DATABASE RESOURCES PRICING ABOUT US

{"id": "DEBIANCVE:CVE-2013-4513", "vendorId": null, "type": "debiancve", "bulletinFamily": "info", "title": "CVE-2013-4513", "description": "Buffer overflow in the oz_cdev_write function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted write operation.", "published": "2013-11-12T14:35:00", "modified": "2013-11-12T14:35:00", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9}, "severity": "MEDIUM", "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {}, "href": "https://security-tracker.debian.org/tracker/CVE-2013-4513", "reporter": "Debian Security Bug Tracker", "references": [], "cvelist": ["CVE-2013-4513"], "immutableFields": [], "lastseen": "2022-06-23T06:00:11", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2013-4513"]}, {"type": "nessus", "idList": ["EULEROS_SA-2019-1508.NASL", "OPENSUSE-2014-113.NASL", "UBUNTU_USN-2068-1.NASL", "UBUNTU_USN-2069-1.NASL", "UBUNTU_USN-2070-1.NASL", "UBUNTU_USN-2071-1.NASL", "UBUNTU_USN-2073-1.NASL", "UBUNTU_USN-2075-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310841668", "OPENVAS:1361412562310841669", "OPENVAS:1361412562310841670", "OPENVAS:1361412562310841671", "OPENVAS:1361412562310841672", "OPENVAS:1361412562310841673", "OPENVAS:1361412562310841678", "OPENVAS:1361412562310841679", "OPENVAS:1361412562310841680", "OPENVAS:1361412562310850566", "OPENVAS:1361412562311220191508", "OPENVAS:841668", "OPENVAS:841669", "OPENVAS:841670", "OPENVAS:841671", "OPENVAS:841672", "OPENVAS:841673", "OPENVAS:841678", "OPENVAS:841679", "OPENVAS:841680", "OPENVAS:850566"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30152", "SECURITYVULNS:VULN:13475"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2014:0204-1"]}, {"type": "ubuntu", "idList": ["USN-2068-1", "USN-2069-1", "USN-2070-1", "USN-2071-1", "USN-2072-1", "USN-2073-1", "USN-2074-1", "USN-2075-1", "USN-2076-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2013-4513"]}], "rev": 4}, "score": {"value": 6.7, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2013-4513"]}, {"type": "nessus", "idList": ["OPENSUSE-2014-113.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310841671", "OPENVAS:841672", "OPENVAS:841678"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30152"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2014:0204-1"]}, {"type": "ubuntu", "idList": ["USN-2070-1", "USN-2071-1", "USN-2075-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2013-4513"]}]}, "exploitation": null, "vulnersScore": 6.7}, "_state": {"dependencies": 0, "score": 0}, "_internal": {}, "affectedPackage": [{"OS": "Debian", "OSVersion": "12", "arch": "all", "packageFilename": "linux_5.18.5-1_all.deb", "packageVersion": "5.18.5-1", "operator": "lt", "status": "resolved", "packageName": "linux"}, {"OS": "Debian", "OSVersion": "11", "arch": "all", "packageFilename": "linux_5.10.106-1_all.deb", "packageVersion": "5.10.106-1", "operator": "lt", "status": "resolved", "packageName": "linux"}, {"OS": "Debian", "OSVersion": "10", "arch": "all", "packageFilename": "linux_4.19.235-1_all.deb", "packageVersion": "4.19.235-1", "operator": "lt", "status": "resolved", "packageName": "linux"}, {"OS": "Debian", "OSVersion": "999", "arch": "all", "packageFilename": "linux_5.18.5-1_all.deb", "packageVersion": "5.18.5-1", "operator": "lt", "status": "resolved", "packageName": "linux"}, {"OS": "Debian", "OSVersion": "9", "arch": "all", "packageFilename": "linux_4.9.228-1_all.deb", "packageVersion": "4.9.228-1", "operator": "lt", "status": "resolved", "packageName": "linux"}]}

{"cve": [{"lastseen": "2022-03-23T13:39:49", "description": "Buffer overflow in the oz_cdev_write function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted write operation.", "cvss3": {}, "published": "2013-11-12T14:35:00", "type": "cve", "title": "CVE-2013-4513", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4513"], "modified": "2016-12-31T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.10.8", "cpe:/o:linux:linux_kernel:3.7.4", "cpe:/o:linux:linux_kernel:3.6.7", "cpe:/o:linux:linux_kernel:3.10.9", "cpe:/o:linux:linux_kernel:3.3.8", "cpe:/o:linux:linux_kernel:3.0.68", "cpe:/o:linux:linux_kernel:3.2.10", "cpe:/o:linux:linux_kernel:3.2.5", "cpe:/o:linux:linux_kernel:3.7.6", "cpe:/o:linux:linux_kernel:3.11.7", "cpe:/o:linux:linux_kernel:3.2.25", "cpe:/o:linux:linux_kernel:3.0.17", "cpe:/o:linux:linux_kernel:3.4.26", "cpe:/o:linux:linux_kernel:3.8.6", "cpe:/o:linux:linux_kernel:3.2.7", "cpe:/o:linux:linux_kernel:3.4.29", "cpe:/o:linux:linux_kernel:3.4.23", "cpe:/o:linux:linux_kernel:3.0.44", "cpe:/o:linux:linux_kernel:3.0.45", "cpe:/o:linux:linux_kernel:3.2.17", "cpe:/o:linux:linux_kernel:3.10.4", "cpe:/o:linux:linux_kernel:3.4.4", "cpe:/o:linux:linux_kernel:3.8.13", "cpe:/o:linux:linux_kernel:3.5.4", "cpe:/o:linux:linux_kernel:3.0.57", "cpe:/o:linux:linux_kernel:3.0.34", "cpe:/o:linux:linux_kernel:3.0.7", "cpe:/o:linux:linux_kernel:3.0.12", "cpe:/o:linux:linux_kernel:3.9.1", "cpe:/o:linux:linux_kernel:3.3.3", "cpe:/o:linux:linux_kernel:3.0.59", "cpe:/o:linux:linux_kernel:3.9.6", "cpe:/o:linux:linux_kernel:3.9.0", "cpe:/o:linux:linux_kernel:3.0.5", "cpe:/o:linux:linux_kernel:3.0.24", "cpe:/o:linux:linux_kernel:3.0", "cpe:/o:linux:linux_kernel:3.9.7", "cpe:/o:linux:linux_kernel:3.4.3", "cpe:/o:linux:linux_kernel:3.0.20", "cpe:/o:linux:linux_kernel:3.4.24", "cpe:/o:linux:linux_kernel:3.5.6", "cpe:/o:linux:linux_kernel:3.7.3", "cpe:/o:linux:linux_kernel:3.7.9", "cpe:/o:linux:linux_kernel:3.6.6", "cpe:/o:linux:linux_kernel:3.8.10", "cpe:/o:linux:linux_kernel:3.0.65", "cpe:/o:linux:linux_kernel:3.2", "cpe:/o:linux:linux_kernel:3.4.30", "cpe:/o:linux:linux_kernel:3.7.7", "cpe:/o:linux:linux_kernel:3.4.19", "cpe:/o:linux:linux_kernel:3.11.3", "cpe:/o:linux:linux_kernel:3.0.10", "cpe:/o:linux:linux_kernel:3.2.9", "cpe:/o:linux:linux_kernel:3.4.1", "cpe:/o:linux:linux_kernel:3.0.11", "cpe:/o:linux:linux_kernel:3.0.38", "cpe:/o:linux:linux_kernel:3.0.28", "cpe:/o:linux:linux_kernel:3.5.2", "cpe:/o:linux:linux_kernel:3.6.2", "cpe:/o:linux:linux_kernel:3.2.21", "cpe:/o:linux:linux_kernel:3.2.23", "cpe:/o:linux:linux_kernel:3.0.3", "cpe:/o:linux:linux_kernel:3.10.6", "cpe:/o:linux:linux_kernel:3.0.33", "cpe:/o:linux:linux_kernel:3.8.3", "cpe:/o:linux:linux_kernel:3.4", "cpe:/o:linux:linux_kernel:3.4.6", "cpe:/o:linux:linux_kernel:3.0.9", "cpe:/o:linux:linux_kernel:3.9.4", "cpe:/o:linux:linux_kernel:3.0.55", "cpe:/o:linux:linux_kernel:3.4.32", "cpe:/o:linux:linux_kernel:3.9.2", "cpe:/o:linux:linux_kernel:3.4.2", "cpe:/o:linux:linux_kernel:3.2.18", "cpe:/o:linux:linux_kernel:3.2.27", "cpe:/o:linux:linux_kernel:3.4.21", "cpe:/o:linux:linux_kernel:3.10.15", "cpe:/o:linux:linux_kernel:3.0.50", "cpe:/o:linux:linux_kernel:3.11.2", "cpe:/o:linux:linux_kernel:3.3.5", "cpe:/o:linux:linux_kernel:3.10.2", "cpe:/o:linux:linux_kernel:3.3.7", "cpe:/o:linux:linux_kernel:3.4.9", "cpe:/o:linux:linux_kernel:3.1.5", "cpe:/o:linux:linux_kernel:3.0.1", "cpe:/o:linux:linux_kernel:3.2.15", "cpe:/o:linux:linux_kernel:3.8.11", "cpe:/o:linux:linux_kernel:3.4.28", "cpe:/o:linux:linux_kernel:3.0.56", "cpe:/o:linux:linux_kernel:3.0.60", "cpe:/o:linux:linux_kernel:3.11.6", "cpe:/o:linux:linux_kernel:3.2.19", "cpe:/o:linux:linux_kernel:3.9.3", "cpe:/o:linux:linux_kernel:3.0.43", "cpe:/o:linux:linux_kernel:3.1.7", "cpe:/o:linux:linux_kernel:3.8.0", "cpe:/o:linux:linux_kernel:3.5.3", "cpe:/o:linux:linux_kernel:3.4.20", "cpe:/o:linux:linux_kernel:3.0.64", "cpe:/o:linux:linux_kernel:3.2.6", "cpe:/o:linux:linux_kernel:3.0.51", "cpe:/o:linux:linux_kernel:3.4.25", "cpe:/o:linux:linux_kernel:3.10.0", "cpe:/o:linux:linux_kernel:3.11.5", "cpe:/o:linux:linux_kernel:3.10.18", "cpe:/o:linux:linux_kernel:3.8.4", "cpe:/o:linux:linux_kernel:3.4.12", "cpe:/o:linux:linux_kernel:3.6.9", "cpe:/o:linux:linux_kernel:3.10.11", "cpe:/o:linux:linux_kernel:3.0.46", "cpe:/o:linux:linux_kernel:3.0.31", "cpe:/o:linux:linux_kernel:3.2.2", "cpe:/o:linux:linux_kernel:3.2.8", "cpe:/o:linux:linux_kernel:3.3.6", "cpe:/o:linux:linux_kernel:3.8.5", "cpe:/o:linux:linux_kernel:3.0.27", "cpe:/o:linux:linux_kernel:3.0.2", "cpe:/o:linux:linux_kernel:3.4.10", "cpe:/o:linux:linux_kernel:3.0.4", "cpe:/o:linux:linux_kernel:3.2.30", "cpe:/o:linux:linux_kernel:3.4.8", "cpe:/o:linux:linux_kernel:3.0.29", "cpe:/o:linux:linux_kernel:3.4.31", "cpe:/o:linux:linux_kernel:3.0.23", "cpe:/o:linux:linux_kernel:3.0.66", "cpe:/o:linux:linux_kernel:3.8.7", "cpe:/o:linux:linux_kernel:3.7", "cpe:/o:linux:linux_kernel:3.6.4", "cpe:/o:linux:linux_kernel:3.0.8", "cpe:/o:linux:linux_kernel:3.0.53", "cpe:/o:linux:linux_kernel:3.7.1", "cpe:/o:linux:linux_kernel:3.0.47", "cpe:/o:linux:linux_kernel:3.6.3", "cpe:/o:linux:linux_kernel:3.1.4", "cpe:/o:linux:linux_kernel:3.4.5", "cpe:/o:linux:linux_kernel:3.4.14", "cpe:/o:linux:linux_kernel:3.0.36", "cpe:/o:linux:linux_kernel:3.10.10", "cpe:/o:linux:linux_kernel:3.9.9", "cpe:/o:linux:linux_kernel:3.0.13", "cpe:/o:linux:linux_kernel:3.4.27", "cpe:/o:linux:linux_kernel:3.2.22", "cpe:/o:linux:linux_kernel:3.2.14", "cpe:/o:linux:linux_kernel:3.2.4", "cpe:/o:linux:linux_kernel:3.4.15", "cpe:/o:linux:linux_kernel:3.4.17", "cpe:/o:linux:linux_kernel:3.10.1", "cpe:/o:linux:linux_kernel:3.2.12", "cpe:/o:linux:linux_kernel:3.0.58", "cpe:/o:linux:linux_kernel:3.0.67", "cpe:/o:linux:linux_kernel:3.10.16", "cpe:/o:linux:linux_kernel:3.2.24", "cpe:/o:linux:linux_kernel:3.6", "cpe:/o:linux:linux_kernel:3.10.7", "cpe:/o:linux:linux_kernel:3.6.11", "cpe:/o:linux:linux_kernel:3.0.22", "cpe:/o:linux:linux_kernel:3.0.30", "cpe:/o:linux:linux_kernel:3.2.20", "cpe:/o:linux:linux_kernel:3.4.11", "cpe:/o:linux:linux_kernel:3.10.12", "cpe:/o:linux:linux_kernel:3.6.5", "cpe:/o:linux:linux_kernel:3.4.22", "cpe:/o:linux:linux_kernel:3.0.6", "cpe:/o:linux:linux_kernel:3.10.13", "cpe:/o:linux:linux_kernel:3.0.40", "cpe:/o:linux:linux_kernel:3.0.32", "cpe:/o:linux:linux_kernel:3.0.63", "cpe:/o:linux:linux_kernel:3.3", "cpe:/o:linux:linux_kernel:3.0.49", "cpe:/o:linux:linux_kernel:3.4.16", "cpe:/o:linux:linux_kernel:3.11.4", "cpe:/o:linux:linux_kernel:3.0.48", "cpe:/o:linux:linux_kernel:3.4.13", "cpe:/o:linux:linux_kernel:3.5.1", "cpe:/o:linux:linux_kernel:3.2.3", "cpe:/o:linux:linux_kernel:3.5.5", "cpe:/o:linux:linux_kernel:3.1.6", "cpe:/o:linux:linux_kernel:3.0.61", "cpe:/o:linux:linux_kernel:3.0.62", "cpe:/o:linux:linux_kernel:3.2.26", "cpe:/o:linux:linux_kernel:3.10.5", "cpe:/o:linux:linux_kernel:3.1.3", "cpe:/o:linux:linux_kernel:3.0.39", "cpe:/o:linux:linux_kernel:3.2.16", "cpe:/o:linux:linux_kernel:3.1.9", "cpe:/o:linux:linux_kernel:3.7.8", "cpe:/o:linux:linux_kernel:3.7.2", "cpe:/o:linux:linux_kernel:3.6.8", "cpe:/o:linux:linux_kernel:3.0.21", "cpe:/o:linux:linux_kernel:3.4.7", "cpe:/o:linux:linux_kernel:3.8.8", "cpe:/o:linux:linux_kernel:3.8.1", "cpe:/o:linux:linux_kernel:3.0.15", "cpe:/o:linux:linux_kernel:3.0.41", "cpe:/o:linux:linux_kernel:3.8.12", "cpe:/o:linux:linux_kernel:3.8.9", "cpe:/o:linux:linux_kernel:3.9.5", "cpe:/o:linux:linux_kernel:3.1.10", "cpe:/o:linux:linux_kernel:3.11.1", "cpe:/o:linux:linux_kernel:3.0.25", "cpe:/o:linux:linux_kernel:3.0.19", "cpe:/o:linux:linux_kernel:3.6.1", "cpe:/o:linux:linux_kernel:3.2.11", "cpe:/o:linux:linux_kernel:3.9.10", "cpe:/o:linux:linux_kernel:3.10.14", "cpe:/o:linux:linux_kernel:3.7.5", "cpe:/o:linux:linux_kernel:3.3.2", "cpe:/o:linux:linux_kernel:3.4.18", "cpe:/o:linux:linux_kernel:3.8.2", "cpe:/o:linux:linux_kernel:3.6.10", "cpe:/o:linux:linux_kernel:3.2.1", "cpe:/o:linux:linux_kernel:3.10.3", "cpe:/o:linux:linux_kernel:3.2.29", "cpe:/o:linux:linux_kernel:3.10.17", "cpe:/o:linux:linux_kernel:3.5.7", "cpe:/o:linux:linux_kernel:3.9", "cpe:/o:linux:linux_kernel:3.0.26", "cpe:/o:linux:linux_kernel:3.0.42", "cpe:/o:linux:linux_kernel:3.3.4", "cpe:/o:linux:linux_kernel:3.0.35", "cpe:/o:linux:linux_kernel:3.1.1", "cpe:/o:linux:linux_kernel:3.2.13", "cpe:/o:linux:linux_kernel:3.2.28", "cpe:/o:linux:linux_kernel:3.1.2", "cpe:/o:linux:linux_kernel:3.11", "cpe:/o:linux:linux_kernel:3.1.8", "cpe:/o:linux:linux_kernel:3.0.37", "cpe:/o:linux:linux_kernel:3.0.52", "cpe:/o:linux:linux_kernel:3.0.14", "cpe:/o:linux:linux_kernel:3.1", "cpe:/o:linux:linux_kernel:3.7.10", "cpe:/o:linux:linux_kernel:3.0.54", "cpe:/o:linux:linux_kernel:3.9.11", "cpe:/o:linux:linux_kernel:3.0.16", "cpe:/o:linux:linux_kernel:3.3.1", "cpe:/o:linux:linux_kernel:3.9.8", "cpe:/o:linux:linux_kernel:3.0.18"], "id": "CVE-2013-4513", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4513", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.9.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.61:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.40:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.7.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.63:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.39:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.44:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.59:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.4.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.66:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.10.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.49:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.0:*:*:*:*:*:arm64:*", "cpe:2.3:o:linux:linux_kernel:3.8.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.52:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.58:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.54:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.45:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.48:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.65:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.51:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.10.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.57:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.41:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.7.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.42:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.43:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.62:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.67:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.0.47:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.8.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.64:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.55:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.0.46:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.50:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.56:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.68:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.53:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.4.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.60:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc4:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:32:43", "description": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-4513. Reason: This candidate is a duplicate of CVE-2013-4513. Notes: All CVE users should reference CVE-2013-4513 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", "cvss3": {}, "published": "2013-11-25T15:55:00", "type": "cve", "title": "CVE-2013-6379", "cwe": [], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2013-4513", "CVE-2013-6379"], "modified": "2013-11-25T15:55:00", "cpe": [], "id": "CVE-2013-6379", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6379", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": []}], "ubuntucve": [{"lastseen": "2021-11-22T21:52:48", "description": "Buffer overflow in the oz_cdev_write function in\ndrivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows\nlocal users to cause a denial of service or possibly have unspecified other\nimpact via a crafted write operation.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1249272>\n", "cvss3": {}, "published": "2013-11-12T00:00:00", "type": "ubuntucve", "title": "CVE-2013-4513", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4513"], "modified": "2013-11-12T00:00:00", "id": "UB:CVE-2013-4513", "href": "https://ubuntu.com/security/CVE-2013-4513", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "openvas": [{"lastseen": "2019-05-29T18:37:44", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-01-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-2071-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7027", "CVE-2013-4345", "CVE-2013-4513", "CVE-2013-6383", "CVE-2013-4515", "CVE-2013-4511", "CVE-2013-4514", "CVE-2013-2930", "CVE-2013-6763"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841669", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841669", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2071_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux USN-2071-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841669\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-06 15:55:21 +0530 (Mon, 06 Jan 2014)\");\n script_cve_id(\"CVE-2013-2930\", \"CVE-2013-4345\", \"CVE-2013-4511\", \"CVE-2013-4513\",\n \"CVE-2013-4514\", \"CVE-2013-4515\", \"CVE-2013-6383\", \"CVE-2013-6763\",\n \"CVE-2013-7027\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux USN-2071-1\");\n\n script_tag(name:\"affected\", value:\"linux on Ubuntu 12.10\");\n script_tag(name:\"insight\", value:\"Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event\nsubsystem that allows normal users to enable function tracing. An\nunprivileged local user could exploit this flaw to obtain potentially\nsensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random\nnumber generator. This flaw makes it easier for a local attacker to break\ncryptographic protections. (CVE-2013-4345)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame-\nbuffer drivers in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo\nDevices USB over WiFi devices. A local user could exploit this flaw to\ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the\nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of\nservice or possibly gain administrative privileges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Beceem WIMAX chipset based devices. An unprivileged local user\ncould exploit this flaw to obtain sensitive information from kernel memory.\n(CVE-2013-4515)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec\nAACRAID scsi raid devices. An unprivileged local user could send\nadministrative commands to these devices potentially compromising the data\nstored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver.\nA local user could exploit this flaw to cause a denial of service (memory\ncorruption) or possibly gain privileges. (CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header\nparsing. A remote attacker could cause a denial of service (buffer over-\nread) via a specially crafted header. (CVE-2013-7027)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2071-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2071-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.10\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-45-generic\", ver:\"3.5.0-45.68\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-45-highbank\", ver:\"3.5.0-45.68\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-45-omap\", ver:\"3.5.0-45.68\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-45-powerpc-smp\", ver:\"3.5.0-45.68\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-45-powerpc64-smp\", ver:\"3.5.0-45.68\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:40", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-01-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-lts-quantal USN-2068-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7027", "CVE-2013-4345", "CVE-2013-4513", "CVE-2013-6383", "CVE-2013-4515", "CVE-2013-4511", "CVE-2013-4514", "CVE-2013-2930", "CVE-2013-6763"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841671", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841671", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2068_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-lts-quantal USN-2068-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841671\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-06 15:57:22 +0530 (Mon, 06 Jan 2014)\");\n script_cve_id(\"CVE-2013-2930\", \"CVE-2013-4345\", \"CVE-2013-4511\", \"CVE-2013-4513\",\n \"CVE-2013-4514\", \"CVE-2013-4515\", \"CVE-2013-6383\", \"CVE-2013-6763\",\n \"CVE-2013-7027\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-lts-quantal USN-2068-1\");\n\n script_tag(name:\"affected\", value:\"linux-lts-quantal on Ubuntu 12.04 LTS\");\n script_tag(name:\"insight\", value:\"Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event\nsubsystem that allows normal users to enable function tracing. An\nunprivileged local user could exploit this flaw to obtain potentially\nsensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random\nnumber generator. This flaw makes it easier for a local attacker to break\ncryptographic protections. (CVE-2013-4345)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame-\nbuffer drivers in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo\nDevices USB over WiFi devices. A local user could exploit this flaw to\ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the\nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of\nservice or possibly gain administrative privileges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Beceem WIMAX chipset based devices. An unprivileged local user\ncould exploit this flaw to obtain sensitive information from kernel memory.\n(CVE-2013-4515)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec\nAACRAID scsi raid devices. An unprivileged local user could send\nadministrative commands to these devices potentially compromising the data\nstored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver.\nA local user could exploit this flaw to cause a denial of service (memory\ncorruption) or possibly gain privileges. (CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header\nparsing. A remote attacker could cause a denial of service (buffer over-\nread) via a specially crafted header. (CVE-2013-7027)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2068-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2068-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-quantal'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-45-generic\", ver:\"3.5.0-45.68~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:17:27", "description": "Check for the Version of linux-ti-omap4", "cvss3": {}, "published": "2014-01-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-2074-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7027", "CVE-2013-4345", "CVE-2013-4513", "CVE-2013-6383", "CVE-2013-4515", "CVE-2013-4511", "CVE-2013-4514", "CVE-2013-2930", "CVE-2013-6763"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841672", "href": "http://plugins.openvas.org/nasl.php?oid=841672", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2074_1.nasl 7957 2017-12-01 06:40:08Z santu $\n#\n# Ubuntu Update for linux-ti-omap4 USN-2074-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(841672);\n script_version(\"$Revision: 7957 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:40:08 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-06 15:59:05 +0530 (Mon, 06 Jan 2014)\");\n script_cve_id(\"CVE-2013-2930\", \"CVE-2013-4345\", \"CVE-2013-4511\", \"CVE-2013-4513\",\n \"CVE-2013-4514\", \"CVE-2013-4515\", \"CVE-2013-6383\", \"CVE-2013-6763\",\n \"CVE-2013-7027\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-2074-1\");\n\n tag_insight = \"Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event\nsubsystem that allows normal users to enable function tracing. An\nunprivileged local user could exploit this flaw to obtain potentially\nsensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random\nnumber generator. This flaw makes it easier for a local attacker to break\ncryptographic protections. (CVE-2013-4345)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame-\nbuffer drivers in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo\nDevices USB over WiFi devices. A local user could exploit this flaw to\ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the\nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of\nservice or possibly gain administrative priviliges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Beceem WIMAX chipset based devices. An unprivileged local user\ncould exploit this flaw to obtain sensitive information from kernel memory.\n(CVE-2013-4515)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec\nAACRAID scsi raid devices. An unprivileged local user could send\nadministrative commands to these devices potentially compromising the data\nstored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver.\nA local user could exploit this flaw to cause a denial of service (memory\ncorruption) or possibly gain privileges. (CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header\nparsing. A remote attacker could cause a denial of service (buffer over-\nread) via a specially crafted header. (CVE-2013-7027)\";\n\n tag_affected = \"linux-ti-omap4 on Ubuntu 13.04\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"USN\", value: \"2074-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-2074-1/\");\n script_summary(\"Check for the Version of linux-ti-omap4\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU13.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-237-omap4\", ver:\"3.5.0-237.53\", rls:\"UBUNTU13.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:36", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-01-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-2073-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7027", "CVE-2013-4513", "CVE-2013-6383", "CVE-2013-4515", "CVE-2013-4511", "CVE-2013-4516", "CVE-2013-4514", "CVE-2013-6763", "CVE-2013-4470"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841680", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841680", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2073_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux USN-2073-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841680\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-06 16:07:10 +0530 (Mon, 06 Jan 2014)\");\n script_cve_id(\"CVE-2013-4470\", \"CVE-2013-4511\", \"CVE-2013-4513\", \"CVE-2013-4514\",\n \"CVE-2013-4515\", \"CVE-2013-4516\", \"CVE-2013-6383\", \"CVE-2013-6763\",\n \"CVE-2013-7027\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux USN-2073-1\");\n\n script_tag(name:\"affected\", value:\"linux on Ubuntu 13.04\");\n script_tag(name:\"insight\", value:\"Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP\nFragmentation Offload (UFO). An unprivileged local user could exploit this\nflaw to cause a denial of service (system crash) or possibly gain\nadministrative privileges. (CVE-2013-4470)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame-\nbuffer drivers in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo\nDevices USB over WiFi devices. A local user could exploit this flaw to\ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the\nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of\nservice or possibly gain administrative privileges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Beceem WIMAX chipset based devices. An unprivileged local user\ncould exploit this flaw to obtain sensitive information from kernel memory.\n(CVE-2013-4515)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for the SystemBase Multi-2/PCI serial card. An unprivileged user\ncould obtain sensitive information from kernel memory. (CVE-2013-4516)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec\nAACRAID scsi raid devices. An unprivileged local user could send\nadministrative commands to these devices potentially compromising the data\nstored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver.\nA local user could exploit this flaw to cause a denial of service (memory\ncorruption) or possibly gain privileges. (CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header\nparsing. A remote attacker could cause a denial of service (buffer over-\nread) via a specially crafted header. (CVE-2013-7027)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2073-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2073-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU13\\.04\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU13.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.8.0-35-generic\", ver:\"3.8.0-35.50\", rls:\"UBUNTU13.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:16:50", "description": "Check for the Version of linux-lts-quantal", "cvss3": {}, "published": "2014-01-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-lts-quantal USN-2068-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7027", "CVE-2013-4345", "CVE-2013-4513", "CVE-2013-6383", "CVE-2013-4515", "CVE-2013-4511", "CVE-2013-4514", "CVE-2013-2930", "CVE-2013-6763"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841671", "href": "http://plugins.openvas.org/nasl.php?oid=841671", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2068_1.nasl 7957 2017-12-01 06:40:08Z santu $\n#\n# Ubuntu Update for linux-lts-quantal USN-2068-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(841671);\n script_version(\"$Revision: 7957 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:40:08 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-06 15:57:22 +0530 (Mon, 06 Jan 2014)\");\n script_cve_id(\"CVE-2013-2930\", \"CVE-2013-4345\", \"CVE-2013-4511\", \"CVE-2013-4513\",\n \"CVE-2013-4514\", \"CVE-2013-4515\", \"CVE-2013-6383\", \"CVE-2013-6763\",\n \"CVE-2013-7027\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-lts-quantal USN-2068-1\");\n\n tag_insight = \"Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event\nsubsystem that allows normal users to enable function tracing. An\nunprivileged local user could exploit this flaw to obtain potentially\nsensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random\nnumber generator. This flaw makes it easier for a local attacker to break\ncryptographic protections. (CVE-2013-4345)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame-\nbuffer drivers in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo\nDevices USB over WiFi devices. A local user could exploit this flaw to\ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the\nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of\nservice or possibly gain administrative priviliges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Beceem WIMAX chipset based devices. An unprivileged local user\ncould exploit this flaw to obtain sensitive information from kernel memory.