5 6 4 ] b r > - [ f s ] x f s : a l w a y s l o g t h e i n o d e o n u n w r i t t e n e x t e n t c o n v e r s i o n ( Z o r r o L a n g ) [ 1 0 1 8 4 6 5 ] b r > - [ f s ] v f s : f i x d a t a c o r r u p t i o n w h e n b l o c k s i z e p a g e s i z e f o r m m a p e d d a t a ( L u k a s C z e r n e r ) [ 1 2 0 5 0 1 4 ] b r > b r > [ 2 . 6 . 3 2 - 6 1 7 ] b r > - [ i n f i n i b a n d ] r d m a / o c r d m a : B u m p u p o c r d m a v e r s i o n n u m b e r t o 1 1 . 0 . 0 . 0 ( D o n D u t i l e ) [ 1 2 5 3 0 2 1 ] b r > - [ i n f i n i b a n d ] r d m a / o c r d m a : P r e v e n t C Q - D o o r b e l l f l o o d s ( D o n D u t i l e ) [ 1 2 5 3 0 2 1 ] b r > - [ i n f i n i b a n d ] r d m a / o c r d m a : C h e c k r e s o u r c e i d s r e c e i v e d i n A s y n c C Q E ( D o n D u t i l e ) [ 1 2 5 3 0 2 1 ] b r > - [ i n f i n i b a n d ] r d m a / o c r d m a : A v o i d a p o s s i b l e c r a s h i n o c r d m a _ r e m _ p o r t _ s t a t s ( D o n D u t i l e ) [ 1 2 5 3 0 2 1 ] b r > - [ k e r n e l ] d r i v e r c o r e : F i x u s e a f t e r f r e e o f d e v - > p a r e n t i n d e v i c e _ s h u t d o w n ( T o m a s H e n z l ) [ 1 3 0 3 2 1 5 ] b r > - [ k e r n e l ] d r i v e r c o r e : f i x s h u t d o w n r a c e s w i t h p r o b e / r e m o v e ( T o m a s H e n z l ) [ 1 3 0 3 2 1 5 ] b r > - [ k e r n e l ] d r i v e r c o r e : P r o t e c t d e v i c e s h u t d o w n f r o m h o t u n p l u g e v e n t s ( T o m a s H e n z l ) [ 1 3 0 3 2 1 5 ] b r > - [ n e t d r v ] b n x 2 x : A d d n e w d e v i c e i d s u n d e r t h e Q l o g i c v e n d o r ( M i c h a l S c h m i d t ) [ 1 3 0 4 2 5 2 ] b r > - [ k e r n e l ] k l i s t : f i x s t a r t i n g p o i n t r e m o v e d b u g i n k l i s t i t e r a t o r s ( E w a n M i l n e ) [ 1 1 9 0 2 7 3 ] b r > - [ m d ] r a i d 1 : e x t e n d s p i n l o c k t o p r o t e c t r a i d 1 _ e n d _ r e a d _ r e q u e s t a g a i n s t i n c o n s i s t e n c i e s ( J e s S o r e n s e n ) [ 1 3 0 9 1 5 4 ] b r > - [ m d ] r a i d 1 : f i x t e s t f o r ' w a s r e a d e r r o r f r o m l a s t w o r k i n g d e v i c e ' ( J e s S o r e n s e n ) [ 1 3 0 9 1 5 4 ] b r > - [ s 3 9 0 ] c i o : u p d a t e m e a s u r e m e n t c h a r a c t e r i s t i c s ( H e n d r i k B r u e c k n e r ) [ 1 3 0 4 2 5 7 ] b r > - [ s 3 9 0 ] c i o : e n s u r e c o n s i s t e n t m e a s u r e m e n t s t a t e ( H e n d r i k B r u e c k n e r ) [ 1 3 0 4 2 5 7 ] b r > - [ s 3 9 0 ] c i o : f i x m e a s u r e m e n t c h a r a c t e r i s t i c s m e m l e a k ( H e n d r i k B r u e c k n e r ) [ 1 3 0 4 2 5 7 ] b r > - [ f s ] p i p e : f i x o f f s e t a n d l e n m i s m a t c h o n p i p e _ i o v _ c o p y _ t o _ u s e r f a i l u r e ( S e t h J e n n i n g s ) [ 1 3 0 2 2 2 3 ] { C V E - 2 0 1 6 - 0 7 7 4 } b r > b r > [ 2 . 6 . 3 2 - 6 1 6 ] b r > - [ k e r n e l ] i s o l c p u s : O u t p u t w a r n i n g w h e n t h e ' i s o l c p u s = ' k e r n e l p a r a m e t e r i s i n v a l i d ( P r a r i t B h a r g a v a ) [ 1 3 0 4 2 1 6 ] b r > - [ m m c ] P r e v e n t 1 . 8 V s w i t c h f o r S D h o s t s t h a t d o n t s u p p o r t U H S m o d e s ( P e t r O r o s ) [ 1 3 0 7 0 6 5 ] b r > - [ m m c ] s d h c i - p c i - o 2 m i c r o : F i x D e l l E 5 4 4 0 i s s u e ( P e t r O r o s ) [ 1 3 0 7 0 6 5 ] b r > - [ m m c ] s d h c i - p c i - o 2 m i c r o : A d d S e a B i r d S e a E a g l e S D 3 s u p p o r t ( P e t r O r o s ) [ 1 3 0 7 0 6 5 ] b r > - [ w a t c h d o g ] h u n g t a s k d e b u g g i n g : I n j e c t N M I w h e n h u n g a n d g o i n g t o p a n i c ( D o n Z i c k u s ) [ 1 3 0 5 9 1 9 ] b r > - [ w a t c h d o g ] a d d s y s c t l k n o b h a r d l o c k u p _ p a n i c ( D o n Z i c k u s ) [ 1 3 0 5 9 1 9 ] b r > - [ w a t c h d o g ] p e r f o r m a l l - C P U b a c k t r a c e i n c a s e o f h a r d l o c k u p ( D o n Z i c k u s ) [ 1 3 0 5 9 1 9 ] b r > - [ d r m ] i 9 1 5 : D r o p i n t e l _ u p d a t e _ s p r i t e _ w a t e r m a r k s ( L y u d e ) [ 1 3 0 6 4 2 5 ] b r > - [ d r m ] i 9 1 5 : S e t u p D D I c l k f o r M S T o n S K L i ( L y u d e ) [ 1 3 0 6 4 2 5 ] b r > - [ d r m ] i 9 1 5 : E x p l i c i t l y c h e c k f o r e D P i n s k l _ d d i _ p l l _ s e l e c t ( L y u d e ) [ 1 3 0 6 4 2 5 ] b r > - [ d r m ] i 9 1 5 : D o n t s k i p m s t e n c o d e r s i n s k l _ d d i _ p l l _ s e l e c t ( L y u d e ) [ 1 3 0 6 4 2 5 ] b r > - [ s c s i ] q l a 2 x x x : S e t r e l o g i n f l a g w h e n w e f a i l t o q u e u e l o g i n r e q u e s t s ( C h a d D u p u i s ) [ 1 3 0 6 0 3 3 ] b r > - [ s 3 9 0 ] k e r n e l / s y s c a l l s : c o r r e c t s y s c a l l n u m b e r f o r _ _ N R _ s e t n s ( H e n d r i k B r u e c k n e r ) [ 1 2 1 9 5 8 6 ] b r > - [ e d a c ] s b _ e d a c : f i x c h a n n e l / c s r o w e m u l a t i o n o n B r o a d w e l l ( A r i s t e u R o z a n s k i ) [ 1 3 0 1 2 3 0 ] b r > - [ u s b ] x h c i : W o r k a r o u n d t o g e t I n t e l x H C I r e s e t w o r k i n g m o r e r e l i a b l y ( G o p a l T i w a r i ) [ 1 1 4 6 8 7 5 ] b r > - [ f s ] r e v e r t r e v e r t ' d l m : p r i n t k e r n e l m e s s a g e w h e n w e g e t a n e r r o r f r o m k e r n e l _ s e n d p a g e ' ( R o b e r t S P e t e r s o n ) [ 1 2 6 4 4 9 2 ] b r > - [ f s ] r e v e r t ' [ f s ] d l m : R e p l a c e n o d e i d _ t o _ a d d r w i t h k e r n e l _ g e t p e e r n a m e ' ( R o b e r t S P e t e r s o n ) [ 1 2 6 4 4 9 2 ] b r > - [ s 3 9 0 ] s c l p : D e t e r m i n e H S A s i z e d y n a m i c a l l y f o r z f c p d u m p ( H e n d r i k B r u e c k n e r ) [ 1 3 0 3 5 5 7 ] b r > - [ s 3 9 0 ] s c l p : M o v e d e c l a r a t i o n s f o r s c l p _ s d i a s i n t o s e p a r a t e h e a d e r f i l e ( H e n d r i k B r u e c k n e r ) [ 1 3 0 3 5 5 7 ] b r > - [ n e t d r v ] m l x 4 _ e n : a d d m i s s i n g t x _ q u e u e i n i t i n e n _ s t a r t _ p o r t ( D o n D u t i l e ) [ 1 3 0 4 0 1 6 ] b r > b r > [ 2 . 6 . 3 2 - 6 1 5 ] b r > - [ s 3 9 0 ] q e t h : i n i t i a l i z e n e t _ d e v i c e w i t h c a r r i e r o f f ( H e n d r i k B r u e c k n e r ) [ 1 1 9 8 6 6 6 ] b r > - [ n e t d r v ] A d d r t l w i f i d r i v e r f r o m l i n u x 4 . 3 ( S t a n i s l a w G r u s z k a ) [ 1 2 4 5 4 5 2 1 2 6 3 3 8 6 1 2 8 9 5 7 4 7 6 1 5 2 5 ] b r > b r > [ 2 . 6 . 3 2 - 6 1 4 ] b r > - [ p o w e r p c ] p s e r i e s : L i m i t E P O W r e s e t e v e n t w a r n i n g s ( G u s t a v o D u a r t e ) [ 1 3 0 0 2 0 2 ] b r > - [ p e r f ] t o o l s : D o n o t s h o w t r a c e c o m m a n d i f i t s n o t c o m p i l e d i n ( J i r i O l s a ) [ 1 2 1 2 5 3 9 ] b r > - [ p e r f ] t o o l s s p e c : D i s a b l e t r a c e c o m m a n d o n p p c a r c h ( J i r i O l s a ) [ 1 2 1 2 5 3 9 ] b r > - [ n e t d r v ] m l x 4 _ e n : F i x t h e b l u e f l a m e i n T X p a t h ( K a m a l H e i b ) [ 1 2 9 5 8 7 2 1 3 0 3 6 6 1 1 3 0 3 8 6 3 1 3 0 4 2 7 2 ] b r > - [ n e t d r v ] m l x 4 _ e n : F i x H W t i m e s t a m p i n i t i s s u e u p o n s y s t e m s t a r t u p ( K a m a l H e i b ) [ 1 2 9 5 8 7 2 1 3 0 4 2 7 2 ] b r > - [ n e t d r v ] m l x 4 _ e n : R e m o v e d e p e n d e n c y b e t w e e n t i m e s t a m p i n g c a p a b i l i t y a n d s e r v i c e _ t a s k ( K a m a l H e i b ) [ 1 2 9 5 8 7 2 1 3 0 4 2 7 2 ] b r > - [ n e t d r v ] m l x 5 _ c o r e : F i x t r i m m i n g d o w n I R Q n u m b e r ( K a m a l H e i b ) [ 1 3 0 4 2 7 2 ] b r > - [ x 8 6 ] M a r k I n t e l B r o a d w e l l - D E S o C s u p p o r t e d ( S t e v e B e s t ) [ 1 2 5 3 8 5 6 ] b r > - [ s 3 9 0 ] z f c p d u m p : F i x c o l l e c t i n g o f r e g i s t e r s ( H e n d r i k B r u e c k n e r ) [ 1 3 0 3 5 5 8 ] b r > - [ s 3 9 0 ] d a s d : f i x f a i l f a s t f o r d i s c o n n e c t e d d e v i c e s ( H e n d r i k B r u e c k n e r ) [ 1 3 0 3 5 5 9 ] b r > - [ n e t d r v ] b n x t _ e n : F i x c r a s h i n b n x t _ f r e e _ t x _ s k b s ( ) d u r i n g t x t i m e o u t ( J o h n L i n v i l l e ) [ 1 3 0 3 7 0 3 ] b r > - [ n e t d r v ] b n x t _ e n : E x c l u d e r x _ d r o p _ p k t s h w c o u n t e r f r o m t h e s t a c k s r x _ d r o p p e d c o u n t e r ( J o h n L i n v i l l e ) [ 1 3 0 3 7 0 3 ] b r > - [ n e t d r v ] b n x t _ e n : R i n g f r e e r e s p o n s e f r o m c l o s e p a t h s h o u l d u s e c o m p l e t i o n r i n g ( J o h n L i n v i l l e ) [ 1 3 0 3 7 0 3 ] b r > - [ b l o c k ] F i x q _ s u s p e n d e d l o g i c e r r o r f o r i o s u b m i s s i o n ( D a v i d M i l b u r n ) [ 1 2 2 7 3 4 2 ] b r > - [ b l o c k ] n v m e : N o l o c k w h i l e D M A m a p p i n g d a t a ( D a v i d M i l b u r n ) [ 1 2 2 7 3 4 2 ] b r > / p > \n \n \n b r > h 2 > R e l a t e d C V E s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 8 1 3 4 . h t m l \" > C V E - 2 0 1 4 - 8 1 3 4 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 0 - 5 3 1 3 . h t m l \" > C V E - 2 0 1 0 - 5 3 1 3 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 7 8 4 2 . h t m l \" > C V E - 2 0 1 4 - 7 8 4 2 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 5 - 5 1 5 6 . h t m l \" > C V E - 2 0 1 5 - 5 1 5 6 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 4 3 1 2 . h t m l \" > C V E - 2 0 1 3 - 4 3 1 2 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 5 - 8 2 1 5 . h t m l \" > C V E - 2 0 1 5 - 8 2 1 5 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 5 - 8 3 2 4 . h t m l \" > C V E - 2 0 1 5 - 8 3 2 4 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 5 - 8 5 4 3 . h t m l \" > C V E - 2 0 1 5 - 8 5 4 3 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 5 - 7 5 0 9 . h t m l \" > C V E - 2 0 1 5 - 7 5 0 9 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n b r > h 2 > U p d a t e d P a c k a g e s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r s t y l e = \" c o l o r : # F F 0 0 0 0 ; \" > t d > b > R e l e a s e / A r c h i t e c t u r e / b > t d > b > F i l e n a m e / b > / t d > t d > b > M D 5 s u m / b > / t d > t d > b > S u p e r s e d e d B y A d v i s o r y / b > / t d > / t r > \n t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 6 ( i 3 8 6 ) / t d > t d > k e r n e l - 2 . 6 . 3 2 - 6 4 2 . e l 6 . s r c . r p m / t d > t d > e 2 a 7 9 1 c 8 8 e 4 d 2 a b 6 4 e d 9 3 5 8 0 3 0 8 2 e 0 d 0 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - 2 . 6 . 3 2 - 6 4 2 . e l 6 . i 6 8 6 . r p m / t d > t d > 8 4 5 b 9 9 5 6 9 8 2 3 3 2 4 d d c 8 b 9 e 2 c 0 6 3 b 2 8 c 6 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - a b i - w h i t e l i s t s - 2 . 6 . 3 2 - 6 4 2 . e l 6 . n o a r c h . r p m / t d > t d > 2 e e 2 2 a 9 0 0 3 7 5 f e 4 3 2 7 e 1 e 3 9 3 1 8 e b c 7 d c / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - 2 . 6 . 3 2 - 6 4 2 . e l 6 . i 6 8 6 . r p m / t d > t d > 0 c 2 9 a f 5 9 d d 4 3 d 0 2 b c 3 c b 7 8 f b 5 0 f 8 b 0 7 1 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - d e v e l - 2 . 6 . 3 2 - 6 4 2 . e l 6 . i 6 8 6 . r p m / t d > t d > 2 9 c 5 a 7 0 9 f 2 1 5 f 5 3 4 4 6 f c 9 b 5 6 3 7 e d 9 6 5 f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e v e l - 2 . 6 . 3 2 - 6 4 2 . e l 6 . i 6 8 6 . r p m / t d > t d > 0 5 d 0 5 7 6 2 5 4 5 1 1 2 f d 7 f 6 8 8 7 0 3 5 6 8 4 3 5 3 9 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d o c - 2 . 6 . 3 2 - 6 4 2 . e l 6 . n o a r c h . r p m / t d > t d > 4 7 f d e f 2 3 1 f 2 d 6 8 e 1 8 c a 5 0 9 9 a 0 d 7 0 6 a e 4 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - f i r m w a r e - 2 . 6 . 3 2 - 6 4 2 . e l 6 . n o a r c h . r p m / t d > t d > d f 1 2 d a 0 e a 7 5 d 7 c 2 5 a 8 1 7 6 d a 0 9 f e 8 c 1 0 4 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - h e a d e r s - 2 . 6 . 3 2 - 6 4 2 . e l 6 . i 6 8 6 . r p m / t d > t d > c 1 6 b f 7 7 a 7 7 5 f e 4 3 6 4 d e e b 2 8 8 6 9 a 5 3 6 c d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > p e r f - 2 . 6 . 3 2 - 6 4 2 . e l 6 . i 6 8 6 . r p m / t d > t d > b d 7 3 c 7 7 3 4 f 1 9 d 3 2 5 6 3 e e 7 f c a 0 9 2 3 0 b a 6 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > p y t h o n - p e r f - 2 . 6 . 3 2 - 6 4 2 . e l 6 . i 6 8 6 . r p m / t d > t d > 5 a 8 4 0 5 2 0 9 e d 6 6 5 4 a 0 0 c 3 9 1 6 a a 1 a f 9 0 7 0 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 6 ( x 8 6 _ 6 4 ) / t d > t d > k e r n e l - 2 . 6 . 3 2 - 6 4 2 . e l 6 . s r c . r p m / t d > t d > e 2 a 7 9 1 c 8 8 e 4 d 2 a b 6 4 e d 9 3 5 8 0 3 0 8 2 e 0 d 0 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - 2 . 6 . 3 2 - 6 4 2 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > e 5 1 4 e 3 3 c 4 d 2 c a f 8 8 e 1 d b 6 5 3 6 0 9 e 9 6 6 6 6 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - a b i - w h i t e l i s t s - 2 . 6 . 3 2 - 6 4 2 . e l 6 . n o a r c h . r p m / t d > t d > 2 e e 2 2 a 9 0 0 3 7 5 f e 4 3 2 7 e 1 e 3 9 3 1 8 e b c 7 d c / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - 2 . 6 . 3 2 - 6 4 2 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > 3 b e 8 e 3 3 a e 8 d 9 f 3 8 c a a 5 f 2 f b b c 9 d a 2 0 7 9 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - d e v e l - 2 . 6 . 3 2 - 6 4 2 . e l 6 . i 6 8 6 . r p m / t d > t d > 2 9 c 5 a 7 0 9 f 2 1 5 f 5 3 4 4 6 f c 9 b 5 6 3 7 e d 9 6 5 f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - d e v e l - 2 . 6 . 3 2 - 6 4 2 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > 9 5 d b f 6 b 5 3 0 9 3 6 2 7 9 9 e f c 5 d e f 5 d 2 b a 4 3 b / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e v e l - 2 . 6 . 3 2 - 6 4 2 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > a 4 a 7 5 e 4 2 7 d b d 1 4 5 1 2 a d a c f 0 5 7 7 6 7 2 1 a a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d o c - 2 . 6 . 3 2 - 6 4 2 . e l 6 . n o a r c h . r p m / t d > t d > 4 7 f d e f 2 3 1 f 2 d 6 8 e 1 8 c a 5 0 9 9 a 0 d 7 0 6 a e 4 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - f i r m w a r e - 2 . 6 . 3 2 - 6 4 2 . e l 6 . n o a r c h . r p m / t d > t d > d f 1 2 d a 0 e a 7 5 d 7 c 2 5 a 8 1 7 6 d a 0 9 f e 8 c 1 0 4 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - h e a d e r s - 2 . 6 . 3 2 - 6 4 2 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > b 9 3 7 3 3 f 6 1 e 2 4 b 2 6 6 5 d d 9 4 6 3 f 9 d 2 4 b 9 5 a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > p e r f - 2 . 6 . 3 2 - 6 4 2 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > 1 5 6 a f 1 5 b c f 3 d 3 5 d 0 5 8 7 a 7 b 4 a 9 0 a 8 d 4 9 b / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > p y t h o n - p e r f - 2 . 6 . 3 2 - 6 4 2 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > d 6 3 f 3 e 5 2 6 9 c 6 7 3 8 f 0 f c 0 0 7 8 c d 5 2 3 7 6 0 d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n \n b r > b r > \n b r > p > \n T h i s p a g e i s g e n e r a t e d a u t o m a t i c a l l y a n d h a s n o t b e e n c h e c k e d f o r e r r o r s o r o m i s s i o n s . F o r c l a r i f i c a t i o n \n o r c o r r e c t i o n s p l e a s e c o n t a c t t h e a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / \" > O r a c l e L i n u x U L N t e a m / a > / p > \n \n \n \n / d i v > \n ! - - \n / d i v > \n - - > \n / d i v > \n / d i v > \n \n \n d i v i d = \" m c 1 6 \" c l a s s = \" m c 1 6 v 0 \" > \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > T e c h n i c a l i n f o r m a t i o n / h 2 > \n u l > \n l i > a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / h a r d w a r e - c e r t i f i c a t i o n s \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x C e r t i f i e d H a r d w a r e / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / l i b r a r y / e l s p - l i f e t i m e - 0 6 9 3 3 8 . p d f \" > O r a c l e L i n u x S u p p o r t e d R e l e a s e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > O r a c l e L i n u x S u p p o r t / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / t e c h n o l o g i e s / l i n u x / O r a c l e L i n u x S u p p o r t / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x S u p p o r t / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / p r e m i e r / s e r v e r s - s t o r a g e / o v e r v i e w / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e P r e m i e r S u p p o r t f o r S y s t e m s / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / a d v a n c e d - c u s t o m e r - s e r v i c e s / o v e r v i e w / \" > A d v a n c e d C u s t o m e r S e r v i c e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 2 \" > \n h 2 > C o n n e c t / h 2 > \n u l > \n l i c l a s s = \" f b i c o n \" > a h r e f = \" h t t p : / / w w w . f a c e b o o k . c o m / o r a c l e l i n u x \" t i t l e = \" F a c e b o o k \" n a m e = \" F a c e b o o k \" t a r g e t = \" _ b l a n k \" i d = \" F a c e b o o k \" > F a c e b o o k / a > / l i > \n l i c l a s s = \" t w i c o n \" > a h r e f = \" h t t p : / / w w w . t w i t t e r . c o m / O r a c l e L i n u x \" t i t l e = \" T w i t t e r \" n a m e = \" T w i t t e r \" t a r g e t = \" _ b l a n k \" i d = \" T w i t t e r \" > T w i t t e r / a > / l i > \n l i c l a s s = \" i n i c o n \" > a h r e f = \" h t t p : / / w w w . l i n k e d i n . c o m / g r o u p s ? g i d = 1 2 0 2 3 8 \" t i t l e = \" L i n k e d I n \" n a m e = \" L i n k e d I n \" t a r g e t = \" _ b l a n k \" i d = \" L i n k e d I n \" > L i n k e d I n / a > / l i > \n l i c l a s s = \" y t i c o n \" > a h r e f = \" h t t p : / / w w w . y o u t u b e . c o m / o r a c l e l i n u x c h a n n e l \" t i t l e = \" Y o u T u b e \" n a m e = \" Y o u T u b e \" t a r g e t = \" _ b l a n k \" i d = \" Y o u T u b e \" > Y o u T u b e / a > / l i > \n l i c l a s s = \" b l o g i c o n \" > a h r e f = \" h t t p : / / b l o g s . o r a c l e . c o m / l i n u x \" t i t l e = \" B l o g \" n a m e = \" B l o g \" > B l o g / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 3 \" > \n h 2 > C o n t a c t U s / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / c o r p o r a t e / c o n t a c t / g l o b a l - 0 7 0 5 1 1 . h t m l \" > G l o b a l c o n t a c t s / a > / l i > \n l i > O r a c l e 1 - 8 0 0 - 6 3 3 - 0 6 9 1 / l i > \n / u l > \n / d i v > \n / d i v > \n / d i v > \n \n d i v i d = \" m c 0 4 \" c l a s s = \" m c 0 4 v 1 \" > \n d i v c l a s s = \" m c 0 4 w 1 \" > \n a h r e f = \" h t t p : / / o r a c l e . c o m \" > i m g s r c = \" / / w w w . o r a c l e i m g . c o m / a s s e t s / m c 0 4 - f o o t e r - l o g o . p n g \" b o r d e r = \" 0 \" a l t = \" s o f t w a r e . h a r d w a r e . c o m p l e t e \" / > / a > \n / d i v > \n \n d i v c l a s s = \" m c 0 4 w 2 \" > \n a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / s u b s c r i b e / i n d e x . h t m l \" > S u b s c r i b e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / e m p l o y m e n t / i n d e x . h t m l \" > C a r e e r s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / c o n t a c t / i n d e x . h t m l \" > C o n t a c t U s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / c o p y r i g h t . h t m l \" > L e g a l N o t i c e s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / t e r m s . h t m l \" > T e r m s o f U s e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / p r i v a c y . h t m l \" > Y o u r P r i v a c y R i g h t s / a > \n / d i v > \n / d i v > \n / d i v > \n / b o d y > \n / h t m l > \n ", "edition": 4, "reporter": "Oracle", "published": "2016-05-16T00:00:00", "title": "kernel security, bug fix, and enhancement update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-5313", "CVE-2014-8134", "CVE-2015-7509", "CVE-2015-8215", "CVE-2015-8324", "CVE-2016-0774", "CVE-2015-5156", "CVE-2015-8543", "CVE-2016-2550", "CVE-2015-8767", "CVE-2013-4312", "CVE-2014-7842", "CVE-2015-5157"], "modified": "2016-05-16T00:00:00", "id": "ELSA-2016-0855", "href": "http://linux.oracle.com/errata/ELSA-2016-0855.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:45:00", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-3.10.0-327.el7.noarch.rpm", "packageName": "kernel-abi-whitelists", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "arch": "x86_64", "packageFilename": "kernel-tools-libs-3.10.0-327.el7.x86_64.rpm", "packageName": "kernel-tools-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "arch": "x86_64", "packageFilename": "kernel-devel-3.10.0-327.el7.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "arch": "x86_64", "packageFilename": "kernel-3.10.0-327.el7.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "arch": "x86_64", "packageFilename": "kernel-headers-3.10.0-327.el7.x86_64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "arch": "x86_64", "packageFilename": "kernel-debug-3.10.0-327.el7.x86_64.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "arch": "src", "packageFilename": "kernel-3.10.0-327.el7.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "arch": "x86_64", "packageFilename": "kernel-tools-3.10.0-327.el7.x86_64.rpm", "packageName": "kernel-tools", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "arch": "x86_64", "packageFilename": "perf-3.10.0-327.el7.x86_64.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "arch": "x86_64", "packageFilename": "kernel-tools-libs-devel-3.10.0-327.el7.x86_64.rpm", "packageName": "kernel-tools-libs-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "arch": "noarch", "packageFilename": "kernel-doc-3.10.0-327.el7.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "arch": "x86_64", "packageFilename": "python-perf-3.10.0-327.el7.x86_64.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "arch": "x86_64", "packageFilename": "kernel-debug-devel-3.10.0-327.el7.x86_64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}], "description": "[3.10.0-327.OL7]\n- Oracle Linux certificates (Alexey Petrenko)\n[3.10.0-327]\n- [mm] free compound page with correct order (Andrea Arcangeli) [1274867]\n- [netdrv] revert 'ixgbe: Refactor busy poll socket code to address multiple issues' (John Greene) [1261275]\n- [powerpc] dma: dma_set_coherent_mask() should not be GPL only (Gustavo Duarte) [1275976]\n[3.10.0-326]\n- [md] dm-cache: the CLEAN_SHUTDOWN flag was not being set (Mike Snitzer) [1274450]\n- [md] dm-btree: fix leak of bufio-backed block in btree_split_beneath error path (Mike Snitzer) [1274393]\n- [md] dm-btree-remove: fix a bug when rebalancing nodes after removal (Mike Snitzer) [1274396]\n- [fs] nfsd: fix duplicated destroy_delegation code introduced by backport ('J. Bruce Fields') [1273228]\n- [fs] xfs: validate transaction header length on log recovery (Brian Foster) [1164135]\n- [net] ipv6: don't use CHECKSUM_PARTIAL on MSG_MORE/UDP_CORK sockets (Hannes Frederic Sowa) [1271759]\n- [net] add length argument to skb_copy_and_csum_datagram_iovec (Sabrina Dubroca) [1269228]\n- [x86] kvm: fix edge EOI and IOAPIC reconfig race (Radim Krcmar) [1271333]\n- [x86] kvm: set KVM_REQ_EVENT when updating IRR (Radim Krcmar) [1271333]\n- [kernel] Initialize msg/shm IPC objects before doing ipc_addid() (Lennert Buytenhek) [1271507] {CVE-2015-7613}\n[3.10.0-325]\n- [fs] nfsd: ensure that delegation stateid hash references are only put once ('J. Bruce Fields') [1233284]\n- [fs] nfsd: ensure that the ol stateid hash reference is only put once ('J. Bruce Fields') [1233284]\n- [fs] nfsv4: Fix a nograce recovery hang (Benjamin Coddington) [1264478]\n- [fs] vfs: Test for and handle paths that are unreachable from their mnt_root ('Eric W. Biederman') [1209371] {CVE-2015-2925}\n- [fs] dcache: Handle escaped paths in prepend_path ('Eric W. Biederman') [1209371] {CVE-2015-2925}\n- [fs] xfs: add an xfs_zero_eof() tracepoint (Brian Foster) [1260383]\n- [fs] xfs: always drain dio before extending aio write submission (Brian Foster) [1260383]\n- [md] dm-cache: fix NULL pointer when switching from cleaner policy (Mike Snitzer) [1269959]\n- [mm] Temporary fix for BUG_ON() triggered by THP vs. gup() race (David Gibson) [1268999]\n- [hid] usbhid: improve handling of Clear-Halt and reset (Don Zickus) [1260123]\n- [drm] qxl: fix framebuffer dirty rectangle tracking (Gerd Hoffmann) [1268293]\n- [s390] hmcdrv: fix interrupt registration (Hendrik Brueckner) [1262735]\n- [block] blk-mq: fix deadlock when reading cpu_list (Jeff Moyer) [1260615]\n- [block] blk-mq: avoid inserting requests before establishing new mapping (Jeff Moyer) [1260615]\n- [block] blk-mq: fix q->mq_usage_counter access race (Jeff Moyer) [1260615]\n- [block] blk-mq: Fix use after of free q->mq_map (Jeff Moyer) [1260615]\n- [block] blk-mq: fix sysfs registration/unregistration race (Jeff Moyer) [1260615]\n- [block] blk-mq: avoid setting hctx->tags->cpumask before allocation (Jeff Moyer) [1260615]\n- [netdrv] cxgb4: Enhance driver to update FW, when FW is too old (Sai Vemuri) [1077966]\n- [netdrv] cxgb4: Force uninitialized state if FW in adapter is unsupported (Sai Vemuri) [1077966]\n- [powerpc] revert 'Use the POWER8 Micro Partition Prefetch Engine in KVM HV on POWER8' (Thomas Huth) [1269653]\n[3.10.0-324]\n- [netdrv] i40e/i40evf: set AQ count after memory allocation (Neil Horman) [1267663]\n- [netdrv] i40e: fix offload of GRE tunnels (Neil Horman) [1267663]\n- [netdrv] i40evf: don't blow away MAC address (Neil Horman) [1267663]\n- [netdrv] i40e/i40evf: grab the AQ spinlocks before clearing registers (Neil Horman) [1267663]\n- [netdrv] i40e: Fix a memory leak in X722 rss config path (Neil Horman) [1267663]\n- [netdrv] i40evf: Use numa_mem_id() to better support memoryless node (Neil Horman) [1267663]\n- [netdrv] i40e: Use numa_mem_id() to better support memoryless node (Neil Horman) [1267663]\n- [netdrv] i40e: fix 32 bit build warnings (Neil Horman) [1267663]\n- [netdrv] i40e: fix kbuild warnings (Neil Horman) [1267663]\n- [netdrv] i40evf: tweak init timing (Neil Horman) [1267663]\n- [netdrv] i40e: warn on double free (Neil Horman) [1267663]\n- [netdrv] i40e: refactor interrupt enable (Neil Horman) [1267663]\n- [netdrv] i40e: Strip VEB stats if they are disabled in HW (Neil Horman) [1267663]\n- [netdrv] i40e/i40evf: add new device id 1588 (Neil Horman) [1267663]\n- [netdrv] i40e: Remove useless message (Neil Horman) [1267663]\n- [netdrv] i40e: limit debugfs io ops (Neil Horman) [1267663]\n- [netdrv] i40e: use QOS field consistently (Neil Horman) [1267663]\n- [netdrv] i40e: count drops in netstat interface (Neil Horman) [1267663]\n- [netdrv] i40e/i40evf: fix Tx hang workaround code (Neil Horman) [1267663]\n- [netdrv] i40e: fixup padding issue in get_cee_dcb_cfg_v1_resp (Neil Horman) [1267663]\n- [netdrv] i40e: Fix a port VLAN configuration bug (Neil Horman) [1267663]\n- [netdrv] i40e/i40evf: fix up type clash in i40e_aq_rc_to_posix conversion (Neil Horman) [1267663]\n- [netdrv] i40e: rtnl_lock called twice in i40e_pci_error_resume() (Neil Horman) [1267663]\n- [netdrv] i40evf: missing rtnl_unlock in i40evf_resume() (Neil Horman) [1267663]\n[3.10.0-323]\n- [scsi] report 'INQUIRY result too short' once (Vitaly Kuznetsov) [1254049]\n- [scsi] scsi_scan: don't dump trace when scsi_prep_async_scan() is called twice (Vitaly Kuznetsov) [1254049]\n- [fs] userfaultfd: add missing mmput() in error path (Andrea Arcangeli) [1263480]\n- [mm] check if section present during memory block registering (Jan Stancek) [1256723]\n- [mm] avoid setting up anonymous pages into file mapping (Larry Woodman) [1261582]\n- [mm] add p[te|md] revert 'protnone helpers for use by NUMA balancing' (Thomas Huth) [1256718]\n- [powerpc] revert 'mm: convert p[te|md]_numa users to p[te|md]_protnone_numa' (Thomas Huth) [1256718]\n- [powerpc] revert 'mm: add paranoid warnings for unexpected DSISR_PROTFAULT' (Thomas Huth) [1256718]\n- [mm] revert 'convert p[te|md]_mknonnuma and remaining page table manipulations' (Thomas Huth) [1256718]\n- [mm] revert 'numa: Do not mark PTEs pte_numa when splitting huge pages' (Thomas Huth) [1256718]\n- [mm] revert 'remove remaining references to NUMA hinting bits and helpers' (Thomas Huth) [1256718]\n- [mm] revert 'numa: do not trap faults on the huge zero page' (Thomas Huth) [1256718]\n- [mm] revert 'numa: add paranoid check around pte_protnone_numa' (Thomas Huth) [1256718]\n- [mm] revert 'numa: avoid unnecessary TLB flushes when setting NUMA hinting entries' (Thomas Huth) [1256718]\n- [powerpc] mm: Change the swap encoding in pte (Thomas Huth) [1256718]\n- [x86] perf: Fix multi-segment problem of perf_event_intel_uncore (Jiri Olsa) [1257825]\n- [lib] partially revert '[lib] vsprintf: implement bitmap printing through '*pb[l]'' (Maurizio Lombardi) [1260118]\n- [drm] radeon: update no_64bit_msi flag for certain ASICs (Oded Gabbay) [1262429]\n- [drm] nouveau: fbcon: take runpm reference when userspace has an open fd (Ben Skeggs) [1176163]\n- [drm] qxl: validate monitors config modes (Dave Airlie) [1242847]\n- [drm] radeon: don't attempt WC mappings on powerpc (Dave Airlie) [1262429]\n- [drm] drm/qxl: recreate the primary surface when the bo is not primary (Dave Airlie) [1258301]\n- [drm] qxl: only report first monitor as connected if we have no state (Dave Airlie) [1258301]\n- [drm] dp_mst: drop cancel work sync in the mstb destroy path (Dave Airlie) [1251331]\n- [drm] dp_mst: split connector registration into two parts (Dave Airlie) [1251331]\n- [drm] dp_mst: update the link_address_sent before sending the link address (Dave Airlie) [1251331]\n- [drm] dp_mst: fixup handling hotplug on port removal (Dave Airlie) [1251331]\n- [drm] dp_mst: don't pass port into the path builder function (Dave Airlie) [1251331]\n- [drm] dp_mst: make functions that always return 0 return void (Dave Airlie) [1251331]\n- [kernel] uprobes: fix kABI broken by the exported return_instance (Oleg Nesterov) [1207373]\n- [kernel] uprobes: Make arch_uretprobe_is_alive(RP_CHECK_CALL) more clever (Oleg Nesterov) [1207373]\n- [kernel] uprobes: Add the 'enum rp_check ctx' arg to arch_uretprobe_is_alive() (Oleg Nesterov) [1207373]\n- [kernel] uprobes: Change prepare_uretprobe() to (try to) flush the dead frames (Oleg Nesterov) [1207373]\n- [kernel] uprobes: Change handle_trampoline() to flush the frames invalidated by longjmp() (Oleg Nesterov) [1207373]\n- [kernel] uprobes: Reimplement arch_uretprobe_is_alive() (Oleg Nesterov) [1207373]\n- [kernel] uprobes: Export 'struct return_instance', introduce arch_uretprobe_is_alive() (Oleg Nesterov) [1207373]\n- [kernel] uprobes: Change handle_trampoline() to find the next chain beforehand (Oleg Nesterov) [1207373]\n- [kernel] uprobes: Change prepare_uretprobe() to use uprobe_warn() (Oleg Nesterov) [1207373]\n- [kernel] uprobes: Send SIGILL if handle_trampoline() fails (Oleg Nesterov) [1207373]\n- [kernel] uprobes: Introduce free_ret_instance() (Oleg Nesterov) [1207373]\n- [kernel] uprobes: Introduce get_uprobe() (Oleg Nesterov) [1207373]\n- [kernel] lockdep: Fix a race between /proc/lock_stat and module unload (Jerome Marchand) [1183891]\n- [kernel] lockdep: Fix the module unload key range freeing logic (Jerome Marchand) [1183891]\n- [kernel] module: Free lock-classes if parse_args failed (Jerome Marchand) [1183891]\n- [cpufreq] revert 'intel_pstate: honor user space min_perf_pct override on resume' (Prarit Bhargava) [1269518]\n[3.10.0-322]\n- [fs] nfs: fix v4.2 SEEK on files over 2 gigs ('J. Bruce Fields') [1262181]\n- [fs] nfs: verify open flags before allowing open (Benjamin Coddington) [1164431]\n- [fs] nfsv4.1: Fix pnfs_put_lseg races (Benjamin Coddington) [1263155]\n- [fs] nfsv4.1: pnfs_send_layoutreturn should use GFP_NOFS (Benjamin Coddington) [1263155]\n- [fs] nfsv4.1: Pin the inode and super block in asynchronous layoutreturns (Benjamin Coddington) [1263155]\n- [fs] nfsv4.1: Pin the inode and super block in asynchronous layoutcommit (Benjamin Coddington) [1263155]\n- [md] raid0: apply base queue limits *before* disk_stack_limits (Jes Sorensen) [1265182]\n- [net] revert 'ipv6: Don't reduce hop limit for an interface' (Sabrina Dubroca) [1258324]\n- [x86] kvmclock: abolish PVCLOCK_COUNTS_FROM_ZERO (Radim Krcmar) [1263030]\n- [x86] revert 'kvm: x86: zero kvmclock_offset when vcpu0 initializes kvmclock system MSR' (Radim Krcmar) [1263030]\n- [x86] kvm: svm: reset mmu on VCPU reset (Igor Mammedov) [1255217]\n- [edac] sb_edac: correctly fetch DIMM width on Ivy Bridge and Haswell (Aristeu Rozanski) [1112413]\n- [edac] sb_edac: look harder for DDRIO on Haswell systems (Aristeu Rozanski) [1112413]\n- [tools] perf-trace: Fix race condition at the end of started workloads (Jiri Olsa) [1250068]\n- [netdrv] cxgb4: Fix tx flit calculation (Sai Vemuri) [1266248]\n- [netdrv] igb: assume MSI-X interrupts during initialization (Stefan Assmann) [1263625]\n- [cpufreq] intel_pstate: disable Skylake processors (Prarit Bhargava) [1267343]\n- [infiniband] mlx4: Report checksum offload cap for RAW QP when query device (Doug Ledford) [1265795]\n- [infiniband] core: Add support of checksum capability reporting for RC and RAW (Doug Ledford) [1265795]\n[3.10.0-321]\n- [netdrv] i40e/i40evf: check for stopped admin queue (Stefan Assmann) [1267255]\n- [netdrv] i40e/i40evf: refactor tx timeout logic (Stefan Assmann) [1267255]\n- [netdrv] i40e/i40evf: Bump i40e to 1.3.21 and i40evf to 1.3.13 (Stefan Assmann) [1267255]\n- [netdrv] i40e/i40evf: add get AQ result command to nvmupdate utility (Stefan Assmann) [1267255]\n- [netdrv] i40e/i40evf: add exec_aq command to nvmupdate utility (Stefan Assmann) [1267255]\n- [netdrv] i40e/i40evf: add wait states to NVM state machine (Stefan Assmann) [1267255]\n- [netdrv] i40e/i40evf: add GetStatus command for nvmupdate (Stefan Assmann) [1267255]\n- [netdrv] i40e/i40evf: add handling of writeback descriptor (Stefan Assmann) [1267255]\n- [netdrv] i40e/i40evf: save aq writeback for future inspection (Stefan Assmann) [1267255]\n- [netdrv] i40e/i40evf: Bump i40e to 1.3.9 and i40evf to 1.3.5 (Stefan Assmann) [1267255]\n- [netdrv] i40e/i40evf: Cache the CEE TLV status returned from firmware (Stefan Assmann) [1267255]\n- [netdrv] i40e/i40evf: add VIRTCHNL_VF_OFFLOAD flag (Stefan Assmann) [1267255]\n- [netdrv] i40evf: Remove PF specific register definitions from the VF (Stefan Assmann) [ 1 2 6 7 2 5 5 ] b r > - [ n e t d r v ] i 4 0 e v f : U s e t h e c o r r e c t d e f i n e s t o m a t c h t h e V F r e g i s t e r s ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 5 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : A d d c a p a b i l i t y t o g a t h e r V E B p e r T C s t a t s ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 5 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : A d d T X / R X o u t e r U D P c h e c k s u m s u p p o r t f o r X 7 2 2 ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 5 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : A d d s u p p o r t f o r w r i t e b a c k o n I T R f e a t u r e f o r X 7 2 2 ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 5 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : R S S c h a n g e s f o r X 7 2 2 ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 5 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : U p d a t e r e g i s t e r . h f i l e f o r X 7 2 2 ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 5 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : U p d a t e F W A P I w i t h X 7 2 2 s u p p o r t ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 5 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : A d d f l a g s f o r X 7 2 2 c a p a b i l i t i e s ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 5 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : A d d d e v i c e i d s f o r X 7 2 2 ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 5 ] b r > - [ n e t d r v ] i 4 0 e : u s e B I T a n d B I T _ U L L m a c r o s ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 5 ] b r > - [ n e t d r v ] i 4 0 e : c l e a n u p e r r o r s t a t u s m e s s a g e s ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 5 ] b r > - [ n e t d r v ] i 4 0 e v f : s u p p o r t v i r t u a l c h a n n e l A P I v e r s i o n 1 . 1 ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 5 ] b r > - [ n e t d r v ] i 4 0 e v f : h a n d l e b i g r e s e t s ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 5 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : a d d m a c r o s f o r v i r t u a l c h a n n e l A P I v e r s i o n a n d d e v i c e c a p a b i l i t y ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 5 ] b r > - [ n e t d r v ] i 4 0 e : a d d V F c a p a b i l i t i e s t o v i r t u a l c h a n n e l i n t e r f a c e ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 5 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : F i x a n d r e f a c t o r d y n a m i c I T R c o d e ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 5 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : B u m p v e r s i o n t o 1 . 3 . 6 f o r i 4 0 e a n d 1 . 3 . 2 f o r i 4 0 e v f ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 5 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : A d d s u p p o r t f o r p r e - a l l o c a t e d p a g e s f o r P D ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 5 ] b r > - [ n e t d r v ] i 4 0 e v f : a d d M A C a d d r e s s f i l t e r i n o p e n , n o t i n i t ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 5 ] b r > - [ n e t d r v ] i 4 0 e v f : d o n ' t d e l e t e a l l t h e f i l t e r s ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 5 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : U p d a t e t h e a d m i n q u e u e c o m m a n d h e a d e r ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 5 ] b r > - [ n e t d r v ] i 4 0 e v f : A l l o w f o r a n a b u n d a n c e o f v e c t o r s ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 5 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : i m p r o v e T x p e r f o r m a n c e w i t h a s m a l l t w e a k ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 5 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : U p d a t e F l e x - 1 0 r e l a t e d d e v i c e / f u n c t i o n c a p a b i l i t i e s ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 5 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : A d d s t a t s t o t r a c k F D A T R a n d S B d y n a m i c e n a b l e s t a t e ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 5 ] b r > - [ n e t d r v ] i 4 0 e : F i x f o r r e c u r s i v e R T N L l o c k d u r i n g P R O M I S C c h a n g e ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : F i x R S b i t u p d a t e i n T x p a t h a n d d i s a b l e f o r c e W B w o r k a r o u n d ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : a d d G R E t u n n e l t y p e t o c s u m e n c o d i n g ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : r e f a c t o r t x t i m e o u t l o g i c ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : M o v e i 4 0 e _ g e t _ h e a d i n t o h e a d e r f i l e ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : c h e c k f o r s t o p p e d a d m i n q u e u e ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : f i x V L A N i n s i d e V X L A N ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : B u m p i 4 0 e t o 1 . 3 . 2 1 a n d i 4 0 e v f t o 1 . 3 . 1 3 ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : a d d g e t A Q r e s u l t c o m m a n d t o n v m u p d a t e u t i l i t y ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : a d d e x e c _ a q c o m m a n d t o n v m u p d a t e u t i l i t y ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : a d d w a i t s t a t e s t o N V M s t a t e m a c h i n e ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : a d d G e t S t a t u s c o m m a n d f o r n v m u p d a t e ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : a d d h a n d l i n g o f w r i t e b a c k d e s c r i p t o r ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : s a v e a q w r i t e b a c k f o r f u t u r e i n s p e c t i o n ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : r e n a m e v a r i a b l e t o p r e v e n t c l a s h o f u n d e r s t a n d i n g ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : B u m p i 4 0 e t o 1 . 3 . 9 a n d i 4 0 e v f t o 1 . 3 . 5 ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : C a c h e t h e C E E T L V s t a t u s r e t u r n e d f r o m f i r m w a r e ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : a d d V I R T C H N L _ V F _ O F F L O A D f l a g ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : R e m o v e r e d u n d a n t a n d u n n e e d e d m e s s a g e s ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : c o r r e c t s p e l l i n g e r r o r ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : F i x c o m m e n t f o r e t h t o o l d i a g n o s t i c l i n k t e s t ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : A d d c a p a b i l i t y t o g a t h e r V E B p e r T C s t a t s ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : F i x e t h t o o l o f f l i n e d i a g n o s t i c w i t h n e t q u e u e s ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : F i x l e g a c y i n t e r r u p t m o d e i n t h e d r i v e r ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : M o v e f u n c t i o n c a l l s t o i 4 0 e _ s h u t d o w n i n s t e a d o f i 4 0 e _ s u s p e n d ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : a d d R X t o p o r t C R C e r r o r s l a b e l ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : d o n ' t d e g r a d e _ _ l e 1 6 ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : A d d A Q c o m m a n d s f o r N V M U p d a t e f o r X 7 2 2 ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : A d d A T R H W e v i c t i o n s u p p o r t f o r X 7 2 2 ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : A d d I W A R P s u p p o r t f o r X 7 2 2 ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : A d d T X / R X o u t e r U D P c h e c k s u m s u p p o r t f o r X 7 2 2 ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : A d d s u p p o r t f o r w r i t e b a c k o n I T R f e a t u r e f o r X 7 2 2 ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : R S S c h a n g e s f o r X 7 2 2 ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : U p d a t e r e g i s t e r . h f i l e f o r X 7 2 2 ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : U p d a t e F W A P I w i t h X 7 2 2 s u p p o r t ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : A d d f l a g s f o r X 7 2 2 c a p a b i l i t i e s ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : A d d d e v i c e i d s f o r X 7 2 2 ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : u s e B I T a n d B I T _ U L L m a c r o s ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : p r o v i d e c o r r e c t A P I v e r s i o n t o o l d e r V F d r i v e r s ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : s u p p o r t v i r t u a l c h a n n e l A P I 1 . 1 ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : a d d m a c r o s f o r v i r t u a l c h a n n e l A P I v e r s i o n a n d d e v i c e c a p a b i l i t y ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : a d d V F c a p a b i l i t i e s t o v i r t u a l c h a n n e l i n t e r f a c e ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : c l e a n u p u n n e e d e d g o t o s ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : F i x a n d r e f a c t o r d y n a m i c I T R c o d e ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : o n l y r e p o r t g e n e r i c f i l t e r s i n g e t _ t s _ i n f o ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : B u m p v e r s i o n t o 1 . 3 . 6 f o r i 4 0 e a n d 1 . 3 . 2 f o r i 4 0 e v f ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : R e f i n e a n e r r o r m e s s a g e t o a v o i d c o n f u s i o n ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : A d d s u p p o r t f o r p r e - a l l o c a t e d p a g e s f o r P D ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : u n - d i s a b l e V F a f t e r r e s e t ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : d o a p r o p e r r e s e t w h e n d i s a b l i n g a V F ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : c o r r e c t l y p r o g r a m f i l t e r s f o r V F s ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : U p d a t e t h e a d m i n q u e u e c o m m a n d h e a d e r ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : R e m o v e i n c o r r e c t # i f d e f ' s ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : i g n o r e d u p l i c a t e p o r t V L A N r e q u e s t s ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : i m p r o v e T x p e r f o r m a n c e w i t h a s m a l l t w e a k ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : U p d a t e F l e x - 1 0 r e l a t e d d e v i c e / f u n c t i o n c a p a b i l i t i e s ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : A d d s t a t s t o t r a c k F D A T R a n d S B d y n a m i c e n a b l e s t a t e ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > - [ n e t d r v ] i 4 0 e : I m p l e m e n t n d o _ f e a t u r e s _ c h e c k ( ) ( S t e f a n A s s m a n n ) [ 1 2 6 7 2 5 4 ] b r > b r > [ 3 . 1 0 . 0 - 3 2 0 ] b r > - [ m d ] r a i d 1 : A v o i d r a i d 1 r e s y n c g e t t i n g s t u c k ( J e s S o r e n s e n ) [ 1 2 5 6 9 5 4 ] b r > - [ f s ] g f s 2 : f a l l o c a t e : d o n o t r e l y o n f i l e _ u p d a t e _ t i m e t o m a r k t h e i n o d e d i r t y ( A n d r e w P r i c e ) [ 1 2 6 4 5 2 1 ] b r > - [ f s ] g f s 2 : U p d a t e t i m e s t a m p s o n f a l l o c a t e ( A n d r e w P r i c e ) [ 1 2 6 4 5 2 1 ] b r > - [ f s ] g f s 2 : U p d a t e i _ s i z e p r o p e r l y o n f a l l o c a t e ( A n d r e w P r i c e ) [ 1 2 6 4 5 2 1 ] b r > - [ f s ] g f s 2 : U s e i n o d e _ n e w s i z e _ o k a n d g e t _ w r i t e _ a c c e s s i n f a l l o c a t e ( A n d r e w P r i c e ) [ 1 2 6 4 5 2 1 ] b r > - [ f s ] r e v e r t ' n f s : M a k e c l o s e ( 2 ) a s y n c h r o n o u s w h e n c l o s i n g N F S O _ D I R E C T f i l e s ' ( B e n j a m i n C o d d i n g t o n ) [ 1 2 6 3 3 8 5 ] b r > - [ f s ] g f s 2 : A v e r a g e i n o n l y n o n - z e r o r o u n d - t r i p t i m e s f o r c o n g e s t i o n s t a t s ( R o b e r t S P e t e r s o n ) [ 1 1 6 2 8 2 1 ] b r > - [ f s ] l o c k d : f i x r p c b i n d c r a s h o n l o c k d s t a r t u p f a i l u r e ( ' J . B r u c e F i e l d s ' ) [ 1 2 5 3 7 8 2 ] b r > - [ f s ] F a i l i n g t o s e n d a C L O S E i f f i l e i s o p e n e d W R O N L Y a n d s e r v e r r e b o o t s o n a 4 . x m o u n t ( B e n j a m i n C o d d i n g t o n ) [ 1 2 6 3 3 7 6 ] b r > - [ f s ] f s n o t i f y : f i x o o p s i n f s n o t i f y _ c l e a r _ m a r k s _ b y _ g r o u p _ f l a g s ( ) ( L u k a s C z e r n e r ) [ 1 2 4 7 4 3 6 ] b r > - [ n e t ] s c t p : f i x r a c e o n p r o t o c o l / n e t n s i n i t i a l i z a t i o n ( M a r c e l o L e i t n e r ) [ 1 2 5 1 8 0 7 ] { C V E - 2 0 1 5 - 5 2 8 3 } b r > - [ x 8 6 ] M a r k B r o a d w e l l - D E S o C S u p p o r t e d ( P r a r i t B h a r g a v a ) [ 1 1 3 1 6 8 5 ] b r > - [ k e r n e l ] s c h e d , n u m a : l i m i t a m o u n t o f v i r t u a l m e m o r y s c a n n e d i n t a s k _ n u m a _ w o r k ( R i k v a n R i e l ) [ 1 2 6 1 7 2 2 ] b r > - [ d r i v e r s ] b a s e : s h o w n o h z _ f u l l c p u s i n s y s f s ( R i k v a n R i e l ) [ 1 2 1 2 6 1 8 ] b r > - [ d r i v e r s ] b a s e : s h o w i s o l a t e d c p u s i n s y s f s ( R i k v a n R i e l ) [ 1 2 1 2 6 1 8 ] b r > - [ c p u f r e q ] i n t e l _ p s t a t e : a d d q u i r k t o d i s a b l e H W P o n S k y l a k e - S p r o c e s s o r s ( J e r r y S n i t s e l a a r ) [ 1 2 6 3 0 6 9 ] b r > - [ d r i v e r s ] c o r e : A d d s y m l i n k t o d e v i c e - t r e e f r o m d e v i c e s w i t h a n O F n o d e ( G u s t a v o D u a r t e ) [ 1 2 5 8 8 2 8 ] b r > - [ p o w e r p c ] d e v i c e : A d d d e v _ o f _ n o d e ( ) a c c e s s o r ( G u s t a v o D u a r t e ) [ 1 2 5 8 8 2 8 ] b r > - [ p o w e r p c ] i o m m u : S u p p o r t ' h y b r i d ' i o m m u / d i r e c t D M A o p s f o r c o h e r e n t _ m a s k d m a _ m a s k ( G u s t a v o D u a r t e ) [ 1 2 4 6 8 8 0 ] b r > - [ p o w e r p c ] i o m m u : C l e a n u p s e t t i n g o f D M A b a s e / o f f s e t ( G u s t a v o D u a r t e ) [ 1 2 4 6 8 8 0 ] b r > - [ p o w e r p c ] i o m m u : R e m o v e d m a _ d a t a u n i o n ( G u s t a v o D u a r t e ) [ 1 2 4 6 8 8 0 ] b r > - [ p o w e r p c ] k v m : b o o k 3 s - h v : F i x h a n d l i n g o f i n t e r r u p t e d V C P U s ( T h o m a s H u t h ) [ 1 2 6 3 5 6 8 ] b r > - [ p o w e r p c ] k v m : T a k e t h e k v m - > s r c u l o c k i n k v m p p c _ h _ l o g i c a l _ c i _ l o a d / s t o r e ( ) ( T h o m a s H u t h ) [ 1 2 6 3 5 7 7 ] b r > b r > [ 3 . 1 0 . 0 - 3 1 9 ] b r > - [ n e t d r v ] c x g b 4 : M a k e n e c e s s a r y c h a n g e s a f t e r r e v e r t i n g F C o E ( S a i V e m u r i ) [ 1 2 5 8 6 5 7 ] b r > - [ n e t d r v ] r e v e r t ' c x g b 4 : a d d c x g b 4 _ f c o e . c f o r F C o E ' ( S a i V e m u r i ) [ 1 2 5 8 6 5 7 ] b r > - [ i n f i n i b a n d ] i w _ c x g b 4 : C l e a n u p r e g i s t e r d e f i n e s / M A C R O S ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ i n f i n i b a n d ] i w _ c x g b 4 : 3 2 b p l a t f o r m f i x e s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ i n f i n i b a n d ] i w _ c x g b 4 : u s e B A R 2 G T S r e g i s t e r f o r T 5 k e r n e l m o d e C Q s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ i n f i n i b a n d ] i w _ c x g b 4 : e n f o r c e q p / c q i d r e q u i r e m e n t s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : F i x i n c o r r e c t s e q u e n c e n u m b e r s s h o w n i n d e v l o g ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : r e m o v e u n u s e d f n t o e n a b l e / d i s a b l e d b c o a l e s c i n g ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 / c x g b 4 v f : f u n c t i o n a n d a r g u m e n t n a m e c l e a n u p ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A d d d e b u g f s f a c i l i t y t o i n j e c t F L s t a r v a t i o n ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A d d P H Y f i r m w a r e s u p p o r t f o r T 4 2 0 - B T c a r d s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : U p d a t e T 4 / T 5 a d a p t e r r e g i s t e r r a n g e s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : O p t i m i z e a n d c l e a n u p s e t u p m e m o r y w i n d o w c o d e ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : r e p l a c e n t o h { s , l } a n d h t o n { s , l } c a l l s w i t h t h e g e n e r i c b y t e o r d e r ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : R e m o v e d e a d f u n c t i o n t 4 _ r e a d _ e d c a n d t 4 _ r e a d _ m c ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 / c x g b 4 v f : C l e a n u p m a c r o s , a d d c o m m e n t s a n d a d d n e w M A C R O S ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 3 / 4 / 4 v f : U p d a t e d r i v e r s t o u s e d m a _ r m b / w m b w h e r e a p p r o p r i a t e ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : a d d c x g b 4 _ f c o e . c f o r F C o E ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ i n f i n i b a n d ] i w _ c x g b 4 : R e m o v e n e g a t i v e a d v i c e d m e s g w a r n i n g s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : I n i t i a l i z e R S S m o d e f o r a l l P o r t s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : D i s c a r d t h e p a c k e t i f t h e l e n g t h i s g r e a t e r t h a n m t u ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : M o v e S G E I n g r e s s D M A s t a t e m o n i t o r c o d e t o a n e w r o u t i n e ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A d d d e v i c e n o d e t o U L D i n f o ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : P a s s i n a C o n g e s t i o n C h a n n e l M a p t o t 4 _ s g e _ a l l o c _ r x q ( ) ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : E n a b l e c o n g e s t i o n n o t i f i c a t i o n f r o m S G E f o r I Q s a n d F L s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : M a k e s u r e t h a t F r e e l i s t s i z e i s l a r g e r t h a n E g r e s s C o n g e s t i o n T h r e s h o l d ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : d r o p _ _ G F P _ N O F A I L a l l o c a t i o n ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : F i x M C 1 m e m o r y o f f s e t c a l c u l a t i o n ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : D o n ' t c a l l t 4 _ s l o w _ i n t r _ h a n d l e r w h e n w e ' r e n o t t h e M a s t e r P F ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A d d c o m m e n t f o r c a l c u l a t e t x f l i t s a n d s g e l e n g t h c o d e ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : U s e d e v i c e n o d e i n p a g e a l l o c a t i o n ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : F r e e l i s t s t a r v i n g t h r e s h o l d v a r i e s f r o m a d a p t e r t o a d a p t e r ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : I n c r e a s e d t h e v a l u e o f M A X _ I M M _ T X _ P K T _ L E N f r o m 1 2 8 t o 2 5 6 b y t e s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : M o v e e t h t o o l r e l a t e d c o d e t o a s e p a r a t e f i l e ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : F i x t o d u m p d e v l o g , e v e n i f F W i s c r a s h e d ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : F i r m w a r e m a c r o c h a n g e s f o r f w v e r i s o n 1 . 1 3 . 3 2 . 0 ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ i n f i n i b a n d ] c x g b 4 : S e r i a l i z e C Q e v e n t u p c a l l s w i t h C Q d e s t r u c t i o n ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ i n f i n i b a n d ] c x g b 4 : D o n ' t h a n g t h r e a d s f o r e v e r w a i t i n g o n W R r e p l i e s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 v f : F i x s p a r s e w a r n i n g s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : D i s a b l e i n t e r r u p t s a n d n a p i b e f o r e u n r e g i s t e r i n g n e t d e v ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A l l o c a t e d y n a m i c m e m . f o r e g r e s s a n d i n g r e s s q u e u e m a p s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : F i x f r a m e s i z e w a r n i n g f o r 3 2 b i t a r c h ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 / c x g b 4 v f / c s i o s t o r : M a k e P C I D e v i c e I D T a b l e s b e ' c o n s t ' ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A d d d e v i c e I D f o r n e w a d a p t e r ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : f i x c o c c i n e l l e w a r n i n g s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : T r y a n d p r o v i d e a n R D M A C I Q p e r c p u ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : U s e p c i _ e n a b l e _ m s i x _ r a n g e ( ) i n s t e a d o f p c i _ e n a b l e _ m s i x ( ) ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : M o v e o f f l o a d R x q u e u e a l l o c a t i o n t o s e p a r a t e f u n c t i o n ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : F i x P C I - E M e m o r y w i n d o w i n t e r f a c e f o r b i g - e n d i a n s y s t e m s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A d d s u p p o r t i n c x g b 4 t o g e t e x p a n s i o n r o m v e r s i o n v i a e t h t o o l ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : F i x t r a c e o b s e r v e d w h i l e d u m p i n g c l i p _ t b l ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A d d s u p p o r t i n d e b u g f s t o d u m p t h e c o n g e s t i o n c o n t r o l t a b l e ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A d d s u p p o r t t o d u m p m a i l b o x c o n t e n t i n d e b u g f s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A d d s u p p o r t f o r U L P R X l o g i c a n a l y z e r o u t p u t i n d e b u g f s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A d d e d s u p p o r t i n d e b u g f s t o d i s p l a y T P l o g i c a n a l y z e r o u t p u t ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A d d s u p p o r t i n d e b u g f s t o d i s p l a y s e n s o r i n f o r m a t i o n ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c h e l s i o : c x g b 4 : f i x s p a r s e w a r n i n g ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : D e l e t e a n u n n e c e s s a r y c h e c k b e f o r e t h e f u n c t i o n c a l l ' r e l e a s e _ f i r m w a r e ' ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A d d l o w l a t e n c y s o c k e t b u s y _ p o l l s u p p o r t ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : I m p r o v e I E E E D C B x s u p p o r t , o t h e r m i n o r o p e n - l l d p f i x e s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : R e m o v e p r e p r o c e s s o r c h e c k f o r C O N F I G _ C X G B 4 _ D C B ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : M o v e f i r m w a r e v e r s i o n M A C R O t o t 4 f w _ v e r s i o n . h ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A d d e d s u p p o r t i n d e b u g f s t o d u m p d i f f e r e n t t i m e r a n d c l o c k v a l u e s o f t h e a d a p t e r ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A d d e d s u p p o r t i n d e b u g f s t o d u m p P M m o d u l e s t a t s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A d d d e d s u p p o r t i n d e b u g f s t o d u m p C I M o u t b o u n d q u e u e c o n t e n t ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A d d e d s u p p o r t i n d e b u g f s t o d u m p c i m i n g r e s s b o u n d q u e u e c o n t e n t s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A d d e d s u p p o r t i n d e b u g f s t o d u m p s g e _ q i n f o ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : F i x e s c x g b 4 _ i n e t 6 a d d r _ n o t i f i e r u n r e g i s t e r c a l l ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] m o d e _ t w h a c k - a - m o l e : c h e l s i o ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A d d d e b u g f s o p t i o n s t o d u m p t h e r s s k e y , c o n f i g f o r P F , V F , e t c ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A d d d e b u g f s e n t r y t o d u m p t h e c o n t e n t s o f t h e f l a s h ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : U p d a t e i p v 6 a d d r e s s h a n d l i n g a p i ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : R i p p i n g o u t o l d h a r d - w i r e d i n i t i a l i z a t i o n c o d e i n d r i v e r ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] i w _ c x g b 4 / c x g b 4 / c x g b 4 v f / c x g b 4 i / c s i o s t o r : C l e a n u p r e g i s t e r d e f i n e s / m a c r o s r e l a t e d t o a l l o t h e r c p l m e s s a g e s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] i w _ c x g b 4 / c x g b 4 / c x g b 4 i : C l e a n u p r e g i s t e r d e f i n e s / M A C R O S r e l a t e d t o C M C P L m e s s a g e s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A d d s u p p o r t f o r m p s _ t c a m d e b u g f s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A d d s u p p o r t f o r c i m _ q c f g e n t r y i n d e b u g f s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A d d s u p p o r t f o r c i m _ l a e n t r y i n d e b u g f s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A d d s u p p o r t f o r d e v l o g ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A d d P C I d e v i c e I D f o r n e w T 5 a d a p t e r ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 / c x g b 4 v f / c s i o s t o r : C l e a n u p P L , X G M A C , S F a n d M C r e l a t e d r e g i s t e r d e f i n e s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 / c s i o s t o r : C l e a n u p T P , M P S a n d T C A M r e l a t e d r e g i s t e r d e f i n e s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 / c x g 4 v f / c s i o s t o r : C l e a n u p M C , M A a n d C I M r e l a t e d r e g i s t e r d e f i n e s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 / c x g b 4 v f / c s i o s t o r : C l e a n u p S G E a n d P C I r e l a t e d r e g i s t e r d e f i n e s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ i n f i n i b a n d ] c x g b 4 / c x g b 4 v f / c s i o s t o r : C l e a n u p S G E r e g i s t e r d e f i n e s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : F i x d e c o d i n g Q S A m o d u l e f o r e t h t o o l g e t s e t t i n g s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A d d s u p p o r t f o r Q S A m o d u l e s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 / c s i o s t o r : D o n ' t u s e M A S T E R _ M U S T f o r f w _ h e l l o c a l l ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 / c x g b 4 v f : g l o b a l n a m e d m u s t b e u n i q u e ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : U p d a t e f i r m w a r e v e r s i o n a f t e r f l a s h i n g i t v i a e t h t o o l ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 / c x g b 4 v f : U s e n e w i n t e r f a c e s t o c a l c u l a t e B A R 2 S G E Q u e u e R e g i s t e r a d d r e s s e s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 / c x g b 4 v f : A d d c o d e t o c a l c u l a t e T 5 B A R 2 O f f s e t s f o r S G E Q u e u e R e g i s t e r s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 v f : A d d a n d i n i t i a l i z e s o m e s g e p a r a m s f o r V F d r i v e r ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : U p d a t e F W v e r s i o n s t r i n g t o m a t c h F W b i n a r y v e r s i o n 1 . 1 2 . 2 5 . 0 ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : A d d a c h e c k f o r f l a s h i n g F W u s i n g e t h t o o l ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 : F i l l i n s u p p o r t e d l i n k m o d e f o r S F P m o d u l e s ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 / c x g b 4 v f / c s i o s t o r : A d d T 4 / T 5 P C I I D T a b l e ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ i n f i n i b a n d ] c x g b 4 / c x g b 4 v f / c s i o s t o r : C l e a n u p m a c r o s / r e g i s t e r d e f i n e s r e l a t e d t o P C I E , R S S a n d F W ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > - [ n e t d r v ] c x g b 4 / c x g b 4 v f / c s i o s t o r : C l e a n u p m a c r o s / r e g i s t e r d e f i n e s r e l a t e d t o p o r t a n d V I ( S a i V e m u r i ) [ 1 2 5 1 6 1 1 ] b r > / p > \n \n \n b r > h 2 > R e l a t e d C V E s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 7 4 2 1 . h t m l \" > C V E - 2 0 1 3 - 7 4 2 1 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 9 6 4 4 . h t m l \" > C V E - 2 0 1 4 - 9 6 4 4 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 8 1 7 1 . h t m l \" > C V E - 2 0 1 4 - 8 1 7 1 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 0 - 5 3 1 3 . h t m l \" > C V E - 2 0 1 0 - 5 3 1 3 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 3 6 4 7 . h t m l \" > C V E - 2 0 1 4 - 3 6 4 7 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 7 8 4 2 . h t m l \" > C V E - 2 0 1 4 - 7 8 4 2 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 5 - 2 9 2 5 . h t m l \" > C V E - 2 0 1 5 - 2 9 2 5 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 5 - 4 1 7 0 . h t m l \" > C V E - 2 0 1 5 - 4 1 7 0 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 5 - 5 2 8 3 . h t m l \" > C V E - 2 0 1 5 - 5 2 8 3 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 5 - 6 5 2 6 . h t m l \" > C V E - 2 0 1 5 - 6 5 2 6 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 5 - 7 6 1 3 . h t m l \" > C V E - 2 0 1 5 - 7 6 1 3 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 5 - 7 8 3 7 . h t m l \" > C V E - 2 0 1 5 - 7 8 3 7 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 9 4 1 9 . h t m l \" > C V E - 2 0 1 4 - 9 4 1 9 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 5 - 0 2 3 9 . h t m l \" > C V E - 2 0 1 5 - 0 2 3 9 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 5 - 3 3 3 9 . h t m l \" > C V E - 2 0 1 5 - 3 3 3 9 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n b r > h 2 > U p d a t e d P a c k a g e s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r s t y l e = \" c o l o r : # F F 0 0 0 0 ; \" > t d > b > R e l e a s e / A r c h i t e c t u r e / b > t d > b > F i l e n a m e / b > / t d > t d > b > M D 5 s u m / b > / t d > t d > b > S u p e r s e d e d B y A d v i s o r y / b > / t d > / t r > \n t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 7 ( x 8 6 _ 6 4 ) / t d > t d > k e r n e l - 3 . 1 0 . 0 - 3 2 7 . e l 7 . s r c . r p m / t d > t d > 1 2 0 4 c 5 1 9 d 7 d 7 0 5 7 7 f 0 9 2 b 0 e 2 0 b a c 3 a e 7 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 2 4 7 3 - 1 . h t m l \" > E L S A - 2 0 1 7 - 2 4 7 3 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - 3 . 1 0 . 