\n(CVE-2013-4515)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec\nAACRAID scsi raid devices. An unprivileged local user could send\nadministrative commands to these devices potentially compromising the data\nstored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver.\nA local user could exploit this flaw to cause a denial of service (memory\ncorruption) or possibly gain privileges. (CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header\nparsing. A remote attacker could cause a denial of service (buffer over-\nread) via a specially crafted header. (CVE-2013-7027)\";\n\n tag_affected = \"linux-lts-quantal on Ubuntu 12.04 LTS\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"USN\", value: \"2068-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-2068-1/\");\n script_summary(\"Check for the Version of linux-lts-quantal\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-45-generic\", ver:\"3.5.0-45.68~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:16:57", "description": "Check for the Version of linux-lts-raring", "cvss3": {}, "published": "2014-01-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-lts-raring USN-2069-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7027", "CVE-2013-4513", "CVE-2013-6383", "CVE-2013-4515", "CVE-2013-4511", "CVE-2013-4516", "CVE-2013-4514", "CVE-2013-6763", "CVE-2013-4470"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841673", "href": "http://plugins.openvas.org/nasl.php?oid=841673", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2069_1.nasl 7957 2017-12-01 06:40:08Z santu $\n#\n# Ubuntu Update for linux-lts-raring USN-2069-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(841673);\n script_version(\"$Revision: 7957 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:40:08 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-06 16:00:47 +0530 (Mon, 06 Jan 2014)\");\n script_cve_id(\"CVE-2013-4470\", \"CVE-2013-4511\", \"CVE-2013-4513\", \"CVE-2013-4514\",\n \"CVE-2013-4515\", \"CVE-2013-4516\", \"CVE-2013-6383\", \"CVE-2013-6763\",\n \"CVE-2013-7027\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-lts-raring USN-2069-1\");\n\n tag_insight = \"Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP\nFragmentation Offload (UFO). An unprivileged local user could exploit this\nflaw to cause a denial of service (system crash) or possibly gain\nadministrative privileges. (CVE-2013-4470)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame-\nbuffer drivers in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo\nDevices USB over WiFi devices. A local user could exploit this flaw to\ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the\nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of\nservice or possibly gain administrative priviliges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Beceem WIMAX chipset based devices. An unprivileged local user\ncould exploit this flaw to obtain sensitive information from kernel memory.\n(CVE-2013-4515)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for the SystemBase Multi-2/PCI serial card. An unprivileged user\ncould obtain sensitive information from kernel memory. (CVE-2013-4516)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec\nAACRAID scsi raid devices. An unprivileged local user could send\nadministrative commands to these devices potentially compromising the data\nstored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver.\nA local user could exploit this flaw to cause a denial of service (memory\ncorruption) or possibly gain privileges. (CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header\nparsing. A remote attacker could cause a denial of service (buffer over-\nread) via a specially crafted header. (CVE-2013-7027)\";\n\n tag_affected = \"linux-lts-raring on Ubuntu 12.04 LTS\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"USN\", value: \"2069-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-2069-1/\");\n script_summary(\"Check for the Version of linux-lts-raring\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.8.0-35-generic\", ver:\"3.8.0-35.50~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-01-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-2072-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7027", "CVE-2013-4345", "CVE-2013-4513", "CVE-2013-6383", "CVE-2013-4515", "CVE-2013-4511", "CVE-2013-4514", "CVE-2013-2930", "CVE-2013-6763"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841668", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841668", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2072_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-ti-omap4 USN-2072-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841668\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-06 15:54:41 +0530 (Mon, 06 Jan 2014)\");\n script_cve_id(\"CVE-2013-2930\", \"CVE-2013-4345\", \"CVE-2013-4511\", \"CVE-2013-4513\",\n \"CVE-2013-4514\", \"CVE-2013-4515\", \"CVE-2013-6383\", \"CVE-2013-6763\",\n \"CVE-2013-7027\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-2072-1\");\n\n script_tag(name:\"affected\", value:\"linux-ti-omap4 on Ubuntu 12.10\");\n script_tag(name:\"insight\", value:\"Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event\nsubsystem that allows normal users to enable function tracing. An\nunprivileged local user could exploit this flaw to obtain potentially\nsensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random\nnumber generator. This flaw makes it easier for a local attacker to break\ncryptographic protections. (CVE-2013-4345)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame-\nbuffer drivers in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo\nDevices USB over WiFi devices. A local user could exploit this flaw to\ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the\nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of\nservice or possibly gain administrative privileges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Beceem WIMAX chipset based devices. An unprivileged local user\ncould exploit this flaw to obtain sensitive information from kernel memory.\n(CVE-2013-4515)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec\nAACRAID scsi raid devices. An unprivileged local user could send\nadministrative commands to these devices potentially compromising the data\nstored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver.\nA local user could exploit this flaw to cause a denial of service (memory\ncorruption) or possibly gain privileges. (CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header\nparsing. A remote attacker could cause a denial of service (buffer over-\nread) via a specially crafted header. (CVE-2013-7027)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2072-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2072-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-ti-omap4'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.10\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-237-omap4\", ver:\"3.5.0-237.53\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:16:42", "description": "Check for the Version of linux-ti-omap4", "cvss3": {}, "published": "2014-01-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-2076-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7027", "CVE-2013-4345", "CVE-2013-4513", "CVE-2013-6383", "CVE-2013-4515", "CVE-2013-4511", "CVE-2013-4514", "CVE-2013-2930", "CVE-2013-6763"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841678", "href": "http://plugins.openvas.org/nasl.php?oid=841678", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2076_1.nasl 7957 2017-12-01 06:40:08Z santu $\n#\n# Ubuntu Update for linux-ti-omap4 USN-2076-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(841678);\n script_version(\"$Revision: 7957 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:40:08 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-06 16:05:32 +0530 (Mon, 06 Jan 2014)\");\n script_cve_id(\"CVE-2013-2930\", \"CVE-2013-4345\", \"CVE-2013-4511\", \"CVE-2013-4513\",\n \"CVE-2013-4514\", \"CVE-2013-4515\", \"CVE-2013-6383\", \"CVE-2013-6763\",\n \"CVE-2013-7027\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-2076-1\");\n\n tag_insight = \"Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event\nsubsystem that allows normal users to enable function tracing. An\nunprivileged local user could exploit this flaw to obtain potentially\nsensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random\nnumber generator. This flaw makes it easier for a local attacker to break\ncryptographic protections. (CVE-2013-4345)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame-\nbuffer drivers in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo\nDevices USB over WiFi devices. A local user could exploit this flaw to\ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the\nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of\nservice or possibly gain administrative priviliges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Beceem WIMAX chipset based devices. An unprivileged local user\ncould exploit this flaw to obtain sensitive information from kernel memory.\n(CVE-2013-4515)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec\nAACRAID scsi raid devices. An unprivileged local user could send\nadministrative commands to these devices potentially compromising the data\nstored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver.\nA local user could exploit this flaw to cause a denial of service (memory\ncorruption) or possibly gain privileges. (CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header\nparsing. A remote attacker could cause a denial of service (buffer over-\nread) via a specially crafted header. (CVE-2013-7027)\";\n\n tag_affected = \"linux-ti-omap4 on Ubuntu 13.10\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"USN\", value: \"2076-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-2076-1/\");\n script_summary(\"Check for the Version of linux-ti-omap4\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU13.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-237-omap4\", ver:\"3.5.0-237.53\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:26", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-01-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-2076-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7027", "CVE-2013-4345", "CVE-2013-4513", "CVE-2013-6383", "CVE-2013-4515", "CVE-2013-4511", "CVE-2013-4514", "CVE-2013-2930", "CVE-2013-6763"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841678", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841678", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2076_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-ti-omap4 USN-2076-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841678\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-06 16:05:32 +0530 (Mon, 06 Jan 2014)\");\n script_cve_id(\"CVE-2013-2930\", \"CVE-2013-4345\", \"CVE-2013-4511\", \"CVE-2013-4513\",\n \"CVE-2013-4514\", \"CVE-2013-4515\", \"CVE-2013-6383\", \"CVE-2013-6763\",\n \"CVE-2013-7027\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-2076-1\");\n\n script_tag(name:\"affected\", value:\"linux-ti-omap4 on Ubuntu 13.10\");\n script_tag(name:\"insight\", value:\"Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event\nsubsystem that allows normal users to enable function tracing. An\nunprivileged local user could exploit this flaw to obtain potentially\nsensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random\nnumber generator. This flaw makes it easier for a local attacker to break\ncryptographic protections. (CVE-2013-4345)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame-\nbuffer drivers in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo\nDevices USB over WiFi devices. A local user could exploit this flaw to\ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the\nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of\nservice or possibly gain administrative privileges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Beceem WIMAX chipset based devices. An unprivileged local user\ncould exploit this flaw to obtain sensitive information from kernel memory.\n(CVE-2013-4515)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec\nAACRAID scsi raid devices. An unprivileged local user could send\nadministrative commands to these devices potentially compromising the data\nstored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver.\nA local user could exploit this flaw to cause a denial of service (memory\ncorruption) or possibly gain privileges. (CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header\nparsing. A remote attacker could cause a denial of service (buffer over-\nread) via a specially crafted header. (CVE-2013-7027)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2076-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2076-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-ti-omap4'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU13\\.10\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU13.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-237-omap4\", ver:\"3.5.0-237.53\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:16:21", "description": "Check for the Version of linux-ti-omap4", "cvss3": {}, "published": "2014-01-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-2072-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7027", "CVE-2013-4345", "CVE-2013-4513", "CVE-2013-6383", "CVE-2013-4515", "CVE-2013-4511", "CVE-2013-4514", "CVE-2013-2930", "CVE-2013-6763"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841668", "href": "http://plugins.openvas.org/nasl.php?oid=841668", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2072_1.nasl 7957 2017-12-01 06:40:08Z santu $\n#\n# Ubuntu Update for linux-ti-omap4 USN-2072-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(841668);\n script_version(\"$Revision: 7957 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:40:08 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-06 15:54:41 +0530 (Mon, 06 Jan 2014)\");\n script_cve_id(\"CVE-2013-2930\", \"CVE-2013-4345\", \"CVE-2013-4511\", \"CVE-2013-4513\",\n \"CVE-2013-4514\", \"CVE-2013-4515\", \"CVE-2013-6383\", \"CVE-2013-6763\",\n \"CVE-2013-7027\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-2072-1\");\n\n tag_insight = \"Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event\nsubsystem that allows normal users to enable function tracing. An\nunprivileged local user could exploit this flaw to obtain potentially\nsensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random\nnumber generator. This flaw makes it easier for a local attacker to break\ncryptographic protections. (CVE-2013-4345)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame-\nbuffer drivers in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo\nDevices USB over WiFi devices. A local user could exploit this flaw to\ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the\nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of\nservice or possibly gain administrative priviliges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Beceem WIMAX chipset based devices. An unprivileged local user\ncould exploit this flaw to obtain sensitive information from kernel memory.\n(CVE-2013-4515)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec\nAACRAID scsi raid devices. An unprivileged local user could send\nadministrative commands to these devices potentially compromising the data\nstored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver.\nA local user could exploit this flaw to cause a denial of service (memory\ncorruption) or possibly gain privileges. (CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header\nparsing. A remote attacker could cause a denial of service (buffer over-\nread) via a specially crafted header. (CVE-2013-7027)\";\n\n tag_affected = \"linux-ti-omap4 on Ubuntu 12.10\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"USN\", value: \"2072-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-2072-1/\");\n script_summary(\"Check for the Version of linux-ti-omap4\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-237-omap4\", ver:\"3.5.0-237.53\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-01-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-lts-raring USN-2069-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7027", "CVE-2013-4513", "CVE-2013-6383", "CVE-2013-4515", "CVE-2013-4511", "CVE-2013-4516", "CVE-2013-4514", "CVE-2013-6763", "CVE-2013-4470"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841673", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841673", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2069_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-lts-raring USN-2069-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841673\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-06 16:00:47 +0530 (Mon, 06 Jan 2014)\");\n script_cve_id(\"CVE-2013-4470\", \"CVE-2013-4511\", \"CVE-2013-4513\", \"CVE-2013-4514\",\n \"CVE-2013-4515\", \"CVE-2013-4516\", \"CVE-2013-6383\", \"CVE-2013-6763\",\n \"CVE-2013-7027\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-lts-raring USN-2069-1\");\n\n script_tag(name:\"affected\", value:\"linux-lts-raring on Ubuntu 12.04 LTS\");\n script_tag(name:\"insight\", value:\"Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP\nFragmentation Offload (UFO). An unprivileged local user could exploit this\nflaw to cause a denial of service (system crash) or possibly gain\nadministrative privileges. (CVE-2013-4470)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame-\nbuffer drivers in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo\nDevices USB over WiFi devices. A local user could exploit this flaw to\ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the\nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of\nservice or possibly gain administrative privileges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Beceem WIMAX chipset based devices. An unprivileged local user\ncould exploit this flaw to obtain sensitive information from kernel memory.\n(CVE-2013-4515)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for the SystemBase Multi-2/PCI serial card. An unprivileged user\ncould obtain sensitive information from kernel memory. (CVE-2013-4516)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec\nAACRAID scsi raid devices. An unprivileged local user could send\nadministrative commands to these devices potentially compromising the data\nstored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver.\nA local user could exploit this flaw to cause a denial of service (memory\ncorruption) or possibly gain privileges. (CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header\nparsing. A remote attacker could cause a denial of service (buffer over-\nread) via a specially crafted header. (CVE-2013-7027)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2069-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2069-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-raring'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.8.0-35-generic\", ver:\"3.8.0-35.50~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:16:21", "description": "Check for the Version of linux", "cvss3": {}, "published": "2014-01-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-2073-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7027", "CVE-2013-4513", "CVE-2013-6383", "CVE-2013-4515", "CVE-2013-4511", "CVE-2013-4516", "CVE-2013-4514", "CVE-2013-6763", "CVE-2013-4470"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841680", "href": "http://plugins.openvas.org/nasl.php?oid=841680", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2073_1.nasl 7957 2017-12-01 06:40:08Z santu $\n#\n# Ubuntu Update for linux USN-2073-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(841680);\n script_version(\"$Revision: 7957 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:40:08 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-06 16:07:10 +0530 (Mon, 06 Jan 2014)\");\n script_cve_id(\"CVE-2013-4470\", \"CVE-2013-4511\", \"CVE-2013-4513\", \"CVE-2013-4514\",\n \"CVE-2013-4515\", \"CVE-2013-4516\", \"CVE-2013-6383\", \"CVE-2013-6763\",\n \"CVE-2013-7027\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux USN-2073-1\");\n\n tag_insight = \"Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP\nFragmentation Offload (UFO). An unprivileged local user could exploit this\nflaw to cause a denial of service (system crash) or possibly gain\nadministrative privileges. (CVE-2013-4470)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame-\nbuffer drivers in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo\nDevices USB over WiFi devices. A local user could exploit this flaw to\ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the\nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of\nservice or possibly gain administrative priviliges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Beceem WIMAX chipset based devices. An unprivileged local user\ncould exploit this flaw to obtain sensitive information from kernel memory.\n(CVE-2013-4515)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for the SystemBase Multi-2/PCI serial card. An unprivileged user\ncould obtain sensitive information from kernel memory. (CVE-2013-4516)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec\nAACRAID scsi raid devices. An unprivileged local user could send\nadministrative commands to these devices potentially compromising the data\nstored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver.\nA local user could exploit this flaw to cause a denial of service (memory\ncorruption) or possibly gain privileges. (CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header\nparsing. A remote attacker could cause a denial of service (buffer over-\nread) via a specially crafted header. (CVE-2013-7027)\";\n\n tag_affected = \"linux on Ubuntu 13.04\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"USN\", value: \"2073-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-2073-1/\");\n script_summary(\"Check for the Version of linux\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU13.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.8.0-35-generic\", ver:\"3.8.0-35.50\", rls:\"UBUNTU13.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:16:29", "description": "Check for the Version of linux", "cvss3": {}, "published": "2014-01-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-2071-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7027", "CVE-2013-4345", "CVE-2013-4513", "CVE-2013-6383", "CVE-2013-4515", "CVE-2013-4511", "CVE-2013-4514", "CVE-2013-2930", "CVE-2013-6763"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841669", "href": "http://plugins.openvas.org/nasl.php?oid=841669", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2071_1.nasl 7957 2017-12-01 06:40:08Z santu $\n#\n# Ubuntu Update for linux USN-2071-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(841669);\n script_version(\"$Revision: 7957 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:40:08 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-06 15:55:21 +0530 (Mon, 06 Jan 2014)\");\n script_cve_id(\"CVE-2013-2930\", \"CVE-2013-4345\", \"CVE-2013-4511\", \"CVE-2013-4513\",\n \"CVE-2013-4514\", \"CVE-2013-4515\", \"CVE-2013-6383\", \"CVE-2013-6763\",\n \"CVE-2013-7027\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux USN-2071-1\");\n\n tag_insight = \"Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event\nsubsystem that allows normal users to enable function tracing. An\nunprivileged local user could exploit this flaw to obtain potentially\nsensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random\nnumber generator. This flaw makes it easier for a local attacker to break\ncryptographic protections. (CVE-2013-4345)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame-\nbuffer drivers in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo\nDevices USB over WiFi devices. A local user could exploit this flaw to\ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the\nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of\nservice or possibly gain administrative priviliges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Beceem WIMAX chipset based devices. An unprivileged local user\ncould exploit this flaw to obtain sensitive information from kernel memory.\n(CVE-2013-4515)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec\nAACRAID scsi raid devices. An unprivileged local user could send\nadministrative commands to these devices potentially compromising the data\nstored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver.\nA local user could exploit this flaw to cause a denial of service (memory\ncorruption) or possibly gain privileges. (CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header\nparsing. A remote attacker could cause a denial of service (buffer over-\nread) via a specially crafted header. (CVE-2013-7027)\";\n\n tag_affected = \"linux on Ubuntu 12.10\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"USN\", value: \"2071-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-2071-1/\");\n script_summary(\"Check for the Version of linux\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-45-generic\", ver:\"3.5.0-45.68\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-45-highbank\", ver:\"3.5.0-45.68\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-45-omap\", ver:\"3.5.0-45.68\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-45-powerpc-smp\", ver:\"3.5.0-45.68\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-45-powerpc64-smp\", ver:\"3.5.0-45.68\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:47", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-01-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-2074-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7027", "CVE-2013-4345", "CVE-2013-4513", "CVE-2013-6383", "CVE-2013-4515", "CVE-2013-4511", "CVE-2013-4514", "CVE-2013-2930", "CVE-2013-6763"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841672", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841672", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2074_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-ti-omap4 USN-2074-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841672\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-06 15:59:05 +0530 (Mon, 06 Jan 2014)\");\n script_cve_id(\"CVE-2013-2930\", \"CVE-2013-4345\", \"CVE-2013-4511\", \"CVE-2013-4513\",\n \"CVE-2013-4514\", \"CVE-2013-4515\", \"CVE-2013-6383\", \"CVE-2013-6763\",\n \"CVE-2013-7027\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-2074-1\");\n\n script_tag(name:\"affected\", value:\"linux-ti-omap4 on Ubuntu 13.04\");\n script_tag(name:\"insight\", value:\"Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event\nsubsystem that allows normal users to enable function tracing. An\nunprivileged local user could exploit this flaw to obtain potentially\nsensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random\nnumber generator. This flaw makes it easier for a local attacker to break\ncryptographic protections. (CVE-2013-4345)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame-\nbuffer drivers in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo\nDevices USB over WiFi devices. A local user could exploit this flaw to\ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the\nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of\nservice or possibly gain administrative privileges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Beceem WIMAX chipset based devices. An unprivileged local user\ncould exploit this flaw to obtain sensitive information from kernel memory.\n(CVE-2013-4515)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec\nAACRAID scsi raid devices. An unprivileged local user could send\nadministrative commands to these devices potentially compromising the data\nstored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver.\nA local user could exploit this flaw to cause a denial of service (memory\ncorruption) or possibly gain privileges. (CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header\nparsing. A remote attacker could cause a denial of service (buffer over-\nread) via a specially crafted header. (CVE-2013-7027)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2074-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2074-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-ti-omap4'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU13\\.04\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU13.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-237-omap4\", ver:\"3.5.0-237.53\", rls:\"UBUNTU13.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:16:56", "description": "Check for the Version of linux-lts-saucy", "cvss3": {}, "published": "2014-01-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-lts-saucy USN-2070-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4345", "CVE-2013-4513", "CVE-2013-6383", "CVE-2013-6378", "CVE-2013-4515", "CVE-2013-2929", "CVE-2013-4511", "CVE-2013-4516", "CVE-2013-4514", "CVE-2013-2930", "CVE-2013-6380", "CVE-2013-6763", "CVE-2013-4348", "CVE-2013-7026"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841679", "href": "http://plugins.openvas.org/nasl.php?oid=841679", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2070_1.nasl 7957 2017-12-01 06:40:08Z santu $\n#\n# Ubuntu Update for linux-lts-saucy USN-2070-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(841679);\n script_version(\"$Revision: 7957 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:40:08 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-06 16:06:10 +0530 (Mon, 06 Jan 2014)\");\n script_cve_id(\"CVE-2013-2929\", \"CVE-2013-2930\", \"CVE-2013-4345\", \"CVE-2013-4348\",\n \"CVE-2013-4511\", \"CVE-2013-4513\", \"CVE-2013-4514\", \"CVE-2013-4515\",\n \"CVE-2013-4516\", \"CVE-2013-6378\", \"CVE-2013-6380\", \"CVE-2013-6383\",\n \"CVE-2013-6763\", \"CVE-2013-7026\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_name(\"Ubuntu Update for linux-lts-saucy USN-2070-1\");\n\n tag_insight = \"Vasily Kulikov reported a flaw in the Linux kernel's implementation of\nptrace. An unprivileged local user could exploit this flaw to obtain\nsensitive information from kernel memory. (CVE-2013-2929)\n\nDave Jones and Vince Weaver reported a flaw in the Linux kernel's per event\nsubsystem that allows normal users to enable function tracing. An\nunprivileged local user could exploit this flaw to obtain potentially\nsensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random\nnumber generator. This flaw makes it easier for a local attacker to break\ncryptographic protections. (CVE-2013-4345)\n\nJason Wang discovered a bug in the network flow dissector in the Linux\nkernel. A remote attacker could exploit this flaw to cause a denial of\nservice (infinite loop). (CVE-2013-4348)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame-\nbuffer drivers in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo\nDevices USB over WiFi devices. A local user could exploit this flaw to\ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the\nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of\nservice or possibly gain administrative priviliges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Beceem WIMAX chipset based devices. An unprivileged local user\ncould exploit this flaw to obtain sensitive information from kernel memory.\n(CVE-2013-4515)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for the SystemBase Multi-2/PCI serial card. An unprivileged user\ncould obtain sensitive information from kernel memory. (CVE-2013-4516)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndebugfs filesystem. An administrative local user could exploit this flaw to\ncause a denial of service (OOPS). (CVE-2013-6378)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the driver for Adaptec\nAACRAID scsi raid devices in the Linux kernel. A local user could use this\nflaw to cause a denial of service or possibly other unspecified impact.\n(CVE-2013-6380)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec\nAACRAID scsi raid devices. An unprivileged local user could send\nadministrative commands to these devices potentia ... \n\n Description truncated, for more information please check the Reference URL\";\n\n tag_affected = \"linux-lts-saucy on Ubuntu 12.04 LTS\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"USN\", value: \"2070-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-2070-1/\");\n script_summary(\"Check for the Version of linux-lts-saucy\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.11.0-15-generic\", ver:\"3.11.0-15.23~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.11.0-15-generic-lpae\", ver:\"3.11.0-15.23~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-01-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-2075-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4345", "CVE-2013-4513", "CVE-2013-6383", "CVE-2013-6378", "CVE-2013-4515", "CVE-2013-2929", "CVE-2013-4511", "CVE-2013-4516", "CVE-2013-4514", "CVE-2013-2930", "CVE-2013-6380", "CVE-2013-6763", "CVE-2013-4348", "CVE-2013-7026"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841670", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841670", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2075_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux USN-2075-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841670\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-06 15:56:03 +0530 (Mon, 06 Jan 2014)\");\n script_cve_id(\"CVE-2013-2929\", \"CVE-2013-2930\", \"CVE-2013-4345\", \"CVE-2013-4348\",\n \"CVE-2013-4511\", \"CVE-2013-4513\", \"CVE-2013-4514\", \"CVE-2013-4515\",\n \"CVE-2013-4516\", \"CVE-2013-6378\", \"CVE-2013-6380\", \"CVE-2013-6383\",\n \"CVE-2013-6763\", \"CVE-2013-7026\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_name(\"Ubuntu Update for linux USN-2075-1\");\n\n script_tag(name:\"affected\", value:\"linux on Ubuntu 13.10\");\n script_tag(name:\"insight\", value:\"Vasily Kulikov reported a flaw in the Linux kernel's implementation of\nptrace. An unprivileged local user could exploit this flaw to obtain\nsensitive information from kernel memory. (CVE-2013-2929)\n\nDave Jones and Vince Weaver reported a flaw in the Linux kernel's per event\nsubsystem that allows normal users to enable function tracing. An\nunprivileged local user could exploit this flaw to obtain potentially\nsensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random\nnumber generator. This flaw makes it easier for a local attacker to break\ncryptographic protections. (CVE-2013-4345)\n\nJason Wang discovered a bug in the network flow dissector in the Linux\nkernel. A remote attacker could exploit this flaw to cause a denial of\nservice (infinite loop). (CVE-2013-4348)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame-\nbuffer drivers in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo\nDevices USB over WiFi devices. A local user could exploit this flaw to\ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the\nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of\nservice or possibly gain administrative privileges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Beceem WIMAX chipset based devices. An unprivileged local user\ncould exploit this flaw to obtain sensitive information from kernel memory.\n(CVE-2013-4515)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for the SystemBase Multi-2/PCI serial card. An unprivileged user\ncould obtain sensitive information from kernel memory. (CVE-2013-4516)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndebugfs filesystem. An administrative local user could exploit this flaw to\ncause a denial of service (OOPS). (CVE-2013-6378)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the driver for Adaptec\nAACRAID scsi raid devices in the Linux kernel. A local user could use this\nflaw to cause a denial of service or possibly other unspecified impact.\n(CVE-2013-6380)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec\nAACRAID scsi raid devices. An unprivileged local user could send\nadministrative commands to these devices potentially compromisi ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2075-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2075-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU13\\.10\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU13.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.11.0-15-generic\", ver:\"3.11.0-15.23\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.11.0-15-generic-lpae\", ver:\"3.11.0-15.23\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-12-04T11:17:24", "description": "Check for the Version of linux", "cvss3": {}, "published": "2014-01-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-2075-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4345", "CVE-2013-4513", "CVE-2013-6383", "CVE-2013-6378", "CVE-2013-4515", "CVE-2013-2929", "CVE-2013-4511", "CVE-2013-4516", "CVE-2013-4514", "CVE-2013-2930", "CVE-2013-6380", "CVE-2013-6763", "CVE-2013-4348", "CVE-2013-7026"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841670", "href": "http://plugins.openvas.org/nasl.php?oid=841670", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2075_1.nasl 7957 2017-12-01 06:40:08Z santu $\n#\n# Ubuntu Update for linux USN-2075-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(841670);\n script_version(\"$Revision: 7957 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:40:08 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-06 15:56:03 +0530 (Mon, 06 Jan 2014)\");\n script_cve_id(\"CVE-2013-2929\", \"CVE-2013-2930\", \"CVE-2013-4345\", \"CVE-2013-4348\",\n \"CVE-2013-4511\", \"CVE-2013-4513\", \"CVE-2013-4514\", \"CVE-2013-4515\",\n \"CVE-2013-4516\", \"CVE-2013-6378\", \"CVE-2013-6380\", \"CVE-2013-6383\",\n \"CVE-2013-6763\", \"CVE-2013-7026\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_name(\"Ubuntu Update for linux USN-2075-1\");\n\n tag_insight = \"Vasily Kulikov reported a flaw in the Linux kernel's implementation of\nptrace. An unprivileged local user could exploit this flaw to obtain\nsensitive information from kernel memory. (CVE-2013-2929)\n\nDave Jones and Vince Weaver reported a flaw in the Linux kernel's per event\nsubsystem that allows normal users to enable function tracing. An\nunprivileged local user could exploit this flaw to obtain potentially\nsensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random\nnumber generator. This flaw makes it easier for a local attacker to break\ncryptographic protections. (CVE-2013-4345)\n\nJason Wang discovered a bug in the network flow dissector in the Linux\nkernel. A remote attacker could exploit this flaw to cause a denial of\nservice (infinite loop). (CVE-2013-4348)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame-\nbuffer drivers in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo\nDevices USB over WiFi devices. A local user could exploit this flaw to\ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the\nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of\nservice or possibly gain administrative priviliges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Beceem WIMAX chipset based devices. An unprivileged local user\ncould exploit this flaw to obtain sensitive information from kernel memory.\n(CVE-2013-4515)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for the SystemBase Multi-2/PCI serial card. An unprivileged user\ncould obtain sensitive information from kernel memory. (CVE-2013-4516)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndebugfs filesystem. An administrative local user could exploit this flaw to\ncause a denial of service (OOPS). (CVE-2013-6378)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the driver for Adaptec\nAACRAID scsi raid devices in the Linux kernel. A local user could use this\nflaw to cause a denial of service or possibly other unspecified impact.\n(CVE-2013-6380)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec\nAACRAID scsi raid devices. An unprivileged local user could send\nadministrative commands to these devices potentially compromisi ... \n\n Description truncated, for more information please check the Reference URL\";\n\n tag_affected = \"linux on Ubuntu 13.10\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"USN\", value: \"2075-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-2075-1/\");\n script_summary(\"Check for the Version of linux\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU13.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.11.0-15-generic\", ver:\"3.11.0-15.23\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.11.0-15-generic-lpae\", ver:\"3.11.0-15.23\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-01-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-lts-saucy USN-2070-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4345", "CVE-2013-4513", "CVE-2013-6383", "CVE-2013-6378", "CVE-2013-4515", "CVE-2013-2929", "CVE-2013-4511", "CVE-2013-4516", "CVE-2013-4514", "CVE-2013-2930", "CVE-2013-6380", "CVE-2013-6763", "CVE-2013-4348", "CVE-2013-7026"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841679", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841679", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2070_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-lts-saucy USN-2070-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841679\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-06 16:06:10 +0530 (Mon, 06 Jan 2014)\");\n script_cve_id(\"CVE-2013-2929\", \"CVE-2013-2930\", \"CVE-2013-4345\", \"CVE-2013-4348\",\n \"CVE-2013-4511\", \"CVE-2013-4513\", \"CVE-2013-4514\", \"CVE-2013-4515\",\n \"CVE-2013-4516\", \"CVE-2013-6378\", \"CVE-2013-6380\", \"CVE-2013-6383\",\n \"CVE-2013-6763\", \"CVE-2013-7026\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_name(\"Ubuntu Update for linux-lts-saucy USN-2070-1\");\n\n script_tag(name:\"affected\", value:\"linux-lts-saucy on Ubuntu 12.04 LTS\");\n script_tag(name:\"insight\", value:\"Vasily Kulikov reported a flaw in the Linux kernel's implementation of\nptrace. An unprivileged local user could exploit this flaw to obtain\nsensitive information from kernel memory. (CVE-2013-2929)\n\nDave Jones and Vince Weaver reported a flaw in the Linux kernel's per event\nsubsystem that allows normal users to enable function tracing. An\nunprivileged local user could exploit this flaw to obtain potentially\nsensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random\nnumber generator. This flaw makes it easier for a local attacker to break\ncryptographic protections. (CVE-2013-4345)\n\nJason Wang discovered a bug in the network flow dissector in the Linux\nkernel. A remote attacker could exploit this flaw to cause a denial of\nservice (infinite loop). (CVE-2013-4348)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame-\nbuffer drivers in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo\nDevices USB over WiFi devices. A local user could exploit this flaw to\ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the\nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of\nservice or possibly gain administrative privileges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Beceem WIMAX chipset based devices. An unprivileged local user\ncould exploit this flaw to obtain sensitive information from kernel memory.\n(CVE-2013-4515)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for the SystemBase Multi-2/PCI serial card. An unprivileged user\ncould obtain sensitive information from kernel memory. (CVE-2013-4516)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndebugfs filesystem. An administrative local user could exploit this flaw to\ncause a denial of service (OOPS). (CVE-2013-6378)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the driver for Adaptec\nAACRAID scsi raid devices in the Linux kernel. A local user could use this\nflaw to cause a denial of service or possibly other unspecified impact.\n(CVE-2013-6380)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec\nAACRAID scsi raid devices. An unprivileged local user could send\nadministrative commands to these devices potentia ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2070-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2070-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-saucy'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.11.0-15-generic\", ver:\"3.11.0-15.23~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.11.0-15-generic-lpae\", ver:\"3.11.0-15.23~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-31T18:39:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-02-11T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for kernel (openSUSE-SU-2014:0204-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7027", "CVE-2014-0038", "CVE-2013-4513", "CVE-2013-6378", "CVE-2013-4515", "CVE-2013-6431", "CVE-2013-4511", "CVE-2013-1792", "CVE-2013-6368", "CVE-2013-6367", "CVE-2013-4514", "CVE-2013-6376", "CVE-2013-6380", "CVE-2013-0343", "CVE-2013-4587", "CVE-2013-4348"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850566", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850566", "sourceData": "# Copyright (C) 2014 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850566\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-02-11 10:39:05 +0530 (Tue, 11 Feb 2014)\");\n script_cve_id(\"CVE-2013-0343\", \"CVE-2013-1792\", \"CVE-2013-4348\", \"CVE-2013-4511\",\n \"CVE-2013-4513\", \"CVE-2013-4514\", \"CVE-2013-4515\", \"CVE-2013-4587\",\n \"CVE-2013-6367\", \"CVE-2013-6368\", \"CVE-2013-6376\", \"CVE-2013-6378\",\n \"CVE-2013-6380\", \"CVE-2013-6431\", \"CVE-2013-7027\", \"CVE-2014-0038\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"openSUSE: Security Advisory for kernel (openSUSE-SU-2014:0204-1)\");\n\n script_tag(name:\"affected\", value:\"kernel on openSUSE 12.3\");\n\n script_tag(name:\"insight\", value:\"The Linux kernel was updated to fix various bugs and\n security issues:\n\n - mm/page-writeback.c: do not count anon pages as dirtyable\n memory (reclaim stalls).\n\n - mm/page-writeback.c: fix dirty_balance_reserve\n subtraction from dirtyable memory (reclaim stalls).\n\n - compat_sys_recvmmsg X32 fix (bnc#860993 CVE-2014-0038).\n\n - hwmon: (coretemp) Fix truncated name of alarm attributes\n\n - net: fib: fib6_add: fix potential NULL pointer\n dereference (bnc#854173 CVE-2013-6431).\n\n - keys: fix race with concurrent install_user_keyrings()\n (bnc#808358)(CVE-2013-1792).\n\n - KVM: x86: Convert vapic synchronization to _cached\n functions (CVE-2013-6368) (bnc#853052 CVE-2013-6368).\n\n - wireless: radiotap: fix parsing buffer overrun\n (bnc#854634 CVE-2013-7027).\n\n - KVM: x86: fix guest-initiated crash with x2apic\n (CVE-2013-6376) (bnc#853053 CVE-2013-6376).\n\n - KVM: x86: Fix potential divide by 0 in lapic\n (CVE-2013-6367) (bnc#853051 CVE-2013-6367).\n\n - KVM: Improve create VCPU parameter (CVE-2013-4587)\n (bnc#853050 CVE-2013-4587).\n\n - staging: ozwpan: prevent overflow in oz_cdev_write()\n (bnc#849023 CVE-2013-4513).\n\n - perf/x86: Fix offcore_rsp valid mask for SNB/IVB\n (bnc#825006).\n\n - perf/x86: Add Intel IvyBridge event scheduling\n constraints (bnc#825006).\n\n - libertas: potential oops in debugfs (bnc#852559\n CVE-2013-6378).\n\n - aacraid: prevent invalid pointer dereference (bnc#852373\n CVE-2013-6380).\n\n - staging: wlags49_h2: buffer overflow setting station name\n (bnc#849029 CVE-2013-4514).\n\n - net: flow_dissector: fail on evil iph- ihl (bnc#848079\n CVE-2013-4348).\n\n - Staging: bcm: info leak in ioctl (bnc#849034\n CVE-2013-4515).\n\n - Refresh\n patches.fixes/net-rework-recvmsg-handler-msg_name-and-msg_na\n melen-logic.patch.\n\n - ipv6: remove max_addresses check from\n ipv6_create_tempaddr (bnc#805226, CVE-2013-0343).\n\n - net: rework recvmsg handler msg_name and msg_namelen\n logic (bnc#854722).\n\n - crypto: ansi_cprng - Fix off by one error in non-block\n size request (bnc#840226).\n\n - x6: Fix reserve_initrd so that acpi_initrd_override is\n reached (bnc#831836).\n\n - Refresh other Xen patches.\n\n - aacraid: missing capable() check in compat ioctl\n (bnc#852558).\n\n - patches.fixes/gpio-ich-fix-ichx_gpio_check_available-return.\n patch: Update upstream reference\n\n - perf/ftrace: Fix paranoid level for enabling function\n tracer (bnc#849362).\n\n - xhci: fix null pointer dereference on\n ring_doorbell_for_active_rings (bnc#848255).\n\n - xhci: Fix oops happening after address device timeout\n (bnc#848255).\n\n - xhci: Ensure a command structure points to the correct\n trb ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"openSUSE-SU\", value:\"2014:0204-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE12\\.3\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE12.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel-debuginfo\", rpm:\"kernel-default-devel-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop\", rpm:\"kernel-desktop~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop-base\", rpm:\"kernel-desktop-base~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop-base-debuginfo\", rpm:\"kernel-desktop-base-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop-debuginfo\", rpm:\"kernel-desktop-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop-debugsource\", rpm:\"kernel-desktop-debugsource~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop-devel\", rpm:\"kernel-desktop-devel~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop-devel-debuginfo\", rpm:\"kernel-desktop-devel-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2\", rpm:\"kernel-ec2~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-base\", rpm:\"kernel-ec2-base~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-base-debuginfo\", rpm:\"kernel-ec2-base-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-debuginfo\", rpm:\"kernel-ec2-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-debugsource\", rpm:\"kernel-ec2-debugsource~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-devel\", rpm:\"kernel-ec2-devel~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-devel-debuginfo\", rpm:\"kernel-ec2-devel-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-base-debuginfo\", rpm:\"kernel-trace-base-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-debuginfo\", rpm:\"kernel-trace-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-debugsource\", rpm:\"kernel-trace-debugsource~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-devel\", rpm:\"kernel-trace-devel~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-devel-debuginfo\", rpm:\"kernel-trace-devel-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel-debuginfo\", rpm:\"kernel-vanilla-devel-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-base-debuginfo\", rpm:\"kernel-xen-base-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-debugsource\", rpm:\"kernel-xen-debugsource~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-devel-debuginfo\", rpm:\"kernel-xen-devel-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~3.7.10~1.28.2\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-base-debuginfo\", rpm:\"kernel-pae-base-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-debuginfo\", rpm:\"kernel-pae-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-debugsource\", rpm:\"kernel-pae-debugsource~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-devel\", rpm:\"kernel-pae-devel~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-devel-debuginfo\", rpm:\"kernel-pae-devel-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-12T11:10:20", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2014-02-11T00:00:00", "type": "openvas", "title": "SuSE Update for kernel openSUSE-SU-2014:0204-1 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7027", "CVE-2014-0038", "CVE-2013-4513", "CVE-2013-6378", "CVE-2013-4515", "CVE-2013-6431", "CVE-2013-4511", "CVE-2013-1792", "CVE-2013-6368", "CVE-2013-6367", "CVE-2013-4514", "CVE-2013-6376", "CVE-2013-6380", "CVE-2013-0343", "CVE-2013-4587", "CVE-2013-4348"], "modified": "2017-12-08T00:00:00", "id": "OPENVAS:850566", "href": "http://plugins.openvas.org/nasl.php?oid=850566", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2014_0204_1.nasl 8044 2017-12-08 08:32:49Z santu $\n#\n# SuSE Update for kernel openSUSE-SU-2014:0204-1 (kernel)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(850566);\n script_version(\"$Revision: 8044 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 09:32:49 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-02-11 10:39:05 +0530 (Tue, 11 Feb 2014)\");\n script_cve_id(\"CVE-2013-0343\", \"CVE-2013-1792\", \"CVE-2013-4348\", \"CVE-2013-4511\",\n \"CVE-2013-4513\", \"CVE-2013-4514\", \"CVE-2013-4515\", \"CVE-2013-4587\",\n \"CVE-2013-6367\", \"CVE-2013-6368\", \"CVE-2013-6376\", \"CVE-2013-6378\",\n \"CVE-2013-6380\", \"CVE-2013-6431\", \"CVE-2013-7027\", \"CVE-2014-0038\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Update for kernel openSUSE-SU-2014:0204-1 (kernel)\");\n\n tag_insight = \"\n The Linux kernel was updated to fix various bugs and\n security issues:\n\n - mm/page-writeback.c: do not count anon pages as dirtyable\n memory (reclaim stalls).\n - mm/page-writeback.c: fix dirty_balance_reserve\n subtraction from dirtyable memory (reclaim stalls).\n\n - compat_sys_recvmmsg X32 fix (bnc#860993 CVE-2014-0038).\n\n - hwmon: (coretemp) Fix truncated name of alarm attributes\n\n - net: fib: fib6_add: fix potential NULL pointer\n dereference (bnc#854173 CVE-2013-6431).\n\n - keys: fix race with concurrent install_user_keyrings()\n (bnc#808358)(CVE-2013-1792).\n\n - KVM: x86: Convert vapic synchronization to _cached\n functions (CVE-2013-6368) (bnc#853052 CVE-2013-6368).\n\n - wireless: radiotap: fix parsing buffer overrun\n (bnc#854634 CVE-2013-7027).\n\n - KVM: x86: fix guest-initiated crash with x2apic\n (CVE-2013-6376) (bnc#853053 CVE-2013-6376).\n\n - KVM: x86: Fix potential divide by 0 in lapic\n (CVE-2013-6367) (bnc#853051 CVE-2013-6367).\n\n - KVM: Improve create VCPU parameter (CVE-2013-4587)\n (bnc#853050 CVE-2013-4587).\n\n - staging: ozwpan: prevent overflow in oz_cdev_write()\n (bnc#849023 CVE-2013-4513).\n\n - perf/x86: Fix offcore_rsp valid mask for SNB/IVB\n (bnc#825006).\n - perf/x86: Add Intel IvyBridge event scheduling\n constraints (bnc#825006).\n\n - libertas: potential oops in debugfs (bnc#852559\n CVE-2013-6378).\n\n - aacraid: prevent invalid pointer dereference (bnc#852373\n CVE-2013-6380).\n\n - staging: wlags49_h2: buffer overflow setting station name\n (bnc#849029 CVE-2013-4514).\n\n - net: flow_dissector: fail on evil iph- ihl (bnc#848079\n CVE-2013-4348).\n\n - Staging: bcm: info leak in ioctl (bnc#849034\n CVE-2013-4515).\n\n - Refresh\n patches.fixes/net-rework-recvmsg-handler-msg_name-and-msg_na\n melen-logic.patch.\n\n - ipv6: remove max_addresses check from\n ipv6_create_tempaddr (bnc#805226, CVE-2013-0343).\n\n - net: rework recvmsg handler msg_name and msg_namelen\n logic (bnc#854722).\n\n - crypto: ansi_cprng - Fix off by one error in non-block\n size request (bnc#840226).\n\n - x6: Fix reserve_initrd so that acpi_initrd_override is\n reached (bnc#831836).\n - Refresh other Xen patches.\n\n - aacraid: missing capable() check in compat ioctl\n (bnc#852558).\n\n -\n patches.fixes/gpio-ich-fix-ichx_gpio_check_available-return.\n patch: Update upstream reference\n\n - perf/ftrace: Fix paranoid level for enabling function\n tracer (bnc#849362).\n\n - xhci: fix null pointer dereference on\n ring_doorbell_for_active_rings (bnc#848255).\n - xhci: Fix oops happening after address device timeout\n (bnc#848255).\n - xhci: Ensure a command structure points to the correct\n trb ...\n\n Description truncated, for more information please check the Reference URL\";\n\n tag_affected = \"kernel on openSUSE 12.3\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"openSUSE-SU\", value: \"2014:0204_1\");\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE12.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-devel-debuginfo\", rpm:\"kernel-default-devel-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop\", rpm:\"kernel-desktop~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-base\", rpm:\"kernel-desktop-base~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-base-debuginfo\", rpm:\"kernel-desktop-base-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-debuginfo\", rpm:\"kernel-desktop-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-debugsource\", rpm:\"kernel-desktop-debugsource~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-devel\", rpm:\"kernel-desktop-devel~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-devel-debuginfo\", rpm:\"kernel-desktop-devel-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2\", rpm:\"kernel-ec2~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2-base\", rpm:\"kernel-ec2-base~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2-base-debuginfo\", rpm:\"kernel-ec2-base-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2-debuginfo\", rpm:\"kernel-ec2-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2-debugsource\", rpm:\"kernel-ec2-debugsource~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2-devel\", rpm:\"kernel-ec2-devel~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2-devel-debuginfo\", rpm:\"kernel-ec2-devel-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace-base-debuginfo\", rpm:\"kernel-trace-base-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace-debuginfo\", rpm:\"kernel-trace-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace-debugsource\", rpm:\"kernel-trace-debugsource~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace-devel\", rpm:\"kernel-trace-devel~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace-devel-debuginfo\", rpm:\"kernel-trace-devel-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-devel-debuginfo\", rpm:\"kernel-vanilla-devel-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-base-debuginfo\", rpm:\"kernel-xen-base-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-debugsource\", rpm:\"kernel-xen-debugsource~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel-debuginfo\", rpm:\"kernel-xen-devel-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~3.7.10~1.28.2\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-base-debuginfo\", rpm:\"kernel-pae-base-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-debuginfo\", rpm:\"kernel-pae-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-debugsource\", rpm:\"kernel-pae-debugsource~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-devel\", rpm:\"kernel-pae-devel~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-devel-debuginfo\", rpm:\"kernel-pae-devel-debuginfo~3.7.10~1.28.