0 - 3 2 7 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 3 7 5 f d 7 5 4 6 9 d b f f 4 a d 4 7 f f 7 3 c 1 4 e 5 4 2 4 5 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 2 4 7 3 - 1 . h t m l \" > E L S A - 2 0 1 7 - 2 4 7 3 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - a b i - w h i t e l i s t s - 3 . 1 0 . 0 - 3 2 7 . e l 7 . n o a r c h . r p m / t d > t d > 0 4 7 3 d a f 7 1 7 8 f 4 6 8 b 6 d d a a 3 b 0 9 9 1 1 6 7 0 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 2 4 7 3 - 1 . h t m l \" > E L S A - 2 0 1 7 - 2 4 7 3 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - 3 . 1 0 . 0 - 3 2 7 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > a b c e f c 4 3 3 3 1 7 e b 0 2 5 3 1 1 c a 3 5 6 8 5 8 0 8 2 2 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 2 4 7 3 - 1 . h t m l \" > E L S A - 2 0 1 7 - 2 4 7 3 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - d e v e l - 3 . 1 0 . 0 - 3 2 7 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 1 f 5 1 2 c 9 0 c 2 4 1 2 9 8 f 9 a 3 8 4 b 6 f 9 2 7 e 2 7 6 2 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 2 4 7 3 - 1 . h t m l \" > E L S A - 2 0 1 7 - 2 4 7 3 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e v e l - 3 . 1 0 . 0 - 3 2 7 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 7 0 d 0 f b c a e 2 f a a 5 c 0 2 f f 6 9 6 5 e 6 4 c e f 5 6 1 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 2 4 7 3 - 1 . h t m l \" > E L S A - 2 0 1 7 - 2 4 7 3 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d o c - 3 . 1 0 . 0 - 3 2 7 . e l 7 . n o a r c h . r p m / t d > t d > c a a 5 0 3 e 1 d 5 e e 5 f b 5 4 5 4 f b b 0 5 e 7 b 5 3 6 5 b / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 2 4 7 3 - 1 . h t m l \" > E L S A - 2 0 1 7 - 2 4 7 3 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - h e a d e r s - 3 . 1 0 . 0 - 3 2 7 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > f e 2 9 2 5 f 3 6 b 3 d 0 2 9 e 6 6 7 5 4 0 f 4 c 4 0 7 9 0 5 0 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 2 4 7 3 - 1 . h t m l \" > E L S A - 2 0 1 7 - 2 4 7 3 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - t o o l s - 3 . 1 0 . 0 - 3 2 7 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 6 8 6 5 e c d a 2 8 0 5 6 5 6 5 b d 1 7 7 f 1 0 6 4 f 3 9 7 7 5 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 2 4 7 3 - 1 . h t m l \" > E L S A - 2 0 1 7 - 2 4 7 3 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - t o o l s - l i b s - 3 . 1 0 . 0 - 3 2 7 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 5 2 0 7 9 6 6 7 3 0 7 e e 3 8 1 3 7 2 3 2 5 4 4 8 9 5 3 6 6 e b / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 2 4 7 3 - 1 . h t m l \" > E L S A - 2 0 1 7 - 2 4 7 3 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - t o o l s - l i b s - d e v e l - 3 . 1 0 . 0 - 3 2 7 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 0 8 4 6 9 2 2 8 6 9 8 a 9 3 f 4 1 2 e 4 1 1 0 a a 4 d 5 0 7 c 8 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 2 4 7 3 - 1 . h t m l \" > E L S A - 2 0 1 7 - 2 4 7 3 - 1 / a > / t d > / t r > t r > t d > / t d > t d > p e r f - 3 . 1 0 . 0 - 3 2 7 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 7 9 f 7 8 1 b 9 3 6 8 2 5 c 6 7 4 8 0 c e 2 6 e 2 a 4 1 7 9 b 9 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 2 4 7 3 - 1 . h t m l \" > E L S A - 2 0 1 7 - 2 4 7 3 - 1 / a > / t d > / t r > t r > t d > / t d > t d > p y t h o n - p e r f - 3 . 1 0 . 0 - 3 2 7 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > c d b a 8 b f 7 5 8 7 c 7 6 4 6 e 1 2 2 0 b 8 1 7 d e 2 5 0 d a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 2 4 7 3 - 1 . h t m l \" > E L S A - 2 0 1 7 - 2 4 7 3 - 1 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n \n b r > b r > \n b r > p > \n T h i s p a g e i s g e n e r a t e d a u t o m a t i c a l l y a n d h a s n o t b e e n c h e c k e d f o r e r r o r s o r o m i s s i o n s . F o r c l a r i f i c a t i o n \n o r c o r r e c t i o n s p l e a s e c o n t a c t t h e a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / \" > O r a c l e L i n u x U L N t e a m / a > / p > \n \n \n \n / d i v > \n ! - - \n / d i v > \n - - > \n / d i v > \n / d i v > \n \n \n d i v i d = \" m c 1 6 \" c l a s s = \" m c 1 6 v 0 \" > \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > T e c h n i c a l i n f o r m a t i o n / h 2 > \n u l > \n l i > a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / h a r d w a r e - c e r t i f i c a t i o n s \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x C e r t i f i e d H a r d w a r e / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / l i b r a r y / e l s p - l i f e t i m e - 0 6 9 3 3 8 . p d f \" > O r a c l e L i n u x S u p p o r t e d R e l e a s e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > O r a c l e L i n u x S u p p o r t / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / t e c h n o l o g i e s / l i n u x / O r a c l e L i n u x S u p p o r t / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x S u p p o r t / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / p r e m i e r / s e r v e r s - s t o r a g e / o v e r v i e w / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e P r e m i e r S u p p o r t f o r S y s t e m s / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / a d v a n c e d - c u s t o m e r - s e r v i c e s / o v e r v i e w / \" > A d v a n c e d C u s t o m e r S e r v i c e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 2 \" > \n h 2 > C o n n e c t / h 2 > \n u l > \n l i c l a s s = \" f b i c o n \" > a h r e f = \" h t t p : / / w w w . f a c e b o o k . c o m / o r a c l e l i n u x \" t i t l e = \" F a c e b o o k \" n a m e = \" F a c e b o o k \" t a r g e t = \" _ b l a n k \" i d = \" F a c e b o o k \" > F a c e b o o k / a > / l i > \n l i c l a s s = \" t w i c o n \" > a h r e f = \" h t t p : / / w w w . t w i t t e r . c o m / O r a c l e L i n u x \" t i t l e = \" T w i t t e r \" n a m e = \" T w i t t e r \" t a r g e t = \" _ b l a n k \" i d = \" T w i t t e r \" > T w i t t e r / a > / l i > \n l i c l a s s = \" i n i c o n \" > a h r e f = \" h t t p : / / w w w . l i n k e d i n . c o m / g r o u p s ? g i d = 1 2 0 2 3 8 \" t i t l e = \" L i n k e d I n \" n a m e = \" L i n k e d I n \" t a r g e t = \" _ b l a n k \" i d = \" L i n k e d I n \" > L i n k e d I n / a > / l i > \n l i c l a s s = \" y t i c o n \" > a h r e f = \" h t t p : / / w w w . y o u t u b e . c o m / o r a c l e l i n u x c h a n n e l \" t i t l e = \" Y o u T u b e \" n a m e = \" Y o u T u b e \" t a r g e t = \" _ b l a n k \" i d = \" Y o u T u b e \" > Y o u T u b e / a > / l i > \n l i c l a s s = \" b l o g i c o n \" > a h r e f = \" h t t p : / / b l o g s . o r a c l e . c o m / l i n u x \" t i t l e = \" B l o g \" n a m e = \" B l o g \" > B l o g / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 3 \" > \n h 2 > C o n t a c t U s / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / c o r p o r a t e / c o n t a c t / g l o b a l - 0 7 0 5 1 1 . h t m l \" > G l o b a l c o n t a c t s / a > / l i > \n l i > O r a c l e 1 - 8 0 0 - 6 3 3 - 0 6 9 1 / l i > \n / u l > \n / d i v > \n / d i v > \n / d i v > \n \n d i v i d = \" m c 0 4 \" c l a s s = \" m c 0 4 v 1 \" > \n d i v c l a s s = \" m c 0 4 w 1 \" > \n a h r e f = \" h t t p : / / o r a c l e . c o m \" > i m g s r c = \" / / w w w . o r a c l e i m g . c o m / a s s e t s / m c 0 4 - f o o t e r - l o g o . p n g \" b o r d e r = \" 0 \" a l t = \" s o f t w a r e . h a r d w a r e . c o m p l e t e \" / > / a > \n / d i v > \n \n d i v c l a s s = \" m c 0 4 w 2 \" > \n a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / s u b s c r i b e / i n d e x . h t m l \" > S u b s c r i b e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / e m p l o y m e n t / i n d e x . h t m l \" > C a r e e r s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / c o n t a c t / i n d e x . h t m l \" > C o n t a c t U s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / c o p y r i g h t . h t m l \" > L e g a l N o t i c e s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / t e r m s . h t m l \" > T e r m s o f U s e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / p r i v a c y . h t m l \" > Y o u r P r i v a c y R i g h t s / a > \n / d i v > \n / d i v > \n / d i v > \n / b o d y > \n / h t m l > \n ", "edition": 4, "reporter": "Oracle", "published": "2015-11-24T00:00:00", "title": "kernel security, bug fix, and enhancement update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-9644", "CVE-2015-4170", "CVE-2010-5313", "CVE-2015-2925", "CVE-2015-3339", "CVE-2014-3647", "CVE-2015-6526", "CVE-2015-7613", "CVE-2015-0239", "CVE-2013-7421", "CVE-2015-7837", "CVE-2015-5283", "CVE-2014-8171", "CVE-2014-9419", "CVE-2014-7842"], "modified": "2015-11-24T00:00:00", "id": "ELSA-2015-2152", "href": "http://linux.oracle.com/errata/ELSA-2015-2152.html", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2018-12-11T19:41:14", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "i686", "packageName": "kernel", "packageFilename": "kernel-2.6.32-642.el6.i686.rpm", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* It was found that reporting emulation failures to user space could lead to either a local (CVE-2014-7842) or a L2->L1 (CVE-2010-5313) denial of service. In the case of a local denial of service, an attacker must have access to the MMIO area or be able to access an I/O port. Please note that on certain systems, HPET is mapped to userspace as part of vdso (vvar) and thus an unprivileged user may generate MMIO transactions (and enter the emulator) this way. (CVE-2010-5313, CVE-2014-7842, Moderate)\n\n* It was found that the Linux kernel did not properly account file descriptors passed over the unix socket against the process limit. A local user could use this flaw to exhaust all available memory on the system. (CVE-2013-4312, Moderate)\n\n* A buffer overflow flaw was found in the way the Linux kernel's virtio-net subsystem handled certain fraglists when the GRO (Generic Receive Offload) functionality was enabled in a bridged network configuration. An attacker on the local network could potentially use this flaw to crash the system, or, although unlikely, elevate their privileges on the system. (CVE-2015-5156, Moderate)\n\n* It was found that the Linux kernel's IPv6 network stack did not properly validate the value of the MTU variable when it was set. A remote attacker could potentially use this flaw to disrupt a target system's networking (packet loss) by setting an invalid MTU value, for example, via a NetworkManager daemon that is processing router advertisement packets running on the target system. (CVE-2015-8215, Moderate)\n\n* A NULL pointer dereference flaw was found in the way the Linux kernel's network subsystem handled socket creation with an invalid protocol identifier. A local user could use this flaw to crash the system. (CVE-2015-8543, Moderate)\n\n* It was found that the espfix functionality does not work for 32-bit KVM paravirtualized guests. A local, unprivileged guest user could potentially use this flaw to leak kernel stack addresses. (CVE-2014-8134, Low)\n\n* A flaw was found in the way the Linux kernel's ext4 file system driver handled non-journal file systems with an orphan list. An attacker with physical access to the system could use this flaw to crash the system or, although unlikely, escalate their privileges on the system. (CVE-2015-7509, Low)\n\n* A NULL pointer dereference flaw was found in the way the Linux kernel's ext4 file system driver handled certain corrupted file system images. An attacker with physical access to the system could use this flaw to crash the system. (CVE-2015-8324, Low)\n\nRed Hat would like to thank Nadav Amit for reporting CVE-2010-5313 and CVE-2014-7842, Andy Lutomirski for reporting CVE-2014-8134, and Dmitriy Monakhov (OpenVZ) for reporting CVE-2015-8324. The CVE-2015-5156 issue was discovered by Jason Wang (Red Hat).\n\nAdditional Changes:\n\n* Refer to Red Hat Enterprise Linux 6.8 Release Notes for information on new kernel features and known issues, and Red Hat Enterprise Linux Technical Notes for information on device driver updates, important changes to external kernel parameters, notable bug fixes, and technology previews. Both of these documents are linked to in the References section.", "reporter": "RedHat", "published": "2016-05-10T10:42:32", "type": "redhat", "title": "(RHSA-2016:0855) Moderate: kernel security, bug fix, and enhancement update", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-5313", "CVE-2013-4312", "CVE-2014-7842", "CVE-2014-8134", "CVE-2015-5156", "CVE-2015-7509", "CVE-2015-8215", "CVE-2015-8324", "CVE-2015-8543"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:16", "id": "RHSA-2016:0855", "href": "https://access.redhat.com/errata/RHSA-2016:0855", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:43:14", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "arch": "ppc64", "packageName": "kernel", "packageFilename": "kernel-3.10.0-327.el7.ppc64.rpm", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's file system implementation\nhandled rename operations in which the source was inside and the\ndestination was outside of a bind mount. A privileged user inside a\ncontainer could use this flaw to escape the bind mount and, potentially,\nescalate their privileges on the system. (CVE-2015-2925, Important)\n\n* A race condition flaw was found in the way the Linux kernel's IPC\nsubsystem initialized certain fields in an IPC object structure that were\nlater used for permission checking before inserting the object into a\nglobally visible list. A local, unprivileged user could potentially use\nthis flaw to elevate their privileges on the system. (CVE-2015-7613,\nImportant)\n\n* It was found that reporting emulation failures to user space could lead\nto either a local (CVE-2014-7842) or a L2->L1 (CVE-2010-5313) denial of\nservice. In the case of a local denial of service, an attacker must have\naccess to the MMIO area or be able to access an I/O port. (CVE-2010-5313,\nCVE-2014-7842, Moderate)\n\n* A flaw was found in the way the Linux kernel's KVM subsystem handled\nnon-canonical addresses when emulating instructions that change the RIP\n(for example, branches or calls). A guest user with access to an I/O or\nMMIO region could use this flaw to crash the guest. (CVE-2014-3647,\nModerate)\n\n* It was found that the Linux kernel memory resource controller's (memcg)\nhandling of OOM (out of memory) conditions could lead to deadlocks.\nAn attacker could use this flaw to lock up the system. (CVE-2014-8171,\nModerate)\n\n* A race condition flaw was found between the chown and execve system\ncalls. A local, unprivileged user could potentially use this flaw to\nescalate their privileges on the system. (CVE-2015-3339, Moderate)\n\n* A flaw was discovered in the way the Linux kernel's TTY subsystem handled\nthe tty shutdown phase. A local, unprivileged user could use this flaw to\ncause a denial of service on the system. (CVE-2015-4170, Moderate)\n\n* A NULL pointer dereference flaw was found in the SCTP implementation.\nA local user could use this flaw to cause a denial of service on the system\nby triggering a kernel panic when creating multiple sockets in parallel\nwhile the system did not have the SCTP module loaded. (CVE-2015-5283,\nModerate)\n\n* A flaw was found in the way the Linux kernel's perf subsystem retrieved\nuserlevel stack traces on PowerPC systems. A local, unprivileged user could\nuse this flaw to cause a denial of service on the system. (CVE-2015-6526,\nModerate)\n\n* A flaw was found in the way the Linux kernel's Crypto subsystem handled\nautomatic loading of kernel modules. A local user could use this flaw to\nload any installed kernel module, and thus increase the attack surface of\nthe running kernel. (CVE-2013-7421, CVE-2014-9644, Low)\n\n* An information leak flaw was found in the way the Linux kernel changed\ncertain segment registers and thread-local storage (TLS) during a context\nswitch. A local, unprivileged user could use this flaw to leak the user\nspace TLS base address of an arbitrary process. (CVE-2014-9419, Low)\n\n* It was found that the Linux kernel KVM subsystem's sysenter instruction\nemulation was not sufficient. An unprivileged guest user could use this\nflaw to escalate their privileges by tricking the hypervisor to emulate a\nSYSENTER instruction in 16-bit mode, if the guest OS did not initialize the\nSYSENTER model-specific registers (MSRs). Note: Certified guest operating\nsystems for Red Hat Enterprise Linux with KVM do initialize the SYSENTER\nMSRs and are thus not vulnerable to this issue when running on a KVM\nhypervisor. (CVE-2015-0239, Low)\n\n* A flaw was found in the way the Linux kernel handled the securelevel\nfunctionality after performing a kexec operation. A local attacker could\nuse this flaw to bypass the security mechanism of the\nsecurelevel/secureboot combination. (CVE-2015-7837, Low)", "reporter": "RedHat", "published": "2015-11-20T00:35:51", "type": "redhat", "title": "(RHSA-2015:2152) Important: kernel security, bug fix, and enhancement update", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-5313", "CVE-2013-7421", "CVE-2014-3647", "CVE-2014-7842", "CVE-2014-8171", "CVE-2014-9419", "CVE-2014-9644", "CVE-2015-0239", "CVE-2015-2925", "CVE-2015-3339", "CVE-2015-4170", "CVE-2015-5283", "CVE-2015-6526", "CVE-2015-7613", "CVE-2015-7837"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-04-12T03:32:39", "id": "RHSA-2015:2152", "href": "https://access.redhat.com/errata/RHSA-2015:2152", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2017-10-03T18:26:53", "references": ["https://rhn.redhat.com/errata/RHSA-2016-0855.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "i686", "packageName": "perf", "packageFilename": "perf-2.6.32-642.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "x86_64", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.32-642.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "noarch", "packageName": "kernel-firmware", "packageFilename": "kernel-firmware-2.6.32-642.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "noarch", "packageName": "kernel-firmware", "packageFilename": "kernel-firmware-2.6.32-642.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "x86_64", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.32-642.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "x86_64", "packageName": "kernel-headers", "packageFilename": "kernel-headers-2.6.32-642.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "i686", "packageName": "kernel-headers", "packageFilename": "kernel-headers-2.6.32-642.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "noarch", "packageName": "kernel-abi-whitelists", "packageFilename": "kernel-abi-whitelists-2.6.32-642.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "noarch", "packageName": "kernel-abi-whitelists", "packageFilename": "kernel-abi-whitelists-2.6.32-642.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "i686", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.32-642.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "noarch", "packageName": "kernel-doc", "packageFilename": "kernel-doc-2.6.32-642.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "noarch", "packageName": "kernel-doc", "packageFilename": "kernel-doc-2.6.32-642.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "i686", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.32-642.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "i686", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.32-642.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "x86_64", "packageName": "perf", "packageFilename": "perf-2.6.32-642.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "i686", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.32-642.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "i686", "packageName": "kernel", "packageFilename": "kernel-2.6.32-642.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "x86_64", "packageName": "kernel", "packageFilename": "kernel-2.6.32-642.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "i686", "packageName": "python-perf", "packageFilename": "python-perf-2.6.32-642.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "x86_64", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.32-642.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "x86_64", "packageName": "python-perf", "packageFilename": "python-perf-2.6.32-642.el6.x86_64.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2016:0855\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* It was found that reporting emulation failures to user space could lead to either a local (CVE-2014-7842) or a L2->L1 (CVE-2010-5313) denial of service. In the case of a local denial of service, an attacker must have access to the MMIO area or be able to access an I/O port. Please note that on certain systems, HPET is mapped to userspace as part of vdso (vvar) and thus an unprivileged user may generate MMIO transactions (and enter the emulator) this way. (CVE-2010-5313, CVE-2014-7842, Moderate)\n\n* It was found that the Linux kernel did not properly account file descriptors passed over the unix socket against the process limit. A local user could use this flaw to exhaust all available memory on the system. (CVE-2013-4312, Moderate)\n\n* A buffer overflow flaw was found in the way the Linux kernel's virtio-net subsystem handled certain fraglists when the GRO (Generic Receive Offload) functionality was enabled in a bridged network configuration. An attacker on the local network could potentially use this flaw to crash the system, or, although unlikely, elevate their privileges on the system. (CVE-2015-5156, Moderate)\n\n* It was found that the Linux kernel's IPv6 network stack did not properly validate the value of the MTU variable when it was set. A remote attacker could potentially use this flaw to disrupt a target system's networking (packet loss) by setting an invalid MTU value, for example, via a NetworkManager daemon that is processing router advertisement packets running on the target system. (CVE-2015-8215, Moderate)\n\n* A NULL pointer dereference flaw was found in the way the Linux kernel's network subsystem handled socket creation with an invalid protocol identifier. A local user could use this flaw to crash the system. (CVE-2015-8543, Moderate)\n\n* It was found that the espfix functionality does not work for 32-bit KVM paravirtualized guests. A local, unprivileged guest user could potentially use this flaw to leak kernel stack addresses. (CVE-2014-8134, Low)\n\n* A flaw was found in the way the Linux kernel's ext4 file system driver handled non-journal file systems with an orphan list. An attacker with physical access to the system could use this flaw to crash the system or, although unlikely, escalate their privileges on the system. (CVE-2015-7509, Low)\n\n* A NULL pointer dereference flaw was found in the way the Linux kernel's ext4 file system driver handled certain corrupted file system images. An attacker with physical access to the system could use this flaw to crash the system. (CVE-2015-8324, Low)\n\nRed Hat would like to thank Nadav Amit for reporting CVE-2010-5313 and CVE-2014-7842, Andy Lutomirski for reporting CVE-2014-8134, and Dmitriy Monakhov (OpenVZ) for reporting CVE-2015-8324. The CVE-2015-5156 issue was discovered by Jason Wang (Red Hat).\n\nAdditional Changes:\n\n* Refer to Red Hat Enterprise Linux 6.8 Release Notes for information on new kernel features and known issues, and Red Hat Enterprise Linux Technical Notes for information on device driver updates, important changes to external kernel parameters, notable bug fixes, and technology previews. Both of these documents are linked to in the References section.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2016-May/002855.html\n\n**Affected packages:**\nkernel\nkernel-abi-whitelists\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-firmware\nkernel-headers\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-0855.html", "edition": 1, "reporter": "CentOS Project", "published": "2016-05-16T10:16:52", "title": "kernel, perf, python security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-5313", "CVE-2014-8134", "CVE-2015-7509", "CVE-2015-8215", "CVE-2015-8324", "CVE-2015-5156", "CVE-2015-8543", "CVE-2013-4312", "CVE-2016-3841", "CVE-2014-7842"], "modified": "2016-05-16T10:16:52", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2016-May/002855.html", "id": "CESA-2016:0855", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-16T06:03:58", "references": ["https://rhn.redhat.com/errata/RHSA-2015-2152.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "packageFilename": "kernel-doc-3.10.0-327.el7.noarch.rpm", "packageName": "kernel-doc", "arch": "noarch", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "packageFilename": "perf-3.10.0-327.el7.x86_64.rpm", "packageName": "perf", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "packageFilename": "kernel-3.10.0-327.el7.x86_64.rpm", "packageName": "kernel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "packageFilename": "kernel-devel-3.10.0-327.el7.x86_64.rpm", "packageName": "kernel-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "packageFilename": "kernel-headers-3.10.0-327.el7.x86_64.rpm", "packageName": "kernel-headers", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "packageFilename": "kernel-debug-devel-3.10.0-327.el7.x86_64.rpm", "packageName": "kernel-debug-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "packageFilename": "kernel-tools-3.10.0-327.el7.x86_64.rpm", "packageName": "kernel-tools", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "packageFilename": "python-perf-3.10.0-327.el7.x86_64.rpm", "packageName": "python-perf", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "packageFilename": "kernel-tools-libs-3.10.0-327.el7.x86_64.rpm", "packageName": "kernel-tools-libs", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "packageFilename": "kernel-debug-3.10.0-327.el7.x86_64.rpm", "packageName": "kernel-debug", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "packageFilename": "kernel-abi-whitelists-3.10.0-327.el7.noarch.rpm", "packageName": "kernel-abi-whitelists", "arch": "noarch", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "packageFilename": "kernel-tools-libs-devel-3.10.0-327.el7.x86_64.rpm", "packageName": "kernel-tools-libs-devel", "arch": "x86_64", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2015:2152\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's file system implementation\nhandled rename operations in which the source was inside and the\ndestination was outside of a bind mount. A privileged user inside a\ncontainer could use this flaw to escape the bind mount and, potentially,\nescalate their privileges on the system. (CVE-2015-2925, Important)\n\n* A race condition flaw was found in the way the Linux kernel's IPC\nsubsystem initialized certain fields in an IPC object structure that were\nlater used for permission checking before inserting the object into a\nglobally visible list. A local, unprivileged user could potentially use\nthis flaw to elevate their privileges on the system. (CVE-2015-7613,\nImportant)\n\n* It was found that reporting emulation failures to user space could lead\nto either a local (CVE-2014-7842) or a L2->L1 (CVE-2010-5313) denial of\nservice. In the case of a local denial of service, an attacker must have\naccess to the MMIO area or be able to access an I/O port. (CVE-2010-5313,\nCVE-2014-7842, Moderate)\n\n* A flaw was found in the way the Linux kernel's KVM subsystem handled\nnon-canonical addresses when emulating instructions that change the RIP\n(for example, branches or calls). A guest user with access to an I/O or\nMMIO region could use this flaw to crash the guest. (CVE-2014-3647,\nModerate)\n\n* It was found that the Linux kernel memory resource controller's (memcg)\nhandling of OOM (out of memory) conditions could lead to deadlocks.\nAn attacker could use this flaw to lock up the system. (CVE-2014-8171,\nModerate)\n\n* A race condition flaw was found between the chown and execve system\ncalls. A local, unprivileged user could potentially use this flaw to\nescalate their privileges on the system. (CVE-2015-3339, Moderate)\n\n* A flaw was discovered in the way the Linux kernel's TTY subsystem handled\nthe tty shutdown phase. A local, unprivileged user could use this flaw to\ncause a denial of service on the system. (CVE-2015-4170, Moderate)\n\n* A NULL pointer dereference flaw was found in the SCTP implementation.