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-02-05T16:38:27", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1508)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-9794", "CVE-2013-4513", "CVE-2016-7917", "CVE-2014-1737", "CVE-2015-1420", "CVE-2014-4655", "CVE-2016-5343", "CVE-2015-5257", "CVE-2016-5243", "CVE-2017-1000364", "CVE-2015-7515", "CVE-2014-3631", "CVE-2017-6345", "CVE-2016-4578", "CVE-2015-8961", "CVE-2015-8575", "CVE-2013-4587", "CVE-2017-2618", "CVE-2014-9419", "CVE-2018-14616"], "modified": "2020-02-05T00:00:00", "id": "OPENVAS:1361412562311220191508", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191508", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1508\");\n script_version(\"2020-02-05T08:56:28+0000\");\n script_cve_id(\"CVE-2013-4513\", \"CVE-2013-4587\", \"CVE-2014-1737\", \"CVE-2014-3631\", \"CVE-2014-4655\", \"CVE-2014-9419\", \"CVE-2015-1420\", \"CVE-2015-5257\", \"CVE-2015-7515\", \"CVE-2015-8575\", \"CVE-2015-8961\", \"CVE-2016-4578\", \"CVE-2016-5243\", \"CVE-2016-5343\", \"CVE-2016-7917\", \"CVE-2016-9794\", \"CVE-2017-1000364\", \"CVE-2017-2618\", \"CVE-2017-6345\", \"CVE-2018-14616\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-05 08:56:28 +0000 (Wed, 05 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:59:54 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1508)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1508\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1508\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-1508 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write request, as demonstrated by a voice_svc_send_req buffer overflow.(CVE-2016-5343)\n\nA use-after-free flaw was found in the way the Linux kernel's Advanced Linux Sound Architecture (ALSA) implementation handled user controls. A local, privileged user could use this flaw to crash the system.(CVE-2014-4655)\n\nRace condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execution of this function.(CVE-2015-1420)\n\nA flaw was found in the way the Linux kernel's keys subsystem handled the termination condition in the associative array garbage collection functionality. A local, unprivileged user could use this flaw to crash the system.(CVE-2014-3631)\n\nA flaw was found in the ext4 subsystem. This vulnerability is a use after free vulnerability was found in __ext4_journal_stop(). Attackers could abuse this to allow any code which attempts to deal with the journal failure to be mishandled or not fail at all. This could lead to data corruption or crashes.(CVE-2015-8961)\n\nBuffer overflow in the oz_cdev_write function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted write operation.(CVE-2013-4513)\n\nThe nfnetlink_rcv_batch() function in 'net/netfilter/nfnetlink.c' in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (infinite loop or out-of-bounds read) by leveraging the CAP_NET_ADMIN capability.(CVE-2016-7917)\n\nArray index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value.(CVE-2013-4587)\n\nA leak of information was possible when issuing a netlink command of the stack memory area leading up to this function call. An attacker could use this to determine stack information for use in a later exploit.(CVE-2016-5243)\n\nAn issue was discovered in the Linux kernel in the ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-08-19T12:51:37", "description": "Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain administrative privileges. (CVE-2013-4470)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame- buffer drivers in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges.\n(CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo Devices USB over WiFi devices. A local user could exploit this flaw to cause a denial of service or possibly unspecified impact.\n(CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's driver for Agere Systems HERMES II Wireless PC Cards. A local user with the CAP_NET_ADMIN capability could exploit this flaw to cause a denial of service or possibly gain administrative priviliges.\n(CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's driver for Beceem WIMAX chipset based devices. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-4515)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's driver for the SystemBase Multi-2/PCI serial card. An unprivileged user could obtain sensitive information from kernel memory.\n(CVE-2013-4516)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver. A local user could exploit this flaw to cause a denial of service (memory corruption) or possibly gain privileges.\n(CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header parsing. A remote attacker could cause a denial of service (buffer over- read) via a specially crafted header. (CVE-2013-7027).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-01-05T00:00:00", "type": "nessus", "title": "Ubuntu 13.04 : linux vulnerabilities (USN-2073-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4470", "CVE-2013-4511", "CVE-2013-4513", "CVE-2013-4514", "CVE-2013-4515", "CVE-2013-4516", "CVE-2013-6383", "CVE-2013-6763", "CVE-2013-7027"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.8-generic", "cpe:/o:canonical:ubuntu_linux:13.04"], "id": "UBUNTU_USN-2073-1.NASL", "href": "https://www.tenable.com/plugins/nessus/71798", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2073-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(71798);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-4470\", \"CVE-2013-4511\", \"CVE-2013-4513\", \"CVE-2013-4514\", \"CVE-2013-4515\", \"CVE-2013-4516\", \"CVE-2013-6383\", \"CVE-2013-6763\", \"CVE-2013-7027\");\n script_bugtraq_id(63359, 63508, 63509, 63512, 63518, 63519, 63707, 63888, 64013);\n script_xref(name:\"USN\", value:\"2073-1\");\n\n script_name(english:\"Ubuntu 13.04 : linux vulnerabilities (USN-2073-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP\nFragmentation Offload (UFO). An unprivileged local user could exploit\nthis flaw to cause a denial of service (system crash) or possibly gain\nadministrative privileges. (CVE-2013-4470)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD\nframe- buffer drivers in the Linux kernel. An unprivileged local user\ncould exploit this flaw to gain administrative privileges.\n(CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo\nDevices USB over WiFi devices. A local user could exploit this flaw to\ncause a denial of service or possibly unspecified impact.\n(CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Agere Systems HERMES II Wireless PC Cards. A local user\nwith the CAP_NET_ADMIN capability could exploit this flaw to cause a\ndenial of service or possibly gain administrative priviliges.\n(CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Beceem WIMAX chipset based devices. An unprivileged local\nuser could exploit this flaw to obtain sensitive information from\nkernel memory. (CVE-2013-4515)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for the SystemBase Multi-2/PCI serial card. An unprivileged\nuser could obtain sensitive information from kernel memory.\n(CVE-2013-4516)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec\nAACRAID scsi raid devices. An unprivileged local user could send\nadministrative commands to these devices potentially compromising the\ndata stored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio)\ndriver. A local user could exploit this flaw to cause a denial of\nservice (memory corruption) or possibly gain privileges.\n(CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap\nheader parsing. A remote attacker could cause a denial of service\n(buffer over- read) via a specially crafted header. (CVE-2013-7027).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2073-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-3.8-generic package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.8-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:13.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/11/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(13\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 13.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-4470\", \"CVE-2013-4511\", \"CVE-2013-4513\", \"CVE-2013-4514\", \"CVE-2013-4515\", \"CVE-2013-4516\", \"CVE-2013-6383\", \"CVE-2013-6763\", \"CVE-2013-7027\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2073-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"13.04\", pkgname:\"linux-image-3.8.0-35-generic\", pkgver:\"3.8.0-35.50\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.8-generic\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:51:29", "description": "Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain administrative privileges. (CVE-2013-4470)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame- buffer drivers in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges.\n(CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo Devices USB over WiFi devices. A local user could exploit this flaw to cause a denial of service or possibly unspecified impact.\n(CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's driver for Agere Systems HERMES II Wireless PC Cards. A local user with the CAP_NET_ADMIN capability could exploit this flaw to cause a denial of service or possibly gain administrative priviliges.\n(CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's driver for Beceem WIMAX chipset based devices. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-4515)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's driver for the SystemBase Multi-2/PCI serial card. An unprivileged user could obtain sensitive information from kernel memory.\n(CVE-2013-4516)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver. A local user could exploit this flaw to cause a denial of service (memory corruption) or possibly gain privileges.\n(CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header parsing. A remote attacker could cause a denial of service (buffer over- read) via a specially crafted header. (CVE-2013-7027).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-01-05T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux-lts-raring vulnerabilities (USN-2069-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4470", "CVE-2013-4511", "CVE-2013-4513", "CVE-2013-4514", "CVE-2013-4515", "CVE-2013-4516", "CVE-2013-6383", "CVE-2013-6763", "CVE-2013-7027"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.8-generic", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2069-1.NASL", "href": "https://www.tenable.com/plugins/nessus/71795", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2069-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(71795);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-4470\", \"CVE-2013-4511\", \"CVE-2013-4513\", \"CVE-2013-4514\", \"CVE-2013-4515\", \"CVE-2013-4516\", \"CVE-2013-6383\", \"CVE-2013-6763\", \"CVE-2013-7027\");\n script_bugtraq_id(63359, 64013);\n script_xref(name:\"USN\", value:\"2069-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-raring vulnerabilities (USN-2069-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP\nFragmentation Offload (UFO). An unprivileged local user could exploit\nthis flaw to cause a denial of service (system crash) or possibly gain\nadministrative privileges. (CVE-2013-4470)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD\nframe- buffer drivers in the Linux kernel. An unprivileged local user\ncould exploit this flaw to gain administrative privileges.\n(CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo\nDevices USB over WiFi devices. A local user could exploit this flaw to\ncause a denial of service or possibly unspecified impact.\n(CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Agere Systems HERMES II Wireless PC Cards. A local user\nwith the CAP_NET_ADMIN capability could exploit this flaw to cause a\ndenial of service or possibly gain administrative priviliges.\n(CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Beceem WIMAX chipset based devices. An unprivileged local\nuser could exploit this flaw to obtain sensitive information from\nkernel memory. (CVE-2013-4515)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for the SystemBase Multi-2/PCI serial card. An unprivileged\nuser could obtain sensitive information from kernel memory.\n(CVE-2013-4516)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec\nAACRAID scsi raid devices. An unprivileged local user could send\nadministrative commands to these devices potentially compromising the\ndata stored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio)\ndriver. A local user could exploit this flaw to cause a denial of\nservice (memory corruption) or possibly gain privileges.\n(CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap\nheader parsing. A remote attacker could cause a denial of service\n(buffer over- read) via a specially crafted header. (CVE-2013-7027).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2069-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-3.8-generic package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.8-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/11/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-4470\", \"CVE-2013-4511\", \"CVE-2013-4513\", \"CVE-2013-4514\", \"CVE-2013-4515\", \"CVE-2013-4516\", \"CVE-2013-6383\", \"CVE-2013-6763\", \"CVE-2013-7027\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2069-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.8.0-35-generic\", pkgver:\"3.8.0-35.50~precise1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.8-generic\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:51:40", "description": "Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event subsystem that allows normal users to enable function tracing.\nAn unprivileged local user could exploit this flaw to obtain potentially sensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. (CVE-2013-4345)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame- buffer drivers in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges.\n(CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo Devices USB over WiFi devices. A local user could exploit this flaw to cause a denial of service or possibly unspecified impact.\n(CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's driver for Agere Systems HERMES II Wireless PC Cards. A local user with the CAP_NET_ADMIN capability could exploit this flaw to cause a denial of service or possibly gain administrative priviliges.\n(CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's driver for Beceem WIMAX chipset based devices. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-4515)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver. A local user could exploit this flaw to cause a denial of service (memory corruption) or possibly gain privileges.\n(CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header parsing. A remote attacker could cause a denial of service (buffer over- read) via a specially crafted header. (CVE-2013-7027).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-01-05T00:00:00", "type": "nessus", "title": "Ubuntu 12.10 : linux vulnerabilities (USN-2071-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2930", "CVE-2013-4345", "CVE-2013-4511", "CVE-2013-4513", "CVE-2013-4514", "CVE-2013-4515", "CVE-2013-6383", "CVE-2013-6763", "CVE-2013-7027"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-highbank", "cpe:/o:canonical:ubuntu_linux:12.10"], "id": "UBUNTU_USN-2071-1.NASL", "href": "https://www.tenable.com/plugins/nessus/71797", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2071-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(71797);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-2930\", \"CVE-2013-4345\", \"CVE-2013-4511\", \"CVE-2013-4513\", \"CVE-2013-4514\", \"CVE-2013-4515\", \"CVE-2013-6383\", \"CVE-2013-6763\", \"CVE-2013-7027\");\n script_bugtraq_id(62740, 63508, 63509, 63512, 63518, 63707, 63888, 64013, 64318);\n script_xref(name:\"USN\", value:\"2071-1\");\n\n script_name(english:\"Ubuntu 12.10 : linux vulnerabilities (USN-2071-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per\nevent subsystem that allows normal users to enable function tracing.\nAn unprivileged local user could exploit this flaw to obtain\npotentially sensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng\nrandom number generator. This flaw makes it easier for a local\nattacker to break cryptographic protections. (CVE-2013-4345)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD\nframe- buffer drivers in the Linux kernel. An unprivileged local user\ncould exploit this flaw to gain administrative privileges.\n(CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo\nDevices USB over WiFi devices. A local user could exploit this flaw to\ncause a denial of service or possibly unspecified impact.\n(CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Agere Systems HERMES II Wireless PC Cards. A local user\nwith the CAP_NET_ADMIN capability could exploit this flaw to cause a\ndenial of service or possibly gain administrative priviliges.\n(CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Beceem WIMAX chipset based devices. An unprivileged local\nuser could exploit this flaw to obtain sensitive information from\nkernel memory. (CVE-2013-4515)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec\nAACRAID scsi raid devices. An unprivileged local user could send\nadministrative commands to these devices potentially compromising the\ndata stored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio)\ndriver. A local user could exploit this flaw to cause a denial of\nservice (memory corruption) or possibly gain privileges.\n(CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap\nheader parsing. A remote attacker could cause a denial of service\n(buffer over- read) via a specially crafted header. (CVE-2013-7027).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2071-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.5-generic and / or\nlinux-image-3.5-highbank packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-highbank\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-2930\", \"CVE-2013-4345\", \"CVE-2013-4511\", \"CVE-2013-4513\", \"CVE-2013-4514\", \"CVE-2013-4515\", \"CVE-2013-6383\", \"CVE-2013-6763\", \"CVE-2013-7027\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2071-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.10\", pkgname:\"linux-image-3.5.0-45-generic\", pkgver:\"3.5.0-45.68\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"linux-image-3.5.0-45-highbank\", pkgver:\"3.5.0-45.68\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.5-generic / linux-image-3.5-highbank\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:51:25", "description": "Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event subsystem that allows normal users to enable function tracing.\nAn unprivileged local user could exploit this flaw to obtain potentially sensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. (CVE-2013-4345)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame- buffer drivers in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges.\n(CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo Devices USB over WiFi devices. A local user could exploit this flaw to cause a denial of service or possibly unspecified impact.\n(CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's driver for Agere Systems HERMES II Wireless PC Cards. A local user with the CAP_NET_ADMIN capability could exploit this flaw to cause a denial of service or possibly gain administrative priviliges.\n(CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's driver for Beceem WIMAX chipset based devices. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-4515)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver. A local user could exploit this flaw to cause a denial of service (memory corruption) or possibly gain privileges.\n(CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header parsing. A remote attacker could cause a denial of service (buffer over- read) via a specially crafted header. (CVE-2013-7027).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-01-05T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-2068-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2930", "CVE-2013-4345", "CVE-2013-4511", "CVE-2013-4513", "CVE-2013-4514", "CVE-2013-4515", "CVE-2013-6383", "CVE-2013-6763", "CVE-2013-7027"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2068-1.NASL", "href": "https://www.tenable.com/plugins/nessus/71794", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2068-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(71794);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-2930\", \"CVE-2013-4345\", \"CVE-2013-4511\", \"CVE-2013-4513\", \"CVE-2013-4514\", \"CVE-2013-4515\", \"CVE-2013-6383\", \"CVE-2013-6763\", \"CVE-2013-7027\");\n script_bugtraq_id(62740, 63508, 63509, 63512, 63518, 63707, 63888, 64013, 64318);\n script_xref(name:\"USN\", value:\"2068-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-2068-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per\nevent subsystem that allows normal users to enable function tracing.\nAn unprivileged local user could exploit this flaw to obtain\npotentially sensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng\nrandom number generator. This flaw makes it easier for a local\nattacker to break cryptographic protections. (CVE-2013-4345)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD\nframe- buffer drivers in the Linux kernel. An unprivileged local user\ncould exploit this flaw to gain administrative privileges.\n(CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo\nDevices USB over WiFi devices. A local user could exploit this flaw to\ncause a denial of service or possibly unspecified impact.\n(CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Agere Systems HERMES II Wireless PC Cards. A local user\nwith the CAP_NET_ADMIN capability could exploit this flaw to cause a\ndenial of service or possibly gain administrative priviliges.\n(CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Beceem WIMAX chipset based devices. An unprivileged local\nuser could exploit this flaw to obtain sensitive information from\nkernel memory. (CVE-2013-4515)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec\nAACRAID scsi raid devices. An unprivileged local user could send\nadministrative commands to these devices potentially compromising the\ndata stored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio)\ndriver. A local user could exploit this flaw to cause a denial of\nservice (memory corruption) or possibly gain privileges.\n(CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap\nheader parsing. A remote attacker could cause a denial of service\n(buffer over- read) via a specially crafted header. (CVE-2013-7027).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2068-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-3.5-generic package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-2930\", \"CVE-2013-4345\", \"CVE-2013-4511\", \"CVE-2013-4513\", \"CVE-2013-4514\", \"CVE-2013-4515\", \"CVE-2013-6383\", \"CVE-2013-6763\", \"CVE-2013-7027\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2068-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.5.0-45-generic\", pkgver:\"3.5.0-45.68~precise1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.5-generic\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:51:40", "description": "Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-2929)\n\nDave Jones and Vince Weaver reported a flaw in the Linux kernel's per event subsystem that allows normal users to enable function tracing.\nAn unprivileged local user could exploit this flaw to obtain potentially sensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. (CVE-2013-4345)\n\nJason Wang discovered a bug in the network flow dissector in the Linux kernel. A remote attacker could exploit this flaw to cause a denial of service (infinite loop). (CVE-2013-4348)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame- buffer drivers in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges.\n(CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo Devices USB over WiFi devices. A local user could exploit this flaw to cause a denial of service or possibly unspecified impact.\n(CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's driver for Agere Systems HERMES II Wireless PC Cards. A local user with the CAP_NET_ADMIN capability could exploit this flaw to cause a denial of service or possibly gain administrative priviliges.\n(CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's driver for Beceem WIMAX chipset based devices. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-4515)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's driver for the SystemBase Multi-2/PCI serial card. An unprivileged user could obtain sensitive information from kernel memory.\n(CVE-2013-4516)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's debugfs filesystem. An administrative local user could exploit this flaw to cause a denial of service (OOPS). (CVE-2013-6378)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the driver for Adaptec AACRAID scsi raid devices in the Linux kernel. A local user could use this flaw to cause a denial of service or possibly other unspecified impact. (CVE-2013-6380)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver. A local user could exploit this flaw to cause a denial of service (memory corruption) or possibly gain privileges.\n(CVE-2013-6763)\n\nA race condition flaw was discovered in the Linux kernel's ipc shared memory implimentation. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have unspecied other impacts. (CVE-2013-7026).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-01-05T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux-lts-saucy vulnerabilities (USN-2070-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2929", "CVE-2013-2930", "CVE-2013-4345", "CVE-2013-4348", "CVE-2013-4511", "CVE-2013-4513", "CVE-2013-4514", "CVE-2013-4515", "CVE-2013-4516", "CVE-2013-6378", "CVE-2013-6380", "CVE-2013-6383", "CVE-2013-6763", "CVE-2013-7026"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.11-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.11-generic-lpae", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2070-1.NASL", "href": "https://www.tenable.com/plugins/nessus/71796", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2070-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(71796);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-2929\", \"CVE-2013-2930\", \"CVE-2013-4345\", \"CVE-2013-4348\", \"CVE-2013-4511\", \"CVE-2013-4513\", \"CVE-2013-4514\", \"CVE-2013-4515\", \"CVE-2013-4516\", \"CVE-2013-6378\", \"CVE-2013-6380\", \"CVE-2013-6383\", \"CVE-2013-6763\", \"CVE-2013-7026\");\n script_bugtraq_id(62740, 63536, 63886, 63887, 64111, 64312, 64318);\n script_xref(name:\"USN\", value:\"2070-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-saucy vulnerabilities (USN-2070-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Vasily Kulikov reported a flaw in the Linux kernel's implementation of\nptrace. An unprivileged local user could exploit this flaw to obtain\nsensitive information from kernel memory. (CVE-2013-2929)\n\nDave Jones and Vince Weaver reported a flaw in the Linux kernel's per\nevent subsystem that allows normal users to enable function tracing.\nAn unprivileged local user could exploit this flaw to obtain\npotentially sensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng\nrandom number generator. This flaw makes it easier for a local\nattacker to break cryptographic protections. (CVE-2013-4345)\n\nJason Wang discovered a bug in the network flow dissector in the Linux\nkernel. A remote attacker could exploit this flaw to cause a denial of\nservice (infinite loop). (CVE-2013-4348)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD\nframe- buffer drivers in the Linux kernel. An unprivileged local user\ncould exploit this flaw to gain administrative privileges.\n(CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo\nDevices USB over WiFi devices. A local user could exploit this flaw to\ncause a denial of service or possibly unspecified impact.\n(CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Agere Systems HERMES II Wireless PC Cards. A local user\nwith the CAP_NET_ADMIN capability could exploit this flaw to cause a\ndenial of service or possibly gain administrative priviliges.\n(CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Beceem WIMAX chipset based devices. An unprivileged local\nuser could exploit this flaw to obtain sensitive information from\nkernel memory. (CVE-2013-4515)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for the SystemBase Multi-2/PCI serial card. An unprivileged\nuser could obtain sensitive information from kernel memory.\n(CVE-2013-4516)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndebugfs filesystem. An administrative local user could exploit this\nflaw to cause a denial of service (OOPS). (CVE-2013-6378)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the driver for\nAdaptec AACRAID scsi raid devices in the Linux kernel. A local user\ncould use this flaw to cause a denial of service or possibly other\nunspecified impact. (CVE-2013-6380)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec\nAACRAID scsi raid devices. An unprivileged local user could send\nadministrative commands to these devices potentially compromising the\ndata stored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio)\ndriver. A local user could exploit this flaw to cause a denial of\nservice (memory corruption) or possibly gain privileges.\n(CVE-2013-6763)\n\nA race condition flaw was discovered in the Linux kernel's ipc shared\nmemory implimentation. A local user could exploit this flaw to cause a\ndenial of service (system crash) or possibly have unspecied other\nimpacts. (CVE-2013-7026).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2070-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.11-generic and / or\nlinux-image-3.11-generic-lpae packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.11-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.11-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-2929\", \"CVE-2013-2930\", \"CVE-2013-4345\", \"CVE-2013-4348\", \"CVE-2013-4511\", \"CVE-2013-4513\", \"CVE-2013-4514\", \"CVE-2013-4515\", \"CVE-2013-4516\", \"CVE-2013-6378\", \"CVE-2013-6380\", \"CVE-2013-6383\", \"CVE-2013-6763\", \"CVE-2013-7026\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2070-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.11.0-15-generic\", pkgver:\"3.11.0-15.23~precise1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.11.0-15-generic-lpae\", pkgver:\"3.11.0-15.23~precise1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.11-generic / linux-image-3.11-generic-lpae\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:51:25", "description": "Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-2929)\n\nDave Jones and Vince Weaver reported a flaw in the Linux kernel's per event subsystem that allows normal users to enable function tracing.\nAn unprivileged local user could exploit this flaw to obtain potentially sensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. (CVE-2013-4345)\n\nJason Wang discovered a bug in the network flow dissector in the Linux kernel. A remote attacker could exploit this flaw to cause a denial of service (infinite loop). (CVE-2013-4348)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame- buffer drivers in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges.\n(CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo Devices USB over WiFi devices. A local user could exploit this flaw to cause a denial of service or possibly unspecified impact.\n(CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's driver for Agere Systems HERMES II Wireless PC Cards. A local user with the CAP_NET_ADMIN capability could exploit this flaw to cause a denial of service or possibly gain administrative priviliges.\n(CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's driver for Beceem WIMAX chipset based devices. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-4515)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's driver for the SystemBase Multi-2/PCI serial card. An unprivileged user could obtain sensitive information from kernel memory.\n(CVE-2013-4516)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's debugfs filesystem. An administrative local user could exploit this flaw to cause a denial of service (OOPS). (CVE-2013-6378)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the driver for Adaptec AACRAID scsi raid devices in the Linux kernel. A local user could use this flaw to cause a denial of service or possibly other unspecified impact. (CVE-2013-6380)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver. A local user could exploit this flaw to cause a denial of service (memory corruption) or possibly gain privileges.\n(CVE-2013-6763)\n\nA race condition flaw was discovered in the Linux kernel's ipc shared memory implimentation. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have unspecied other impacts. (CVE-2013-7026).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-01-05T00:00:00", "type": "nessus", "title": "Ubuntu 13.10 : linux vulnerabilities (USN-2075-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2929", "CVE-2013-2930", "CVE-2013-4345", "CVE-2013-4348", "CVE-2013-4511", "CVE-2013-4513", "CVE-2013-4514", "CVE-2013-4515", "CVE-2013-4516", "CVE-2013-6378", "CVE-2013-6380", "CVE-2013-6383", "CVE-2013-6763", "CVE-2013-7026"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.11-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.11-generic-lpae", "cpe:/o:canonical:ubuntu_linux:13.10"], "id": "UBUNTU_USN-2075-1.NASL", "href": "https://www.tenable.com/plugins/nessus/71799", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2075-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(71799);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-2929\", \"CVE-2013-2930\", \"CVE-2013-4345\", \"CVE-2013-4348\", \"CVE-2013-4511\", \"CVE-2013-4513\", \"CVE-2013-4514\", \"CVE-2013-4515\", \"CVE-2013-4516\", \"CVE-2013-6378\", \"CVE-2013-6380\", \"CVE-2013-6383\", \"CVE-2013-6763\", \"CVE-2013-7026\");\n script_bugtraq_id(62740, 63536, 63886, 63887, 64111, 64312, 64318);\n script_xref(name:\"USN\", value:\"2075-1\");\n\n script_name(english:\"Ubuntu 13.10 : linux vulnerabilities (USN-2075-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Vasily Kulikov reported a flaw in the Linux kernel's implementation of\nptrace. An unprivileged local user could exploit this flaw to obtain\nsensitive information from kernel memory. (CVE-2013-2929)\n\nDave Jones and Vince Weaver reported a flaw in the Linux kernel's per\nevent subsystem that allows normal users to enable function tracing.\nAn unprivileged local user could exploit this flaw to obtain\npotentially sensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng\nrandom number generator. This flaw makes it easier for a local\nattacker to break cryptographic protections. (CVE-2013-4345)\n\nJason Wang discovered a bug in the network flow dissector in the Linux\nkernel. A remote attacker could exploit this flaw to cause a denial of\nservice (infinite loop). (CVE-2013-4348)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD\nframe- buffer drivers in the Linux kernel. An unprivileged local user\ncould exploit this flaw to gain administrative privileges.\n(CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo\nDevices USB over WiFi devices. A local user could exploit this flaw to\ncause a denial of service or possibly unspecified impact.\n(CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Agere Systems HERMES II Wireless PC Cards. A local user\nwith the CAP_NET_ADMIN capability could exploit this flaw to cause a\ndenial of service or possibly gain administrative priviliges.\n(CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for Beceem WIMAX chipset based devices. An unprivileged local\nuser could exploit this flaw to obtain sensitive information from\nkernel memory. (CVE-2013-4515)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndriver for the SystemBase Multi-2/PCI serial card. An unprivileged\nuser could obtain sensitive information from kernel memory.\n(CVE-2013-4516)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's\ndebugfs filesystem. An administrative local user could exploit this\nflaw to cause a denial of service (OOPS). (CVE-2013-6378)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the driver for\nAdaptec AACRAID scsi raid devices in the Linux kernel. A local user\ncould use this flaw to cause a denial of service or possibly other\nunspecified impact. (CVE-2013-6380)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec\nAACRAID scsi raid devices. An unprivileged local user could send\nadministrative commands to these devices potentially compromising the\ndata stored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio)\ndriver. A local user could exploit this flaw to cause a denial of\nservice (memory corruption) or possibly gain privileges.\n(CVE-2013-6763)\n\nA race condition flaw was discovered in the Linux kernel's ipc shared\nmemory implimentation. A local user could exploit this flaw to cause a\ndenial of service (system crash) or possibly have unspecied other\nimpacts. (CVE-2013-7026).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2075-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.11-generic and / or\nlinux-image-3.11-generic-lpae packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.11-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.11-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:13.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(13\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 13.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-2929\", \"CVE-2013-2930\", \"CVE-2013-4345\", \"CVE-2013-4348\", \"CVE-2013-4511\", \"CVE-2013-4513\", \"CVE-2013-4514\", \"CVE-2013-4515\", \"CVE-2013-4516\", \"CVE-2013-6378\", \"CVE-2013-6380\", \"CVE-2013-6383\", \"CVE-2013-6763\", \"CVE-2013-7026\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2075-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"13.10\", pkgname:\"linux-image-3.11.0-15-generic\", pkgver:\"3.11.0-15.23\")) flag++;\nif (ubuntu_check(osver:\"13.10\", pkgname:\"linux-image-3.11.0-15-generic-lpae\", pkgver:\"3.11.0-15.23\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.11-generic / linux-image-3.11-generic-lpae\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:49:43", "description": "The Linux kernel was updated to fix various bugs and security issues :\n\n - mm/page-writeback.c: do not count anon pages as dirtyable memory (reclaim stalls).\n\n - mm/page-writeback.c: fix dirty_balance_reserve subtraction from dirtyable memory (reclaim stalls).\n\n - compat_sys_recvmmsg X32 fix (bnc#860993 CVE-2014-0038).\n\n - hwmon: (coretemp) Fix truncated name of alarm attributes\n\n - net: fib: fib6_add: fix potential NULL pointer dereference (bnc#854173 CVE-2013-6431).\n\n - keys: fix race with concurrent install_user_keyrings() (bnc#808358)(CVE-2013-1792).\n\n - KVM: x86: Convert vapic synchronization to _cached functions (CVE-2013-6368) (bnc#853052 CVE-2013-6368).\n\n - wireless: radiotap: fix parsing buffer overrun (bnc#854634 CVE-2013-7027).\n\n - KVM: x86: fix guest-initiated crash with x2apic (CVE-2013-6376) (bnc#853053 CVE-2013-6376).\n\n - KVM: x86: Fix potential divide by 0 in lapic (CVE-2013-6367) (bnc#853051 CVE-2013-6367).\n\n - KVM: Improve create VCPU parameter (CVE-2013-4587) (bnc#853050 CVE-2013-4587).\n\n - staging: ozwpan: prevent overflow in oz_cdev_write() (bnc#849023 CVE-2013-4513).\n\n - perf/x86: Fix offcore_rsp valid mask for SNB/IVB (bnc#825006).\n\n - perf/x86: Add Intel IvyBridge event scheduling constraints (bnc#825006).\n\n - libertas: potential oops in debugfs (bnc#852559 CVE-2013-6378).\n\n - aacraid: prevent invalid pointer dereference (bnc#852373 CVE-2013-6380).\n\n - staging: wlags49_h2: buffer overflow setting station name (bnc#849029 CVE-2013-4514).\n\n - net: flow_dissector: fail on evil iph->ihl (bnc#848079 CVE-2013-4348).\n\n - Staging: bcm: info leak in ioctl (bnc#849034 CVE-2013-4515).\n\n - Refresh patches.fixes/net-rework-recvmsg-handler-msg_name-and-ms g_namelen-logic.patch.\n\n - ipv6: remove max_addresses check from ipv6_create_tempaddr (bnc#805226, CVE-2013-0343).\n\n - net: rework recvmsg handler msg_name and msg_namelen logic (bnc#854722).\n\n - crypto: ansi_cprng - Fix off by one error in non-block size request (bnc#840226).\n\n - x6: Fix reserve_initrd so that acpi_initrd_override is reached (bnc#831836).\n\n - Refresh other Xen patches.\n\n - aacraid: missing capable() check in compat ioctl (bnc#852558).\n\n - patches.fixes/gpio-ich-fix-ichx_gpio_check_available-ret urn.patch: Update upstream reference\n\n - perf/ftrace: Fix paranoid level for enabling function tracer (bnc#849362).\n\n - xhci: fix NULL pointer dereference on ring_doorbell_for_active_rings (bnc#848255).\n\n - xhci: Fix oops happening after address device timeout (bnc#848255).\n\n - xhci: Ensure a command structure points to the correct trb on the command ring (bnc#848255).\n\n - patches.arch/iommu-vt-d-remove-stack-trace-from-broken-i rq-remapping-warning.patch: Update upstream reference.\n\n - Allow NFSv4 username mapping to work properly (bnc#838024).\n\n - Refresh btrfs attribute publishing patchset to match openSUSE-13.1 No user-visible changes, but uses kobj_sysfs_ops and better kobject lifetime management.\n\n - Fix a few incorrectly checked [io_]remap_pfn_range() calls (bnc#849021, CVE-2013-4511).\n\n - drm/radeon: don't set hpd, afmt interrupts when interrupts are disabled.\n\n - patches.fixes/cifs-fill-TRANS2_QUERY_FILE_INFO-ByteCount\n -fields.patch: Fix TRANS2_QUERY_FILE_INFO ByteCount fields (bnc#804950).\n\n - iommu: Remove stack trace from broken irq remapping warning (bnc#844513).\n\n - Disable patches related to bnc#840656 patches.suse/btrfs-cleanup-don-t-check-the-same-thing-tw ice patches.suse/btrfs-0220-fix-for-patch-cleanup-don-t-chec k-the-same-thi.patch\n\n - btrfs: use feature attribute names to print better error messages.\n\n - btrfs: add ability to change features via sysfs.\n\n - btrfs: add publishing of unknown features in sysfs.\n\n - btrfs: publish per-super features to sysfs.\n\n - btrfs: add per-super attributes to sysfs.\n\n - btrfs: export supported featured to sysfs.\n\n - kobject: introduce kobj_completion.\n\n - btrfs: add ioctls to query/change feature bits online.\n\n - btrfs: use btrfs_commit_transaction when setting fslabel.\n\n - x86/iommu/vt-d: Expand interrupt remapping quirk to cover x58 chipset (bnc#844513).\n\n - NFSv4: Fix issues in nfs4_discover_server_trunking (bnc#811746).\n\n - iommu/vt-d: add quirk for broken interrupt remapping on 55XX chipsets (bnc#844513).", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : kernel (openSUSE-SU-2014:0204-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0343", "CVE-2013-1792", "CVE-2013-4348", "CVE-2013-4511", "CVE-2013-4513", "CVE-2013-4514", "CVE-2013-4515", "CVE-2013-4587", "CVE-2013-6367", "CVE-2013-6368", "CVE-2013-6376", "CVE-2013-6378", "CVE-2013-6380", "CVE-2013-6431", "CVE-2013-7027", "CVE-2014-0038"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-desktop", "p-cpe:/a:novell:opensuse:kernel-desktop-base", "p-cpe:/a:novell:opensuse:kernel-desktop-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-desktop-debuginfo", "p-cpe:/a:novell:opensuse:kernel-desktop-debugsource", "p-cpe:/a:novell:opensuse:kernel-desktop-devel", "p-cpe:/a:novell:opensuse:kernel-desktop-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-ec2", "p-cpe:/a:novell:opensuse:kernel-ec2-base", "p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo", "p-cpe:/a:novell:opensuse:kernel-ec2-debugsource", "p-cpe:/a:novell:opensuse:kernel-ec2-devel", "p-cpe:/a:novell:opensuse:kernel-ec2-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-pae-base", "p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pae-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pae-debugsource", "p-cpe:/a:novell:opensuse:kernel-pae-devel", "p-cpe:/a:novell:opensuse:kernel-pae-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-trace", "p-cpe:/a:novell:opensuse:kernel-trace-base", "p-cpe:/a:novell:opensuse:kernel-trace-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-trace-debuginfo", "p-cpe:/a:novell:opensuse:kernel-trace-debugsource", "p-cpe:/a:novell:opensuse:kernel-trace-devel", "p-cpe:/a:novell:opensuse:kernel-trace-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-xen-base", "p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-xen-debuginfo", "p-cpe:/a:novell:opensuse:kernel-xen-debugsource", "p-cpe:/a:novell:opensuse:kernel-xen-devel", "p-cpe:/a:novell:opensuse:kernel-xen-devel-debuginfo", "cpe:/o:novell:opensuse:12.3"], "id": "OPENSUSE-2014-113.NASL", "href": "https://www.tenable.com/plugins/nessus/75251", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-113.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75251);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-0343\", \"CVE-2013-1792\", \"CVE-2013-4348\", \"CVE-2013-4511\", \"CVE-2013-4513\", \"CVE-2013-4514\", \"CVE-2013-4515\", \"CVE-2013-4587\", \"CVE-2013-6367\", \"CVE-2013-6368\", \"CVE-2013-6376\", \"CVE-2013-6378\", \"CVE-2013-6380\", \"CVE-2013-6431\", \"CVE-2013-7027\", \"CVE-2014-0038\");\n\n script_name(english:\"openSUSE Security Update : kernel (openSUSE-SU-2014:0204-1)\");\n script_summary(english:\"Check for the openSUSE-2014-113 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Linux kernel was updated to fix various bugs and security issues :\n\n - mm/page-writeback.c: do not count anon pages as\n dirtyable memory (reclaim stalls).\n\n - mm/page-writeback.c: fix dirty_balance_reserve\n subtraction from dirtyable memory (reclaim stalls).\n\n - compat_sys_recvmmsg X32 fix (bnc#860993 CVE-2014-0038).\n\n - hwmon: (coretemp) Fix truncated name of alarm attributes\n\n - net: fib: fib6_add: fix potential NULL pointer\n dereference (bnc#854173 CVE-2013-6431).\n\n - keys: fix race with concurrent install_user_keyrings()\n (bnc#808358)(CVE-2013-1792).\n\n - KVM: x86: Convert vapic synchronization to _cached\n functions (CVE-2013-6368) (bnc#853052 CVE-2013-6368).\n\n - wireless: radiotap: fix parsing buffer overrun\n (bnc#854634 CVE-2013-7027).\n\n - KVM: x86: fix guest-initiated crash with x2apic\n (CVE-2013-6376) (bnc#853053 CVE-2013-6376).\n\n - KVM: x86: Fix potential divide by 0 in lapic\n (CVE-2013-6367) (bnc#853051 CVE-2013-6367).\n\n - KVM: Improve create VCPU parameter (CVE-2013-4587)\n (bnc#853050 CVE-2013-4587).\n\n - staging: ozwpan: prevent overflow in oz_cdev_write()\n (bnc#849023 CVE-2013-4513).\n\n - perf/x86: Fix offcore_rsp valid mask for SNB/IVB\n (bnc#825006).\n\n - perf/x86: Add Intel IvyBridge event scheduling\n constraints (bnc#825006).\n\n - libertas: potential oops in debugfs (bnc#852559\n CVE-2013-6378).\n\n - aacraid: prevent invalid pointer dereference (bnc#852373\n CVE-2013-6380).\n\n - staging: wlags49_h2: buffer overflow setting station\n name (bnc#849029 CVE-2013-4514).\n\n - net: flow_dissector: fail on evil iph->ihl (bnc#848079\n CVE-2013-4348).\n\n - Staging: bcm: info leak in ioctl (bnc#849034\n CVE-2013-4515).\n\n - Refresh\n patches.fixes/net-rework-recvmsg-handler-msg_name-and-ms\n g_namelen-logic.patch.\n\n - ipv6: remove max_addresses check from\n ipv6_create_tempaddr (bnc#805226, CVE-2013-0343).\n\n - net: rework recvmsg handler msg_name and msg_namelen\n logic (bnc#854722).\n\n - crypto: ansi_cprng - Fix off by one error in non-block\n size request (bnc#840226).\n\n - x6: Fix reserve_initrd so that acpi_initrd_override is\n reached (bnc#831836).\n\n - Refresh other Xen patches.\n\n - aacraid: missing capable() check in compat ioctl\n (bnc#852558).\n\n -\n patches.fixes/gpio-ich-fix-ichx_gpio_check_available-ret\n urn.patch: Update upstream reference\n\n - perf/ftrace: Fix paranoid level for enabling function\n tracer (bnc#849362).\n\n - xhci: fix NULL pointer dereference on\n ring_doorbell_for_active_rings (bnc#848255).\n\n - xhci: Fix oops happening after address device timeout\n (bnc#848255).\n\n - xhci: Ensure a command structure points to the correct\n trb on the command ring (bnc#848255).\n\n -\n patches.arch/iommu-vt-d-remove-stack-trace-from-broken-i\n rq-remapping-warning.patch: Update upstream reference.\n\n - Allow NFSv4 username mapping to work properly\n (bnc#838024).\n\n - Refresh btrfs attribute publishing patchset to match\n openSUSE-13.1 No user-visible changes, but uses\n kobj_sysfs_ops and better kobject lifetime management.\n\n - Fix a few incorrectly checked [io_]remap_pfn_range()\n calls (bnc#849021, CVE-2013-4511).\n\n - drm/radeon: don't set hpd, afmt interrupts when\n interrupts are disabled.\n\n -\n patches.fixes/cifs-fill-TRANS2_QUERY_FILE_INFO-ByteCount\n -fields.patch: Fix TRANS2_QUERY_FILE_INFO ByteCount\n fields (bnc#804950).\n\n - iommu: Remove stack trace from broken irq remapping\n warning (bnc#844513).\n\n - Disable patches related to bnc#840656\n patches.suse/btrfs-cleanup-don-t-check-the-same-thing-tw\n ice\n patches.suse/btrfs-0220-fix-for-patch-cleanup-don-t-chec\n k-the-same-thi.patch\n\n - btrfs: use feature attribute names to print better error\n messages.\n\n - btrfs: add ability to change features via sysfs.\n\n - btrfs: add publishing of unknown features in sysfs.\n\n - btrfs: publish per-super features to sysfs.\n\n - btrfs: add per-super attributes to sysfs.\n\n - btrfs: export supported featured to sysfs.\n\n - kobject: introduce kobj_completion.\n\n - btrfs: add ioctls to query/change feature bits online.\n\n - btrfs: use btrfs_commit_transaction when setting\n fslabel.\n\n - x86/iommu/vt-d: Expand interrupt remapping quirk to\n cover x58 chipset (bnc#844513).\n\n - NFSv4: Fix issues in nfs4_discover_server_trunking\n (bnc#811746).\n\n - iommu/vt-d: add quirk for broken interrupt remapping on\n 55XX chipsets (bnc#844513).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=804950\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=805226\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=808358\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=811746\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=825006\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=831836\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=838024\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=840226\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=840656\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=844513\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=848079\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=848255\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=849021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=849023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=849029\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=849034\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=849362\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=852373\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=852558\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=852559\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=853050\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=853051\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=853052\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=853053\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=854173\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=854634\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=854722\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=860993\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-02/msg00021.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Kernel recvmmsg Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/02/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"kernel-default-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"kernel-default-base-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"kernel-default-base-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"kernel-default-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"kernel-default-debugsource-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"kernel-default-devel-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"kernel-default-devel-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"kernel-devel-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"kernel-source-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"kernel-source-vanilla-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"kernel-syms-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-debug-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-debug-base-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-debug-base-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-debug-debugsource-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-debug-devel-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-debug-devel-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-desktop-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-desktop-base-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-desktop-base-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-desktop-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-desktop-debugsource-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-desktop-devel-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-desktop-devel-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-ec2-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-ec2-base-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-ec2-base-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-ec2-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-ec2-debugsource-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-ec2-devel-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-ec2-devel-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-pae-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-pae-base-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-pae-base-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-pae-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-pae-debugsource-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-pae-devel-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-pae-devel-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-trace-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-trace-base-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-trace-base-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-trace-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-trace-debugsource-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-trace-devel-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-trace-devel-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-vanilla-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-vanilla-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-vanilla-debugsource-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-vanilla-devel-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-vanilla-devel-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-xen-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-xen-base-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-xen-base-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-xen-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-xen-debugsource-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-xen-devel-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-xen-devel-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-debug-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-debug-base-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-debug-base-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-debug-debugsource-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-debug-devel-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-desktop-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-desktop-base-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-desktop-base-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-desktop-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-desktop-debugsource-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-desktop-devel-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-desktop-devel-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-ec2-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-ec2-base-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-ec2-base-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-ec2-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-ec2-debugsource-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-ec2-devel-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-ec2-devel-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-pae-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-pae-base-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-pae-base-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-pae-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-pae-debugsource-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-pae-devel-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-pae-devel-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-trace-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-trace-base-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-trace-base-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-trace-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-trace-debugsource-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-trace-devel-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-trace-devel-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-vanilla-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-vanilla-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-vanilla-debugsource-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-vanilla-devel-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-vanilla-devel-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-xen-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-xen-base-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.7.10-1.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-xen-devel-debuginfo-3.7.10-1.28.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:22:43", "description": "According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write request, as demonstrated by a voice_svc_send_req buffer overflow.(CVE-2016-5343i1/4%0\n\n - A use-after-free flaw was found in the way the Linux kernel's Advanced Linux Sound Architecture (ALSA) implementation handled user controls. A local, privileged user could use this flaw to crash the system.(CVE-2014-4655i1/4%0\n\n - Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execution of this function.(CVE-2015-1420i1/4%0\n\n - A flaw was found in the way the Linux kernel's keys subsystem handled the termination condition in the associative array garbage collection functionality. A local, unprivileged user could use this flaw to crash the system.