\nA local user could use this flaw to cause a denial of service on the system\nby triggering a kernel panic when creating multiple sockets in parallel\nwhile the system did not have the SCTP module loaded. (CVE-2015-5283,\nModerate)\n\n* A flaw was found in the way the Linux kernel's perf subsystem retrieved\nuserlevel stack traces on PowerPC systems. A local, unprivileged user could\nuse this flaw to cause a denial of service on the system. (CVE-2015-6526,\nModerate)\n\n* A flaw was found in the way the Linux kernel's Crypto subsystem handled\nautomatic loading of kernel modules. A local user could use this flaw to\nload any installed kernel module, and thus increase the attack surface of\nthe running kernel. (CVE-2013-7421, CVE-2014-9644, Low)\n\n* An information leak flaw was found in the way the Linux kernel changed\ncertain segment registers and thread-local storage (TLS) during a context\nswitch. A local, unprivileged user could use this flaw to leak the user\nspace TLS base address of an arbitrary process. (CVE-2014-9419, Low)\n\n* It was found that the Linux kernel KVM subsystem's sysenter instruction\nemulation was not sufficient. An unprivileged guest user could use this\nflaw to escalate their privileges by tricking the hypervisor to emulate a\nSYSENTER instruction in 16-bit mode, if the guest OS did not initialize the\nSYSENTER model-specific registers (MSRs). Note: Certified guest operating\nsystems for Red Hat Enterprise Linux with KVM do initialize the SYSENTER\nMSRs and are thus not vulnerable to this issue when running on a KVM\nhypervisor. (CVE-2015-0239, Low)\n\n* A flaw was found in the way the Linux kernel handled the securelevel\nfunctionality after performing a kexec operation. A local attacker could\nuse this flaw to bypass the security mechanism of the\nsecurelevel/secureboot combination. (CVE-2015-7837, Low)\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2015-November/002347.html\n\n**Affected packages:**\nkernel\nkernel-abi-whitelists\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-tools\nkernel-tools-libs\nkernel-tools-libs-devel\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-2152.html", "edition": 2, "reporter": "CentOS Project", "published": "2015-11-30T19:36:22", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "title": "kernel, perf, python security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2014-9644", "CVE-2015-4170", "CVE-2010-5313", "CVE-2015-2925", "CVE-2015-8215", "CVE-2015-3288", "CVE-2015-7553", "CVE-2015-3339", "CVE-2014-3647", "CVE-2016-0774", "CVE-2015-6526", "CVE-2015-7613", "CVE-2015-0239", "CVE-2013-7421", "CVE-2015-7837", "CVE-2015-5283", "CVE-2014-8171", "CVE-2014-9419", "CVE-2014-7842"], "modified": "2015-11-30T19:36:22", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2015-November/002347.html", "id": "CESA-2015:2152", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T11:57:20", "references": ["https://bugzilla.suse.com/912705", "https://bugzilla.suse.com/891211", "https://bugzilla.suse.com/902351", "https://bugzilla.suse.com/902349", "https://bugzilla.suse.com/915826", "https://bugzilla.suse.com/912916", "https://download.suse.com/patch/finder/?keywords=01007b3b761286f24a9cd5a7197794e2", "https://download.suse.com/patch/finder/?keywords=a5e2892de750f2c5d2fba65db2f8b808", "https://bugzilla.suse.com/907822", "https://bugzilla.suse.com/771619", "https://bugzilla.suse.com/896390", "https://download.suse.com/patch/finder/?keywords=ef5762f62e2e26eab3ef31d6b58ad159", "https://bugzilla.suse.com/857643", "https://bugzilla.suse.com/905100", "https://bugzilla.suse.com/896391", "https://download.suse.com/patch/finder/?keywords=afe31f60701fa39738b0574722eb95ef", "https://bugzilla.suse.com/911325", "https://bugzilla.suse.com/908870", "https://bugzilla.suse.com/905312", "https://bugzilla.suse.com/875051", "https://bugzilla.suse.com/915335", "https://bugzilla.suse.com/912654", "https://bugzilla.suse.com/904700", "https://download.suse.com/patch/finder/?keywords=8944e139fcc8a84a52412d23cce7f98a", "https://bugzilla.suse.com/902346", "https://bugzilla.suse.com/833820", "https://bugzilla.suse.com/885077", "https://bugzilla.suse.com/899338", "https://bugzilla.suse.com/892235", "https://bugzilla.suse.com/913059", "https://bugzilla.suse.com/896779", "https://download.suse.com/patch/finder/?keywords=cfbfe04e5c8b61b50f91d849de2217e9", "https://bugzilla.suse.com/846404"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-default-2.6.32.59-0.19.1.s390x.rpm", "packageName": "kernel-default", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-ec2-base-2.6.32.59-0.19.1.x86_64.rpm", "packageName": "kernel-ec2-base", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-ec2-2.6.32.59-0.19.1.i586.rpm", "packageName": "kernel-ec2", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-pae-2.6.32.59-0.19.1.i586.rpm", "packageName": "kernel-pae", "arch": "i586", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-xen-extra-2.6.32.59-0.19.1.x86_64.rpm", "packageName": "kernel-xen-extra", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-syms-2.6.32.59-0.19.1.i586.rpm", "packageName": "kernel-syms", "arch": "i586", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-xen-extra-2.6.32.59-0.19.1.i586.rpm", "packageName": "kernel-xen-extra", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-default-2.6.32.59-0.19.1.i586.rpm", "packageName": "kernel-default", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-xen-devel-2.6.32.59-0.19.1.x86_64.rpm", "packageName": "kernel-xen-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-default-extra-2.6.32.59-0.19.1.x86_64.rpm", "packageName": "kernel-default-extra", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-source-2.6.32.59-0.19.1.s390x.rpm", "packageName": "kernel-source", "arch": "s390x", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-pae-extra-2.6.32.59-0.19.1.i586.rpm", "packageName": "kernel-pae-extra", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-pae-base-2.6.32.59-0.19.1.i586.rpm", "packageName": "kernel-pae-base", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "4.0.3_21548_18_2.6.32.59_0.19-0.9.17", "packageFilename": "xen-kmp-trace-4.0.3_21548_18_2.6.32.59_0.19-0.9.17.i586.rpm", "packageName": "xen-kmp-trace", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-trace-devel-2.6.32.59-0.19.1.x86_64.rpm", "packageName": "kernel-trace-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-source-2.6.32.59-0.19.1.x86_64.rpm", "packageName": "kernel-source", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-syms-2.6.32.59-0.19.1.x86_64.rpm", "packageName": "kernel-syms", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "4.0.3_21548_18_2.6.32.59_0.19-0.9.17", "packageFilename": "xen-kmp-default-4.0.3_21548_18_2.6.32.59_0.19-0.9.17.x86_64.rpm", "packageName": "xen-kmp-default", "arch": "x86_64", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-default-extra-2.6.32.59-0.19.1.i586.rpm", "packageName": "kernel-default-extra", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-xen-base-2.6.32.59-0.19.1.i586.rpm", "packageName": "kernel-xen-base", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-xen-base-2.6.32.59-0.19.1.x86_64.rpm", "packageName": "kernel-xen-base", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "4.0.3_21548_18_2.6.32.59_0.19-0.9.17", "packageFilename": "xen-kmp-default-4.0.3_21548_18_2.6.32.59_0.19-0.9.17.i586.rpm", "packageName": "xen-kmp-default", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-trace-2.6.32.59-0.19.1.s390x.rpm", "packageName": "kernel-trace", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-syms-2.6.32.59-0.19.1.s390x.rpm", "packageName": "kernel-syms", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-default-base-2.6.32.59-0.19.1.x86_64.rpm", "packageName": "kernel-default-base", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-trace-base-2.6.32.59-0.19.1.i586.rpm", "packageName": "kernel-trace-base", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-default-base-2.6.32.59-0.19.1.s390x.rpm", "packageName": "kernel-default-base", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-xen-2.6.32.59-0.19.1.x86_64.rpm", "packageName": "kernel-xen", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-default-base-2.6.32.59-0.19.1.i586.rpm", "packageName": "kernel-default-base", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-pae-devel-2.6.32.59-0.19.1.i586.rpm", "packageName": "kernel-pae-devel", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-xen-devel-2.6.32.59-0.19.1.i586.rpm", "packageName": "kernel-xen-devel", "arch": "i586", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-default-extra-2.6.32.59-0.19.1.s390x.rpm", "packageName": "kernel-default-extra", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "4.0.3_21548_18_2.6.32.59_0.19-0.9.17", "packageFilename": "xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.9.17.i586.rpm", "packageName": "xen-kmp-pae", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-default-devel-2.6.32.59-0.19.1.x86_64.rpm", "packageName": "kernel-default-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-ec2-2.6.32.59-0.19.1.x86_64.rpm", "packageName": "kernel-ec2", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-ec2-devel-2.6.32.59-0.19.1.x86_64.rpm", "packageName": "kernel-ec2-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-trace-devel-2.6.32.59-0.19.1.i586.rpm", "packageName": "kernel-trace-devel", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-trace-base-2.6.32.59-0.19.1.s390x.rpm", "packageName": "kernel-trace-base", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-default-devel-2.6.32.59-0.19.1.i586.rpm", "packageName": "kernel-default-devel", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-ec2-base-2.6.32.59-0.19.1.i586.rpm", "packageName": "kernel-ec2-base", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-source-2.6.32.59-0.19.1.i586.rpm", "packageName": "kernel-source", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-xen-2.6.32.59-0.19.1.i586.rpm", "packageName": "kernel-xen", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-default-man-2.6.32.59-0.19.1.s390x.rpm", "packageName": "kernel-default-man", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-default-devel-2.6.32.59-0.19.1.s390x.rpm", "packageName": "kernel-default-devel", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-default-2.6.32.59-0.19.1.x86_64.rpm", "packageName": "kernel-default", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-trace-devel-2.6.32.59-0.19.1.s390x.rpm", "packageName": "kernel-trace-devel", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-trace-base-2.6.32.59-0.19.1.x86_64.rpm", "packageName": "kernel-trace-base", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "4.0.3_21548_18_2.6.32.59_0.19-0.9.17", "packageFilename": "xen-kmp-trace-4.0.3_21548_18_2.6.32.59_0.19-0.9.17.x86_64.rpm", "packageName": "xen-kmp-trace", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-trace-2.6.32.59-0.19.1.i586.rpm", "packageName": "kernel-trace", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-trace-2.6.32.59-0.19.1.x86_64.rpm", "packageName": "kernel-trace", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.19.1", "packageFilename": "kernel-ec2-devel-2.6.32.59-0.19.1.i586.rpm", "packageName": "kernel-ec2-devel", "arch": "i586", "operator": "lt"}], "edition": 1, "description": "The SUSE Linux Enterprise 11 Service Pack 1 LTSS kernel was updated to fix\n security issues on kernels on the x86_64 architecture.\n\n The following security bugs have been fixed:\n\n * CVE-2013-4299: Interpretation conflict in\n drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6\n allowed remote authenticated users to obtain sensitive information\n or modify data via a crafted mapping to a snapshot block device\n (bnc#846404).\n * CVE-2014-8160: SCTP firewalling failed until the SCTP module was\n loaded (bnc#913059).\n * CVE-2014-9584: The parse_rock_ridge_inode_internal function in\n fs/isofs/rock.c in the Linux kernel before 3.18.2 did not validate a\n length value in the Extensions Reference (ER) System Use Field,\n which allowed local users to obtain sensitive information from\n kernel memory via a crafted iso9660 image (bnc#912654).\n * CVE-2014-9585: The vdso_addr function in arch/x86/vdso/vma.c in the\n Linux kernel through 3.18.2 did not properly choose memory locations\n for the vDSO area, which made it easier for local users to bypass\n the ASLR protection mechanism by guessing a location at the end of a\n PMD (bnc#912705).\n * CVE-2014-9420: The rock_continue function in fs/isofs/rock.c in the\n Linux kernel through 3.18.1 did not restrict the number of Rock\n Ridge continuation entries, which allowed local users to cause a\n denial of service (infinite loop, and system crash or hang) via a\n crafted iso9660 image (bnc#911325).\n * CVE-2014-0181: The Netlink implementation in the Linux kernel\n through 3.14.1 did not provide a mechanism for authorizing socket\n operations based on the opener of a socket, which allowed local\n users to bypass intended access restrictions and modify network\n configurations by using a Netlink socket for the (1) stdout or (2)\n stderr of a setuid program (bnc#875051).\n * CVE-2010-5313: Race condition in arch/x86/kvm/x86.c in the Linux\n kernel before 2.6.38 allowed L2 guest OS users to cause a denial of\n service (L1 guest OS crash) via a crafted instruction that triggers\n an L2 emulation failure report, a similar issue to CVE-2014-7842\n (bnc#907822).\n * CVE-2014-7842: Race condition in arch/x86/kvm/x86.c in the Linux\n kernel before 3.17.4 allowed guest OS users to cause a denial of\n service (guest OS crash) via a crafted application that performs an\n MMIO transaction or a PIO transaction to trigger a guest userspace\n emulation error report, a similar issue to CVE-2010-5313\n (bnc#905312).\n * CVE-2014-3688: The SCTP implementation in the Linux kernel before\n 3.17.4 allowed remote attackers to cause a denial of service (memory\n consumption) by triggering a large number of chunks in an\n associations output queue, as demonstrated by ASCONF probes, related\n to net/sctp/inqueue.c and net/sctp/sm_statefuns.c (bnc#902351).\n * CVE-2014-3687: The sctp_assoc_lookup_asconf_ack function in\n net/sctp/associola.c in the SCTP implementation in the Linux kernel\n through 3.17.2 allowed remote attackers to cause a denial of service\n (panic) via duplicate ASCONF chunks that trigger an incorrect uncork\n within the side-effect interpreter (bnc#902349).\n * CVE-2014-3673: The SCTP implementation in the Linux kernel through\n 3.17.2 allowed remote attackers to cause a denial of service (system\n crash) via a malformed ASCONF chunk, related to\n net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c (bnc#902346).\n * CVE-2014-7841: The sctp_process_param function in\n net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux\n kernel before 3.17.4, when ASCONF is used, allowed remote attackers\n to cause a denial of service (NULL pointer dereference and system\n crash) via a malformed INIT chunk (bnc#905100).\n * CVE-2014-8709: The ieee80211_fragment function in net/mac80211/tx.c\n in the Linux kernel before 3.13.5 did not properly maintain a\n certain tail pointer, which allowed remote attackers to obtain\n sensitive cleartext information by reading packets (bnc#904700).\n * CVE-2013-7263: The Linux kernel before 3.12.4 updated certain length\n values before ensuring that associated data structures have been\n initialized, which allowed local users to obtain sensitive\n information from kernel stack memory via a (1) recvfrom, (2)\n recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c,\n net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c\n (bnc#857643).\n * CVE-2012-6657: The sock_setsockopt function in net/core/sock.c in\n the Linux kernel before 3.5.7 did not ensure that a keepalive action\n is associated with a stream socket, which allowed local users to\n cause a denial of service (system crash) by leveraging the ability\n to create a raw socket (bnc#896779).\n * CVE-2014-3185: Multiple buffer overflows in the\n command_port_read_callback function in\n drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in\n the Linux kernel before 3.16.2 allowed physically proximate\n attackers to execute arbitrary code or cause a denial of service\n (memory corruption and system crash) via a crafted device that\n provides a large amount of (1) EHCI or (2) XHCI data associated with\n a bulk response (bnc#896391).\n * CVE-2014-3184: The report_fixup functions in the HID subsystem in\n the Linux kernel before 3.16.2 might allow physically proximate\n attackers to cause a denial of service (out-of-bounds write) via a\n crafted device that provides a small report descriptor, related to\n (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c, (3)\n drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5)\n drivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c\n (bnc#896390).\n\n The following non-security bugs have been fixed:\n\n * KVM: SVM: Make Use of the generic guest-mode functions (bnc#907822).\n * KVM: inject #UD if instruction emulation fails and exit to userspace\n (bnc#907822).\n * block: Fix bogus partition statistics reports (bnc#885077\n bnc#891211).\n * block: skip request queue cleanup if no elevator is assigned\n (bnc#899338).\n * isofs: Fix unchecked printing of ER records.\n * Re-enable nested-spinlocks-backport patch for xen (bnc#908870).\n * time, ntp: Do not update time_state in middle of leap second\n (bnc#912916).\n * timekeeping: Avoid possible deadlock from clock_was_set_delayed\n (bnc#771619, bnc#915335).\n * udf: Check component length before reading it.\n * udf: Check path length when reading symlink.\n * udf: Verify i_size when loading inode.\n * udf: Verify symlink size before loading it.\n * vt: prevent race between modifying and reading unicode map\n (bnc#915826).\n * writeback: Do not sync data dirtied after sync start (bnc#833820).\n * xfs: Avoid blocking on inode flush in background inode reclaim\n (bnc#892235).\n\n Security Issues:\n\n * CVE-2010-5313\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5313\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5313</a>>\n * CVE-2012-6657\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6657\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6657</a>>\n * CVE-2013-4299\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4299\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4299</a>>\n * CVE-2013-7263\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263</a>>\n * CVE-2014-0181\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0181\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0181</a>>\n * CVE-2014-3184\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3184\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3184</a>>\n * CVE-2014-3185\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3185\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3185</a>>\n * CVE-2014-3673\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3673\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3673</a>>\n * CVE-2014-3687\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3687\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3687</a>>\n * CVE-2014-3688\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3688\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3688</a>>\n * CVE-2014-7841\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7841\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7841</a>>\n * CVE-2014-7842\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7842\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7842</a>>\n * CVE-2014-8160\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8160\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8160</a>>\n * CVE-2014-8709\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8709\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8709</a>>\n * CVE-2014-9420\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9420\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9420</a>>\n * CVE-2014-9584\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9584\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9584</a>>\n * CVE-2014-9585\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9585\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9585</a>>\n", "reporter": "Suse", "published": "2015-04-02T02:06:32", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "suse", "title": "Security update for Linux kernel (important)", "bulletinFamily": "unix", "cvelist": ["CVE-2010-5313", "CVE-2014-9420", "CVE-2014-3673", "CVE-2014-3688", "CVE-2014-8160", "CVE-2014-7841", "CVE-2014-8709", "CVE-2014-3185", "CVE-2014-9584", "CVE-2013-7263", "CVE-2014-0181", "CVE-2012-6657", "CVE-2014-7842", "CVE-2014-9585", "CVE-2013-4299", "CVE-2014-3184", "CVE-2014-3687"], "modified": "2015-04-02T02:06:32", "id": "SUSE-SU-2015:0652-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:08:20", "references": ["https://bugzilla.suse.com/903096", "https://bugzilla.suse.com/912705", "https://bugzilla.suse.com/909565", "http://download.suse.com/patch/finder/?keywords=321560c2742d1b151f3288d50e942005", "https://bugzilla.suse.com/856760", "http://download.suse.com/patch/finder/?keywords=ffa229c2e3c1d02c022c4adc72eb544d", "https://bugzilla.suse.com/905304", "https://bugzilla.suse.com/909077", "https://bugzilla.suse.com/900644", "https://bugzilla.suse.com/902351", "https://bugzilla.suse.com/895841", "https://bugzilla.suse.com/902349", "https://bugzilla.suse.com/909264", "https://bugzilla.suse.com/915826", "https://bugzilla.suse.com/911181", "https://bugzilla.suse.com/909095", "https://bugzilla.suse.com/914423", "https://bugzilla.suse.com/906586", "https://bugzilla.suse.com/909088", "https://bugzilla.suse.com/904659", "http://download.suse.com/patch/finder/?keywords=99f6f7f6dfadfd4b30ee84103aa604a4", "https://bugzilla.suse.com/894213", "https://bugzilla.suse.com/908069", "http://download.suse.com/patch/finder/?keywords=5b95a73648a17520abb1323d24fb56b3", "https://bugzilla.suse.com/910322", "https://bugzilla.suse.com/884817", "https://bugzilla.suse.com/887597", "https://bugzilla.suse.com/771619", "https://bugzilla.suse.com/915322", "https://bugzilla.suse.com/904053", "https://bugzilla.suse.com/846656", "https://bugzilla.suse.com/910013", "https://bugzilla.suse.com/908163", "https://bugzilla.suse.com/882470", "https://bugzilla.suse.com/864409", "https://bugzilla.suse.com/914726", "https://bugzilla.suse.com/917884", "https://bugzilla.suse.com/910150", "https://bugzilla.suse.com/904242", "https://bugzilla.suse.com/917839", "https://bugzilla.suse.com/907196", "https://bugzilla.suse.com/908572", "https://bugzilla.suse.com/907818", "https://bugzilla.suse.com/891277", "https://bugzilla.suse.com/829110", "https://bugzilla.suse.com/905799", "https://bugzilla.suse.com/914355", "https://bugzilla.suse.com/911326", "https://bugzilla.suse.com/904671", "https://bugzilla.suse.com/876594", "https://bugzilla.suse.com/909078", "https://bugzilla.suse.com/876086", "https://bugzilla.suse.com/920250", "https://bugzilla.suse.com/907551", "http://download.suse.com/patch/finder/?keywords=ba948ef69752594d363b7f7db540bcf2", "https://bugzilla.suse.com/911325", "https://bugzilla.suse.com/903640", "https://bugzilla.suse.com/896484", "https://bugzilla.suse.com/905312", "https://bugzilla.suse.com/910159", "https://bugzilla.suse.com/910321", "https://bugzilla.suse.com/909092", "http://download.suse.com/patch/finder/?keywords=67d4ee6ce4fba72ecd3e70dc4181af85", "https://bugzilla.suse.com/916515", "https://bugzilla.suse.com/908550", "https://bugzilla.suse.com/875051", "https://bugzilla.suse.com/902232", "https://bugzilla.suse.com/908825", "https://bugzilla.suse.com/865419", "https://bugzilla.suse.com/915335", "https://bugzilla.suse.com/915209", "https://bugzilla.suse.com/833588", "https://bugzilla.suse.com/907611", "https://bugzilla.suse.com/908551", "https://bugzilla.suse.com/864404", "https://bugzilla.suse.com/908393", "https://bugzilla.suse.com/864411", "http://download.suse.com/patch/finder/?keywords=17ea342ac70ce094db352e89d143510f", "https://bugzilla.suse.com/909740", "https://bugzilla.suse.com/833820", "https://bugzilla.suse.com/907338", "https://bugzilla.suse.com/902675", "https://bugzilla.suse.com/912171", "http://download.suse.com/patch/finder/?keywords=6fcf5fa8810b78007b8a23933dd952aa", "https://bugzilla.suse.com/853040", "https://bugzilla.suse.com/909846", "http://download.suse.com/patch/finder/?keywords=0fd9eadfb31561dd2d783db07c79f6e2", "https://bugzilla.suse.com/883948", "https://bugzilla.suse.com/877593", "https://bugzilla.suse.com/910517", "https://bugzilla.suse.com/816099", "https://bugzilla.suse.com/864401", "https://bugzilla.suse.com/900279", "https://bugzilla.suse.com/916982", "https://bugzilla.suse.com/909093", "http://download.suse.com/patch/finder/?keywords=970f627fefba5af21dfb55448dac4ed3", "https://bugzilla.suse.com/913059", "https://bugzilla.suse.com/915791"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "ia64", "packageFilename": "kernel-trace-devel-3.0.101-0.47.50.1.ia64.rpm", "packageName": "kernel-trace-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.47.50-0.17.1.7", "arch": "x86_64", "packageFilename": "gfs2-kmp-default-2_3.0.101_0.47.50-0.17.1.7.x86_64.rpm", "packageName": "gfs2-kmp-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.47.50-0.21.1.7", "arch": "s390x", "packageFilename": "ocfs2-kmp-default-1.6_3.0.101_0.47.50-0.21.1.7.s390x.rpm", "packageName": "ocfs2-kmp-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.47.50-0.21.1.7", "arch": "ia64", "packageFilename": "ocfs2-kmp-default-1.6_3.0.101_0.47.50-0.21.1.7.ia64.rpm", "packageName": "ocfs2-kmp-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "ppc64", "packageFilename": "kernel-trace-devel-3.0.101-0.47.50.1.ppc64.rpm", "packageName": "kernel-trace-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-source-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-source", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-trace-base-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-trace-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-trace-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.47.50-2.28.1.7", "arch": "x86_64", "packageFilename": "cluster-network-kmp-bigsmp-1.4_3.0.101_0.47.50-2.28.1.7.x86_64.rpm", "packageName": "cluster-network-kmp-bigsmp", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.47.50-2.28.1.7", "arch": "x86_64", "packageFilename": "cluster-network-kmp-default-1.4_3.0.101_0.47.50-2.28.1.7.x86_64.rpm", "packageName": "cluster-network-kmp-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.47.50-2.28.1.7", "arch": "ppc64", "packageFilename": "cluster-network-kmp-default-1.4_3.0.101_0.47.50-2.28.1.7.ppc64.rpm", "packageName": "cluster-network-kmp-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.47.50-2.28.1.7", "arch": "i586", "packageFilename": "cluster-network-kmp-pae-1.4_3.0.101_0.47.50-2.28.1.7.i586.rpm", "packageName": "cluster-network-kmp-pae", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.47.50-0.17.1.7", "arch": "x86_64", "packageFilename": "gfs2-kmp-xen-2_3.0.101_0.47.50-0.17.1.7.x86_64.rpm", "packageName": "gfs2-kmp-xen", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "s390x", "packageFilename": "kernel-trace-devel-3.0.101-0.47.50.1.s390x.rpm", "packageName": "kernel-trace-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-pae-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-pae", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-source-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-source", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-trace-devel-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-trace-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-trace-devel-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-trace-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-default-devel-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-default-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-bigsmp-devel-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-bigsmp-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-default-base-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-default-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "ppc64", "packageFilename": "kernel-trace-base-3.0.101-0.47.50.1.ppc64.rpm", "packageName": "kernel-trace-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-pae-base-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-pae-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.47.50-0.17.1.7", "arch": "i586", "packageFilename": "gfs2-kmp-default-2_3.0.101_0.47.50-0.17.1.7.i586.rpm", "packageName": "gfs2-kmp-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-xen-devel-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-xen-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.47.50-0.21.1.7", "arch": "x86_64", "packageFilename": "ocfs2-kmp-default-1.6_3.0.101_0.47.50-0.21.1.7.x86_64.rpm", "packageName": "ocfs2-kmp-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-xen-base-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-xen-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-source-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-source", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.47.50-2.28.1.7", "arch": "i586", "packageFilename": "cluster-network-kmp-trace-1.4_3.0.101_0.47.50-2.28.1.7.i586.rpm", "packageName": "cluster-network-kmp-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-bigsmp-devel-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-bigsmp-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-trace-devel-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-trace-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-xen-devel-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-xen-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-default-devel-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-default-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.47.50-0.21.1.7", "arch": "ppc64", "packageFilename": "ocfs2-kmp-default-1.6_3.0.101_0.47.50-0.21.1.7.ppc64.rpm", "packageName": "ocfs2-kmp-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.47.50-0.17.1.7", "arch": "ppc64", "packageFilename": "gfs2-kmp-trace-2_3.0.101_0.47.50-0.17.1.7.ppc64.rpm", "packageName": "gfs2-kmp-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "4.2.5_04_3.0.101_0.47.50-0.7.1", "arch": "i586", "packageFilename": "xen-kmp-pae-4.2.5_04_3.0.101_0.47.50-0.7.1.i586.rpm", "packageName": "xen-kmp-pae", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-ec2-base-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-ec2-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-xen-base-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-xen-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-xen-extra-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-xen-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-syms-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-syms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "4.2.5_04_3.0.101_0.47.50-0.7.1", "arch": "i586", "packageFilename": "xen-kmp-default-4.2.5_04_3.0.101_0.47.50-0.7.1.i586.rpm", "packageName": "xen-kmp-default", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "3.0.101-0.47.50.1", "arch": "ia64", "packageFilename": "kernel-default-extra-3.0.101-0.47.50.1.ia64.rpm", "packageName": "kernel-default-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.47.50-2.28.1.7", "arch": "ppc64", "packageFilename": "cluster-network-kmp-trace-1.4_3.0.101_0.47.50-2.28.1.7.ppc64.rpm", "packageName": "cluster-network-kmp-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-trace-devel-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-trace-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.47.50-2.28.1.7", "arch": "i586", "packageFilename": "cluster-network-kmp-xen-1.4_3.0.101_0.47.50-2.28.1.7.i586.rpm", "packageName": "cluster-network-kmp-xen", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-syms-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-syms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.47.50-2.28.1.7", "arch": "x86_64", "packageFilename": "cluster-network-kmp-xen-1.4_3.0.101_0.47.50-2.28.1.7.x86_64.rpm", "packageName": "cluster-network-kmp-xen", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.47.50-0.17.1.7", "arch": "x86_64", "packageFilename": "gfs2-kmp-trace-2_3.0.101_0.47.50-0.17.1.7.x86_64.rpm", "packageName": "gfs2-kmp-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-default-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.47.50-0.21.1.7", "arch": "x86_64", "packageFilename": "ocfs2-kmp-xen-1.6_3.0.101_0.47.50-0.21.1.7.x86_64.rpm", "packageName": "ocfs2-kmp-xen", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.47.50-0.21.1.7", "arch": "i586", "packageFilename": "ocfs2-kmp-default-1.6_3.0.101_0.47.50-0.21.1.7.i586.rpm", "packageName": "ocfs2-kmp-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.47.50-0.17.1.7", "arch": "ppc64", "packageFilename": "gfs2-kmp-ppc64-2_3.0.101_0.47.50-0.17.1.7.ppc64.rpm", "packageName": "gfs2-kmp-ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-syms-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-syms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "ia64", "packageFilename": "kernel-default-3.0.101-0.47.50.1.ia64.rpm", "packageName": "kernel-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-ec2-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-ec2", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-xen-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-xen", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.47.50-0.17.1.7", "arch": "ppc64", "packageFilename": "gfs2-kmp-default-2_3.0.101_0.47.50-0.17.1.7.ppc64.rpm", "packageName": "gfs2-kmp-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "s390x", "packageFilename": "kernel-syms-3.0.101-0.47.50.1.s390x.rpm", "packageName": "kernel-syms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-pae-devel-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-pae-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "4.2.5_04_3.0.101_0.47.50-0.7.1", "arch": "x86_64", "packageFilename": "xen-kmp-default-4.2.5_04_3.0.101_0.47.50-0.7.1.x86_64.rpm", "packageName": "xen-kmp-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.47.50-0.17.1.7", "arch": "i586", "packageFilename": "gfs2-kmp-pae-2_3.0.101_0.47.50-0.17.1.7.i586.rpm", "packageName": "gfs2-kmp-pae", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-trace-base-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-trace-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-bigsmp-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-bigsmp", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-xen-devel-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-xen-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.47.50-0.21.1.7", "arch": "ppc64", "packageFilename": "ocfs2-kmp-ppc64-1.6_3.0.101_0.47.50-0.21.1.7.ppc64.rpm", "packageName": "ocfs2-kmp-ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "4.2.5_04_3.0.101_0.47.50-0.7.1", "arch": "x86_64", "packageFilename": "xen-kmp-default-4.2.5_04_3.0.101_0.47.50-0.7.1.x86_64.rpm", "packageName": "xen-kmp-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-default-base-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-default-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-pae-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-pae", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.47.50-2.28.1.7", "arch": "ia64", "packageFilename": "cluster-network-kmp-trace-1.4_3.0.101_0.47.50-2.28.1.7.ia64.rpm", "packageName": "cluster-network-kmp-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-default-devel-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-default-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-default-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.47.50-0.21.1.7", "arch": "ia64", "packageFilename": "ocfs2-kmp-trace-1.6_3.0.101_0.47.50-0.21.1.7.ia64.rpm", "packageName": "ocfs2-kmp-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.47.50-0.17.1.7", "arch": "i586", "packageFilename": "gfs2-kmp-trace-2_3.0.101_0.47.50-0.17.1.7.i586.rpm", "packageName": "gfs2-kmp-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-syms-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-syms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-default-base-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-default-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.47.50-0.21.1.7", "arch": "ppc64", "packageFilename": "ocfs2-kmp-trace-1.6_3.0.101_0.47.50-0.21.1.7.ppc64.rpm", "packageName": "ocfs2-kmp-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-pae-base-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-pae-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-trace-devel-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-trace-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.47.50-0.17.1.7", "arch": "i586", "packageFilename": "gfs2-kmp-xen-2_3.0.101_0.47.50-0.17.1.7.i586.rpm", "packageName": "gfs2-kmp-xen", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "ppc64", "packageFilename": "kernel-default-base-3.0.101-0.47.50.1.ppc64.rpm", "packageName": "kernel-default-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-default-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.47.50-0.17.1.7", "arch": "x86_64", "packageFilename": "gfs2-kmp-bigsmp-2_3.0.101_0.47.50-0.17.1.7.x86_64.rpm", "packageName": "gfs2-kmp-bigsmp", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-default-extra-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-default-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "ia64", "packageFilename": "kernel-syms-3.0.101-0.47.50.1.ia64.rpm", "packageName": "kernel-syms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "s390x", "packageFilename": "kernel-default-devel-3.0.101-0.47.50.1.s390x.rpm", "packageName": "kernel-default-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-trace-devel-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-trace-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-ec2-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-ec2", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "ppc64", "packageFilename": "kernel-syms-3.0.101-0.47.50.1.ppc64.rpm", "packageName": "kernel-syms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-default-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.47.50-0.21.1.7", "arch": "i586", "packageFilename": "ocfs2-kmp-xen-1.6_3.0.101_0.47.50-0.21.1.7.i586.rpm", "packageName": "ocfs2-kmp-xen", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-pae-base-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-pae-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-bigsmp-devel-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-bigsmp-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.47.50-2.28.1.7", "arch": "i586", "packageFilename": "cluster-network-kmp-default-1.4_3.0.101_0.47.50-2.28.1.7.i586.rpm", "packageName": "cluster-network-kmp-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-xen-devel-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-xen-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-ec2-base-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-ec2-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-pae-devel-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-pae-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-trace-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "ppc64", "packageFilename": "kernel-default-3.0.101-0.47.50.1.ppc64.rpm", "packageName": "kernel-default", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-default-extra-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-default-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-xen-extra-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-xen-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-xen-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-xen", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.47.50-2.28.1.7", "arch": "s390x", "packageFilename": "cluster-network-kmp-default-1.4_3.0.101_0.47.50-2.28.1.7.s390x.rpm", "packageName": "cluster-network-kmp-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "s390x", "packageFilename": "kernel-source-3.0.101-0.47.50.1.s390x.rpm", "packageName": "kernel-source", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-trace-base-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-trace-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-source-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-source", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-xen-base-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-xen-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "ppc64", "packageFilename": "kernel-source-3.0.101-0.47.50.1.ppc64.rpm", "packageName": "kernel-source", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-source-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-source", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "ppc64", "packageFilename": "kernel-trace-3.0.101-0.47.50.1.ppc64.rpm", "packageName": "kernel-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "ppc64", "packageFilename": "kernel-default-devel-3.0.101-0.47.50.1.ppc64.rpm", "packageName": "kernel-default-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-default-base-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-default-base", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-pae-extra-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-pae-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-default-base-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-default-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.47.50-0.21.1.7", "arch": "x86_64", "packageFilename": "ocfs2-kmp-bigsmp-1.6_3.0.101_0.47.50-0.21.1.7.x86_64.rpm", "packageName": "ocfs2-kmp-bigsmp", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "s390x", "packageFilename": "kernel-default-3.0.101-0.47.50.1.s390x.rpm", "packageName": "kernel-default", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "3.0.101-0.47.50.1", "arch": "ppc64", "packageFilename": "kernel-ppc64-extra-3.0.101-0.47.50.1.ppc64.rpm", "packageName": "kernel-ppc64-extra", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "3.0.101-0.47.50.1", "arch": "ppc64", "packageFilename": "kernel-default-extra-3.0.101-0.47.50.1.ppc64.rpm", "packageName": "kernel-default-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.47.50-0.21.1.7", "arch": "x86_64", "packageFilename": "ocfs2-kmp-trace-1.6_3.0.101_0.47.50-0.21.1.7.x86_64.rpm", "packageName": "ocfs2-kmp-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "ia64", "packageFilename": "kernel-source-3.0.101-0.47.50.1.ia64.rpm", "packageName": "kernel-source", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-xen-devel-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-xen-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-syms-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-syms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "ia64", "packageFilename": "kernel-default-base-3.0.101-0.47.50.1.ia64.rpm", "packageName": "kernel-default-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-trace-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.47.50-0.21.1.7", "arch": "s390x", "packageFilename": "ocfs2-kmp-trace-1.6_3.0.101_0.47.50-0.21.1.7.s390x.rpm", "packageName": "ocfs2-kmp-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.47.50-0.21.1.7", "arch": "i586", "packageFilename": "ocfs2-kmp-pae-1.6_3.0.101_0.47.50-0.21.1.7.i586.rpm", "packageName": "ocfs2-kmp-pae", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-trace-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "4.2.5_04_3.0.101_0.47.50-0.7.1", "arch": "i586", "packageFilename": "xen-kmp-pae-4.2.5_04_3.0.101_0.47.50-0.7.1.i586.rpm", "packageName": "xen-kmp-pae", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-xen-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-xen", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-xen-extra-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-xen-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.47.50-2.28.1.7", "arch": "x86_64", "packageFilename": "cluster-network-kmp-trace-1.4_3.0.101_0.47.50-2.28.1.7.x86_64.rpm", "packageName": "cluster-network-kmp-trace", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-xen-extra-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-xen-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.47.50-0.17.1.7", "arch": "ia64", "packageFilename": "gfs2-kmp-trace-2_3.0.101_0.47.50-0.17.1.7.ia64.rpm", "packageName": "gfs2-kmp-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-ec2-devel-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-ec2-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "ppc64", "packageFilename": "kernel-ppc64-devel-3.0.101-0.47.50.1.ppc64.rpm", "packageName": "kernel-ppc64-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-ec2-devel-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-ec2-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "ia64", "packageFilename": "kernel-trace-base-3.0.101-0.47.50.1.ia64.rpm", "packageName": "kernel-trace-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-xen-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-xen", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "ia64", "packageFilename": "kernel-default-devel-3.0.101-0.47.50.1.ia64.rpm", "packageName": "kernel-default-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.47.50-0.17.1.7", "arch": "ia64", "packageFilename": "gfs2-kmp-default-2_3.0.101_0.47.50-0.17.1.7.ia64.rpm", "packageName": "gfs2-kmp-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-default-devel-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-default-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-default-base-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-default-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "s390x", "packageFilename": "kernel-default-base-3.0.101-0.47.50.1.s390x.rpm", "packageName": "kernel-default-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "ppc64", "packageFilename": "kernel-ppc64-base-3.0.101-0.47.50.1.ppc64.rpm", "packageName": "kernel-ppc64-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-default-devel-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-default-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-pae-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-pae", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "ia64", "packageFilename": "kernel-trace-3.0.101-0.47.50.1.ia64.rpm", "packageName": "kernel-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.47.50-0.21.1.7", "arch": "i586", "packageFilename": "ocfs2-kmp-trace-1.6_3.0.101_0.47.50-0.21.1.7.i586.rpm", "packageName": "ocfs2-kmp-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-default-devel-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-default-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-pae-extra-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-pae-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "s390x", "packageFilename": "kernel-trace-base-3.0.101-0.47.50.1.s390x.rpm", "packageName": "kernel-trace-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-syms-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-syms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "s390x", "packageFilename": "kernel-default-man-3.0.101-0.47.50.1.s390x.rpm", "packageName": "kernel-default-man", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "s390x", "packageFilename": "kernel-trace-3.0.101-0.47.50.1.s390x.rpm", "packageName": "kernel-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-xen-base-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-xen-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-source-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-source", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.47.50-2.28.1.7", "arch": "ppc64", "packageFilename": "cluster-network-kmp-ppc64-1.4_3.0.101_0.47.50-2.28.1.7.ppc64.rpm", "packageName": "cluster-network-kmp-ppc64", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-default-extra-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-default-extra", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-bigsmp-extra-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-bigsmp-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.47.50-2.28.1.7", "arch": "s390x", "packageFilename": "cluster-network-kmp-trace-1.4_3.0.101_0.47.50-2.28.1.7.s390x.rpm", "packageName": "cluster-network-kmp-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "ppc64", "packageFilename": "kernel-ppc64-3.0.101-0.47.50.1.ppc64.rpm", "packageName": "kernel-ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-trace-base-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-trace-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.47.50-2.28.1.7", "arch": "ia64", "packageFilename": "cluster-network-kmp-default-1.4_3.0.101_0.47.50-2.28.1.7.ia64.rpm", "packageName": "cluster-network-kmp-default", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "3.0.101-0.47.50.1", "arch": "s390x", "packageFilename": "kernel-default-extra-3.0.101-0.47.50.1.s390x.rpm", "packageName": "kernel-default-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-default-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-default-extra-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-default-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.47.50-0.17.1.7", "arch": "s390x", "packageFilename": "gfs2-kmp-default-2_3.0.101_0.47.50-0.17.1.7.s390x.rpm", "packageName": "gfs2-kmp-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-bigsmp-base-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-bigsmp-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "4.2.5_04_3.0.101_0.47.50-0.7.1", "arch": "i586", "packageFilename": "xen-kmp-default-4.2.5_04_3.0.101_0.47.50-0.7.1.i586.rpm", "packageName": "xen-kmp-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-default-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "i586", "packageFilename": "kernel-pae-devel-3.0.101-0.47.50.1.i586.rpm", "packageName": "kernel-pae-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.47.50.1", "arch": "x86_64", "packageFilename": "kernel-xen-devel-3.0.101-0.47.50.1.x86_64.rpm", "packageName": "kernel-xen-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.47.50-0.17.1.7", "arch": "s390x", "packageFilename": "gfs2-kmp-trace-2_3.0.101_0.47.50-0.17.1.7.s390x.rpm", "packageName": "gfs2-kmp-trace", "operator": "lt"}], "description": "The SUSE Linux Enterprise 11 SP3 kernel has been updated to receive\n various security and bugfixes.\n\n New features enabled:\n\n * The Ceph and rbd remote network block device drivers are now enabled\n and supported, to serve as client for SUSE Enterprise Storage 1.0.\n (FATE#318328)\n * Support to selected Bay Trail CPUs used in Point of Service Hardware\n was enabled. (FATE#317933)\n * Broadwell Legacy Audio, HDMI Audio and DisplayPort Audio support\n (Audio Driver: HD-A HDMI/DP Audio/HDA Analog/DSP) was enabled.\n (FATE#317347)\n\n The following security bugs have been fixed:\n\n * CVE-2015-1593: An integer overflow in the stack randomization on\n 64-bit systems lead to less effective stack ASLR on those systems.\n (bsc#917839)\n * CVE-2014-8160: iptables rules could be bypassed if the specific\n network protocol module was not loaded, allowing e.g. SCTP to bypass\n the firewall if the sctp protocol was not enabled. (bsc#913059)\n * CVE-2014-7822: A flaw was found in the way the Linux kernels\n splice() system call validated its parameters. On certain file\n systems, a local, unprivileged user could have used this flaw to\n write past the maximum file size, and thus crash the system.\n (bnc#915322)\n * CVE-2014-9419: The __switch_to function in\n arch/x86/kernel/process_64.c in the Linux kernel did not ensure that\n Thread Local Storage (TLS) descriptors are loaded before proceeding\n with other steps, which made it easier for local users to bypass the\n ASLR protection mechanism via a crafted application that reads a TLS\n base address (bnc#911326).\n * CVE-2014-9584: The parse_rock_ridge_inode_internal function in\n fs/isofs/rock.c in the Linux kernel did not validate a length value\n in the Extensions Reference (ER) System Use Field, which allowed\n local users to obtain sensitive information from kernel memory via a\n crafted iso9660 image (bnc#912654).\n * CVE-2014-9585: The vdso_addr function in arch/x86/vdso/vma.c in the\n Linux kernel did not properly choose memory locations for the vDSO\n area, which made it easier for local users to bypass the ASLR\n protection mechanism by guessing a location at the end of a PMD\n (bnc#912705).\n * CVE-2014-8559: The d_walk function in fs/dcache.c in the Linux\n kernel did not properly maintain the semantics of rename_lock, which\n allowed local users to cause a denial of service (deadlock and\n system hang) via a crafted application (bnc#903640).\n * CVE-2014-9420: The rock_continue function in fs/isofs/rock.c in the\n Linux kernel did not restrict the number of Rock Ridge continuation\n entries, which allowed local users to cause a denial of service\n (infinite loop, and system crash or hang) via a crafted iso9660\n image (bsc#911325).\n * CVE-2014-8134: The paravirt_ops_setup function in\n arch/x86/kernel/kvm.c in the Linux kernel used an improper\n paravirt_enabled setting for KVM guest kernels, which made it easier\n for guest OS users to bypass the ASLR protection mechanism via a\n crafted application that reads a 16-bit value (bnc#907818 909077\n 909078).\n * CVE-2014-8369: The kvm_iommu_map_pages function in virt/kvm/iommu.c\n in the Linux kernel miscalculated the number of pages during the\n handling of a mapping failure, which allowed guest OS users to cause\n a denial of service (host OS page unpinning) or possibly have\n unspecified other impact by leveraging guest OS privileges. NOTE:\n this vulnerability exists because of an incorrect fix for\n CVE-2014-3601 (bsc#902675).\n * CVE-2014-3690: arch/x86/kvm/vmx.c in the KVM subsystem in the Linux\n kernel on Intel processors did not ensure that the value in the CR4\n control register remains the same after a VM entry, which allowed\n host OS users to kill arbitrary processes or cause a denial of\n service (system disruption) by leveraging /dev/kvm access, as\n demonstrated by PR_SET_TSC prctl calls within a modified copy of\n QEMU (bnc#902232).\n * CVE-2014-7842: Race condition in arch/x86/kvm/x86.c in the Linux\n kernel allowed guest OS users to cause a denial of service (guest OS\n crash) via a crafted application that performs an MMIO transaction\n or a PIO transaction to trigger a guest userspace emulation error\n report, a similar issue to CVE-2010-5313 (bnc#905312).\n * CVE-2014-0181: The Netlink implementation in the Linux kernel did\n not provide a mechanism for authorizing socket operations based on\n the\n opener of a socket, which allowed local users to bypass intended\n access restrictions and modify network configurations by using a Netlink\n socket for the (1) stdout or (2) stderr of a setuid program (bnc#875051).\n * CVE-2014-3688: The SCTP implementation in the Linux kernel allowed\n remote attackers to cause a denial of service (memory consumption)\n by triggering a large number of chunks in an associations output\n queue, as demonstrated by ASCONF probes, related to\n net/sctp/inqueue.c and net/sctp/sm_statefuns.c (bnc#902351).\n * CVE-2014-7970: The pivot_root implementation in fs/namespace.c in\n the Linux kernel did not properly interact with certain locations of\n a chroot directory, which allowed local users to cause a denial of\n service (mount-tree loop) via . (dot) values in both arguments to\n the pivot_root system call (bnc#900644).\n * CVE-2014-3687: The sctp_assoc_lookup_asconf_ack function in\n net/sctp/associola.c in the SCTP implementation in the Linux kernel\n allowed remote attackers to cause a denial of service (panic) via\n duplicate ASCONF chunks that trigger an incorrect uncork within the\n side-effect interpreter (bnc#902349, bnc#904899).\n\n The following non-security bugs have been fixed:\n\n * ACPI idle: permit sparse C-state sub-state numbers\n (bnc#908550,FATE#317933).\n * ALSA : hda - not use assigned converters for all unused pins\n (FATE#317933).\n * ALSA: hda - Add Device IDs for Intel Wildcat Point-LP PCH\n (FATE#317347).\n * ALSA: hda - Fix onboard audio on Intel H97/Z97 chipsets\n (FATE#317347).\n * ALSA: hda - add PCI IDs for Intel BayTrail (FATE#317347).\n * ALSA: hda - add PCI IDs for Intel Braswell (FATE#317347).\n * ALSA: hda - add codec ID for Braswell display audio codec\n (FATE#317933).\n * ALSA: hda - add codec ID for Broadwell display audio codec\n (FATE#317933).\n * ALSA: hda - add codec ID for Valleyview2 display codec (FATE#317933).\n * ALSA: hda - define is_haswell() to check if a display audio codec is\n Haswell (FATE#317933).\n * ALSA: hda - hdmi: Re-setup pin and infoframe on plug-in on all\n codecs (FATE#317933).\n * ALSA: hda - not choose assigned converters for unused pins of\n Valleyview (FATE#317933).\n * ALSA: hda - rename function not_share_unassigned_cvt() (FATE#317933).\n * ALSA: hda - unmute pin amplifier in infoframe setup for Haswell\n (FATE#317933).\n * ALSA: hda - verify pin:converter connection on unsol event for HSW\n and VLV (FATE#317933).\n * ALSA: hda - verify pin:cvt connection on preparing a stream for\n Intel HDMI codec (FATE#317933).\n * ALSA: hda/hdmi - apply Valleyview fix-ups to Cherryview display\n codec (FATE#317933).\n * ALSA: hda/hdmi - apply all Haswell fix-ups to Broadwell display\n codec (FATE#317933).\n * ALSA: hda_intel: Add Device IDs for Intel Sunrise Point PCH\n (FATE#317347).\n * ALSA: hda_intel: Add DeviceIDs for Sunrise Point-LP (FATE#317347).\n * Add support for AdvancedSilicon HID multitouch screen (2149:36b1)\n (FATE#317933).\n * Disable switching to bootsplash at oops/panic (bnc#877593).\n * Do not trigger congestion wait on dirty-but-not-writeout pages (VM\n Performance, bnc#909093, bnc#910517).\n * Fix HDIO_DRIVE_* ioctl() regression (bnc#833588, bnc#905799)\n * Fix Module.supported handling for external modules (bnc#905304).\n * Fix zero freq if frequency is requested too quickly in a row\n (bnc#908572).\n * Fix zero freq if frequency is requested too quickly in a row\n (bnc#908572).\n * Fixup kABI after\n patches.fixes/writeback-do-not-sync-data-dirtied-after-sync-start.patch (bn\n c#833820).\n * Force native backlight for HP POS machines (bnc#908551,FATE#317933).\n * HID: use multi input quirk for 22b9:2968 (FATE#317933).\n * IPoIB: Use a private hash table for path lookup in xmit path\n (bsc#907196).\n * Import kabi files from kernel 3.0.101-0.40\n * KEYS: Fix stale key registration at error path (bnc#908163).\n * NFS: Add sequence_priviliged_ops for nfs4_proc_sequence()\n (bnc#864401).\n * NFS: do not use STABLE writes during writeback (bnc#816099).\n * NFSv4.1 handle DS stateid errors (bnc#864401).\n * NFSv4.1: Do not decode skipped layoutgets (bnc#864411).\n * NFSv4.1: Fix a race in the pNFS return-on-close code (bnc#864409).\n * NFSv4.1: Fix an ABBA locking issue with session and state\n serialisation (bnc#864409).\n * NFSv4.1: We must release the sequence id when we fail to get a\n session slot (bnc#864401).\n * NFSv4: Do not accept delegated opens when a delegation recall is in\n effect (bnc#864409).\n * NFSv4: Ensure correct locking when accessing the "^a" list\n (bnc#864401).\n * NFSv4: Fix another reboot recovery race (bnc#916982).\n * Preserve kabi checksum of path_is_under().\n * Refresh patches.drivers/HID-multitouch-add-support-for-Atmel-212c.\n Fix the non-working touchsreen (bnc#909740)\n * Revert "drm/i915: Calculate correct stolen size for GEN7+"\n (bnc#908550,FATE#317933).\n * SUNRPC: Do not allow low priority tasks to pre-empt higher priority\n ones (bnc#864401).\n * SUNRPC: When changing the queue priority, ensure that we change the\n owner (bnc#864401).\n * Setting rbd and libceph as supported drivers (bsc#917884)\n * audit: efficiency fix 1: only wake up if queue shorter than backlog\n limit (bnc#908393).\n * audit: efficiency fix 2: request exclusive wait since all need same\n resource (bnc#908393).\n * audit: fix endless wait in audit_log_start() (bnc#908393).\n * audit: make use of remaining sleep time from wait_for_auditd\n (bnc#908393).\n * audit: refactor hold queue flush (bnc#908393).\n * audit: reset audit backlog wait time after error recovery\n (bnc#908393).\n * audit: wait_for_auditd() should use TASK_UNINTERRUPTIBLE\n (bnc#908393).\n * block: rbd: use NULL instead of 0 (FATE#318328 bsc#917884).\n * block: replace strict_strtoul() with kstrtoul() (FATE#318328\n bsc#917884).\n * bonding: propagate LRO disabling down to slaves (bnc#829110\n bnc#891277 bnc#904053).\n * cciss: fix broken mutex usage in ioctl (bnc#910013).\n * ceph: Add necessary clean up if invalid reply received in\n handle_reply() (FATE#318328 bsc#917884).\n * ceph: remove bogus extern (FATE#318328 bsc#917884).\n * config: Disable CONFIG_RCU_FAST_NO_HZ (bnc#884817) This option has\n been verified to be racy vs hotplug, and is irrelevant to SLE in any\n case.\n * coredump: ensure the fpu state is flushed for proper multi-threaded\n core dump (bnc#904671).\n * crush: CHOOSE_LEAF -> CHOOSELEAF throughout (FATE#318328 bsc#917884).\n * crush: add SET_CHOOSE_TRIES rule step (FATE#318328 bsc#917884).\n * crush: add note about r in recursive choose (FATE#318328 bsc#917884).\n * crush: add set_choose_local_[fallback_]tries steps (FATE#318328\n bsc#917884).\n * crush: apply chooseleaf_tries to firstn mode too (FATE#318328\n bsc#917884).\n * crush: attempts -> tries (FATE#318328 bsc#917884).\n * crush: clarify numrep vs endpos (FATE#318328 bsc#917884).\n * crush: eliminate CRUSH_MAX_SET result size limitation (FATE#318328\n bsc#917884).\n * crush: factor out (trivial) crush_destroy_rule() (FATE#318328\n bsc#917884).\n * crush: fix crush_choose_firstn comment (FATE#318328 bsc#917884).\n * crush: fix some comments (FATE#318328 bsc#917884).\n * crush: generalize descend_once (FATE#318328 bsc#917884).\n * crush: new SET_CHOOSE_LEAF_TRIES command (FATE#318328 bsc#917884).\n * crush: pass parent r value for indep call (FATE#318328 bsc#917884).\n * crush: pass weight vector size to map function (FATE#318328\n bsc#917884).\n * crush: reduce scope of some local variables (FATE#318328 bsc#917884).\n * crush: return CRUSH_ITEM_UNDEF for failed placements with indep\n (FATE#318328 bsc#917884).\n * crush: strip firstn conditionals out of crush_choose, rename\n (FATE#318328 bsc#917884).\n * crush: use breadth-first search for indep mode (FATE#318328\n bsc#917884).\n * crypto: add missing crypto module aliases (bsc#914423).\n * crypto: include crypto- module prefix in template (bsc#914423).\n * crypto: kernel oops at insmod of the z90crypt device driver\n (bnc#909088, LTC#119591).\n * crypto: prefix module autoloading with "crypto-" (bsc#914423).\n * dm raid: add region_size parameter (bnc#895841).\n * do not do blind d_drop() in nfs_prime_dcache() (bnc#908069\n bnc#896484).\n * drm/cirrus: Fix cirrus drm driver for fbdev + qemu\n (bsc#909846,bnc#856760).\n * drm/i915: split PCI IDs out into i915_drm.h v4\n (bnc#908550,FATE#317933).\n * fix dcache exit scaling (bnc#876594).\n * infiniband: ipoib: Sanitize neighbour handling in ipoib_main.c\n (bsc#907196).\n * iommu/vt-d: Fix an off-by-one bug in __domain_mapping() (bsc#908825).\n * ipoib: Convert over to dev_lookup_neigh_skb() (bsc#907196).\n * ipoib: Need to do dst_neigh_lookup_skb() outside of priv->lock\n (bsc#907196).\n * ipv6: fix net reference leak in IPv6 conntrack reassembly\n (bnc#865419).\n * isofs: Fix unchecked printing of ER records.\n * kABI: protect console include in consolemap.\n * kabi fix (bnc#864404).\n * kabi, mm: prevent endless growth of anon_vma hierarchy (bnc#904242).\n * kernel/audit.c: avoid negative sleep durations (bnc#908393).\n * kernel: 3215 tty close crash (bnc#915209, LTC#120873).\n * kernel: incorrect clock_gettime result (bnc#915209, LTC#121184).\n * kvm: Do not expose MONITOR cpuid as available (bnc#887597)\n * kvm: iommu: Add cond_resched to legacy device assignment code\n (bnc#910159).\n * libceph: CEPH_OSD_FLAG_* enum update (FATE#318328 bsc#917884).\n * libceph: add ceph_kv{malloc,free}() and switch to them (FATE#318328\n bsc#917884).\n * libceph: add ceph_pg_pool_by_id() (FATE#318328 bsc#917884).\n * libceph: add function to ensure notifies are complete (FATE#318328\n bsc#917884).\n * libceph: add process_one_ticket() helper (FATE#318328 bsc#917884).\n * libceph: all features fields must be u64 (FATE#318328 bsc#917884).\n * libceph: block I/O when PAUSE or FULL osd map flags are set\n (FATE#318328 bsc#917884).\n * libceph: call r_unsafe_callback when unsafe reply is received\n (FATE#318328 bsc#917884).\n * libceph: create_singlethread_workqueue() does not return ERR_PTRs\n (FATE#318328 bsc#917884).\n * libceph: do not hard code max auth ticket len (FATE#318328\n bsc#917884).\n * libceph: dout() is missing a newline (FATE#318328 bsc#917884).\n * libceph: factor out logic from ceph_osdc_start_request()\n (FATE#318328 bsc#917884).\n * libceph: fix error handling in ceph_osdc_init() (FATE#318328\n bsc#917884).\n * libceph: fix preallocation check in get_reply() (FATE#318328\n bsc#917884).\n * libceph: fix safe completion (FATE#318328 bsc#917884).\n * libceph: follow redirect replies from osds (FATE#318328 bsc#917884).\n * libceph: follow {read,write}_tier fields on osd request submission\n (FATE#318328 bsc#917884).\n * libceph: gracefully handle large reply messages from the mon\n (FATE#318328 bsc#917884).\n * libceph: introduce and start using oid abstraction (FATE#318328\n bsc#917884).\n * libceph: rename MAX_OBJ_NAME_SIZE to CEPH_MAX_OID_NAME_LEN\n (FATE#318328 bsc#917884).\n * libceph: rename ceph_msg::front_max to front_alloc_len (FATE#318328\n bsc#917884).\n * libceph: rename ceph_osd_request::r_{oloc,oid} to r_base_{oloc,oid}\n (FATE#318328 bsc#917884).\n * libceph: rename front to front_len in get_reply() (FATE#318328\n bsc#917884).\n * libceph: replace ceph_calc_ceph_pg() with ceph_oloc_oid_to_pg()\n (FATE#318328 bsc#917884).\n * libceph: resend all writes after the osdmap loses the full flag\n (FATE#318328 bsc#917884).\n * libceph: start using oloc abstraction (FATE#318328 bsc#917884).\n * libceph: take map_sem for read in handle_reply() (FATE#318328\n bsc#917884).\n * libceph: update ceph_features.h (FATE#318328 bsc#917884).\n * libceph: use CEPH_MON_PORT when the specified port is 0 (FATE#318328\n bsc#917884).\n * libiscsi: Added new boot entries in the session sysfs (FATE#316723\n bsc#914355)\n * mei: ME hardware reset needs to be synchronized (bnc#876086).\n * mei: add 9 series PCH mei device ids (bnc#876086).\n * mei: add hw start callback (bnc#876086).\n * mei: cancel stall timers in mei_reset (bnc#876086).\n * mei: do not have to clean the state on power up (bnc#876086).\n * mei: limit the number of consecutive resets (bnc#876086).\n * mei: me: add Lynx Point Wellsburg work station device id\n (bnc#876086).\n * mei: me: clear interrupts on the resume path (bnc#876086).\n * mei: me: do not load the driver if the FW does not support MEI\n interface (bnc#876086).\n * mei: me: fix hardware reset flow (bnc#876086).\n * mei: me: read H_CSR after asserting reset (bnc#876086).\n * mm, vmscan: prevent kswapd livelock due to pfmemalloc-throttled\n process being killed (VM Functionality bnc#910150).\n * mm: fix BUG in __split_huge_page_pmd (bnc#906586).\n * mm: fix corner case in anon_vma endless growing prevention\n (bnc#904242).\n * mm: prevent endless growth of anon_vma hierarchy (bnc#904242).\n * mm: vmscan: count only dirty pages as congested (VM Performance,\n bnc#910517).\n * net, sunrpc: suppress allocation warning in rpc_malloc()\n (bnc#904659).\n * net: 8021q/bluetooth/bridge/can/ceph: Remove extern from function\n prototypes (FATE#318328 bsc#917884).\n * net: handle more general stacking in dev_disable_lro() (bnc#829110\n bnc#891277 bnc#904053).\n * netfilter: do not drop packet on insert collision (bnc#907611).\n * nf_conntrack: avoid reference leak in __ipv6_conntrack_in()\n (bnc#865419).\n * nfs_prime_dcache needs fh to be set (bnc#908069 bnc#896484).\n * nfsd: fix EXDEV checking in rename (bnc#915791).\n * pnfs: defer release of pages in layoutget (bnc#864411).\n * proc_sys_revalidate: fix Oops on NULL nameidata (bnc#907551).\n * qlge: fix an "&&" vs "||" bug (bsc#912171).\n * rbd: Fix error recovery in rbd_obj_read_sync() (FATE#318328\n bsc#917884).\n * rbd: Use min_t() to fix comparison of distinct pointer types warning\n (FATE#318328 bsc#917884).\n * rbd: add "minor" sysfs rbd device attribute (FATE#318328 bsc#917884).\n * rbd: add support for single-major device number allocation scheme\n (FATE#318328 bsc#917884).\n * rbd: clean up a few things in the refresh path (FATE#318328\n bsc#917884).\n * rbd: complete notifies before cleaning up osd_client and rbd_dev\n (FATE#318328 bsc#917884).\n * rbd: do not destroy ceph_opts in rbd_add() (FATE#318328 bsc#917884).\n * rbd: do not hold ctl_mutex to get/put device (FATE#318328\n bsc#917884).\n * rbd: drop an unsafe assertion (FATE#318328 bsc#917884).\n * rbd: drop original request earlier for existence check (FATE#318328\n bsc#917884).\n * rbd: enable extended devt in single-major mode (FATE#318328\n bsc#917884).\n * rbd: fetch object order before using it (FATE#318328 bsc#917884).