(CVE-2014-3631i1/4%0\n\n - A flaw was found in the ext4 subsystem. This vulnerability is a use after free vulnerability was found in __ext4_journal_stop(). Attackers could abuse this to allow any code which attempts to deal with the journal failure to be mishandled or not fail at all.\n This could lead to data corruption or crashes.(CVE-2015-8961i1/4%0\n\n - Buffer overflow in the oz_cdev_write function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted write operation.(CVE-2013-4513i1/4%0\n\n - The nfnetlink_rcv_batch() function in 'net/netfilter/nfnetlink.c' in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (infinite loop or out-of-bounds read) by leveraging the CAP_NET_ADMIN capability.(CVE-2016-7917i1/4%0\n\n - Array index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value.(CVE-2013-4587i1/4%0\n\n - A leak of information was possible when issuing a netlink command of the stack memory area leading up to this function call. An attacker could use this to determine stack information for use in a later exploit.(CVE-2016-5243i1/4%0\n\n - An issue was discovered in the Linux kernel in the F2FS filesystem code. A NULL pointer dereference in fscrypt_do_page_crypto() in the fs/crypto/crypto.c function can occur when operating on a file on a corrupted f2fs image.(CVE-2018-14616i1/4%0\n\n - An out-of-bounds flaw was found in the kernel, where the sco_sock_bind() function (bluetooth/sco) did not check the length of its sockaddr parameter. As a result, more kernel memory was copied out than required, leaking information from the kernel stack (including kernel addresses). A local user could exploit this flaw to bypass kernel ASLR or leak other information.(CVE-2015-8575i1/4%0\n\n - A denial of service vulnerability was found in the WhiteHEAT USB Serial Driver (whiteheat_attach function in drivers/usb/serial/whiteheat.c). In the driver, the COMMAND_PORT variable was hard coded and set to 4 (5th element). The driver assumed that the number of ports would always be 5 and used port number 5 as the command port. However, when using a USB device in which the number of ports was set to a number less than 5 (for example, 3), the driver triggered a kernel NULL-pointer dereference. A non-privileged attacker could use this flaw to panic the host.(CVE-2015-5257i1/4%0\n\n - The LLC subsystem in the Linux kernel does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls.(CVE-2017-6345i1/4%0\n\n - A vulnerability was found in Linux kernel. There is an information leak in file sound/core/timer.c of the latest mainline Linux kernel. The stack object aEURoer1aEUR has a total size of 32 bytes. Its field aEURoeeventaEUR and aEURoevalaEUR both contain 4 bytes padding. These 8 bytes padding bytes are sent to user without being initialized.(CVE-2016-4578i1/4%0\n\n - An information leak flaw was found in the way the Linux kernel changed certain segment registers and thread-local storage (TLS) during a context switch. A local, unprivileged user could use this flaw to leak the user space TLS base address of an arbitrary process.(CVE-2014-9419i1/4%0\n\n - A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap (or different memory region) and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process stack or the adjacent memory region, and thus increase their privileges on the system. This is a kernel-side mitigation which increases the stack guard gap size from one page to 1 MiB to make successful exploitation of this issue more difficult.(CVE-2017-1000364i1/4%0\n\n - A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory.(CVE-2017-2618i1/4%0\n\n - A use-after-free vulnerability was found in ALSA pcm layer, which allows local users to cause a denial of service, memory corruption, or possibly other unspecified impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.(CVE-2016-9794i1/4%0\n\n - A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important)t was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low)Note: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system.(CVE-2014-1737i1/4%0\n\n - An out-of-bounds memory access flaw was found in the Linux kernel's aiptek USB tablet driver (aiptek_probe() function in drivers/input/tablet/aiptek.c). The driver assumed that the interface always had at least one endpoint. By using a specially crafted USB device with no endpoints on one of its interfaces, an unprivileged user with physical access to the system could trigger a kernel NULL pointer dereference, causing the system to panic.(CVE-2015-7515i1/4%0\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-05-21T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1508)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4513", "CVE-2013-4587", "CVE-2014-1737", "CVE-2014-3631", "CVE-2014-4655", "CVE-2014-9419", "CVE-2015-1420", "CVE-2015-5257", "CVE-2015-7515", "CVE-2015-8575", "CVE-2015-8961", "CVE-2016-4578", "CVE-2016-5243", "CVE-2016-5343", "CVE-2016-7917", "CVE-2016-9794", "CVE-2017-1000364", "CVE-2017-2618", "CVE-2017-6345", "CVE-2018-14616"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:kernel-tools-libs-devel", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "cpe:/o:huawei:euleros:uvp:3.0.1.0"], "id": "EULEROS_SA-2019-1508.NASL", "href": "https://www.tenable.com/plugins/nessus/125301", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125301);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2013-4513\",\n \"CVE-2013-4587\",\n \"CVE-2014-1737\",\n \"CVE-2014-3631\",\n \"CVE-2014-4655\",\n \"CVE-2014-9419\",\n \"CVE-2015-1420\",\n \"CVE-2015-5257\",\n \"CVE-2015-7515\",\n \"CVE-2015-8575\",\n \"CVE-2015-8961\",\n \"CVE-2016-4578\",\n \"CVE-2016-5243\",\n \"CVE-2016-5343\",\n \"CVE-2016-7917\",\n \"CVE-2016-9794\",\n \"CVE-2017-1000364\",\n \"CVE-2017-2618\",\n \"CVE-2017-6345\",\n \"CVE-2018-14616\"\n );\n script_bugtraq_id(\n 63508,\n 64328,\n 67300,\n 68162,\n 70095,\n 71794,\n 72357\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1508)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2\n Voice Service driver for the Linux kernel 3.x, as used\n in Qualcomm Innovation Center (QuIC) Android\n contributions for MSM devices and other products,\n allows attackers to cause a denial of service (memory\n corruption) or possibly have unspecified other impact\n via a write request, as demonstrated by a\n voice_svc_send_req buffer overflow.(CVE-2016-5343i1/4%0\n\n - A use-after-free flaw was found in the way the Linux\n kernel's Advanced Linux Sound Architecture (ALSA)\n implementation handled user controls. A local,\n privileged user could use this flaw to crash the\n system.(CVE-2014-4655i1/4%0\n\n - Race condition in the handle_to_path function in\n fs/fhandle.c in the Linux kernel through 3.19.1 allows\n local users to bypass intended size restrictions and\n trigger read operations on additional memory locations\n by changing the handle_bytes value of a file handle\n during the execution of this function.(CVE-2015-1420i1/4%0\n\n - A flaw was found in the way the Linux kernel's keys\n subsystem handled the termination condition in the\n associative array garbage collection functionality. A\n local, unprivileged user could use this flaw to crash\n the system.(CVE-2014-3631i1/4%0\n\n - A flaw was found in the ext4 subsystem. This\n vulnerability is a use after free vulnerability was\n found in __ext4_journal_stop(). Attackers could abuse\n this to allow any code which attempts to deal with the\n journal failure to be mishandled or not fail at all.\n This could lead to data corruption or\n crashes.(CVE-2015-8961i1/4%0\n\n - Buffer overflow in the oz_cdev_write function in\n drivers/staging/ozwpan/ozcdev.c in the Linux kernel\n before 3.12 allows local users to cause a denial of\n service or possibly have unspecified other impact via a\n crafted write operation.(CVE-2013-4513i1/4%0\n\n - The nfnetlink_rcv_batch() function in\n 'net/netfilter/nfnetlink.c' in the Linux kernel before\n 4.5 does not check whether a batch message's length\n field is large enough, which allows local users to\n obtain sensitive information from kernel memory or\n cause a denial of service (infinite loop or\n out-of-bounds read) by leveraging the CAP_NET_ADMIN\n capability.(CVE-2016-7917i1/4%0\n\n - Array index error in the kvm_vm_ioctl_create_vcpu\n function in virt/kvm/kvm_main.c in the KVM subsystem in\n the Linux kernel through 3.12.5 allows local users to\n gain privileges via a large id value.(CVE-2013-4587i1/4%0\n\n - A leak of information was possible when issuing a\n netlink command of the stack memory area leading up to\n this function call. An attacker could use this to\n determine stack information for use in a later\n exploit.(CVE-2016-5243i1/4%0\n\n - An issue was discovered in the Linux kernel in the F2FS\n filesystem code. A NULL pointer dereference in\n fscrypt_do_page_crypto() in the fs/crypto/crypto.c\n function can occur when operating on a file on a\n corrupted f2fs image.(CVE-2018-14616i1/4%0\n\n - An out-of-bounds flaw was found in the kernel, where\n the sco_sock_bind() function (bluetooth/sco) did not\n check the length of its sockaddr parameter. As a\n result, more kernel memory was copied out than\n required, leaking information from the kernel stack\n (including kernel addresses). A local user could\n exploit this flaw to bypass kernel ASLR or leak other\n information.(CVE-2015-8575i1/4%0\n\n - A denial of service vulnerability was found in the\n WhiteHEAT USB Serial Driver (whiteheat_attach function\n in drivers/usb/serial/whiteheat.c). In the driver, the\n COMMAND_PORT variable was hard coded and set to 4 (5th\n element). The driver assumed that the number of ports\n would always be 5 and used port number 5 as the command\n port. However, when using a USB device in which the\n number of ports was set to a number less than 5 (for\n example, 3), the driver triggered a kernel NULL-pointer\n dereference. A non-privileged attacker could use this\n flaw to panic the host.(CVE-2015-5257i1/4%0\n\n - The LLC subsystem in the Linux kernel does not ensure\n that a certain destructor exists in required\n circumstances, which allows local users to cause a\n denial of service (BUG_ON) or possibly have unspecified\n other impact via crafted system calls.(CVE-2017-6345i1/4%0\n\n - A vulnerability was found in Linux kernel. There is an\n information leak in file sound/core/timer.c of the\n latest mainline Linux kernel. The stack object aEURoer1aEUR\n has a total size of 32 bytes. Its field aEURoeeventaEUR and\n aEURoevalaEUR both contain 4 bytes padding. These 8 bytes\n padding bytes are sent to user without being\n initialized.(CVE-2016-4578i1/4%0\n\n - An information leak flaw was found in the way the Linux\n kernel changed certain segment registers and\n thread-local storage (TLS) during a context switch. A\n local, unprivileged user could use this flaw to leak\n the user space TLS base address of an arbitrary\n process.(CVE-2014-9419i1/4%0\n\n - A flaw was found in the way memory was being allocated\n on the stack for user space binaries. If heap (or\n different memory region) and stack memory regions were\n adjacent to each other, an attacker could use this flaw\n to jump over the stack guard gap, cause controlled\n memory corruption on process stack or the adjacent\n memory region, and thus increase their privileges on\n the system. This is a kernel-side mitigation which\n increases the stack guard gap size from one page to 1\n MiB to make successful exploitation of this issue more\n difficult.(CVE-2017-1000364i1/4%0\n\n - A flaw was found in the Linux kernel's handling of\n clearing SELinux attributes on /proc/pid/attr files. An\n empty (null) write to this file can crash the system by\n causing the system to attempt to access unmapped kernel\n memory.(CVE-2017-2618i1/4%0\n\n - A use-after-free vulnerability was found in ALSA pcm\n layer, which allows local users to cause a denial of\n service, memory corruption, or possibly other\n unspecified impact. Due to the nature of the flaw,\n privilege escalation cannot be fully ruled out,\n although we believe it is unlikely.(CVE-2016-9794i1/4%0\n\n - A flaw was found in the way the Linux kernel's floppy\n driver handled user space provided data in certain\n error code paths while processing FDRAWCMD IOCTL\n commands. A local user with write access to /dev/fdX\n could use this flaw to free (using the kfree()\n function) arbitrary kernel memory. (CVE-2014-1737,\n Important)t was found that the Linux kernel's floppy\n driver leaked internal kernel memory addresses to user\n space during the processing of the FDRAWCMD IOCTL\n command. A local user with write access to /dev/fdX\n could use this flaw to obtain information about the\n kernel heap arrangement. (CVE-2014-1738, Low)Note: A\n local user with write access to /dev/fdX could use\n these two flaws (CVE-2014-1737 in combination with\n CVE-2014-1738) to escalate their privileges on the\n system.(CVE-2014-1737i1/4%0\n\n - An out-of-bounds memory access flaw was found in the\n Linux kernel's aiptek USB tablet driver (aiptek_probe()\n function in drivers/input/tablet/aiptek.c). The driver\n assumed that the interface always had at least one\n endpoint. By using a specially crafted USB device with\n no endpoints on one of its interfaces, an unprivileged\n user with physical access to the system could trigger a\n kernel NULL pointer dereference, causing the system to\n panic.(CVE-2015-7515i1/4%0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1508\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?16ed611a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Solaris RSH Stack Clash Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.1.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.1.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.1.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"kernel-4.19.28-1.2.117\",\n \"kernel-devel-4.19.28-1.2.117\",\n \"kernel-headers-4.19.28-1.2.117\",\n \"kernel-tools-4.19.28-1.2.117\",\n \"kernel-tools-libs-4.19.28-1.2.117\",\n \"kernel-tools-libs-devel-4.19.28-1.2.117\",\n \"perf-4.19.28-1.2.117\",\n \"python-perf-4.19.28-1.2.117\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2022-01-04T12:54:24", "description": "Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event \nsubsystem that allows normal users to enable function tracing. An \nunprivileged local user could exploit this flaw to obtain potentially \nsensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random \nnumber generator. This flaw makes it easier for a local attacker to break \ncryptographic protections. (CVE-2013-4345)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame- \nbuffer drivers in the Linux kernel. An unprivileged local user could \nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo \nDevices USB over WiFi devices. A local user could exploit this flaw to \ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's \ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the \nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of \nservice or possibly gain adminstrative priviliges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's \ndriver for Beceem WIMAX chipset based devices. An unprivileged local user \ncould exploit this flaw to obtain sensitive information from kernel memory. \n(CVE-2013-4515)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec \nAACRAID scsi raid devices. An unprivileged local user could send \nadministrative commands to these devices potentially compromising the data \nstored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver. \nA local user could exploit this flaw to cause a denial of service (memory \ncorruption) or possibly gain privileges. (CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header \nparsing. A remote attacker could cause a denial of service (buffer over- \nread) via a specially crafted header. (CVE-2013-7027)\n", "cvss3": {}, "published": "2014-01-03T00:00:00", "type": "ubuntu", "title": "Linux kernel (OMAP4) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7027", "CVE-2013-4345", "CVE-2013-6763", "CVE-2013-4514", "CVE-2013-4511", "CVE-2013-6383", "CVE-2013-4515", "CVE-2013-4513", "CVE-2013-2930"], "modified": "2014-01-03T00:00:00", "id": "USN-2072-1", "href": "https://ubuntu.com/security/notices/USN-2072-1", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T12:54:23", "description": "Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP \nFragmentation Offload (UFO). An unprivileged local user could exploit this \nflaw to cause a denial of service (system crash) or possibly gain \nadministrative privileges. (CVE-2013-4470)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame- \nbuffer drivers in the Linux kernel. An unprivileged local user could \nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo \nDevices USB over WiFi devices. A local user could exploit this flaw to \ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's \ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the \nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of \nservice or possibly gain adminstrative priviliges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's \ndriver for Beceem WIMAX chipset based devices. An unprivileged local user \ncould exploit this flaw to obtain sensitive information from kernel memory. \n(CVE-2013-4515)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's \ndriver for the SystemBase Multi-2/PCI serial card. An unprivileged user \ncould obtain sensitive information from kernel memory. (CVE-2013-4516)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec \nAACRAID scsi raid devices. An unprivileged local user could send \nadministrative commands to these devices potentially compromising the data \nstored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver. \nA local user could exploit this flaw to cause a denial of service (memory \ncorruption) or possibly gain privileges. (CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header \nparsing. A remote attacker could cause a denial of service (buffer over- \nread) via a specially crafted header. (CVE-2013-7027)\n", "cvss3": {}, "published": "2014-01-03T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7027", "CVE-2013-6763", "CVE-2013-4514", "CVE-2013-4511", "CVE-2013-6383", "CVE-2013-4470", "CVE-2013-4515", "CVE-2013-4513", "CVE-2013-4516"], "modified": "2014-01-03T00:00:00", "id": "USN-2073-1", "href": "https://ubuntu.com/security/notices/USN-2073-1", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T12:54:29", "description": "Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event \nsubsystem that allows normal users to enable function tracing. An \nunprivileged local user could exploit this flaw to obtain potentially \nsensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random \nnumber generator. This flaw makes it easier for a local attacker to break \ncryptographic protections. (CVE-2013-4345)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame- \nbuffer drivers in the Linux kernel. An unprivileged local user could \nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo \nDevices USB over WiFi devices. A local user could exploit this flaw to \ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's \ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the \nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of \nservice or possibly gain adminstrative priviliges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's \ndriver for Beceem WIMAX chipset based devices. An unprivileged local user \ncould exploit this flaw to obtain sensitive information from kernel memory. \n(CVE-2013-4515)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec \nAACRAID scsi raid devices. An unprivileged local user could send \nadministrative commands to these devices potentially compromising the data \nstored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver. \nA local user could exploit this flaw to cause a denial of service (memory \ncorruption) or possibly gain privileges. (CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header \nparsing. A remote attacker could cause a denial of service (buffer over- \nread) via a specially crafted header. (CVE-2013-7027)\n", "cvss3": {}, "published": "2014-01-03T00:00:00", "type": "ubuntu", "title": "Linux kernel (OMAP4) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7027", "CVE-2013-4345", "CVE-2013-6763", "CVE-2013-4514", "CVE-2013-4511", "CVE-2013-6383", "CVE-2013-4515", "CVE-2013-4513", "CVE-2013-2930"], "modified": "2014-01-03T00:00:00", "id": "USN-2076-1", "href": "https://ubuntu.com/security/notices/USN-2076-1", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T12:54:21", "description": "Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event \nsubsystem that allows normal users to enable function tracing. An \nunprivileged local user could exploit this flaw to obtain potentially \nsensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random \nnumber generator. This flaw makes it easier for a local attacker to break \ncryptographic protections. (CVE-2013-4345)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame- \nbuffer drivers in the Linux kernel. An unprivileged local user could \nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo \nDevices USB over WiFi devices. A local user could exploit this flaw to \ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's \ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the \nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of \nservice or possibly gain adminstrative priviliges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's \ndriver for Beceem WIMAX chipset based devices. An unprivileged local user \ncould exploit this flaw to obtain sensitive information from kernel memory. \n(CVE-2013-4515)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec \nAACRAID scsi raid devices. An unprivileged local user could send \nadministrative commands to these devices potentially compromising the data \nstored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver. \nA local user could exploit this flaw to cause a denial of service (memory \ncorruption) or possibly gain privileges. (CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header \nparsing. A remote attacker could cause a denial of service (buffer over- \nread) via a specially crafted header. (CVE-2013-7027)\n", "cvss3": {}, "published": "2014-01-03T00:00:00", "type": "ubuntu", "title": "Linux kernel (OMAP4) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7027", "CVE-2013-4345", "CVE-2013-6763", "CVE-2013-4514", "CVE-2013-4511", "CVE-2013-6383", "CVE-2013-4515", "CVE-2013-4513", "CVE-2013-2930"], "modified": "2014-01-03T00:00:00", "id": "USN-2074-1", "href": "https://ubuntu.com/security/notices/USN-2074-1", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T12:54:26", "description": "Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event \nsubsystem that allows normal users to enable function tracing. An \nunprivileged local user could exploit this flaw to obtain potentially \nsensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random \nnumber generator. This flaw makes it easier for a local attacker to break \ncryptographic protections. (CVE-2013-4345)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame- \nbuffer drivers in the Linux kernel. An unprivileged local user could \nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo \nDevices USB over WiFi devices. A local user could exploit this flaw to \ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's \ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the \nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of \nservice or possibly gain adminstrative priviliges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's \ndriver for Beceem WIMAX chipset based devices. An unprivileged local user \ncould exploit this flaw to obtain sensitive information from kernel memory. \n(CVE-2013-4515)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec \nAACRAID scsi raid devices. An unprivileged local user could send \nadministrative commands to these devices potentially compromising the data \nstored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver. \nA local user could exploit this flaw to cause a denial of service (memory \ncorruption) or possibly gain privileges. (CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header \nparsing. A remote attacker could cause a denial of service (buffer over- \nread) via a specially crafted header. (CVE-2013-7027)\n", "cvss3": {}, "published": "2014-01-03T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7027", "CVE-2013-4345", "CVE-2013-6763", "CVE-2013-4514", "CVE-2013-4511", "CVE-2013-6383", "CVE-2013-4515", "CVE-2013-4513", "CVE-2013-2930"], "modified": "2014-01-03T00:00:00", "id": "USN-2071-1", "href": "https://ubuntu.com/security/notices/USN-2071-1", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T12:54:29", "description": "Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event \nsubsystem that allows normal users to enable function tracing. An \nunprivileged local user could exploit this flaw to obtain potentially \nsensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random \nnumber generator. This flaw makes it easier for a local attacker to break \ncryptographic protections. (CVE-2013-4345)\n\nJason Wang discovered a bug in the network flow dissector in the Linux \nkernel. A remote attacker could exploit this flaw to cause a denial of \nservice (infinite loop). (CVE-2013-4348)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame- \nbuffer drivers in the Linux kernel. An unprivileged local user could \nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo \nDevices USB over WiFi devices. A local user could exploit this flaw to \ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's \ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the \nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of \nservice or possibly gain adminstrative priviliges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's \ndriver for Beceem WIMAX chipset based devices. An unprivileged local user \ncould exploit this flaw to obtain sensitive information from kernel memory. \n(CVE-2013-4515)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec \nAACRAID scsi raid devices. An unprivileged local user could send \nadministrative commands to these devices potentially compromising the data \nstored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver. \nA local user could exploit this flaw to cause a denial of service (memory \ncorruption) or possibly gain privileges. (CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header \nparsing. A remote attacker could cause a denial of service (buffer over- \nread) via a specially crafted header. (CVE-2013-7027)\n", "cvss3": {}, "published": "2014-01-03T00:00:00", "type": "ubuntu", "title": "Linux kernel (Quantal HWE) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7027", "CVE-2013-4345", "CVE-2013-4348", "CVE-2013-4514", "CVE-2013-6763", "CVE-2013-4511", "CVE-2013-6383", "CVE-2013-4515", "CVE-2013-4513", "CVE-2013-2930"], "modified": "2014-01-03T00:00:00", "id": "USN-2068-1", "href": "https://ubuntu.com/security/notices/USN-2068-1", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-01-04T12:54:28", "description": "Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP \nFragmentation Offload (UFO). An unprivileged local user could exploit this \nflaw to cause a denial of service (system crash) or possibly gain \nadministrative privileges. (CVE-2013-4470)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame- \nbuffer drivers in the Linux kernel. An unprivileged local user could \nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo \nDevices USB over WiFi devices. A local user could exploit this flaw to \ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's \ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the \nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of \nservice or possibly gain adminstrative priviliges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's \ndriver for Beceem WIMAX chipset based devices. An unprivileged local user \ncould exploit this flaw to obtain sensitive information from kernel memory. \n(CVE-2013-4515)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's \ndriver for the SystemBase Multi-2/PCI serial card. An unprivileged user \ncould obtain sensitive information from kernel memory. (CVE-2013-4516)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec \nAACRAID scsi raid devices. An unprivileged local user could send \nadministrative commands to these devices potentially compromising the data \nstored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver. \nA local user could exploit this flaw to cause a denial of service (memory \ncorruption) or possibly gain privileges. (CVE-2013-6763)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header \nparsing. A remote attacker could cause a denial of service (buffer over- \nread) via a specially crafted header. (CVE-2013-7027)\n\nAn information leak was discovered in the Linux kernel's SIOCWANDEV ioctl \ncall. A local user with the CAP_NET_ADMIN capability could exploit this \nflaw to obtain potentially sensitive information from kernel memory. \n(CVE-2014-1444)\n\nAn information leak was discovered in the wanxl ioctl function the Linux \nkernel. A local user could exploit this flaw to obtain potentially \nsensitive information from kernel memory. (CVE-2014-1445)\n", "cvss3": {}, "published": "2014-01-03T00:00:00", "type": "ubuntu", "title": "Linux kernel (Raring HWE) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7027", "CVE-2013-6763", "CVE-2013-4514", "CVE-2013-4511", "CVE-2013-6383", "CVE-2013-4470", "CVE-2013-4515", "CVE-2014-1444", "CVE-2014-1445", "CVE-2013-4513", "CVE-2013-4516"], "modified": "2014-01-03T00:00:00", "id": "USN-2069-1", "href": "https://ubuntu.com/security/notices/USN-2069-1", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T12:54:27", "description": "Vasily Kulikov reported a flaw in the Linux kernel's implementation of \nptrace. An unprivileged local user could exploit this flaw to obtain \nsensitive information from kernel memory. (CVE-2013-2929)\n\nDave Jones and Vince Weaver reported a flaw in the Linux kernel's per event \nsubsystem that allows normal users to enable function tracing. An \nunprivileged local user could exploit this flaw to obtain potentially \nsensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random \nnumber generator. This flaw makes it easier for a local attacker to break \ncryptographic protections. (CVE-2013-4345)\n\nJason Wang discovered a bug in the network flow dissector in the Linux \nkernel. A remote attacker could exploit this flaw to cause a denial of \nservice (infinite loop). (CVE-2013-4348)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame- \nbuffer drivers in the Linux kernel. An unprivileged local user could \nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo \nDevices USB over WiFi devices. A local user could exploit this flaw to \ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's \ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the \nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of \nservice or possibly gain adminstrative priviliges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's \ndriver for Beceem WIMAX chipset based devices. An unprivileged local user \ncould exploit this flaw to obtain sensitive information from kernel memory. \n(CVE-2013-4515)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's \ndriver for the SystemBase Multi-2/PCI serial card. An unprivileged user \ncould obtain sensitive information from kernel memory. (CVE-2013-4516)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's \ndebugfs filesystem. An administrative local user could exploit this flaw to \ncause a denial of service (OOPS). (CVE-2013-6378)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the driver for Adaptec \nAACRAID scsi raid devices in the Linux kernel. A local user could use this \nflaw to cause a denial of service or possibly other unspecified impact. \n(CVE-2013-6380)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec \nAACRAID scsi raid devices. An unprivileged local user could send \nadministrative commands to these devices potentially compromising the data \nstored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver. \nA local user could exploit this flaw to cause a denial of service (memory \ncorruption) or possibly gain privileges. (CVE-2013-6763)\n\nA race condition flaw was discovered in the Linux kernel's ipc shared \nmemory implimentation. A local user could exploit this flaw to cause a \ndenial of service (system crash) or possibly have unspecied other impacts. \n(CVE-2013-7026)\n", "cvss3": {}, "published": "2014-01-03T00:00:00", "type": "ubuntu", "title": "Linux kernel (Saucy HWE) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2929", "CVE-2013-4348", "CVE-2013-4345", "CVE-2013-4514", "CVE-2013-6763", "CVE-2013-4511", "CVE-2013-6383", "CVE-2013-4515", "CVE-2013-6378", "CVE-2013-7026", "CVE-2013-6380", "CVE-2013-4513", "CVE-2013-4516", "CVE-2013-2930"], "modified": "2014-01-03T00:00:00", "id": "USN-2070-1", "href": "https://ubuntu.com/security/notices/USN-2070-1", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-01-04T12:54:21", "description": "Vasily Kulikov reported a flaw in the Linux kernel's implementation of \nptrace. An unprivileged local user could exploit this flaw to obtain \nsensitive information from kernel memory. (CVE-2013-2929)\n\nDave Jones and Vince Weaver reported a flaw in the Linux kernel's per event \nsubsystem that allows normal users to enable function tracing. An \nunprivileged local user could exploit this flaw to obtain potentially \nsensitive information from the kernel. (CVE-2013-2930)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random \nnumber generator. This flaw makes it easier for a local attacker to break \ncryptographic protections. (CVE-2013-4345)\n\nJason Wang discovered a bug in the network flow dissector in the Linux \nkernel. A remote attacker could exploit this flaw to cause a denial of \nservice (infinite loop). (CVE-2013-4348)\n\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame- \nbuffer drivers in the Linux kernel. An unprivileged local user could \nexploit this flaw to gain administrative privileges. (CVE-2013-4511)\n\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo \nDevices USB over WiFi devices. A local user could exploit this flaw to \ncause a denial of service or possibly unspecified impact. (CVE-2013-4513)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's \ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the \nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of \nservice or possibly gain adminstrative priviliges. (CVE-2013-4514)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's \ndriver for Beceem WIMAX chipset based devices. An unprivileged local user \ncould exploit this flaw to obtain sensitive information from kernel memory. \n(CVE-2013-4515)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's \ndriver for the SystemBase Multi-2/PCI serial card. An unprivileged user \ncould obtain sensitive information from kernel memory. (CVE-2013-4516)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's \ndebugfs filesystem. An administrative local user could exploit this flaw to \ncause a denial of service (OOPS). (CVE-2013-6378)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the driver for Adaptec \nAACRAID scsi raid devices in the Linux kernel. A local user could use this \nflaw to cause a denial of service or possibly other unspecified impact. \n(CVE-2013-6380)\n\nA flaw was discovered in the Linux kernel's compat ioctls for Adaptec \nAACRAID scsi raid devices. An unprivileged local user could send \nadministrative commands to these devices potentially compromising the data \nstored on the device. (CVE-2013-6383)\n\nNico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver. \nA local user could exploit this flaw to cause a denial of service (memory \ncorruption) or possibly gain privileges. (CVE-2013-6763)\n\nA race condition flaw was discovered in the Linux kernel's ipc shared \nmemory implimentation. A local user could exploit this flaw to cause a \ndenial of service (system crash) or possibly have unspecied other impacts. \n(CVE-2013-7026)\n", "cvss3": {}, "published": "2014-01-03T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2929", "CVE-2013-4348", "CVE-2013-4345", "CVE-2013-4514", "CVE-2013-6763", "CVE-2013-4511", "CVE-2013-6383", "CVE-2013-4515", "CVE-2013-6378", "CVE-2013-7026", "CVE-2013-6380", "CVE-2013-4513", "CVE-2013-4516", "CVE-2013-2930"], "modified": "2014-01-03T00:00:00", "id": "USN-2075-1", "href": "https://ubuntu.com/security/notices/USN-2075-1", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:50", "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2075-1\r\nJanuary 03, 2014\r\n\r\nlinux vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 13.10\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in the kernel.\r\n\r\nSoftware Description:\r\n- linux: Linux kernel\r\n\r\nDetails:\r\n\r\nVasily Kulikov reported a flaw in the Linux kernel&#39;s implementation of\r\nptrace. An unprivileged local user could exploit this flaw to obtain\r\nsensitive information from kernel memory. &#40;CVE-2013-2929&#41;\r\n\r\nDave Jones and Vince Weaver reported a flaw in the Linux kernel&#39;s per event\r\nsubsystem that allows normal users to enable function tracing. An\r\nunprivileged local user could exploit this flaw to obtain potentially\r\nsensitive information from the kernel. &#40;CVE-2013-2930&#41;\r\n\r\nStephan Mueller reported an error in the Linux kernel&#39;s ansi cprng random\r\nnumber generator. This flaw makes it easier for a local attacker to break\r\ncryptographic protections. &#40;CVE-2013-4345&#41;\r\n\r\nJason Wang discovered a bug in the network flow dissector in the Linux\r\nkernel. A remote attacker could exploit this flaw to cause a denial of\r\nservice &#40;infinite loop&#41;. &#40;CVE-2013-4348&#41;\r\n\r\nMultiple integer overflow flaws were discovered in the Alchemy LCD frame-\r\nbuffer drivers in the Linux kernel. An unprivileged local user could\r\nexploit this flaw to gain administrative privileges. &#40;CVE-2013-4511&#41;\r\n\r\nNico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo\r\nDevices USB over WiFi devices. A local user could exploit this flaw to\r\ncause a denial of service or possibly unspecified impact. &#40;CVE-2013-4513&#41;\r\n\r\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel&#39;s\r\ndriver for Agere Systems HERMES II Wireless PC Cards. A local user with the\r\nCAP_NET_ADMIN capability could exploit this flaw to cause a denial of\r\nservice or possibly gain adminstrative priviliges. &#40;CVE-2013-4514&#41;\r\n\r\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel&#39;s\r\ndriver for Beceem WIMAX chipset based devices. An unprivileged local user\r\ncould exploit this flaw to obtain sensitive information from kernel memory.\r\n&#40;CVE-2013-4515&#41;\r\n\r\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel&#39;s\r\ndriver for the SystemBase Multi-2/PCI serial card. An unprivileged user\r\ncould obtain sensitive information from kernel memory. &#40;CVE-2013-4516&#41;\r\n\r\nNico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel&#39;s\r\ndebugfs filesystem. An administrative local user could exploit this flaw to\r\ncause a denial of service &#40;OOPS&#41;. &#40;CVE-2013-6378&#41;\r\n\r\nNico Golde and Fabian Yamaguchi reported a flaw in the driver for Adaptec\r\nAACRAID scsi raid devices in the Linux kernel. A local user could use this\r\nflaw to cause a denial of service or possibly other unspecified impact.\r\n&#40;CVE-2013-6380&#41;\r\n\r\nA flaw was discovered in the Linux kernel&#39;s compat ioctls for Adaptec\r\nAACRAID scsi raid devices. An unprivileged local user could send\r\nadministrative commands to these devices potentially compromising the data\r\nstored on the device. &#40;CVE-2013-6383&#41;\r\n\r\nNico Golde reported a flaw in the Linux kernel&#39;s userspace IO &#40;uio&#41; driver.\r\nA local user could exploit this flaw to cause a denial of service &#40;memory\r\ncorruption&#41; or possibly gain privileges. &#40;CVE-2013-6763&#41;\r\n\r\nA race condition flaw was discovered in the Linux kernel&#39;s ipc shared\r\nmemory implimentation. A local user could exploit this flaw to cause a\r\ndenial of service &#40;system crash&#41; or possibly have unspecied other impacts.\r\n&#40;CVE-2013-7026&#41;\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 13.10:\r\n linux-image-3.11.0-15-generic 3.11.0-15.23\r\n linux-image-3.11.0-15-generic-lpae 3.11.0-15.23\r\n\r\nAfter a standard system update you need to reboot your computer to make\r\nall the necessary changes.\r\n\r\nATTENTION: Due to an unavoidable ABI change the kernel updates have\r\nbeen given a new version number, which requires you to recompile and\r\nreinstall all third party kernel modules you might have installed. If\r\nyou use linux-restricted-modules, you have to update that package as\r\nwell to get modules which work with the new kernel version. Unless you\r\nmanually uninstalled the standard kernel metapackages &#40;e.g. linux-generic,\r\nlinux-server, linux-powerpc&#41;, a standard system upgrade will automatically\r\nperform this as well.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2075-1\r\n CVE-2013-2929, CVE-2013-2930, CVE-2013-4345, CVE-2013-4348,\r\n CVE-2013-4511, CVE-2013-4513, CVE-2013-4514, CVE-2013-4515,\r\n CVE-2013-4516, CVE-2013-6378, CVE-2013-6380, CVE-2013-6383,\r\n CVE-2013-6763, CVE-2013-7026\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/linux/3.11.0-15.23\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n", "edition": 1, "cvss3": {}, "published": "2014-01-08T00:00:00", "title": "[USN-2075-1] Linux kernel vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-4345", "CVE-2013-4513", "CVE-2013-6383", "CVE-2013-6378", "CVE-2013-4515", "CVE-2013-2929", "CVE-2013-4511", "CVE-2013-4516", "CVE-2013-4514", "CVE-2013-2930", "CVE-2013-6380", "CVE-2013-6763", "CVE-2013-4348", "CVE-2013-7026"], "modified": "2014-01-08T00:00:00", "id": "SECURITYVULNS:DOC:30152", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30152", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:53", "description": "ptrace information leakage, debug functions privilege escalation, cprng weak PRNG, networking dissector DoS, multiple integer overflows, buffer overlows in WiMax, USB and different devices drivers, UDP fragmentation offload uninitialized memory, privilege escalations. NAT conntrack information leakage.", "edition": 1, "cvss3": {}, "published": "2014-03-31T00:00:00", "title": "Linux kernel security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-7027", "CVE-2013-4345", "CVE-2014-0038", "CVE-2013-4513", "CVE-2013-7270", "CVE-2013-7265", "CVE-2013-6383", "CVE-2013-6378", "CVE-2013-4515", "CVE-2013-2929", "CVE-2013-4511", "CVE-2014-1874", "CVE-2013-4592", "CVE-2013-4516", "CVE-2013-7267", "CVE-2013-7266", "CVE-2013-7264", "CVE-2014-1446", "CVE-2014-2038", "CVE-2013-6368", "CVE-2013-6382", "CVE-2013-6367", "CVE-2013-7263", "CVE-2013-4514", "CVE-2013-7269", "CVE-2013-2930", "CVE-2013-7271", "CVE-2013-6380", "CVE-2013-7268", "CVE-2014-1438", "CVE-2013-7281", "CVE-2013-4587", "CVE-2013-6763", "CVE-2013-4348", "CVE-2013-4470", "CVE-2013-4588", "CVE-2013-4299", "CVE-2014-1690", "CVE-2013-7026"], "modified": "2014-03-31T00:00:00", "id": "SECURITYVULNS:VULN:13475", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13475", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T12:42:58", "description": "The Linux kernel was updated to fix various bugs and\n security issues:\n\n - mm/page-writeback.c: do not count anon pages as dirtyable\n memory (reclaim stalls).\n - mm/page-writeback.c: fix dirty_balance_reserve\n subtraction from dirtyable memory (reclaim stalls).\n\n - compat_sys_recvmmsg X32 fix (bnc#860993 CVE-2014-0038).\n\n - hwmon: (coretemp) Fix truncated name of alarm attributes\n\n - net: fib: fib6_add: fix potential NULL pointer\n dereference (bnc#854173 CVE-2013-6431).\n\n - keys: fix race with concurrent install_user_keyrings()\n (bnc#808358)(CVE-2013-1792).\n\n - KVM: x86: Convert vapic synchronization to _cached\n functions (CVE-2013-6368) (bnc#853052 CVE-2013-6368).\n\n - wireless: radiotap: fix parsing buffer overrun\n (bnc#854634 CVE-2013-7027).\n\n - KVM: x86: fix guest-initiated crash with x2apic\n (CVE-2013-6376) (bnc#853053 CVE-2013-6376).\n\n - KVM: x86: Fix potential divide by 0 in lapic\n (CVE-2013-6367) (bnc#853051 CVE-2013-6367).\n\n - KVM: Improve create VCPU parameter (CVE-2013-4587)\n (bnc#853050 CVE-2013-4587).\n\n - staging: ozwpan: prevent overflow in oz_cdev_write()\n (bnc#849023 CVE-2013-4513).\n\n - perf/x86: Fix offcore_rsp valid mask for SNB/IVB\n (bnc#825006).\n - perf/x86: Add Intel IvyBridge event scheduling\n constraints (bnc#825006).\n\n - libertas: potential oops in debugfs (bnc#852559\n CVE-2013-6378).\n\n - aacraid: prevent invalid pointer dereference (bnc#852373\n CVE-2013-6380).\n\n - staging: wlags49_h2: buffer overflow setting station name\n (bnc#849029 CVE-2013-4514).\n\n - net: flow_dissector: fail on evil iph-&gt;ihl (bnc#848079\n CVE-2013-4348).\n\n - Staging: bcm: info leak in ioctl (bnc#849034\n CVE-2013-4515).\n\n - Refresh\n patches.fixes/net-rework-recvmsg-handler-msg_name-and-msg_na\n melen-logic.patch.\n\n - ipv6: remove max_addresses check from\n ipv6_create_tempaddr (bnc#805226, CVE-2013-0343).\n\n - net: rework recvmsg handler msg_name and msg_namelen\n logic (bnc#854722).\n\n - crypto: ansi_cprng - Fix off by one error in non-block\n size request (bnc#840226).\n\n - x6: Fix reserve_initrd so that acpi_initrd_override is\n reached (bnc#831836).\n - Refresh other Xen patches.\n\n - aacraid: missing capable() check in compat ioctl\n (bnc#852558).\n\n -\n patches.fixes/gpio-ich-fix-ichx_gpio_check_available-return.\n patch: Update upstream reference\n\n - perf/ftrace: Fix paranoid level for enabling function\n tracer (bnc#849362).\n\n - xhci: fix null pointer dereference on\n ring_doorbell_for_active_rings (bnc#848255).\n - xhci: Fix oops happening after address device timeout\n (bnc#848255).\n - xhci: Ensure a command structure points to the correct\n trb on the command ring (bnc#848255).\n\n -\n patches.arch/iommu-vt-d-remove-stack-trace-from-broken-irq-r\n emapping-warning.patch: Update upstream reference.\n\n - Allow NFSv4 username mapping to work properly\n (bnc#838024).\n\n - Refresh btrfs attribute publishing patchset to match\n openSUSE-13.1 No user-visible changes, but uses\n kobj_sysfs_ops and better kobject lifetime management.\n\n - Fix a few incorrectly checked [io_]remap_pfn_range()\n calls (bnc#849021, CVE-2013-4511).\n\n - drm/radeon: don't set hpd, afmt interrupts when\n interrupts are disabled.\n\n -\n patches.fixes/cifs-fill-TRANS2_QUERY_FILE_INFO-ByteCount-fie\n lds.patch: Fix TRANS2_QUERY_FILE_INFO ByteCount fields\n (bnc#804950).\n\n - iommu: Remove stack trace from broken irq remapping\n warning (bnc#844513).\n\n - Disable patches related to bnc#840656\n patches.suse/btrfs-cleanup-don-t-check-the-same-thing-twice\n patches.suse/btrfs-0220-fix-for-patch-cleanup-don-t-check-th\n e-same-thi.patch\n\n - btrfs: use feature attribute names to print better error\n messages.\n - btrfs: add ability to change features via sysfs.\n - btrfs: add publishing of unknown features in sysfs.\n - btrfs: publish per-super features to sysfs.\n - btrfs: add per-super attributes to sysfs.\n - btrfs: export supported featured to sysfs.\n - kobject: introduce kobj_completion.\n - btrfs: add ioctls to query/change feature bits online.\n - btrfs: use btrfs_commit_transaction when setting fslabel.\n\n - x86/iommu/vt-d: Expand interrupt remapping quirk to cover\n x58 chipset (bnc#844513).\n\n - NFSv4: Fix issues in nfs4_discover_server_trunking\n (bnc#811746).\n\n - iommu/vt-d: add quirk for broken interrupt remapping on\n 55XX chipsets (bnc#844513).\n\n", "cvss3": {}, "published": "2014-02-06T19:04:40", "type": "suse", "title": "kernel: security and bugfix update (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2013-7027", "CVE-2014-0038", "CVE-2013-4513", "CVE-2013-6378", "CVE-2013-4515", "CVE-2013-6431", "CVE-2013-4511", "CVE-2013-1792", "CVE-2013-6368", "CVE-2013-6367", "CVE-2013-4514", "CVE-2013-6376", "CVE-2013-6380", "CVE-2013-0343", "CVE-2013-4587", "CVE-2013-4348"], "modified": "2014-02-06T19:04:40", "id": "OPENSUSE-SU-2014:0204-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "This kernel-linus update provides an update to the 3.10 longterm branch, currently 3.10.24 and fixes the following security issues: The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.10 does not properly handle problems with the generation of IPv6 temporary addresses, which allows remote attackers to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information, via ICMPv6 Router Advertisement (RA) messages. (CVE-2013-0343) net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation. (CVE-2013-1059) The dispatch_discard_io function in drivers/block/xen-blkback/blkback.c in the Xen blkback implementation in the Linux kernel before 3.10.5 allows guest OS users to cause a denial of service (data loss) via filesystem write operations on a read-only disk that supports the (1) BLKIF_OP_DISCARD (aka discard or TRIM) or (2) SCSI UNMAP feature. (CVE-2013-2140) The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via (1) a crafted IDAGETPCIINFO command for a /dev/ida device, related to the ida_locked_ioctl function in drivers/block/cpqarray.c or (2) a crafted CCISS_PASSTHRU32 command for a /dev/cciss device, related to the cciss_ioctl32_passthru function in drivers/block/cciss.c. (CVE-2013-2147) Format string vulnerability in the register_disk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/md_mod/parameters/new_array in order to create a crafted /dev/md device name. (CVE-2013-2851) Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11 allow physically proximate attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted device that provides an invalid Report ID (CVE-2013-2888). drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_ZEROPLUS is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device (CVE-2013-2889). drivers/hid/hid-steelseries.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_STEELSERIES is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device. (CVE-2013-2891) drivers/hid/hid-pl.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_PANTHERLORD is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device (CVE-2013-2892). The Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device, related to (1) drivers/hid/hid-lgff.c, (2) drivers/hid/hid-lg3ff.c, and (3) drivers/hid/hid-lg4ff.c (CVE-2013-2893). drivers/hid/hid-lenovo-tpkbd.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_LENOVO_TPKBD is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device. (CVE-2013-2894) drivers/hid/hid-logitech-dj.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_LOGITECH_DJ is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) or obtain sensitive information from kernel memory via a crafted device (CVE-2013-2895). drivers/hid/hid-ntrig.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_NTRIG is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device (CVE-2013-2896). Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to cause a denial of service (heap memory corruption, or NULL pointer dereference and OOPS) via a crafted device (CVE-2013-2897). drivers/hid/hid-sensor-hub.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_SENSOR_HUB is enabled, allows physically proximate attackers to obtain sensitive information from kernel memory via a crafted device. (CVE-2013-2898) drivers/hid/hid-picolcd_core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_PICOLCD is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device (CVE-2013-2899). The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a crafted application, related to kernel/ptrace.c and arch/ia64/include/asm/processor.h (CVE-2013-2929) The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application. (CVE-2013-2930) The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call (CVE-2013-4162). The ip6_append_data_mtu function in net/ipv6/ip6_output.c in the IPv6 implementation in the Linux kernel through 3.10.3 does not properly maintain information about whether the IPV6_MTU setsockopt option had been specified, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call (CVE-2013-4163). The validate_event function in arch/arm/kernel/perf_event.c in the Linux kernel before 3.10.8 on the ARM platform allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by adding a hardware event to an event group led by a software event (CVE-2013-4254) Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device. (CVE-2013-4299) The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of a packet with IPIP encapsulation (CVE-2013-4348). The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended configuration of IPsec encryption, which allows remote attackers to obtain sensitive information by sniffing the network (CVE-2013-4350). net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not properly determine the need for UDP Fragmentation Offload (UFO) processing of small packets after the UFO queueing of a large packet, which allows remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via network traffic that triggers a large response packet (CVE-2013-4387). The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service (memory corruption and system crash) or possibly gain privileges via a crafted application that uses the UDP_CORK option in a setsockopt system call and sends both short and long packets, related to the ip_ufo_append_data function in net/ipv4/ip_output.c and the ip6_ufo_append_data function in net/ipv6/ip6_output.c (CVE-2013-4470). Buffer overflow in the oz_cdev_write function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted write operation. (CVE-2013-4513) The lbs_debugfs_write function in drivers/net/wireless/libertas/debugfs.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service (OOPS) by leveraging root privileges for a zero-length write operation. (CVE-2013-6378) The aac_send_raw_srb function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 3.12.1 does not properly validate a certain size value, which allows local users to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via an FSACTL_SEND_RAW_SRB ioctl call that triggers a crafted SRB command. (CVE-2013-6380) Buffer overflow in the qeth_snmp_command function in drivers/s390/net/qeth_core_main.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service or possibly have unspecified other impact via an SNMP ioctl call with a length value that is incompatible with the command-buffer size. (CVE-2013-6381) The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAP_SYS_RAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call. (CVE-2013-6383) For other -stable fixes, read the referenced changelogs. \n", "cvss3": {}, "published": "2013-12-17T23:19:07", "type": "mageia", "title": "Updated kernel-linus packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0343", "CVE-2013-1059", "CVE-2013-2140", "CVE-2013-2147", "CVE-2013-2851", "CVE-2013-2888", "CVE-2013-2889", "CVE-2013-2891", "CVE-2013-2892", "CVE-2013-2893", "CVE-2013-2894", "CVE-2013-2895", "CVE-2013-2896", "CVE-2013-2897", "CVE-2013-2898", "CVE-2013-2899", "CVE-2013-2929", "CVE-2013-2930", "CVE-2013-4162", "CVE-2013-4163", "CVE-2013-4254", "CVE-2013-4299", "CVE-2013-4348", "CVE-2013-4350", "CVE-2013-4387", "CVE-2013-4470", "CVE-2013-4513", "CVE-2013-6378", "CVE-2013-6380", "CVE-2013-6381", "CVE-2013-6383"], "modified": "2013-12-17T23:19:07", "id": "MGASA-2013-0372", "href": "https://advisories.mageia.org/MGASA-2013-0372.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-04-18T11:19:34", "description": "This kernel update provides an update to the 3.10 longterm branch, currently 3.10.24 and fixes the following security issues: The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.10 does not properly handle problems with the generation of IPv6 temporary addresses, which allows remote attackers to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information, via ICMPv6 Router Advertisement (RA) messages. (CVE-2013-0343) net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation. (CVE-2013-1059) The dispatch_discard_io function in drivers/block/xen-blkback/blkback.c in the Xen blkback implementation in the Linux kernel before 3.10.5 allows guest OS users to cause a denial of service (data loss) via filesystem write operations on a read-only disk that supports the (1) BLKIF_OP_DISCARD (aka discard or TRIM) or (2) SCSI UNMAP feature. (CVE-2013-2140) The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via (1) a crafted IDAGETPCIINFO command for a /dev/ida device, related to the ida_locked_ioctl function in drivers/block/cpqarray.c or (2) a crafted CCISS_PASSTHRU32 command for a /dev/cciss device, related to the cciss_ioctl32_passthru function in drivers/block/cciss.c. (CVE-2013-2147) Format string vulnerability in the register_disk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/md_mod/parameters/new_array in order to create a crafted /dev/md device name. (CVE-2013-2851) Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11 allow physically proximate attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted device that provides an invalid Report ID (CVE-2013-2888). drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_ZEROPLUS is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device (CVE-2013-2889). drivers/hid/hid-steelseries.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_STEELSERIES is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device. (CVE-2013-2891) drivers/hid/hid-pl.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_PANTHERLORD is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device (CVE-2013-2892). The Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device, related to (1) drivers/hid/hid-lgff.c, (2) drivers/hid/hid-lg3ff.c, and (3) drivers/hid/hid-lg4ff.c (CVE-2013-2893). drivers/hid/hid-lenovo-tpkbd.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_LENOVO_TPKBD is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device. (CVE-2013-2894) drivers/hid/hid-logitech-dj.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_LOGITECH_DJ is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) or obtain sensitive information from kernel memory via a crafted device (CVE-2013-2895). drivers/hid/hid-ntrig.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_NTRIG is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device (CVE-2013-2896). Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to cause a denial of service (heap memory corruption, or NULL pointer dereference and OOPS) via a crafted device (CVE-2013-2897). drivers/hid/hid-sensor-hub.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_SENSOR_HUB is enabled, allows physically proximate attackers to obtain sensitive information from kernel memory via a crafted device. (CVE-2013-2898) drivers/hid/hid-picolcd_core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_PICOLCD is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device (CVE-2013-2899). The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a crafted application, related to kernel/ptrace.c and arch/ia64/include/asm/processor.h (CVE-2013-2929) The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application. (CVE-2013-2930) The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call (CVE-2013-4162). The ip6_append_data_mtu function in net/ipv6/ip6_output.c in the IPv6 implementation in the Linux kernel through 3.10.3 does not properly maintain information about whether the IPV6_MTU setsockopt option had been specified, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call (CVE-2013-4163). The validate_event function in arch/arm/kernel/perf_event.c in the Linux kernel before 3.10.8 on the ARM platform allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by adding a hardware event to an event group led by a software event (CVE-2013-4254) Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device. (CVE-2013-4299) The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of a packet with IPIP encapsulation (CVE-2013-4348). The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended configuration of IPsec encryption, which allows remote attackers to obtain sensitive information by sniffing the network (CVE-2013-4350). net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not properly determine the need for UDP Fragmentation Offload (UFO) processing of small packets after the UFO queueing of a large packet, which allows remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via network traffic that triggers a large response packet (CVE-2013-4387). The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service (memory corruption and system crash) or possibly gain privileges via a crafted application that uses the UDP_CORK option in a setsockopt system call and sends both short and long packets, related to the ip_ufo_append_data function in net/ipv4/ip_output.c and the ip6_ufo_append_data function in net/ipv6/ip6_output.c (CVE-2013-4470). Buffer overflow in the oz_cdev_write function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted write operation. (CVE-2013-4513) Array index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value (CVE-2013-4587) The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via crafted modifications of the TMICT value. (CVE-2013-6367) The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address. (CVE-2013-6368) The recalculate_apic_map function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (host OS crash) via a crafted ICR write operation in x2apic mode. (CVE-2013-6376) The lbs_debugfs_write function in drivers/net/wireless/libertas/debugfs.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service (OOPS) by leveraging root privileges for a zero-length write operation. (CVE-2013-6378) The aac_send_raw_srb function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 3.12.1 does not properly validate a certain size value, which allows local users to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via an FSACTL_SEND_RAW_SRB ioctl call that triggers a crafted SRB command. (CVE-2013-6380) Buffer overflow in the qeth_snmp_command function in drivers/s390/net/qeth_core_main.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service or possibly have unspecified other impact via an SNMP ioctl call with a length value that is incompatible with the command-buffer size. (CVE-2013-6381) Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value, related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c. (CVE-2013-6382) The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAP_SYS_RAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call. (CVE-2013-6383) Other fixes: \\- xfs: add capability check to free eofblocks ioctl (CVE pending) \\- cpufreq: ondemand: Change the calculation of target frequency \\- ndiswrapper is updated to 1.59 Also with this update we provide updated graphical drivers, firmwares, tools and apps to provide better support for the new kernel (see the referenced srpms list for all packages) For other -stable fixes, read the referenced changelogs. \n", "cvss3": {}, "published": "2013-12-17T22:38:56", "type": "mageia", "title": "Updated kernel and related packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0343", "CVE-2013-1059", "CVE-2013-2140", "CVE-2013-2147", "CVE-2013-2851", "CVE-2013-2888", "CVE-2013-2889", "CVE-2013-2891", "CVE-2013-2892", "CVE-2013-2893", "CVE-2013-2894", "CVE-2013-2895", "CVE-2013-2896", "CVE-2013-2897", "CVE-2013-2898", "CVE-2013-2899", "CVE-2013-2929", "CVE-2013-2930", "CVE-2013-4162", "CVE-2013-4163", "CVE-2013-4254", "CVE-2013-4299", "CVE-2013-4348", "CVE-2013-4350", "CVE-2013-4387", "CVE-2013-4470", "CVE-2013-4513", "CVE-2013-4587", "CVE-2013-6367", "CVE-2013-6368", "CVE-2013-6376", "CVE-2013-6378", "CVE-2013-6380", "CVE-2013-6381", "CVE-2013-6382", "CVE-2013-6383"], "modified": "2013-12-17T22:38:56", "id": "MGASA-2013-0371", "href": "https://advisories.mageia.org/MGASA-2013-0371.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-04-18T11:19:34", "description": "This kernel-rt update provides an update to the 3.10 longterm branch, currently 3.10.24 and fixes the following security issues: The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.10 does not properly handle problems with the generation of IPv6 temporary addresses, which allows remote attackers to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information, via ICMPv6 Router Advertisement (RA) messages. (CVE-2013-0343) net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation. (CVE-2013-1059) The dispatch_discard_io function in drivers/block/xen-blkback/blkback.c in the Xen blkback implementation in the Linux kernel before 3.10.5 allows guest OS users to cause a denial of service (data loss) via filesystem write operations on a read-only disk that supports the (1) BLKIF_OP_DISCARD (aka discard or TRIM) or (2) SCSI UNMAP feature. (CVE-2013-2140) The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via (1) a crafted IDAGETPCIINFO command for a /dev/ida device, related to the ida_locked_ioctl function in drivers/block/cpqarray.c or (2) a crafted CCISS_PASSTHRU32 command for a /dev/cciss device, related to the cciss_ioctl32_passthru function in drivers/block/cciss.c. (CVE-2013-2147) Format string vulnerability in the register_disk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/md_mod/parameters/new_array in order to create a crafted /dev/md device name. (CVE-2013-2851) Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11 allow physically proximate attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted device that provides an invalid Report ID (CVE-2013-2888). drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_ZEROPLUS is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device (CVE-2013-2889). drivers/hid/hid-steelseries.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_STEELSERIES is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device. (CVE-2013-2891) drivers/hid/hid-pl.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_PANTHERLORD is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device (CVE-2013-2892). The Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device, related to (1) drivers/hid/hid-lgff.c, (2) drivers/hid/hid-lg3ff.c, and (3) drivers/hid/hid-lg4ff.c (CVE-2013-2893). drivers/hid/hid-lenovo-tpkbd.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_LENOVO_TPKBD is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device. (CVE-2013-2894) drivers/hid/hid-logitech-dj.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_LOGITECH_DJ is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) or obtain sensitive information from kernel memory via a crafted device (CVE-2013-2895). drivers/hid/hid-ntrig.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_NTRIG is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device (CVE-2013-2896). Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to cause a denial of service (heap memory corruption, or NULL pointer dereference and OOPS) via a crafted device (CVE-2013-2897). drivers/hid/hid-sensor-hub.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_SENSOR_HUB is enabled, allows physically proximate attackers to obtain sensitive information from kernel memory via a crafted device. (CVE-2013-2898) drivers/hid/hid-picolcd_core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_PICOLCD is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device (CVE-2013-2899). The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a crafted application, related to kernel/ptrace.c and arch/ia64/include/asm/processor.h (CVE-2013-2929) The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application. (CVE-2013-2930) The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call (CVE-2013-4162). The ip6_append_data_mtu function in net/ipv6/ip6_output.c in the IPv6 implementation in the Linux kernel through 3.10.3 does not properly maintain information about whether the IPV6_MTU setsockopt option had been specified, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call (CVE-2013-4163). The validate_event function in arch/arm/kernel/perf_event.c in the Linux kernel before 3.10.8 on the ARM platform allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by adding a hardware event to an event group led by a software event (CVE-2013-4254) Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device. (CVE-2013-4299) The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of a packet with IPIP encapsulation (CVE-2013-4348). The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended configuration of IPsec encryption, which allows remote attackers to obtain sensitive information by sniffing the network (CVE-2013-4350). net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not properly determine the need for UDP Fragmentation Offload (UFO) processing of small packets after the UFO queueing of a large packet, which allows remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via network traffic that triggers a large response packet (CVE-2013-4387). The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service (memory corruption and system crash) or possibly gain privileges via a crafted application that uses the UDP_CORK option in a setsockopt system call and sends both short and long packets, related to the ip_ufo_append_data function in net/ipv4/ip_output.c and the ip6_ufo_append_data function in net/ipv6/ip6_output.c (CVE-2013-4470). Buffer overflow in the oz_cdev_write function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted write operation. (CVE-2013-4513) Array index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value (CVE-2013-4587) The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via crafted modifications of the TMICT value. (CVE-2013-6367) The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address. (CVE-2013-6368) The recalculate_apic_map function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (host OS crash) via a crafted ICR write operation in x2apic mode. (CVE-2013-6376) The lbs_debugfs_write function in drivers/net/wireless/libertas/debugfs.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service (OOPS) by leveraging root privileges for a zero-length write operation. (CVE-2013-6378) The aac_send_raw_srb function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 3.12.1 does not properly validate a certain size value, which allows local users to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via an FSACTL_SEND_RAW_SRB ioctl call that triggers a crafted SRB command. (CVE-2013-6380) Buffer overflow in the qeth_snmp_command function in drivers/s390/net/qeth_core_main.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service or possibly have unspecified other impact via an SNMP ioctl call with a length value that is incompatible with the command-buffer size. (CVE-2013-6381) Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value, related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c. (CVE-2013-6382) The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAP_SYS_RAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call. (CVE-2013-6383) Other fixes: \\- xfs: add capability check to free eofblocks ioctl (CVE pending) \\- cpufreq: ondemand: Change the calculation of target frequency \\- the -rt patch has been updated to -rt20 For other -stable fixes, read the referenced changelogs. \n", "cvss3": {}, "published": "2013-12-17T23:27:56", "type": "mageia", "title": "Updated kernel-rt packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0343", "CVE-2013-1059", "CVE-2013-2140", "CVE-2013-2147", "CVE-2013-2851", "CVE-2013-2888", "CVE-2013-2889", "CVE-2013-2891", "CVE-2013-2892", "CVE-2013-2893", "CVE-2013-2894", "CVE-2013-2895", "CVE-2013-2896", "CVE-2013-2897", "CVE-2013-2898", "CVE-2013-2899", "CVE-2013-2929", "CVE-2013-2930", "CVE-2013-4162", "CVE-2013-4163", "CVE-2013-4254", "CVE-2013-4299", "CVE-2013-4348", "CVE-2013-4350", "CVE-2013-4387", "CVE-2013-4470", "CVE-2013-4513", "CVE-2013-4587", "CVE-2013-6367", "CVE-2013-6368", "CVE-2013-6376", "CVE-2013-6378", "CVE-2013-6380", "CVE-2013-6381", "CVE-2013-6382", "CVE-2013-6383"], "modified": "2013-12-17T23:27:56", "id": "MGASA-2013-0374", "href": "https://advisories.mageia.org/MGASA-2013-0374.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-04-18T11:19:34", "description": "This kernel-vserver update provides an update to the 3.10 longterm branch, currently 3.10.24 and fixes the following security issues: The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.10 does not properly handle problems with the generation of IPv6 temporary addresses, which allows remote attackers to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information, via ICMPv6 Router Advertisement (RA) messages. (CVE-2013-0343) net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation. (CVE-2013-1059) The dispatch_discard_io function in drivers/block/xen-blkback/blkback.c in the Xen blkback implementation in the Linux kernel before 3.10.5 allows guest OS users to cause a denial of service (data loss) via filesystem write operations on a read-only disk that supports the (1) BLKIF_OP_DISCARD (aka discard or TRIM) or (2) SCSI UNMAP feature. (CVE-2013-2140) The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via (1) a crafted IDAGETPCIINFO command for a /dev/ida device, related to the ida_locked_ioctl function in drivers/block/cpqarray.c or (2) a crafted CCISS_PASSTHRU32 command for a /dev/cciss device, related to the cciss_ioctl32_passthru function in drivers/block/cciss.c. (CVE-2013-2147) Format string vulnerability in the register_disk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/md_mod/parameters/new_array in order to create a crafted /dev/md device name. (CVE-2013-2851) Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11 allow physically proximate attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted device that provides an invalid Report ID (CVE-2013-2888). drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_ZEROPLUS is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device (CVE-2013-2889). drivers/hid/hid-steelseries.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_STEELSERIES is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device. (CVE-2013-2891) drivers/hid/hid-pl.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_PANTHERLORD is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device (CVE-2013-2892). The Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device, related to (1) drivers/hid/hid-lgff.c, (2) drivers/hid/hid-lg3ff.c, and (3) drivers/hid/hid-lg4ff.c (CVE-2013-2893). drivers/hid/hid-lenovo-tpkbd.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_LENOVO_TPKBD is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device. (CVE-2013-2894) drivers/hid/hid-logitech-dj.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_LOGITECH_DJ is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) or obtain sensitive information from kernel memory via a crafted device (CVE-2013-2895). drivers/hid/hid-ntrig.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_NTRIG is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device (CVE-2013-2896). Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to cause a denial of service (heap memory corruption, or NULL pointer dereference and OOPS) via a crafted device (CVE-2013-2897). drivers/hid/hid-sensor-hub.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_SENSOR_HUB is enabled, allows physically proximate attackers to obtain sensitive information from kernel memory via a crafted device. (CVE-2013-2898) drivers/hid/hid-picolcd_core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_PICOLCD is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device (CVE-2013-2899). The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a crafted application, related to kernel/ptrace.c and arch/ia64/include/asm/processor.h (CVE-2013-2929) The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application. (CVE-2013-2930) The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call (CVE-2013-4162). The ip6_append_data_mtu function in net/ipv6/ip6_output.c in the IPv6 implementation in the Linux kernel through 3.10.3 does not properly maintain information about whether the IPV6_MTU setsockopt option had been specified, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call (CVE-2013-4163). The validate_event function in arch/arm/kernel/perf_event.c in the Linux kernel before 3.10.8 on the ARM platform allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by adding a hardware event to an event group led by a software event (CVE-2013-4254) Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device. (CVE-2013-4299) The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of a packet with IPIP encapsulation (CVE-2013-4348). The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended configuration of IPsec encryption, which allows remote attackers to obtain sensitive information by sniffing the network (CVE-2013-4350). net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not properly determine the need for UDP Fragmentation Offload (UFO) processing of small packets after the UFO queueing of a large packet, which allows remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via network traffic that triggers a large response packet (CVE-2013-4387). The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service (memory corruption and system crash) or possibly gain privileges via a crafted application that uses the UDP_CORK option in a setsockopt system call and sends both short and long packets, related to the ip_ufo_append_data function in net/ipv4/ip_output.c and the ip6_ufo_append_data function in net/ipv6/ip6_output.c (CVE-2013-4470). Buffer overflow in the oz_cdev_write function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted write operation. (CVE-2013-4513) Array index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value (CVE-2013-4587) The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via crafted modifications of the TMICT value. (CVE-2013-6367) The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address. (CVE-2013-6368) The recalculate_apic_map function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (host OS crash) via a crafted ICR write operation in x2apic mode. (CVE-2013-6376) The lbs_debugfs_write function in drivers/net/wireless/libertas/debugfs.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service (OOPS) by leveraging root privileges for a zero-length write operation. (CVE-2013-6378) The aac_send_raw_srb function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 3.12.1 does not properly validate a certain size value, which allows local users to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via an FSACTL_SEND_RAW_SRB ioctl call that triggers a crafted SRB command. (CVE-2013-6380) Buffer overflow in the qeth_snmp_command function in drivers/s390/net/qeth_core_main.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service or possibly have unspecified other impact via an SNMP ioctl call with a length value that is incompatible with the command-buffer size. (CVE-2013-6381) Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value, related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c. (CVE-2013-6382) The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAP_SYS_RAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call. (CVE-2013-6383) Other fixes: \\- xfs: add capability check to free eofblocks ioctl (CVE pending) \\- cpufreq: ondemand: Change the calculation of target frequency \\- the vserver patch has been updated to vs2.3.6.8. For other -stable fixes, read the referenced changelogs. \n", "cvss3": {}, "published": "2013-12-17T23:30:54", "type": "mageia", "title": "Updated kernel-vserver packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0343", "CVE-2013-1059", "CVE-2013-2140", "CVE-2013-2147", "CVE-2013-2851", "CVE-2013-2888", "CVE-2013-2889", "CVE-2013-2891", "CVE-2013-2892", "CVE-2013-2893", "CVE-2013-2894", "CVE-2013-2895", "CVE-2013-2896", "CVE-2013-2897", "CVE-2013-2898", "CVE-2013-2899", "CVE-2013-2929", "CVE-2013-2930", "CVE-2013-4162", "CVE-2013-4163", "CVE-2013-4254", "CVE-2013-4299", "CVE-2013-4348", "CVE-2013-4350", "CVE-2013-4387", "CVE-2013-4470", "CVE-2013-4513", "CVE-2013-4587", "CVE-2013-6367", "CVE-2013-6368", "CVE-2013-6376", "CVE-2013-6378", "CVE-2013-6380", "CVE-2013-6381", "CVE-2013-6382", "CVE-2013-6383"], "modified": "2013-12-17T23:30:54", "id": "MGASA-2013-0375", "href": "https://advisories.mageia.org/MGASA-2013-0375.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-04-18T11:19:34", "description": "This kernel-tmb update provides an update to the 3.10 longterm branch, currently 3.10.24 and fixes the following security issues: The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.10 does not properly handle problems with the generation of IPv6 temporary addresses, which allows remote attackers to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information, via ICMPv6 Router Advertisement (RA) messages. (CVE-2013-0343) net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation. (CVE-2013-1059) The dispatch_discard_io function in drivers/block/xen-blkback/blkback.c in the Xen blkback implementation in the Linux kernel before 3.10.5 allows guest OS users to cause a denial of service (data loss) via filesystem write operations on a read-only disk that supports the (1) BLKIF_OP_DISCARD (aka discard or TRIM) or (2) SCSI UNMAP feature. (CVE-2013-2140) The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via (1) a crafted IDAGETPCIINFO command for a /dev/ida device, related to the ida_locked_ioctl function in drivers/block/cpqarray.c or (2) a crafted CCISS_PASSTHRU32 command for a /dev/cciss device, related to the cciss_ioctl32_passthru function in drivers/block/cciss.c. (CVE-2013-2147) Format string vulnerability in the register_disk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/md_mod/parameters/new_array in order to create a crafted /dev/md device name. (CVE-2013-2851) Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11 allow physically proximate attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted device that provides an invalid Report ID (CVE-2013-2888). drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_ZEROPLUS is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device (CVE-2013-2889). drivers/hid/hid-steelseries.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_STEELSERIES is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device. (CVE-2013-2891) drivers/hid/hid-pl.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_PANTHERLORD is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device (CVE-2013-2892). The Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device, related to (1) drivers/hid/hid-lgff.c, (2) drivers/hid/hid-lg3ff.c, and (3) drivers/hid/hid-lg4ff.c (CVE-2013-2893). drivers/hid/hid-lenovo-tpkbd.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_LENOVO_TPKBD is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device. (CVE-2013-2894) drivers/hid/hid-logitech-dj.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_LOGITECH_DJ is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) or obtain sensitive information from kernel memory via a crafted device (CVE-2013-2895). drivers/hid/hid-ntrig.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_NTRIG is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device (CVE-2013-2896). Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to cause a denial of service (heap memory corruption, or NULL pointer dereference and OOPS) via a crafted device (CVE-2013-2897). drivers/hid/hid-sensor-hub.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_SENSOR_HUB is enabled, allows physically proximate attackers to obtain sensitive information from kernel memory via a crafted device. (CVE-2013-2898) drivers/hid/hid-picolcd_core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_PICOLCD is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device (CVE-2013-2899). The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a crafted application, related to kernel/ptrace.c and arch/ia64/include/asm/processor.h (CVE-2013-2929) The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application. (CVE-2013-2930) The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call (CVE-2013-4162). The ip6_append_data_mtu function in net/ipv6/ip6_output.c in the IPv6 implementation in the Linux kernel through 3.10.3 does not properly maintain information about whether the IPV6_MTU setsockopt option had been specified, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call (CVE-2013-4163). The validate_event function in arch/arm/kernel/perf_event.c in the Linux kernel before 3.10.8 on the ARM platform allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by adding a hardware event to an event group led by a software event (CVE-2013-4254) Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device. (CVE-2013-4299) The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of a packet with IPIP encapsulation (CVE-2013-4348). The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended configuration of IPsec encryption, which allows remote attackers to obtain sensitive information by sniffing the network (CVE-2013-4350). net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not properly determine the need for UDP Fragmentation Offload (UFO) processing of small packets after the UFO queueing of a large packet, which allows remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via network traffic that triggers a large response packet (CVE-2013-4387). The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service (memory corruption and system crash) or possibly gain privileges via a crafted application that uses the UDP_CORK option in a setsockopt system call and sends both short and long packets, related to the ip_ufo_append_data function in net/ipv4/ip_output.c and the ip6_ufo_append_data function in net/ipv6/ip6_output.c (CVE-2013-4470). Buffer overflow in the oz_cdev_write function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted write operation. (CVE-2013-4513) Array index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value (CVE-2013-4587) The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via crafted modifications of the TMICT value. (CVE-2013-6367) The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address. (CVE-2013-6368) The recalculate_apic_map function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (host OS crash) via a crafted ICR write operation in x2apic mode. (CVE-2013-6376) The lbs_debugfs_write function in drivers/net/wireless/libertas/debugfs.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service (OOPS) by leveraging root privileges for a zero-length write operation. (CVE-2013-6378) The aac_send_raw_srb function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 3.12.1 does not properly validate a certain size value, which allows local users to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via an FSACTL_SEND_RAW_SRB ioctl call that triggers a crafted SRB command. (CVE-2013-6380) Buffer overflow in the qeth_snmp_command function in drivers/s390/net/qeth_core_main.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service or possibly have unspecified other impact via an SNMP ioctl call with a length value that is incompatible with the command-buffer size. (CVE-2013-6381) Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value, related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c. (CVE-2013-6382) The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAP_SYS_RAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call. (CVE-2013-6383) Other fixes: \\- xfs: add capability check to free eofblocks ioctl (CVE pending) \\- cpufreq: ondemand: Change the calculation of target frequency \\- ndiswrapper is updated to 1.59 For other -stable fixes, read the referenced changelogs. \n", "cvss3": {}, "published": "2013-12-17T23:24:11", "type": "mageia", "title": "Updated kernel-tmb packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0343", "CVE-2013-1059", "CVE-2013-2140", "CVE-2013-2147", "CVE-2013-2851", "CVE-2013-2888", "CVE-2013-2889", "CVE-2013-2891", "CVE-2013-2892", "CVE-2013-2893", "CVE-2013-2894", "CVE-2013-2895", "CVE-2013-2896", "CVE-2013-2897", "CVE-2013-2898", "CVE-2013-2899", "CVE-2013-2929", "CVE-2013-2930", "CVE-2013-4162", "CVE-2013-4163", "CVE-2013-4254", "CVE-2013-4299", "CVE-2013-4348", "CVE-2013-4350", "CVE-2013-4387", "CVE-2013-4470", "CVE-2013-4513", "CVE-2013-4587", "CVE-2013-6367", "CVE-2013-6368", "CVE-2013-6376", "CVE-2013-6378", "CVE-2013-6380", "CVE-2013-6381", "CVE-2013-6382", "CVE-2013-6383"], "modified": "2013-12-17T23:24:11", "id": "MGASA-2013-0373", "href": "https://advisories.mageia.org/MGASA-2013-0373.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}]}