\n * rbd: fix I/O error propagation for reads (FATE#318328 bsc#917884).\n * rbd: fix a couple warnings (FATE#318328 bsc#917884).\n * rbd: fix buffer size for writes to images with snapshots\n (FATE#318328 bsc#917884).\n * rbd: fix cleanup in rbd_add() (FATE#318328 bsc#917884).\n * rbd: fix error handling from rbd_snap_name() (FATE#318328\n bsc#917884).\n * rbd: fix error paths in rbd_img_request_fill() (FATE#318328\n bsc#917884).\n * rbd: fix null dereference in dout (FATE#318328 bsc#917884).\n * rbd: fix use-after free of rbd_dev->disk (FATE#318328 bsc#917884).\n * rbd: flush dcache after zeroing page data (FATE#318328 bsc#917884).\n * rbd: ignore unmapped snapshots that no longer exist (FATE#318328\n bsc#917884).\n * rbd: introduce rbd_dev_header_unwatch_sync() and switch to it\n (FATE#318328 bsc#917884).\n * rbd: make rbd_obj_notify_ack() synchronous (FATE#318328 bsc#917884).\n * rbd: protect against concurrent unmaps (FATE#318328 bsc#917884).\n * rbd: protect against duplicate client creation (FATE#318328\n bsc#917884).\n * rbd: rbd_device::dev_id is an int, format it as such (FATE#318328\n bsc#917884).\n * rbd: refactor rbd_init() a bit (FATE#318328 bsc#917884).\n * rbd: send snapshot context with writes (FATE#318328 bsc#917884).\n * rbd: set removing flag while holding list lock (FATE#318328\n bsc#917884).\n * rbd: switch to ida for rbd id assignments (FATE#318328 bsc#917884).\n * rbd: take a little credit (FATE#318328 bsc#917884).\n * rbd: tear down watch request if rbd_dev_device_setup() fails\n (FATE#318328 bsc#917884).\n * rbd: tweak "loaded" message and module description (FATE#318328\n bsc#917884).\n * rbd: use reference counts for image requests (FATE#318328\n bsc#917884).\n * rbd: use rwsem to protect header updates (FATE#318328 bsc#917884).\n * rbd: use the correct length for format 2 object names (FATE#318328\n bsc#917884).\n * rpm/kernel-binary.spec.in: Own the modules directory in the devel\n package (bnc#910322)\n * scsi_dh_alua: add missing hunk in alua_set_params() (bnc#846656).\n * scsifront: avoid acquiring same lock twice if ring is full.\n * sd: medium access timeout counter fails to reset (bnc#894213).\n * storvsc: ring buffer failures may result in I/O freeze\n * swap: fix shmem swapping when more than 8 areas (bnc#903096).\n * timekeeping: Avoid possible deadlock from clock_was_set_delayed\n (bsc#771619).\n * tty: Fix memory leak in virtual console when enable unicode\n translation (bnc#916515).\n * udf: Check component length before reading it.\n * udf: Check path length when reading symlink.\n * udf: Verify i_size when loading inode.\n * udf: Verify symlink size before loading it.\n * udp: Add MIB counters for rcvbuferrors (bnc#909565).\n * usb: xhci: rework root port wake bits if controller is not allowed\n to wakeup (bsc#909264).\n * virtio_net: drop dst reference before transmitting a packet\n (bnc#882470).\n * vt: push the tty_lock down into the map handling (bnc#915826).\n * workqueue: Make rescuer thread process more works (bnc#900279).\n * x86, xsave: remove thread_has_fpu() bug check in\n __sanitize_i387_state() (bnc#904671).\n * x86-64/MCE: flip CPU and bank numbers in log message.\n * x86/UV: Fix NULL pointer dereference in uv_flush_tlb_others() if the\n "^a" boot option is used (bsc#909092).\n * x86/UV: Fix conditional in gru_exit() (bsc#909095).\n * x86/early quirk: use gen6 stolen detection for VLV\n (bnc#908550,FATE#317933).\n * x86/gpu: Print the Intel graphics stolen memory range (bnc#908550).\n * x86/hpet: Make boot_hpet_disable extern (bnc#908550,FATE#317933).\n * x86/intel: Add quirk to disable HPET for the Baytrail platform\n (bnc#908550,FATE#317933).\n * x86/uv: Fix UV2 BAU legacy mode (bsc#909092).\n * x86/uv: Fix the UV BAU destination timeout period (bsc#909092).\n * x86/uv: Implement UV BAU runtime enable and disable control via\n /proc/sgi_uv/ (bsc#909092).\n * x86/uv: Update the UV3 TLB shootdown logic (bsc#909092).\n * x86/uv: Work around UV2 BAU hangs (bsc#909092).\n * x86: UV BAU: Avoid NULL pointer reference in ptc_seq_show\n (bsc#911181).\n * x86: UV BAU: Increase maximum CPUs per socket/hub (bsc#911181).\n * x86: add early quirk for reserving Intel graphics stolen memory v5\n (bnc#908550,FATE#317933).\n * x86: irq: Check for valid irq descriptor in\n check_irq_vectors_for_cpu_disable (bnc#914726).\n * xen-privcmd-hcall-preemption: Fix EFLAGS.IF access.\n * xfs: re-enable non-blocking behaviour in xfs_map_blocks (bnc#900279).\n * xfs: recheck buffer pinned status after push trylock failure\n (bnc#907338).\n * xfs: remove log force from xfs_buf_trylock() (bnc#907338).\n * xhci: fix incorrect type in assignment in\n handle_device_notification() (bsc#910321).\n * zcrypt: Number of supported ap domains is not retrievable\n (bnc#915209, LTC#120788).\n\n Security Issues:\n\n * CVE-2013-7263\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263</a>>\n * CVE-2014-0181\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0181\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0181</a>>\n * CVE-2014-3687\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3687\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3687</a>>\n * CVE-2014-3688\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3688\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3688</a>>\n * CVE-2014-3690\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3690\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3690</a>>\n * CVE-2014-4608\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4608\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4608</a>>\n * CVE-2014-7822\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7822\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7822</a>>\n * CVE-2014-7842\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7842\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7842</a>>\n * CVE-2014-7970\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7970\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7970</a>>\n * CVE-2014-8133\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8133\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8133</a>>\n * CVE-2014-8134\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8134\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8134</a>>\n * CVE-2014-8160\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8160\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8160</a>>\n * CVE-2014-8369\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8369\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8369</a>>\n * CVE-2014-8559\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8559\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8559</a>>\n * CVE-2014-9090\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9090\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9090</a>>\n * CVE-2014-9322\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9322\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9322</a>>\n * CVE-2014-9419\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9419\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9419</a>>\n * CVE-2014-9420\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9420\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9420</a>>\n * CVE-2014-9584\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9584\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9584</a>>\n * CVE-2014-9585\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9585\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9585</a>>\n * CVE-2015-1593\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1593\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1593</a>>\n", "edition": 1, "reporter": "Suse", "published": "2015-03-24T07:04:48", "title": "Security update for the Linux Kernel (important)", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "suse", "bulletinFamily": "unix", "cvelist": ["CVE-2014-8369", "CVE-2010-5313", "CVE-2014-7822", "CVE-2014-8134", "CVE-2014-9420", "CVE-2015-1593", "CVE-2014-9090", "CVE-2014-3688", "CVE-2014-8160", "CVE-2014-9322", "CVE-2014-8559", "CVE-2014-3601", "CVE-2014-4608", "CVE-2014-9584", "CVE-2013-7263", "CVE-2014-0181", "CVE-2014-3690", "CVE-2014-8133", "CVE-2014-9419", "CVE-2014-7842", "CVE-2014-9585", "CVE-2014-3687", "CVE-2014-7970"], "modified": "2015-03-24T07:04:48", "id": "SUSE-SU-2015:0581-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00028.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:48:25", "references": ["https://bugzilla.suse.com/903096", "https://bugzilla.suse.com/912705", "https://bugzilla.suse.com/909565", "https://bugzilla.suse.com/856760", "https://bugzilla.suse.com/905304", "https://bugzilla.suse.com/909077", "https://bugzilla.suse.com/900644", "https://bugzilla.suse.com/902351", "https://bugzilla.suse.com/895841", "https://bugzilla.suse.com/902349", "https://bugzilla.suse.com/909264", "https://bugzilla.suse.com/915826", "https://bugzilla.suse.com/911181", "https://bugzilla.suse.com/909095", "https://bugzilla.suse.com/914423", "https://bugzilla.suse.com/906586", "https://bugzilla.suse.com/909088", "https://bugzilla.suse.com/904659", "https://bugzilla.suse.com/894213", "https://bugzilla.suse.com/908069", "https://bugzilla.suse.com/910322", "https://bugzilla.suse.com/884817", "https://bugzilla.suse.com/887597", "https://bugzilla.suse.com/771619", "https://bugzilla.suse.com/915322", "https://bugzilla.suse.com/904053", "https://bugzilla.suse.com/846656", "https://bugzilla.suse.com/910013", "https://bugzilla.suse.com/908163", "https://bugzilla.suse.com/882470", "https://bugzilla.suse.com/864409", "https://bugzilla.suse.com/914726", "https://bugzilla.suse.com/917884", "https://bugzilla.suse.com/910150", "https://bugzilla.suse.com/904242", "https://bugzilla.suse.com/917839", "https://bugzilla.suse.com/907196", "https://bugzilla.suse.com/908572", "https://bugzilla.suse.com/907818", "https://bugzilla.suse.com/891277", "https://bugzilla.suse.com/829110", "https://bugzilla.suse.com/905799", "https://bugzilla.suse.com/914355", "https://bugzilla.suse.com/911326", "https://bugzilla.suse.com/904671", "https://bugzilla.suse.com/876594", "https://bugzilla.suse.com/909078", "https://bugzilla.suse.com/876086", "https://bugzilla.suse.com/920250", "https://bugzilla.suse.com/907551", "https://bugzilla.suse.com/911325", "https://bugzilla.suse.com/903640", "https://bugzilla.suse.com/896484", "https://bugzilla.suse.com/905312", "https://bugzilla.suse.com/910159", "https://bugzilla.suse.com/910321", "https://bugzilla.suse.com/909092", "https://bugzilla.suse.com/916515", "https://bugzilla.suse.com/908550", "https://bugzilla.suse.com/875051", "https://bugzilla.suse.com/902232", "https://bugzilla.suse.com/908825", "https://bugzilla.suse.com/865419", "https://bugzilla.suse.com/915335", "https://bugzilla.suse.com/915209", "https://bugzilla.suse.com/833588", "https://bugzilla.suse.com/907611", "https://bugzilla.suse.com/908551", "https://bugzilla.suse.com/864404", "https://bugzilla.suse.com/908393", "https://bugzilla.suse.com/864411", "https://bugzilla.suse.com/909740", "https://bugzilla.suse.com/833820", "https://bugzilla.suse.com/907338", "https://bugzilla.suse.com/902675", "https://bugzilla.suse.com/912171", "https://bugzilla.suse.com/853040", "https://bugzilla.suse.com/909846", "https://bugzilla.suse.com/883948", "https://bugzilla.suse.com/877593", "https://bugzilla.suse.com/910517", "https://bugzilla.suse.com/816099", "https://bugzilla.suse.com/910251", "https://bugzilla.suse.com/864401", "https://bugzilla.suse.com/900279", "https://download.suse.com/patch/finder/?keywords=6ac65f6e9ab5fc78350f4042c5cd491b", "https://bugzilla.suse.com/916982", "https://bugzilla.suse.com/909093", "https://bugzilla.suse.com/913059", "https://bugzilla.suse.com/924282", "https://bugzilla.suse.com/915791"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "1.5.4.1_3.0.101_rt130_0.33.36-0.14.1.14", "packageFilename": "ofed-kmp-rt_trace-1.5.4.1_3.0.101_rt130_0.33.36-0.14.1.14.x86_64.rpm", "packageName": "ofed-kmp-rt_trace", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "1.4.20_3.0.101_rt130_0.33.36-0.39.1.14", "packageFilename": "iscsitarget-kmp-rt_trace-1.4.20_3.0.101_rt130_0.33.36-0.39.1.14.x86_64.rpm", "packageName": "iscsitarget-kmp-rt_trace", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "3.0.101.rt130-0.33.36.1", "packageFilename": "kernel-syms-rt-3.0.101.rt130-0.33.36.1.x86_64.rpm", "packageName": "kernel-syms-rt", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "3.0.101.rt130-0.33.36.1", "packageFilename": "kernel-rt-base-3.0.101.rt130-0.33.36.1.x86_64.rpm", "packageName": "kernel-rt-base", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "8.4.4_3.0.101_rt130_0.33.36-0.23.1.14", "packageFilename": "drbd-kmp-rt_trace-8.4.4_3.0.101_rt130_0.33.36-0.23.1.14.x86_64.rpm", "packageName": "drbd-kmp-rt_trace", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "1.4.20_3.0.101_rt130_0.33.36-0.39.1.14", "packageFilename": "iscsitarget-kmp-rt-1.4.20_3.0.101_rt130_0.33.36-0.39.1.14.x86_64.rpm", "packageName": "iscsitarget-kmp-rt", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "3.0.101.rt130-0.33.36.1", "packageFilename": "kernel-rt_trace-base-3.0.101.rt130-0.33.36.1.x86_64.rpm", "packageName": "kernel-rt_trace-base", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_rt130_0.33.36-2.28.1.14", "packageFilename": "cluster-network-kmp-rt-1.4_3.0.101_rt130_0.33.36-2.28.1.14.x86_64.rpm", "packageName": "cluster-network-kmp-rt", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_rt130_0.33.36-0.21.1.14", "packageFilename": "ocfs2-kmp-rt-1.6_3.0.101_rt130_0.33.36-0.21.1.14.x86_64.rpm", "packageName": "ocfs2-kmp-rt", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "3.0.101.rt130-0.33.36.1", "packageFilename": "kernel-rt_trace-devel-3.0.101.rt130-0.33.36.1.x86_64.rpm", "packageName": "kernel-rt_trace-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "1.5.4.1_3.0.101_rt130_0.33.36-0.14.1.14", "packageFilename": "ofed-kmp-rt-1.5.4.1_3.0.101_rt130_0.33.36-0.14.1.14.x86_64.rpm", "packageName": "ofed-kmp-rt", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "3.0.101.rt130-0.33.36.1", "packageFilename": "kernel-rt-devel-3.0.101.rt130-0.33.36.1.x86_64.rpm", "packageName": "kernel-rt-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_rt130_0.33.36-2.28.1.14", "packageFilename": "cluster-network-kmp-rt_trace-1.4_3.0.101_rt130_0.33.36-2.28.1.14.x86_64.rpm", "packageName": "cluster-network-kmp-rt_trace", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "3.0.101.rt130-0.33.36.1", "packageFilename": "kernel-rt-3.0.101.rt130-0.33.36.1.x86_64.rpm", "packageName": "kernel-rt", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "2.1.1_3.0.101_rt130_0.33.36-0.12.1.13", "packageFilename": "lttng-modules-kmp-rt-2.1.1_3.0.101_rt130_0.33.36-0.12.1.13.x86_64.rpm", "packageName": "lttng-modules-kmp-rt", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "3.0.101.rt130-0.33.36.1", "packageFilename": "kernel-rt_trace-3.0.101.rt130-0.33.36.1.x86_64.rpm", "packageName": "kernel-rt_trace", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "8.4.4_3.0.101_rt130_0.33.36-0.23.1.14", "packageFilename": "drbd-kmp-rt-8.4.4_3.0.101_rt130_0.33.36-0.23.1.14.x86_64.rpm", "packageName": "drbd-kmp-rt", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_rt130_0.33.36-0.21.1.14", "packageFilename": "ocfs2-kmp-rt_trace-1.6_3.0.101_rt130_0.33.36-0.21.1.14.x86_64.rpm", "packageName": "ocfs2-kmp-rt_trace", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "2.1.1_3.0.101_rt130_0.33.36-0.12.1.13", "packageFilename": "lttng-modules-kmp-rt_trace-2.1.1_3.0.101_rt130_0.33.36-0.12.1.13.x86_64.rpm", "packageName": "lttng-modules-kmp-rt_trace", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "3.0.101.rt130-0.33.36.1", "packageFilename": "kernel-source-rt-3.0.101.rt130-0.33.36.1.x86_64.rpm", "packageName": "kernel-source-rt", "arch": "x86_64", "operator": "lt"}], "edition": 1, "description": "The SUSE Linux Enterprise 11 SP3 Realtime kernel was updated to receive\n various security and bugfixes.\n\n The following security bugs have been fixed:\n\n *\n\n CVE-2015-1593: An integer overflow in the stack randomization on\n 64-bit systems lead to less effective stack ASLR on those systems.\n (bsc#917839)\n\n *\n\n CVE-2014-8160: iptables rules could be bypassed if the specific\n network protocol module was not loaded, allowing e.g. SCTP to bypass the\n firewall if the sctp protocol was not enabled. (bsc#913059)\n\n *\n\n CVE-2014-7822: A flaw was found in the way the Linux kernels\n splice() system call validated its parameters. On certain file systems, a\n local, unprivileged user could have used this flaw to write past the\n maximum file size, and thus crash the system. (bnc#915322)\n\n *\n\n CVE-2014-9419: The __switch_to function in\n arch/x86/kernel/process_64.c in the Linux kernel did not ensure that\n Thread Local Storage (TLS) descriptors are loaded before proceeding with\n other steps, which made it easier for local users to bypass the ASLR\n protection mechanism via a crafted application that reads a TLS base\n address (bnc#911326).\n\n *\n\n CVE-2014-9584: The parse_rock_ridge_inode_internal function in\n fs/isofs/rock.c in the Linux kernel did not validate a length value in the\n Extensions Reference (ER) System Use Field, which allowed local users to\n obtain sensitive information from kernel memory via a crafted iso9660\n image (bnc#912654).\n\n *\n\n CVE-2014-9585: The vdso_addr function in arch/x86/vdso/vma.c in the\n Linux kernel did not properly choose memory locations for the vDSO area,\n which made it easier for local users to bypass the ASLR protection\n mechanism by guessing a location at the end of a PMD (bnc#912705).\n\n *\n\n CVE-2014-8559: The d_walk function in fs/dcache.c in the Linux\n kernel did not properly maintain the semantics of rename_lock, which\n allowed local users to cause a denial of service (deadlock and system\n hang) via a crafted application (bnc#903640).\n\n *\n\n CVE-2014-9420: The rock_continue function in fs/isofs/rock.c in the\n Linux kernel did not restrict the number of Rock Ridge continuation\n entries, which allowed local users to cause a denial of service (infinite\n loop, and system crash or hang) via a crafted iso9660 image (bsc#911325).\n\n *\n\n CVE-2014-8134: The paravirt_ops_setup function in\n arch/x86/kernel/kvm.c in the Linux kernel used an improper\n paravirt_enabled setting for KVM guest kernels, which made it easier for\n guest OS users to bypass the ASLR protection mechanism via a crafted\n application that reads a 16-bit value (bnc#907818 909077 909078).\n\n *\n\n CVE-2014-8369: The kvm_iommu_map_pages function in virt/kvm/iommu.c\n in the Linux kernel miscalculated the number of pages during the handling\n of a mapping failure, which allowed guest OS users to cause a denial of\n service (host OS page unpinning) or possibly have unspecified other impact\n by leveraging guest OS privileges. NOTE: this vulnerability exists because\n of an incorrect fix for CVE-2014-3601 (bsc#902675).\n\n *\n\n CVE-2014-3690: arch/x86/kvm/vmx.c in the KVM subsystem in the Linux\n kernel on Intel processors did not ensure that the value in the CR4\n control register remains the same after a VM entry, which allowed host OS\n users to kill arbitrary processes or cause a denial of service (system\n disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC\n prctl calls within a modified copy of QEMU (bnc#902232).\n\n *\n\n CVE-2014-7842: Race condition in arch/x86/kvm/x86.c in the Linux\n kernel allowed guest OS users to cause a denial of service (guest OS\n crash) via a crafted application that performs an MMIO transaction or a\n PIO transaction to trigger a guest userspace emulation error report, a\n similar issue to CVE-2010-5313 (bnc#905312).\n\n *\n\n CVE-2014-0181: The Netlink implementation in the Linux kernel did\n not provide a mechanism for authorizing socket operations based on the\n opener of a socket, which allowed local users to bypass intended\n access restrictions and modify network configurations by using a Netlink\n socket for the (1) stdout or (2) stderr of a setuid program (bnc#875051).\n\n *\n\n CVE-2014-3688: The SCTP implementation in the Linux kernel allowed\n remote attackers to cause a denial of service (memory consumption) by\n triggering a large number of chunks in an associations output queue, as\n demonstrated by ASCONF probes, related to net/sctp/inqueue.c and\n net/sctp/sm_statefuns.c (bnc#902351).\n\n *\n\n CVE-2014-7970: The pivot_root implementation in fs/namespace.c in\n the Linux kernel did not properly interact with certain locations of a\n chroot directory, which allowed local users to cause a denial of service\n (mount-tree loop) via . (dot) values in both arguments to the pivot_root\n system call (bnc#900644).\n\n *\n\n CVE-2014-3687: The sctp_assoc_lookup_asconf_ack function in\n net/sctp/associola.c in the SCTP implementation in the Linux kernel\n allowed remote attackers to cause a denial of service (panic) via\n duplicate ASCONF chunks that trigger an incorrect uncork within the\n side-effect interpreter (bnc#902349 904899).\n\n The following non-security bugs have been fixed:\n\n * ACPI idle: permit sparse C-state sub-state numbers\n (bnc#908550,FATE#317933).\n * ALSA : hda - not use assigned converters for all unused pins\n (FATE#317933).\n * ALSA: hda - Add Device IDs for Intel Wildcat Point-LP PCH\n (FATE#317347).\n * ALSA: hda - Fix onboard audio on Intel H97/Z97 chipsets\n (FATE#317347).\n * ALSA: hda - add PCI IDs for Intel BayTrail (FATE#317347).\n * ALSA: hda - add PCI IDs for Intel Braswell (FATE#317347).\n * ALSA: hda - add codec ID for Braswell display audio codec\n (FATE#317933).\n * ALSA: hda - add codec ID for Broadwell display audio codec\n (FATE#317933).\n * ALSA: hda - add codec ID for Valleyview2 display codec (FATE#317933).\n * ALSA: hda - define is_haswell() to check if a display audio codec is\n Haswell (FATE#317933).\n * ALSA: hda - hdmi: Re-setup pin and infoframe on plug-in on all\n codecs (FATE#317933).\n * ALSA: hda - not choose assigned converters for unused pins of\n Valleyview (FATE#317933).\n * ALSA: hda - rename function not_share_unassigned_cvt() (FATE#317933).\n * ALSA: hda - unmute pin amplifier in infoframe setup for Haswell\n (FATE#317933).\n * ALSA: hda - verify pin:converter connection on unsol event for HSW\n and VLV (FATE#317933).\n * ALSA: hda - verify pin:cvt connection on preparing a stream for\n Intel HDMI codec (FATE#317933).\n * ALSA: hda/hdmi - apply Valleyview fix-ups to Cherryview display\n codec (FATE#317933).\n * ALSA: hda/hdmi - apply all Haswell fix-ups to Broadwell display\n codec (FATE#317933).\n * ALSA: hda_intel: Add Device IDs for Intel Sunrise Point PCH\n (FATE#317347).\n * ALSA: hda_intel: Add DeviceIDs for Sunrise Point-LP (FATE#317347).\n * Add support for AdvancedSilicon HID multitouch screen (2149:36b1)\n (FATE#317933).\n * Disable switching to bootsplash at oops/panic (bnc#877593).\n * Do not trigger congestion wait on dirty-but-not-writeout pages (VM\n Performance, bnc#909093, bnc#910517).\n * Fix HDIO_DRIVE_* ioctl() regression (bnc#833588, bnc#905799)\n * Fix Module.supported handling for external modules (bnc#905304).\n * Fix zero freq if frequency is requested too quickly in a row\n (bnc#908572).\n * Fix zero freq if frequency is requested too quickly in a row\n (bnc#908572).\n * Fixup kABI after\n patches.fixes/writeback-do-not-sync-data-dirtied-after-sync-start.patch (bn\n c#833820).\n * Force native backlight for HP POS machines (bnc#908551,FATE#317933).\n * HID: use multi input quirk for 22b9:2968 (FATE#317933).\n * IPoIB: Use a private hash table for path lookup in xmit path\n (bsc#907196).\n * Import kabi files from kernel 3.0.101-0.40\n * KEYS: Fix stale key registration at error path (bnc#908163).\n * NFS: Add sequence_priviliged_ops for nfs4_proc_sequence()\n (bnc#864401).\n * NFS: do not use STABLE writes during writeback (bnc#816099).\n * NFSv4.1 handle DS stateid errors (bnc#864401).\n * NFSv4.1: Do not decode skipped layoutgets (bnc#864411).\n * NFSv4.1: Fix a race in the pNFS return-on-close code (bnc#864409).\n * NFSv4.1: Fix an ABBA locking issue with session and state\n serialisation (bnc#864409).\n * NFSv4.1: We must release the sequence id when we fail to get a\n session slot (bnc#864401).\n * NFSv4: Do not accept delegated opens when a delegation recall is in\n effect (bnc#864409).\n * NFSv4: Ensure correct locking when accessing the "^a" list\n (bnc#864401).\n * NFSv4: Fix another reboot recovery race (bnc#916982).\n * Preserve kabi checksum of path_is_under().\n * Refresh patches.drivers/HID-multitouch-add-support-for-Atmel-212c.\n Fix the non-working touchsreen (bnc#909740)\n * Revert "drm/i915: Calculate correct stolen size for GEN7+"\n (bnc#908550,FATE#317933).\n * SUNRPC: Do not allow low priority tasks to pre-empt higher priority\n ones (bnc#864401).\n * SUNRPC: When changing the queue priority, ensure that we change the\n owner (bnc#864401).\n * Setting rbd and libceph as supported drivers (bsc#917884)\n * The bug number in\n patches.fixes/timekeeping-avoid-possible-deadlock-from-clock_was_set.patch\n changed from bsc#771619 to bsc#915335.\n * audit: efficiency fix 1: only wake up if queue shorter than backlog\n limit (bnc#908393).\n * audit: efficiency fix 2: request exclusive wait since all need same\n resource (bnc#908393).\n * audit: fix endless wait in audit_log_start() (bnc#908393).\n * audit: make use of remaining sleep time from wait_for_auditd\n (bnc#908393).\n * audit: refactor hold queue flush (bnc#908393).\n * audit: reset audit backlog wait time after error recovery\n (bnc#908393).\n * audit: wait_for_auditd() should use TASK_UNINTERRUPTIBLE\n (bnc#908393).\n * block: rbd: use NULL instead of 0 (FATE#318328 bsc#917884).\n * block: replace strict_strtoul() with kstrtoul() (FATE#318328\n bsc#917884).\n * bonding: propagate LRO disabling down to slaves (bnc#829110\n bnc#891277 bnc#904053).\n * cciss: fix broken mutex usage in ioctl (bnc#910013).\n * ceph: Add necessary clean up if invalid reply received in\n handle_reply() (FATE#318328 bsc#917884).\n * ceph: remove bogus extern (FATE#318328 bsc#917884).\n * config: Disable CONFIG_RCU_FAST_NO_HZ (bnc#884817) This option has\n been verified to be racy vs hotplug, and is irrelevant to SLE in any\n case.\n * coredump: ensure the fpu state is flushed for proper multi-threaded\n core dump (bnc#904671).\n * crush: CHOOSE_LEAF -> CHOOSELEAF throughout (FATE#318328 bsc#917884).\n * crush: add SET_CHOOSE_TRIES rule step (FATE#318328 bsc#917884).\n * crush: add note about r in recursive choose (FATE#318328 bsc#917884).\n * crush: add set_choose_local_[fallback_]tries steps (FATE#318328\n bsc#917884).\n * crush: apply chooseleaf_tries to firstn mode too (FATE#318328\n bsc#917884).\n * crush: attempts -> tries (FATE#318328 bsc#917884).\n * crush: clarify numrep vs endpos (FATE#318328 bsc#917884).\n * crush: eliminate CRUSH_MAX_SET result size limitation (FATE#318328\n bsc#917884).\n * crush: factor out (trivial) crush_destroy_rule() (FATE#318328\n bsc#917884).\n * crush: fix crush_choose_firstn comment (FATE#318328 bsc#917884).\n * crush: fix some comments (FATE#318328 bsc#917884).\n * crush: generalize descend_once (FATE#318328 bsc#917884).\n * crush: new SET_CHOOSE_LEAF_TRIES command (FATE#318328 bsc#917884).\n * crush: pass parent r value for indep call (FATE#318328 bsc#917884).\n * crush: pass weight vector size to map function (FATE#318328\n bsc#917884).\n * crush: reduce scope of some local variables (FATE#318328 bsc#917884).\n * crush: return CRUSH_ITEM_UNDEF for failed placements with indep\n (FATE#318328 bsc#917884).\n * crush: strip firstn conditionals out of crush_choose, rename\n (FATE#318328 bsc#917884).\n * crush: use breadth-first search for indep mode (FATE#318328\n bsc#917884).\n * crypto: add missing crypto module aliases (bsc#914423).\n * crypto: include crypto- module prefix in template (bsc#914423).\n * crypto: kernel oops at insmod of the z90crypt device driver\n (bnc#909088, LTC#119591).\n * crypto: prefix module autoloading with "crypto-" (bsc#914423).\n * dm raid: add region_size parameter (bnc#895841).\n * do not do blind d_drop() in nfs_prime_dcache() (bnc#908069\n bnc#896484).\n * drm/cirrus: Fix cirrus drm driver for fbdev + qemu\n (bsc#909846,bnc#856760).\n * drm/i915: split PCI IDs out into i915_drm.h v4\n (bnc#908550,FATE#317933).\n * fix dcache exit scaling (bnc#876594).\n * infiniband: ipoib: Sanitize neighbour handling in ipoib_main.c\n (bsc#907196).\n * iommu/vt-d: Fix an off-by-one bug in __domain_mapping() (bsc#908825).\n * ipoib: Convert over to dev_lookup_neigh_skb() (bsc#907196).\n * ipoib: Need to do dst_neigh_lookup_skb() outside of priv->lock\n (bsc#907196).\n * ipv6: fix net reference leak in IPv6 conntrack reassembly\n (bnc#865419).\n * isofs: Fix unchecked printing of ER records.\n * kABI: protect console include in consolemap.\n * kabi fix (bnc#864404).\n * kabi, mm: prevent endless growth of anon_vma hierarchy (bnc#904242).\n * kernel/audit.c: avoid negative sleep durations (bnc#908393).\n * kernel: 3215 tty close crash (bnc#915209, LTC#120873).\n * kernel: incorrect clock_gettime result (bnc#915209, LTC#121184).\n * kvm: Do not expose MONITOR cpuid as available (bnc#887597)\n * kvm: iommu: Add cond_resched to legacy device assignment code\n (bnc#910159).\n * libceph: CEPH_OSD_FLAG_* enum update (FATE#318328 bsc#917884).\n * libceph: add ceph_kv{malloc,free}() and switch to them (FATE#318328\n bsc#917884).\n * libceph: add ceph_pg_pool_by_id() (FATE#318328 bsc#917884).\n * libceph: add function to ensure notifies are complete (FATE#318328\n bsc#917884).\n * libceph: add process_one_ticket() helper (FATE#318328 bsc#917884).\n * libceph: all features fields must be u64 (FATE#318328 bsc#917884).\n * libceph: block I/O when PAUSE or FULL osd map flags are set\n (FATE#318328 bsc#917884).\n * libceph: call r_unsafe_callback when unsafe reply is received\n (FATE#318328 bsc#917884).\n * libceph: create_singlethread_workqueue() does not return ERR_PTRs\n (FATE#318328 bsc#917884).\n * libceph: do not hard code max auth ticket len (FATE#318328\n bsc#917884).\n * libceph: dout() is missing a newline (FATE#318328 bsc#917884).\n * libceph: factor out logic from ceph_osdc_start_request()\n (FATE#318328 bsc#917884).\n * libceph: fix error handling in ceph_osdc_init() (FATE#318328\n bsc#917884).\n * libceph: fix preallocation check in get_reply() (FATE#318328\n bsc#917884).\n * libceph: fix safe completion (FATE#318328 bsc#917884).\n * libceph: follow redirect replies from osds (FATE#318328 bsc#917884).\n * libceph: follow {read,write}_tier fields on osd request submission\n (FATE#318328 bsc#917884).\n * libceph: gracefully handle large reply messages from the mon\n (FATE#318328 bsc#917884).\n * libceph: introduce and start using oid abstraction (FATE#318328\n bsc#917884).\n * libceph: rename MAX_OBJ_NAME_SIZE to CEPH_MAX_OID_NAME_LEN\n (FATE#318328 bsc#917884).\n * libceph: rename ceph_msg::front_max to front_alloc_len (FATE#318328\n bsc#917884).\n * libceph: rename ceph_osd_request::r_{oloc,oid} to r_base_{oloc,oid}\n (FATE#318328 bsc#917884).\n * libceph: rename front to front_len in get_reply() (FATE#318328\n bsc#917884).\n * libceph: replace ceph_calc_ceph_pg() with ceph_oloc_oid_to_pg()\n (FATE#318328 bsc#917884).\n * libceph: resend all writes after the osdmap loses the full flag\n (FATE#318328 bsc#917884).\n * libceph: start using oloc abstraction (FATE#318328 bsc#917884).\n * libceph: take map_sem for read in handle_reply() (FATE#318328\n bsc#917884).\n * libceph: update ceph_features.h (FATE#318328 bsc#917884).\n * libceph: use CEPH_MON_PORT when the specified port is 0 (FATE#318328\n bsc#917884).\n * libiscsi: Added new boot entries in the session sysfs (FATE#316723\n bsc#914355)\n * mei: ME hardware reset needs to be synchronized (bnc#876086).\n * mei: add 9 series PCH mei device ids (bnc#876086).\n * mei: add hw start callback (bnc#876086).\n * mei: cancel stall timers in mei_reset (bnc#876086).\n * mei: do not have to clean the state on power up (bnc#876086).\n * mei: limit the number of consecutive resets (bnc#876086).\n * mei: me: add Lynx Point Wellsburg work station device id\n (bnc#876086).\n * mei: me: clear interrupts on the resume path (bnc#876086).\n * mei: me: do not load the driver if the FW does not support MEI\n interface (bnc#876086).\n * mei: me: fix hardware reset flow (bnc#876086).\n * mei: me: read H_CSR after asserting reset (bnc#876086).\n * mm, vmscan: prevent kswapd livelock due to pfmemalloc-throttled\n process being killed (VM Functionality bnc#910150).\n * mm: fix BUG in __split_huge_page_pmd (bnc#906586).\n * mm: fix corner case in anon_vma endless growing prevention\n (bnc#904242).\n * mm: prevent endless growth of anon_vma hierarchy (bnc#904242).\n * mm: vmscan: count only dirty pages as congested (VM Performance,\n bnc#910517).\n * net, sunrpc: suppress allocation warning in rpc_malloc()\n (bnc#904659).\n * net: 8021q/bluetooth/bridge/can/ceph: Remove extern from function\n prototypes (FATE#318328 bsc#917884).\n * net: handle more general stacking in dev_disable_lro() (bnc#829110\n bnc#891277 bnc#904053).\n * netfilter: do not drop packet on insert collision (bnc#907611).\n * nf_conntrack: avoid reference leak in __ipv6_conntrack_in()\n (bnc#865419).\n * nfs_prime_dcache needs fh to be set (bnc#908069 bnc#896484).\n * nfsd: fix EXDEV checking in rename (bnc#915791).\n * pnfs: defer release of pages in layoutget (bnc#864411).\n * proc_sys_revalidate: fix Oops on NULL nameidata (bnc#907551).\n * qlge: fix an "&&" vs "||" bug (bsc#912171).\n * rbd: Fix error recovery in rbd_obj_read_sync() (FATE#318328\n bsc#917884).\n * rbd: Use min_t() to fix comparison of distinct pointer types warning\n (FATE#318328 bsc#917884).\n * rbd: add "minor" sysfs rbd device attribute (FATE#318328 bsc#917884).\n * rbd: add support for single-major device number allocation scheme\n (FATE#318328 bsc#917884).\n * rbd: clean up a few things in the refresh path (FATE#318328\n bsc#917884).\n * rbd: complete notifies before cleaning up osd_client and rbd_dev\n (FATE#318328 bsc#917884).\n * rbd: do not destroy ceph_opts in rbd_add() (FATE#318328 bsc#917884).\n * rbd: do not hold ctl_mutex to get/put device (FATE#318328\n bsc#917884).\n * rbd: drop an unsafe assertion (FATE#318328 bsc#917884).\n * rbd: drop original request earlier for existence check (FATE#318328\n bsc#917884).\n * rbd: enable extended devt in single-major mode (FATE#318328\n bsc#917884).\n * rbd: fetch object order before using it (FATE#318328 bsc#917884).\n * rbd: fix I/O error propagation for reads (FATE#318328 bsc#917884).\n * rbd: fix a couple warnings (FATE#318328 bsc#917884).\n * rbd: fix buffer size for writes to images with snapshots\n (FATE#318328 bsc#917884).\n * rbd: fix cleanup in rbd_add() (FATE#318328 bsc#917884).\n * rbd: fix error handling from rbd_snap_name() (FATE#318328\n bsc#917884).\n * rbd: fix error paths in rbd_img_request_fill() (FATE#318328\n bsc#917884).\n * rbd: fix null dereference in dout (FATE#318328 bsc#917884).\n * rbd: fix use-after free of rbd_dev->disk (FATE#318328 bsc#917884).\n * rbd: flush dcache after zeroing page data (FATE#318328 bsc#917884).\n * rbd: ignore unmapped snapshots that no longer exist (FATE#318328\n bsc#917884).\n * rbd: introduce rbd_dev_header_unwatch_sync() and switch to it\n (FATE#318328 bsc#917884).\n * rbd: make rbd_obj_notify_ack() synchronous (FATE#318328 bsc#917884).\n * rbd: protect against concurrent unmaps (FATE#318328 bsc#917884).\n * rbd: protect against duplicate client creation (FATE#318328\n bsc#917884).\n * rbd: rbd_device::dev_id is an int, format it as such (FATE#318328\n bsc#917884).\n * rbd: refactor rbd_init() a bit (FATE#318328 bsc#917884).\n * rbd: send snapshot context with writes (FATE#318328 bsc#917884).\n * rbd: set removing flag while holding list lock (FATE#318328\n bsc#917884).\n * rbd: switch to ida for rbd id assignments (FATE#318328 bsc#917884).\n * rbd: take a little credit (FATE#318328 bsc#917884).\n * rbd: tear down watch request if rbd_dev_device_setup() fails\n (FATE#318328 bsc#917884).\n * rbd: tweak "loaded" message and module description (FATE#318328\n bsc#917884).\n * rbd: use reference counts for image requests (FATE#318328\n bsc#917884).\n * rbd: use rwsem to protect header updates (FATE#318328 bsc#917884).\n * rbd: use the correct length for format 2 object names (FATE#318328\n bsc#917884).\n * rpm/kernel-binary.spec.in: Own the modules directory in the devel\n package (bnc#910322)\n * scsi_dh_alua: add missing hunk in alua_set_params() (bnc#846656).\n * scsifront: avoid acquiring same lock twice if ring is full.\n * sd: medium access timeout counter fails to reset (bnc#894213).\n * storvsc: ring buffer failures may result in I/O freeze\n * swap: fix shmem swapping when more than 8 areas (bnc#903096).\n * timekeeping: Avoid possible deadlock from clock_was_set_delayed\n (bsc#771619).\n * tty: Fix memory leak in virtual console when enable unicode\n translation (bnc#916515).\n * udf: Check component length before reading it.\n * udf: Check path length when reading symlink.\n * udf: Verify i_size when loading inode.\n * udf: Verify symlink size before loading it.\n * udp: Add MIB counters for rcvbuferrors (bnc#909565).\n * usb: xhci: rework root port wake bits if controller is not allowed\n to wakeup (bsc#909264).\n * virtio_net: drop dst reference before transmitting a packet\n (bnc#882470).\n * vt: push the tty_lock down into the map handling (bnc#915826).\n * workqueue: Make rescuer thread process more works (bnc#900279).\n * x86, xsave: remove thread_has_fpu() bug check in\n __sanitize_i387_state() (bnc#904671).\n * x86-64/MCE: flip CPU and bank numbers in log message.\n * x86/UV: Fix NULL pointer dereference in uv_flush_tlb_others() if the\n "^a" boot option is used (bsc#909092).\n * x86/UV: Fix conditional in gru_exit() (bsc#909095).\n * x86/early quirk: use gen6 stolen detection for VLV\n (bnc#908550,FATE#317933).\n * x86/gpu: Print the Intel graphics stolen memory range (bnc#908550).\n * x86/hpet: Make boot_hpet_disable extern (bnc#908550,FATE#317933).\n * x86/intel: Add quirk to disable HPET for the Baytrail platform\n (bnc#908550,FATE#317933).\n * x86/uv: Fix UV2 BAU legacy mode (bsc#909092).\n * x86/uv: Fix the UV BAU destination timeout period (bsc#909092).\n * x86/uv: Implement UV BAU runtime enable and disable control via\n /proc/sgi_uv/ (bsc#909092).\n * x86/uv: Update the UV3 TLB shootdown logic (bsc#909092).\n * x86/uv: Work around UV2 BAU hangs (bsc#909092).\n * x86: UV BAU: Avoid NULL pointer reference in ptc_seq_show\n (bsc#911181).\n * x86: UV BAU: Increase maximum CPUs per socket/hub (bsc#911181).\n * x86: add early quirk for reserving Intel graphics stolen memory v5\n (bnc#908550,FATE#317933).\n * x86: irq: Check for valid irq descriptor in\n check_irq_vectors_for_cpu_disable (bnc#914726).\n * xen-privcmd-hcall-preemption: Fix EFLAGS.IF access.\n * xfs: re-enable non-blocking behaviour in xfs_map_blocks (bnc#900279).\n * xfs: recheck buffer pinned status after push trylock failure\n (bnc#907338).\n * xfs: remove log force from xfs_buf_trylock() (bnc#907338).\n * xhci: fix incorrect type in assignment in\n handle_device_notification() (bsc#910321).\n * zcrypt: Number of supported ap domains is not retrievable\n (bnc#915209, LTC#120788).\n\n Security Issues:\n\n * CVE-2013-7263\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263</a>>\n * CVE-2014-0181\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0181\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0181</a>>\n * CVE-2014-3687\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3687\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3687</a>>\n * CVE-2014-3688\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3688\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3688</a>>\n * CVE-2014-3690\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3690\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3690</a>>\n * CVE-2014-4608\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4608\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4608</a>>\n * CVE-2014-7822\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7822\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7822</a>>\n * CVE-2014-7842\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7842\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7842</a>>\n * CVE-2014-7970\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7970\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7970</a>>\n * CVE-2014-8133\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8133\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8133</a>>\n * CVE-2014-8134\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8134\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8134</a>>\n * CVE-2014-8160\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8160\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8160</a>>\n * CVE-2014-8369\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8369\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8369</a>>\n * CVE-2014-8559\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8559\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8559</a>>\n * CVE-2014-9090\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9090\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9090</a>>\n * CVE-2014-9322\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9322\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9322</a>>\n * CVE-2014-9419\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9419\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9419</a>>\n * CVE-2014-9420\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9420\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9420</a>>\n * CVE-2014-9584\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9584\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9584</a>>\n * CVE-2014-9585\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9585\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9585</a>>\n * CVE-2015-1593\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1593\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1593</a>>\n", "reporter": "Suse", "published": "2015-04-20T21:05:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "suse", "title": "Security update for Real Time Linux Kernel (important)", "bulletinFamily": "unix", "cvelist": ["CVE-2014-8369", "CVE-2010-5313", "CVE-2014-7822", "CVE-2014-8134", "CVE-2014-9420", "CVE-2015-1593", "CVE-2014-9090", "CVE-2014-3688", "CVE-2014-8160", "CVE-2014-9322", "CVE-2014-8559", "CVE-2014-3601", "CVE-2014-4608", "CVE-2014-9584", "CVE-2013-7263", "CVE-2014-0181", "CVE-2014-3690", "CVE-2014-8133", "CVE-2014-9419", "CVE-2014-7842", "CVE-2014-9585", "CVE-2014-3687", "CVE-2014-7970"], "modified": "2015-04-20T21:05:00", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html", "id": "SUSE-SU-2015:0736-1", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:50:51", "references": ["http://download.suse.com/patch/finder/?keywords=9462f7a25fba741ea356e4bc7df2eff7", "https://bugzilla.suse.com/912705", "https://bugzilla.suse.com/899192", "https://bugzilla.suse.com/902351", "https://bugzilla.suse.com/892490", "https://bugzilla.suse.com/904013", "https://bugzilla.suse.com/902349", "https://bugzilla.suse.com/847652", "https://bugzilla.suse.com/906586", "https://bugzilla.suse.com/779488", "http://download.suse.com/patch/finder/?keywords=55fa96c03a923b1679e1f132d850294c", "https://bugzilla.suse.com/867723", "https://bugzilla.suse.com/907189", "https://bugzilla.suse.com/771619", "https://bugzilla.suse.com/896390", "https://bugzilla.suse.com/898693", "https://bugzilla.suse.com/864049", "https://bugzilla.suse.com/857643", "https://bugzilla.suse.com/897995", "https://bugzilla.suse.com/907396", "https://bugzilla.suse.com/905100", "https://bugzilla.suse.com/905799", "https://bugzilla.suse.com/880892", "https://bugzilla.suse.com/909078", "https://bugzilla.suse.com/896391", "https://bugzilla.suse.com/903640", "https://bugzilla.suse.com/905312", "https://bugzilla.suse.com/895680", "https://bugzilla.suse.com/867531", "https://bugzilla.suse.com/835839", "https://bugzilla.suse.com/883096", "http://download.suse.com/patch/finder/?keywords=450d3910ce461844d33188377a397db4", "https://bugzilla.suse.com/875051", "https://bugzilla.suse.com/902232", "https://bugzilla.suse.com/915335", "https://bugzilla.suse.com/833588", "https://bugzilla.suse.com/876633", "http://download.suse.com/patch/finder/?keywords=1aca006b7fb12ba06b40aba057729bf1", "https://bugzilla.suse.com/912654", "https://bugzilla.suse.com/865442", "https://bugzilla.suse.com/896392", "https://bugzilla.suse.com/870161", "https://bugzilla.suse.com/904700", "https://bugzilla.suse.com/902346", "https://bugzilla.suse.com/901885", "https://bugzilla.suse.com/892782", "http://download.suse.com/patch/finder/?keywords=9d8f78866ba011d27c2f208e892fe2d8", "https://bugzilla.suse.com/907338", "https://bugzilla.suse.com/902675", "https://bugzilla.suse.com/883948", "https://bugzilla.suse.com/887082", "http://download.suse.com/patch/finder/?keywords=276c3f04008f2b450bc62f6bb64d06fc", "https://bugzilla.suse.com/896382"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "x86_64", "packageFilename": "kernel-default-devel-3.0.101-0.7.29.1.x86_64.rpm", "packageName": "kernel-default-devel", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "3.0.101-0.7.29.1", "arch": "i586", "packageFilename": "kernel-default-extra-3.0.101-0.7.29.1.i586.rpm", "packageName": "kernel-default-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "4.1.6_08_3.0.101_0.7.29-0.5.19", "arch": "i586", "packageFilename": "xen-kmp-trace-4.1.6_08_3.0.101_0.7.29-0.5.19.i586.rpm", "packageName": "xen-kmp-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "x86_64", "packageFilename": "kernel-trace-3.0.101-0.7.29.1.x86_64.rpm", "packageName": "kernel-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "x86_64", "packageFilename": "kernel-xen-base-3.0.101-0.7.29.1.x86_64.rpm", "packageName": "kernel-xen-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "s390x", "packageFilename": "kernel-default-base-3.0.101-0.7.29.1.s390x.rpm", "packageName": "kernel-default-base", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "0_3.0.101_0.7.29-0.14.142", "arch": "x86_64", "packageFilename": "ext4-writeable-kmp-default-0_3.0.101_0.7.29-0.14.142.x86_64.rpm", "packageName": "ext4-writeable-kmp-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "s390x", "packageFilename": "kernel-trace-base-3.0.101-0.7.29.1.s390x.rpm", "packageName": "kernel-trace-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "i586", "packageFilename": "kernel-ec2-devel-3.0.101-0.7.29.1.i586.rpm", "packageName": "kernel-ec2-devel", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "0_3.0.101_0.7.29-0.14.142", "arch": "i586", "packageFilename": "ext4-writeable-kmp-pae-0_3.0.101_0.7.29-0.14.142.i586.rpm", "packageName": "ext4-writeable-kmp-pae", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "i586", "packageFilename": "kernel-default-3.0.101-0.7.29.1.i586.rpm", "packageName": "kernel-default", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "3.0.101-0.7.29.1", "arch": "x86_64", "packageFilename": "kernel-default-extra-3.0.101-0.7.29.1.x86_64.rpm", "packageName": "kernel-default-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "i586", "packageFilename": "kernel-source-3.0.101-0.7.29.1.i586.rpm", "packageName": "kernel-source", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "x86_64", "packageFilename": "kernel-trace-devel-3.0.101-0.7.29.1.x86_64.rpm", "packageName": "kernel-trace-devel", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "0_3.0.101_0.7.29-0.14.142", "arch": "s390x", "packageFilename": "ext4-writeable-kmp-default-0_3.0.101_0.7.29-0.14.142.s390x.rpm", "packageName": "ext4-writeable-kmp-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "s390x", "packageFilename": "kernel-trace-devel-3.0.101-0.7.29.1.s390x.rpm", "packageName": "kernel-trace-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "4.1.6_08_3.0.101_0.7.29-0.5.19", "arch": "x86_64", "packageFilename": "xen-kmp-default-4.1.6_08_3.0.101_0.7.29-0.5.19.x86_64.rpm", "packageName": "xen-kmp-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "x86_64", "packageFilename": "kernel-ec2-base-3.0.101-0.7.29.1.x86_64.rpm", "packageName": "kernel-ec2-base", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "0_3.0.101_0.7.29-0.14.142", "arch": "i586", "packageFilename": "ext4-writeable-kmp-xen-0_3.0.101_0.7.29-0.14.142.i586.rpm", "packageName": "ext4-writeable-kmp-xen", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "3.0.101-0.7.29.1", "arch": "x86_64", "packageFilename": "kernel-xen-extra-3.0.101-0.7.29.1.x86_64.rpm", "packageName": "kernel-xen-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "i586", "packageFilename": "kernel-xen-base-3.0.101-0.7.29.1.i586.rpm", "packageName": "kernel-xen-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "s390x", "packageFilename": "kernel-trace-3.0.101-0.7.29.1.s390x.rpm", "packageName": "kernel-trace", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "0_3.0.101_0.7.29-0.14.142", "arch": "i586", "packageFilename": "ext4-writeable-kmp-trace-0_3.0.101_0.7.29-0.14.142.i586.rpm", "packageName": "ext4-writeable-kmp-trace", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "0_3.0.101_0.7.29-0.14.142", "arch": "x86_64", "packageFilename": "ext4-writeable-kmp-trace-0_3.0.101_0.7.29-0.14.142.x86_64.rpm", "packageName": "ext4-writeable-kmp-trace", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "0_3.0.101_0.7.29-0.14.142", "arch": "x86_64", "packageFilename": "ext4-writeable-kmp-xen-0_3.0.101_0.7.29-0.14.142.x86_64.rpm", "packageName": "ext4-writeable-kmp-xen", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "3.0.101-0.7.29.1", "arch": "s390x", "packageFilename": "kernel-default-extra-3.0.101-0.7.29.1.s390x.rpm", "packageName": "kernel-default-extra", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "0_3.0.101_0.7.29-0.14.142", "arch": "i586", "packageFilename": "ext4-writeable-kmp-default-0_3.0.101_0.7.29-0.14.142.i586.rpm", "packageName": "ext4-writeable-kmp-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "s390x", "packageFilename": "kernel-default-3.0.101-0.7.29.1.s390x.rpm", "packageName": "kernel-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "i586", "packageFilename": "kernel-default-devel-3.0.101-0.7.29.1.i586.rpm", "packageName": "kernel-default-devel", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "0_3.0.101_0.7.29-0.14.142", "arch": "s390x", "packageFilename": "ext4-writeable-kmp-trace-0_3.0.101_0.7.29-0.14.142.s390x.rpm", "packageName": "ext4-writeable-kmp-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "i586", "packageFilename": "kernel-syms-3.0.101-0.7.29.1.i586.rpm", "packageName": "kernel-syms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "i586", "packageFilename": "kernel-xen-3.0.101-0.7.29.1.i586.rpm", "packageName": "kernel-xen", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "i586", "packageFilename": "kernel-xen-devel-3.0.101-0.7.29.1.i586.rpm", "packageName": "kernel-xen-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "x86_64", "packageFilename": "kernel-syms-3.0.101-0.7.29.1.x86_64.rpm", "packageName": "kernel-syms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "i586", "packageFilename": "kernel-default-base-3.0.101-0.7.29.1.i586.rpm", "packageName": "kernel-default-base", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "3.0.101-0.7.29.1", "arch": "i586", "packageFilename": "kernel-xen-extra-3.0.101-0.7.29.1.i586.rpm", "packageName": "kernel-xen-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "i586", "packageFilename": "kernel-pae-base-3.0.101-0.7.29.1.i586.rpm", "packageName": "kernel-pae-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "x86_64", "packageFilename": "kernel-ec2-devel-3.0.101-0.7.29.1.x86_64.rpm", "packageName": "kernel-ec2-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "s390x", "packageFilename": "kernel-default-devel-3.0.101-0.7.29.1.s390x.rpm", "packageName": "kernel-default-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "x86_64", "packageFilename": "kernel-xen-3.0.101-0.7.29.1.x86_64.rpm", "packageName": "kernel-xen", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "x86_64", "packageFilename": "kernel-source-3.0.101-0.7.29.1.x86_64.rpm", "packageName": "kernel-source", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "x86_64", "packageFilename": "kernel-ec2-3.0.101-0.7.29.1.x86_64.rpm", "packageName": "kernel-ec2", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "i586", "packageFilename": "kernel-ec2-base-3.0.101-0.7.29.1.i586.rpm", "packageName": "kernel-ec2-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "i586", "packageFilename": "kernel-trace-base-3.0.101-0.7.29.1.i586.rpm", "packageName": "kernel-trace-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "4.1.6_08_3.0.101_0.7.29-0.5.19", "arch": "x86_64", "packageFilename": "xen-kmp-trace-4.1.6_08_3.0.101_0.7.29-0.5.19.x86_64.rpm", "packageName": "xen-kmp-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "i586", "packageFilename": "kernel-pae-3.0.101-0.7.29.1.i586.rpm", "packageName": "kernel-pae", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "3.0.101-0.7.29.1", "arch": "i586", "packageFilename": "kernel-pae-extra-3.0.101-0.7.29.1.i586.rpm", "packageName": "kernel-pae-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "i586", "packageFilename": "kernel-ec2-3.0.101-0.7.29.1.i586.rpm", "packageName": "kernel-ec2", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "s390x", "packageFilename": "kernel-default-man-3.0.101-0.7.29.1.s390x.rpm", "packageName": "kernel-default-man", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "4.1.6_08_3.0.101_0.7.29-0.5.19", "arch": "i586", "packageFilename": "xen-kmp-default-4.1.6_08_3.0.101_0.7.29-0.5.19.i586.rpm", "packageName": "xen-kmp-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "i586", "packageFilename": "kernel-trace-devel-3.0.101-0.7.29.1.i586.rpm", "packageName": "kernel-trace-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "i586", "packageFilename": "kernel-trace-3.0.101-0.7.29.1.i586.rpm", "packageName": "kernel-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "x86_64", "packageFilename": "kernel-xen-devel-3.0.101-0.7.29.1.x86_64.rpm", "packageName": "kernel-xen-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "s390x", "packageFilename": "kernel-source-3.0.101-0.7.29.1.s390x.rpm", "packageName": "kernel-source", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "x86_64", "packageFilename": "kernel-default-base-3.0.101-0.7.29.1.x86_64.rpm", "packageName": "kernel-default-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "x86_64", "packageFilename": "kernel-trace-base-3.0.101-0.7.29.1.x86_64.rpm", "packageName": "kernel-trace-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "x86_64", "packageFilename": "kernel-default-3.0.101-0.7.29.1.x86_64.rpm", "packageName": "kernel-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "4.1.6_08_3.0.101_0.7.29-0.5.19", "arch": "i586", "packageFilename": "xen-kmp-pae-4.1.6_08_3.0.101_0.7.29-0.5.19.i586.rpm", "packageName": "xen-kmp-pae", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "i586", "packageFilename": "kernel-pae-devel-3.0.101-0.7.29.1.i586.rpm", "packageName": "kernel-pae-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "3.0.101-0.7.29.1", "arch": "s390x", "packageFilename": "kernel-syms-3.0.101-0.7.29.1.s390x.rpm", "packageName": "kernel-syms", "operator": "lt"}], "description": "The SUSE Linux Enterprise 11 Service Pack 2 LTSS kernel has been updated\n to fix security issues on kernels on the x86_64 architecture.\n\n The following security bugs have been fixed:\n\n * CVE-2012-4398: The __request_module function in kernel/kmod.c in the\n Linux kernel before 3.4 did not set a certain killable attribute,\n which allowed local users to cause a denial of service (memory\n consumption) via a crafted application (bnc#779488).\n * CVE-2013-2893: The Human Interface Device (HID) subsystem in the\n Linux kernel through 3.11, when CONFIG_LOGITECH_FF,\n CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled, allowed\n physically proximate attackers to cause a denial of service\n (heap-based out-of-bounds write) via a crafted device, related to\n (1) drivers/hid/hid-lgff.c, (2) drivers/hid/hid-lg3ff.c, and (3)\n drivers/hid/hid-lg4ff.c (bnc#835839).\n * CVE-2013-2897: Multiple array index errors in\n drivers/hid/hid-multitouch.c in the Human Interface Device (HID)\n subsystem in the Linux kernel through 3.11, when\n CONFIG_HID_MULTITOUCH is enabled, allowed physically proximate\n attackers to cause a denial of service (heap memory corruption, or\n NULL pointer dereference and OOPS) via a crafted device (bnc#835839).\n * CVE-2013-2899: drivers/hid/hid-picolcd_core.c in the Human Interface\n Device (HID) subsystem in the Linux kernel through 3.11, when\n CONFIG_HID_PICOLCD is enabled, allowed physically proximate\n attackers to cause a denial of service (NULL pointer dereference and\n OOPS) via a crafted device (bnc#835839).\n * CVE-2013-2929: The Linux kernel before 3.12.2 did not properly use\n the get_dumpable function, which allowed local users to bypass\n intended ptrace restrictions or obtain sensitive information from\n IA64 scratch registers via a crafted application, related to\n kernel/ptrace.c and arch/ia64/include/asm/processor.h (bnc#847652).\n * CVE-2013-7263: The Linux kernel before 3.12.4 updates certain length\n values before ensuring that associated data structures have been\n initialized, which allowed local users to obtain sensitive\n information from kernel stack memory via a (1) recvfrom, (2)\n recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c,\n net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c\n (bnc#857643).\n * CVE-2014-0131: Use-after-free vulnerability in the skb_segment\n function in net/core/skbuff.c in the Linux kernel through 3.13.6\n allowed attackers to obtain sensitive information from kernel memory\n by leveraging the absence of a certain orphaning operation\n (bnc#867723).\n * CVE-2014-0181: The Netlink implementation in the Linux kernel\n through 3.14.1 did not provide a mechanism for authorizing socket\n operations based on the opener of a socket, which allowed local\n users to bypass intended access restrictions and modify network\n configurations by using a Netlink socket for the (1) stdout or (2)\n stderr of a setuid program (bnc#875051).\n * CVE-2014-2309: The ip6_route_add function in net/ipv6/route.c in the\n Linux kernel through 3.13.6 did not properly count the addition of\n routes, which allowed remote attackers to cause a denial of service\n (memory consumption) via a flood of ICMPv6 Router Advertisement\n packets (bnc#867531).\n * CVE-2014-3181: Multiple stack-based buffer overflows in the\n magicmouse_raw_event function in drivers/hid/hid-magicmouse.c in the\n Magic Mouse HID driver in the Linux kernel through 3.16.3 allowed\n physically proximate attackers to cause a denial of service (system\n crash) or possibly execute arbitrary code via a crafted device that\n provides a large amount of (1) EHCI or (2) XHCI data associated with\n an event (bnc#896382).\n * CVE-2014-3184: The report_fixup functions in the HID subsystem in\n the Linux kernel before 3.16.2 might have allowed physically\n proximate attackers to cause a denial of service (out-of-bounds\n write) via a crafted device that provides a small report descriptor,\n related to (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c,\n (3) drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5)\n drivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c\n (bnc#896390).\n * CVE-2014-3185: Multiple buffer overflows in the\n command_port_read_callback function in\n drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in\n the Linux kernel before 3.16.2 allowed physically proximate\n attackers to execute arbitrary code or cause a denial of service\n (memory corruption and system crash) via a crafted device that\n provides a large amount of (1) EHCI or (2) XHCI data associated with\n a bulk response (bnc#896391).\n * CVE-2014-3186: Buffer overflow in the picolcd_raw_event function in\n devices/hid/hid-picolcd_core.c in the PicoLCD HID device driver in\n the Linux kernel through 3.16.3, as used in Android on Nexus 7\n devices, allowed physically proximate attackers to cause a denial of\n service (system crash) or possibly execute arbitrary code via a\n crafted device that sends a large report (bnc#896392).\n * CVE-2014-3601: The kvm_iommu_map_pages function in virt/kvm/iommu.c\n in the Linux kernel through 3.16.1 miscalculates the number of pages\n during the handling of a mapping failure, which allowed guest OS\n users to (1) cause a denial of service (host OS memory corruption)\n or possibly have unspecified other impact by triggering a large gfn\n value or (2) cause a denial of service (host OS memory consumption)\n by triggering a small gfn value that leads to permanently pinned\n pages (bnc#892782).\n * CVE-2014-3610: The WRMSR processing functionality in the KVM\n subsystem in the Linux kernel through 3.17.2 did not properly handle\n the writing of a non-canonical address to a model-specific register,\n which allowed guest OS users to cause a denial of service (host OS\n crash) by leveraging guest OS privileges, related to the\n wrmsr_interception function in arch/x86/kvm/svm.c and the\n handle_wrmsr function in arch/x86/kvm/vmx.c (bnc#899192).\n * CVE-2014-3646: arch/x86/kvm/vmx.c in the KVM subsystem in the Linux\n kernel through 3.17.2 did not have an exit handler for the INVVPID\n instruction, which allowed guest OS users to cause a denial of\n service (guest OS crash) via a crafted application (bnc#899192).\n * CVE-2014-3647: arch/x86/kvm/emulate.c in the KVM subsystem in the\n Linux kernel through 3.17.2 did not properly perform RIP changes,\n which allowed guest OS users to cause a denial of service (guest OS\n crash) via a crafted application (bnc#899192).\n * CVE-2014-3673: The SCTP implementation in the Linux kernel through\n 3.17.2 allowed remote attackers to cause a denial of service (system\n crash) via a malformed ASCONF chunk, related to\n net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c (bnc#902346).\n * CVE-2014-3687: The sctp_assoc_lookup_asconf_ack function in\n net/sctp/associola.c in the SCTP implementation in the Linux kernel\n through 3.17.2 allowed remote attackers to cause a denial of service\n (panic) via duplicate ASCONF chunks that trigger an incorrect uncork\n within the side-effect interpreter (bnc#902349).\n * CVE-2014-3688: The SCTP implementation in the Linux kernel before\n 3.17.4 allowed remote attackers to cause a denial of service (memory\n consumption) by triggering a large number of chunks in an\n associations output queue, as demonstrated by ASCONF probes, related\n to net/sctp/inqueue.c and net/sctp/sm_statefuns.c (bnc#902351).\n * CVE-2014-3690: arch/x86/kvm/vmx.c in the KVM subsystem in the Linux\n kernel before 3.17.2 on Intel processors did not ensure that the\n value in the CR4 control register remains the same after a VM entry,\n which allowed host OS users to kill arbitrary processes or cause a\n denial of service (system disruption) by leveraging /dev/kvm access,\n as demonstrated by PR_SET_TSC prctl calls within a modified copy of\n QEMU (bnc#902232).\n * CVE-2014-4608: Multiple integer overflows in the\n lzo1x_decompress_safe function in lib/lzo/lzo1x_decompress_safe.c in\n the LZO decompressor in the Linux kernel before 3.15.2 allowed\n context-dependent attackers to cause a denial of service (memory\n corruption) via a crafted Literal Run (bnc#883948).\n * CVE-2014-4943: The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the\n Linux kernel through 3.15.6 allowed local users to gain privileges\n by leveraging data-structure differences between an l2tp socket and\n an inet socket (bnc#887082).\n * CVE-2014-5471: Stack consumption vulnerability in the\n parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the\n Linux kernel through 3.16.1 allowed local users to cause a denial of\n service (uncontrolled recursion, and system crash or reboot) via a\n crafted iso9660 image with a CL entry referring to a directory entry\n that has a CL entry (bnc#892490).\n * CVE-2014-5472: The parse_rock_ridge_inode_internal function in\n fs/isofs/rock.c in the Linux kernel through 3.16.1 allowed local\n users to cause a denial of service (unkillable mount process) via a\n crafted iso9660 image with a self-referential CL entry (bnc#892490).\n * CVE-2014-7826: kernel/trace/trace_syscalls.c in the Linux kernel\n through 3.17.2 did not properly handle private syscall numbers\n during use of the ftrace subsystem, which allowed local users to\n gain privileges or cause a denial of service (invalid pointer\n dereference) via a crafted application (bnc#904013).\n * CVE-2014-7841: The sctp_process_param function in\n net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux\n kernel before 3.17.4, when ASCONF is used, allowed remote attackers\n to cause a denial of service (NULL pointer dereference and system\n crash) via a malformed INIT chunk (bnc#905100).\n * CVE-2014-7842: Race condition in arch/x86/kvm/x86.c in the Linux\n kernel before 3.17.4 allowed guest OS users to cause a denial of\n service (guest OS crash) via a crafted application that performs an\n MMIO transaction or a PIO transaction to trigger a guest userspace\n emulation error report, a similar issue to CVE-2010-5313\n (bnc#905312).\n * CVE-2014-8134: The paravirt_ops_setup function in\n arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an\n improper paravirt_enabled setting for KVM guest kernels, which made\n it easier for guest OS users to bypass the ASLR protection mechanism\n via a crafted application that reads a 16-bit value (bnc#909078).\n * CVE-2014-8369: The kvm_iommu_map_pages function in virt/kvm/iommu.c\n in the Linux kernel through 3.17.2 miscalculates the number of pages\n during the handling of a mapping failure, which allowed guest OS\n users to cause a denial of service (host OS page unpinning) or\n possibly have unspecified other impact by leveraging guest OS\n privileges. NOTE: this vulnerability exists because of an incorrect\n fix for CVE-2014-3601 (bnc#902675).\n * CVE-2014-8559: The d_walk function in fs/dcache.c in the Linux\n kernel through 3.17.2 did not properly maintain the semantics of\n rename_lock, which allowed local users to cause a denial of service\n (deadlock and system hang) via a crafted application (bnc#903640).\n * CVE-2014-8709: The ieee80211_fragment function in net/mac80211/tx.c\n in the Linux kernel before 3.13.5 did not properly maintain a\n certain tail pointer, which allowed remote attackers to obtain\n sensitive cleartext information by reading packets (bnc#904700).\n * CVE-2014-9584: The parse_rock_ridge_inode_internal function in\n fs/isofs/rock.c in the Linux kernel before 3.18.2 did not validate a\n length value in the Extensions Reference (ER) System Use Field,\n which allowed local users to obtain sensitive information from\n kernel memory via a crafted iso9660 image (bnc#912654).\n * CVE-2014-9585: The vdso_addr function in arch/x86/vdso/vma.c in the\n Linux kernel through 3.18.2 did not properly choose memory locations\n for the vDSO area, which made it easier for local users to bypass\n the ASLR protection mechanism by guessing a location at the end of a\n PMD (bnc#912705).\n\n The following non-security bugs have been fixed:\n\n * Fix HDIO_DRIVE_* ioctl() Linux 3.9 regression (bnc#833588,\n bnc#905799).\n * HID: add usage_index in struct hid_usage (bnc#835839).\n * Revert PM / reboot: call syscore_shutdown() after\n disable_nonboot_cpus() Reduce time to shutdown large machines\n (bnc#865442 bnc#907396).\n * Revert kernel/sys.c: call disable_nonboot_cpus() in kernel_restart()\n Reduce time to shutdown large machines (bnc#865442 bnc#907396).\n * dm-mpath: fix panic on deleting sg device (bnc#870161).\n * futex: Unlock hb->lock in futex_wait_requeue_pi() error path (fix\n bnc#880892).\n * handle more than just WS2008 in heartbeat negotiation (bnc#901885).\n * memcg: do not expose uninitialized mem_cgroup_per_node to world\n (bnc#883096).\n * mm: fix BUG in __split_huge_page_pmd (bnc#906586).\n * pagecachelimit: reduce lru_lock congestion for heavy parallel\n reclaim fix (bnc#895680, bnc#907189).\n * s390/3215: fix hanging console issue (bnc#898693, bnc#897995,\n LTC#115466).\n * s390/cio: improve cio_commit_config (bnc#864049, bnc#898693,\n LTC#104168).\n * scsi_dh_alua: disable ALUA handling for non-disk devices\n (bnc#876633).\n * target/rd: Refactor rd_build_device_space + rd_release_device_space.\n * timekeeping: Avoid possible deadlock from clock_was_set_delayed\n (bnc#771619, bnc#915335).\n * xfs: recheck buffer pinned status after push trylock failure\n (bnc#907338).\n * xfs: remove log force from xfs_buf_trylock() (bnc#907338).\n\n Security Issues:\n\n * CVE-2012-4398\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4398\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4398</a>>\n * CVE-2013-2893\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2893\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2893</a>>\n * CVE-2013-2897\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2897\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2897</a>>\n * CVE-2013-2899\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2899\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2899</a>>\n * CVE-2013-2929\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2929\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2929</a>>\n * CVE-2013-7263\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263</a>>\n * CVE-2014-0131\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0131\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0131</a>>\n * CVE-2014-0181\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0181\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0181</a>>\n * CVE-2014-2309\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2309\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2309</a>>\n * CVE-2014-3181\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3181\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3181</a>>\n * CVE-2014-3184\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3184\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3184</a>>\n * CVE-2014-3185\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3185\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3185</a>>\n * CVE-2014-3186\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3186\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3186</a>>\n * CVE-2014-3601\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3601\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3601</a>>\n * CVE-2014-3610\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3610\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3610</a>>\n * CVE-2014-3646\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3646\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3646</a>>\n * CVE-2014-3647\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3647\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3647</a>>\n * CVE-2014-3673\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3673\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3673</a>>\n * CVE-2014-3687\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3687\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3687</a>>\n * CVE-2014-3688\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3688\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3688</a>>\n * CVE-2014-3690\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3690\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3690</a>>\n * CVE-2014-4608\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4608\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4608</a>>\n * CVE-2014-4943\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4943\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4943</a>>\n * CVE-2014-5471\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5471\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5471</a>>\n * CVE-2014-5472\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5472\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5472</a>>\n * CVE-2014-7826\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7826\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7826</a>>\n * CVE-2014-7841\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7841\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7841</a>>\n * CVE-2014-7842\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7842\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7842</a>>\n * CVE-2014-8134\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8134\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8134</a>>\n * CVE-2014-8369\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8369\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8369</a>>\n * CVE-2014-8559\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8559\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8559</a>>\n * CVE-2014-8709\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8709\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8709</a>>\n * CVE-2014-9584\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9584\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9584</a>>\n * CVE-2014-9585\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9585\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9585</a>>\n", "edition": 1, "reporter": "Suse", "published": "2015-03-11T20:05:42", "title": "Security update for Linux kernel (important)", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "type": "suse", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3646", "CVE-2014-8369", "CVE-2014-0131", "CVE-2010-5313", "CVE-2014-8134", "CVE-2014-3186", "CVE-2014-3673", "CVE-2014-3688", "CVE-2013-2929", "CVE-2014-7841", "CVE-2014-3647", "CVE-2014-3610", "CVE-2014-4943", "CVE-2014-3181", "CVE-2014-8709", "CVE-2014-5472", "CVE-2014-3185", "CVE-2013-2897", "CVE-2014-8559", "CVE-2014-3601", "CVE-2014-2309", "CVE-2013-2899", "CVE-2014-4608", "CVE-2014-9584", "CVE-2013-7263", "CVE-2014-0181", "CVE-2014-3690", "CVE-2012-4398", "CVE-2014-5471", "CVE-2014-7842", "CVE-2014-7826", "CVE-2014-9585", "CVE-2013-2893", "CVE-2014-3184", "CVE-2014-3687"], "modified": "2015-03-11T20:05:42", "id": "SUSE-SU-2015:0481-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:56:36", "references": ["https://bugzilla.suse.com/912705", "https://bugzilla.suse.com/899192", "https://bugzilla.suse.com/909077", "https://bugzilla.suse.com/902351", "https://bugzilla.suse.com/892490", "https://bugzilla.suse.com/904013", "https://bugzilla.suse.com/902349", "https://bugzilla.suse.com/847652", "https://bugzilla.suse.com/906586", "https://bugzilla.suse.com/778463", "https://bugzilla.suse.com/867723", "https://bugzilla.suse.com/907189", "https://bugzilla.suse.com/771619", "https://bugzilla.suse.com/896390", "https://bugzilla.suse.com/898693", "https://bugzilla.suse.com/864049", "https://bugzilla.suse.com/897995", "https://bugzilla.suse.com/907818", "https://bugzilla.suse.com/907396", "https://bugzilla.suse.com/905100", "https://bugzilla.suse.com/905799", "https://bugzilla.suse.com/880892", "https://bugzilla.suse.com/909078", "https://bugzilla.suse.com/896391", "https://bugzilla.suse.com/903640", "https://bugzilla.suse.com/905312", "https://bugzilla.suse.com/895680", "https://bugzilla.suse.com/867531", "https://bugzilla.suse.com/835839", "https://bugzilla.suse.com/883096", "https://bugzilla.suse.com/875051", "https://bugzilla.suse.com/902232", "https://bugzilla.suse.com/915335", "https://bugzilla.suse.com/833588", "https://bugzilla.suse.com/876633", "https://bugzilla.suse.com/912654", "https://bugzilla.suse.com/865442", "https://bugzilla.suse.com/896392", "https://bugzilla.suse.com/870161", "https://bugzilla.suse.com/904700", "https://bugzilla.suse.com/902346", "https://bugzilla.suse.com/901885", "https://bugzilla.suse.com/892782", "https://bugzilla.suse.com/907338", "https://bugzilla.suse.com/902675", "https://bugzilla.suse.com/853040", "https://bugzilla.suse.com/883948", "https://bugzilla.suse.com/887082", "https://bugzilla.suse.com/910251", "https://bugzilla.suse.com/896382", "https://bugzilla.suse.com/883724"], "affectedPackage": [{"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-pae-debugsource-3.0.101-99.1.i586.rpm", "packageName": "kernel-pae-debugsource", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-vanilla-debuginfo-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-vanilla-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-default-base-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-default-base", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-desktop-devel-debuginfo-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-desktop-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-ec2-debugsource-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-ec2-debugsource", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-debug-base-3.0.101-99.1.i586.rpm", "packageName": "kernel-debug-base", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-trace-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-trace-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-xen-3.0.101-99.1.i586.rpm", "packageName": "kernel-xen", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-xen-debugsource-3.0.101-99.1.i586.rpm", "packageName": "kernel-xen-debugsource", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-trace-devel-3.0.101-99.1.i586.rpm", "packageName": "kernel-trace-devel", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-default-base-3.0.101-99.1.i586.rpm", "packageName": "kernel-default-base", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-debug-devel-debuginfo-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-debug-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "1.2_3.0.101_99-6.77.1", "arch": "i586", "packageFilename": "preload-kmp-desktop-1.2_3.0.101_99-6.77.1.i586.rpm", "packageName": "preload-kmp-desktop", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-ec2-extra-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-ec2-extra-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-pae-devel-3.0.101-99.1.i586.rpm", "packageName": "kernel-pae-devel", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-pae-base-3.0.101-99.1.i586.rpm", "packageName": "kernel-pae-base", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-trace-debugsource-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-trace-debugsource", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-debug-debugsource-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-debug-debugsource", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-trace-base-debuginfo-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-trace-base-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-debug-base-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-debug-base-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-ec2-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-ec2-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-xen-debuginfo-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-xen-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-vmi-base-3.0.101-99.1.i586.rpm", "packageName": "kernel-vmi-base", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-debug-devel-3.0.101-99.1.i586.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-ec2-base-3.0.101-99.1.i586.rpm", "packageName": "kernel-ec2-base", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-xen-base-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-xen-base", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-default-debuginfo-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-default-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-ec2-base-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-ec2-base", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-debug-devel-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-debug-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-desktop-devel-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-desktop-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-default-base-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-default-base-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "1.2_3.0.101_99-6.77.1", "arch": "i586", "packageFilename": "preload-kmp-desktop-debuginfo-1.2_3.0.101_99-6.77.1.i586.rpm", "packageName": "preload-kmp-desktop-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-xen-devel-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-xen-devel", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-syms-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-syms", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-trace-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-trace", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-vmi-devel-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-vmi-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "1.2_3.0.101_99-6.77.1", "arch": "x86_64", "packageFilename": "preload-kmp-default-debuginfo-1.2_3.0.101_99-6.77.1.x86_64.rpm", "packageName": "preload-kmp-default-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-pae-devel-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-pae-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-ec2-extra-3.0.101-99.1.i586.rpm", "packageName": "kernel-ec2-extra", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-desktop-debugsource-3.0.101-99.1.i586.rpm", "packageName": "kernel-desktop-debugsource", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-vanilla-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-vanilla", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-vanilla-base-3.0.101-99.1.i586.rpm", "packageName": "kernel-vanilla-base", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-debug-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-debug-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-vmi-devel-3.0.101-99.1.i586.rpm", "packageName": "kernel-vmi-devel", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-xen-hmac-3.0.101-99.1.i586.rpm", "packageName": "kernel-xen-hmac", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-desktop-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-desktop", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-desktop-base-debuginfo-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-desktop-base-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-ec2-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-ec2", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-vanilla-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-vanilla-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-vmi-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-vmi-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-xen-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-xen-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-ec2-debugsource-3.0.101-99.1.i586.rpm", "packageName": "kernel-ec2-debugsource", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-debug-hmac-3.0.101-99.1.i586.rpm", "packageName": "kernel-debug-hmac", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-debug-devel-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-ec2-devel-3.0.101-99.1.i586.rpm", "packageName": "kernel-ec2-devel", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-desktop-debugsource-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-desktop-debugsource", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-xen-base-debuginfo-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-xen-base-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-default-hmac-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-default-hmac", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-trace-devel-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-trace-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-desktop-debuginfo-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-desktop-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-source-vanilla-3.0.101-99.1.i586.rpm", "packageName": "kernel-source-vanilla", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-ec2-base-debuginfo-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-ec2-base-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-default-debugsource-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-default-debugsource", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-xen-base-3.0.101-99.1.i586.rpm", "packageName": "kernel-xen-base", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-vanilla-3.0.101-99.1.i586.rpm", "packageName": "kernel-vanilla", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-default-3.0.101-99.1.i586.rpm", "packageName": "kernel-default", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-xen-debugsource-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-xen-debugsource", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-xen-base-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-xen-base-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-default-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-default", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-desktop-base-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-desktop-base-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-trace-hmac-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-trace-hmac", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-vanilla-devel-3.0.101-99.1.i586.rpm", "packageName": "kernel-vanilla-devel", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-trace-devel-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-trace-devel", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-vmi-base-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-vmi-base-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-vanilla-base-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-vanilla-base", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-desktop-base-3.0.101-99.1.i586.rpm", "packageName": "kernel-desktop-base", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-vmi-3.0.101-99.1.i586.rpm", "packageName": "kernel-vmi", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-vanilla-debugsource-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-vanilla-debugsource", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-desktop-3.0.101-99.1.i586.rpm", "packageName": "kernel-desktop", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "1.2-6.77.1", "arch": "i586", "packageFilename": "preload-debugsource-1.2-6.77.1.i586.rpm", "packageName": "preload-debugsource", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-ec2-extra-debuginfo-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-ec2-extra-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "1.2_3.0.101_99-6.77.1", "arch": "i586", "packageFilename": "preload-kmp-default-debuginfo-1.2_3.0.101_99-6.77.1.i586.rpm", "packageName": "preload-kmp-default-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-ec2-3.0.101-99.1.i586.rpm", "packageName": "kernel-ec2", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-pae-base-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-pae-base-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-desktop-base-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-desktop-base", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-pae-3.0.101-99.1.i586.rpm", "packageName": "kernel-pae", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "1.2_3.0.101_99-6.77.1", "arch": "i586", "packageFilename": "preload-kmp-default-1.2_3.0.101_99-6.77.1.i586.rpm", "packageName": "preload-kmp-default", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-desktop-devel-3.0.101-99.1.i586.rpm", "packageName": "kernel-desktop-devel", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-vanilla-base-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-vanilla-base-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-ec2-hmac-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-ec2-hmac", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "1.2_3.0.101_99-6.77.1", "arch": "x86_64", "packageFilename": "preload-kmp-desktop-debuginfo-1.2_3.0.101_99-6.77.1.x86_64.rpm", "packageName": "preload-kmp-desktop-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-debug-hmac-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-debug-hmac", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-vanilla-hmac-3.0.101-99.1.i586.rpm", "packageName": "kernel-vanilla-hmac", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-trace-base-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-trace-base", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-vanilla-devel-debuginfo-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-vanilla-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-desktop-hmac-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-desktop-hmac", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-source-3.0.101-99.1.i586.rpm", "packageName": "kernel-source", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-debug-3.0.101-99.1.i586.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-pae-hmac-3.0.101-99.1.i586.rpm", "packageName": "kernel-pae-hmac", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "1.2-6.77.1", "arch": "i586", "packageFilename": "preload-debuginfo-1.2-6.77.1.i586.rpm", "packageName": "preload-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-default-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-default-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-trace-base-3.0.101-99.1.i586.rpm", "packageName": "kernel-trace-base", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-source-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-source", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-xen-hmac-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-xen-hmac", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-trace-debuginfo-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-trace-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.2", "arch": "noarch", "packageFilename": "kernel-docs-3.0.101-99.2.noarch.rpm", "packageName": "kernel-docs", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-trace-hmac-3.0.101-99.1.i586.rpm", "packageName": "kernel-trace-hmac", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-source-vanilla-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-source-vanilla", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-ec2-base-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-ec2-base-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-desktop-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-desktop-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "1.2-6.77.1", "arch": "x86_64", "packageFilename": "preload-debugsource-1.2-6.77.1.x86_64.rpm", "packageName": "preload-debugsource", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-vmi-debugsource-3.0.101-99.1.i586.rpm", "packageName": "kernel-vmi-debugsource", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-debug-debuginfo-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-debug-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-pae-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-pae-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-trace-devel-debuginfo-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-trace-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-ec2-debuginfo-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-ec2-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-vanilla-base-debuginfo-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-vanilla-base-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-ec2-devel-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-ec2-devel", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-ec2-devel-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-ec2-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-vanilla-hmac-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-vanilla-hmac", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-syms-3.0.101-99.1.i586.rpm", "packageName": "kernel-syms", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-debug-base-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-debug-base", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "1.2-6.77.1", "arch": "x86_64", "packageFilename": "preload-debuginfo-1.2-6.77.1.x86_64.rpm", "packageName": "preload-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-default-devel-debuginfo-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-default-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-xen-devel-debuginfo-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-xen-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-desktop-hmac-3.0.101-99.1.i586.rpm", "packageName": "kernel-desktop-hmac", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-debug-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "1.2_3.0.101_99-6.77.1", "arch": "x86_64", "packageFilename": "preload-kmp-desktop-1.2_3.0.101_99-6.77.1.x86_64.rpm", "packageName": "preload-kmp-desktop", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-default-base-debuginfo-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-default-base-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-ec2-hmac-3.0.101-99.1.i586.rpm", "packageName": "kernel-ec2-hmac", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "1.2_3.0.101_99-6.77.1", "arch": "x86_64", "packageFilename": "preload-kmp-default-1.2_3.0.101_99-6.77.1.x86_64.rpm", "packageName": "preload-kmp-default", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-vanilla-devel-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-vanilla-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-default-hmac-3.0.101-99.1.i586.rpm", "packageName": "kernel-default-hmac", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-default-devel-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-default-devel", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-xen-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-xen", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-xen-devel-3.0.101-99.1.i586.rpm", "packageName": "kernel-xen-devel", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-debug-debugsource-3.0.101-99.1.i586.rpm", "packageName": "kernel-debug-debugsource", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-xen-devel-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-xen-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "1.2-6.77.1", "arch": "i586", "packageFilename": "preload-1.2-6.77.1.i586.rpm", "packageName": "preload", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-default-devel-3.0.101-99.1.i586.rpm", "packageName": "kernel-default-devel", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-trace-debugsource-3.0.101-99.1.i586.rpm", "packageName": "kernel-trace-debugsource", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "1.2-6.77.1", "arch": "x86_64", "packageFilename": "preload-1.2-6.77.1.x86_64.rpm", "packageName": "preload", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-trace-3.0.101-99.1.i586.rpm", "packageName": "kernel-trace", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-ec2-extra-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-ec2-extra", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-ec2-devel-debuginfo-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-ec2-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-vanilla-debugsource-3.0.101-99.1.i586.rpm", "packageName": "kernel-vanilla-debugsource", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-vmi-hmac-3.0.101-99.1.i586.rpm", "packageName": "kernel-vmi-hmac", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-debug-base-debuginfo-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-debug-base-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-vanilla-devel-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-vanilla-devel", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-default-debugsource-3.0.101-99.1.i586.rpm", "packageName": "kernel-default-debugsource", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "x86_64", "packageFilename": "kernel-desktop-devel-3.0.101-99.1.x86_64.rpm", "packageName": "kernel-desktop-devel", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-default-devel-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-default-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE Evergreen", "OSVersion": "11.4", "packageVersion": "3.0.101-99.1", "arch": "i586", "packageFilename": "kernel-trace-base-debuginfo-3.0.101-99.1.i586.rpm", "packageName": "kernel-trace-base-debuginfo", "operator": "lt"}], "description": "kernel update for Evergreen 11.4, includes leap second deadlock fix and\n fixes for other security and stability issues\n\n", "edition": 1, "reporter": "Suse", "published": "2015-03-21T15:04:43", "title": "kernel update for Evergreen 11.4, includes leap second deadlock fix (important)", "enchantments": {"score": {"vector": "NONE", "value": 10.0}}, "type": "suse", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3646", "CVE-2014-8369", "CVE-2014-0131", "CVE-2014-8134", "CVE-2014-3186", "CVE-2014-3673", "CVE-2014-9090", "CVE-2014-3688", "CVE-2013-2929", "CVE-2014-7841", "CVE-2014-4508", "CVE-2014-3647", "CVE-2014-3610", "CVE-2014-4943", "CVE-2014-9322", "CVE-2014-3181", "CVE-2014-8709", "CVE-2014-5472", "CVE-2014-3185", "CVE-2013-2897", "CVE-2014-8559", "CVE-2014-3601", "CVE-2014-2309", "CVE-2013-2899", "CVE-2014-4608", "CVE-2014-9584", "CVE-2013-7263", "CVE-2014-0181", "CVE-2014-3690", "CVE-2012-4398", "CVE-2014-5471", "CVE-2014-8133", "CVE-2014-7842", "CVE-2014-7826", "CVE-2014-9585", "CVE-2013-2893", "CVE-2014-3184", "CVE-2014-3687"], "modified": "2015-03-21T15:04:43", "id": "OPENSUSE-SU-2015:0566-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}]}
