SOL17326 - Linux kernel vulnerability CVE-2015-5157
2015-09-25T00:00:00
ID SOL17326 Type f5 Reporter f5 Modified 2015-09-25T00:00:00
Description
Recommended Action
If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.
F5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.
To mitigate this vulnerability for affected F5 products, you should only permit management access to F5 products over a secure network and limit shell access to trusted users.
Supplemental Information
SOL9970: Subscribing to email notifications regarding F5 products
SOL9957: Creating a custom RSS feed to view new and updated documents
SOL4918: Overview of the F5 critical issue hotfix policy
{"reporter": "f5", "published": "2015-09-25T00:00:00", "cvelist": ["CVE-2015-5157"], "viewCount": 10, "objectVersion": "1.2", "type": "f5", "hash": "76bfa7eb737cd2dccb197654a04981b94f5319affe9896fc51d628f583b5818e", "href": "http://support.f5.com/kb/en-us/solutions/public/17000/300/sol17326.html", "bulletinFamily": "software", "hashmap": [{"hash": "1f6a81dedc676260e8ad11f0db61294d", "key": "affectedSoftware"}, {"hash": "f9fa10ba956cacf91d7878861139efb9", "key": "bulletinFamily"}, {"hash": "60187d08effa1de518781258f4c0cd4a", "key": "cvelist"}, {"hash": "cfd16da9581e0c21db590e40dfd9e493", "key": "cvss"}, {"hash": "650ae76274dc7c92b07b76127f9554dd", "key": "description"}, {"hash": "2cd42d94bcb7bcdef2281dd3a8c7876e", "key": "href"}, {"hash": "3f62353c8be70b7df63c779b81f8ca58", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "3f62353c8be70b7df63c779b81f8ca58", "key": "published"}, {"hash": "a0de7a2ba4315e39326439c795054391", "key": "references"}, {"hash": "74ce2e1a498f2fa27b5542040be774dc", "key": "reporter"}, {"hash": "798bfadd9b7521cfdeca20af1214804b", "key": "title"}, {"hash": "74ce2e1a498f2fa27b5542040be774dc", "key": "type"}, {"hash": "cfcd208495d565ef66e7dff9f98764da", "key": "viewCount"}], "history": [], "enchantments": {"score": {"vector": "NONE", "value": 5.0}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2015-5157"]}, {"type": "f5", "idList": ["F5:K17326"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122886", "OPENVAS:1361412562310882482", "OPENVAS:1361412562310122929", "OPENVAS:1361412562310122884", "OPENVAS:1361412562310882396", "OPENVAS:1361412562310871606", "OPENVAS:1361412562310871558", "OPENVAS:1361412562310842396", "OPENVAS:1361412562310842399", "OPENVAS:1361412562310842388"]}, {"type": "nessus", "idList": ["ORACLEVM_OVMSA-2016-0014.NASL", "ORACLELINUX_ELSA-2016-3519.NASL", "F5_BIGIP_SOL17326.NASL", "SL_20160504_KERNEL_ON_SL6_X.NASL", "REDHAT-RHSA-2016-0212.NASL", "ORACLELINUX_ELSA-2016-0185.NASL", "CENTOS_RHSA-2016-0715.NASL", "ORACLELINUX_ELSA-2016-0715.NASL", "CENTOS_RHSA-2016-0185.NASL", "REDHAT-RHSA-2016-0715.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2016-3519", "ELSA-2016-0715", "ELSA-2016-0185", "ELSA-2018-4020", "ELSA-2018-4022", "ELSA-2016-0855", "ELSA-2018-4109", "ELSA-2018-4110"]}, {"type": "redhat", "idList": ["RHSA-2016:0224", "RHSA-2016:0212", "RHSA-2016:0715", "RHSA-2016:0185"]}, {"type": "centos", "idList": ["CESA-2016:0185", "CESA-2016:0715"]}, {"type": "ubuntu", "idList": ["USN-2688-1", "USN-2690-1", "USN-2691-1", "USN-2689-1", "USN-2687-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3313-1:00F99"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:32352", "SECURITYVULNS:VULN:14579"]}, {"type": "suse", "idList": ["SUSE-SU-2015:1727-1", "SUSE-SU-2016:0354-1", "SUSE-SU-2015:2108-1", "SUSE-SU-2015:2339-1", "SUSE-SU-2015:2350-1", "OPENSUSE-SU-2016:0318-1", "OPENSUSE-SU-2016:0301-1"]}], "modified": "2016-09-26T17:23:26"}, "vulnersScore": 5.0}, "modified": "2015-09-25T00:00:00", "title": "SOL17326 - Linux kernel vulnerability CVE-2015-5157", "cvss": {"vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/", "score": 7.2}, "lastseen": "2016-09-26T17:23:26", "edition": 1, "description": "Recommended Action\n\nIf you are running a version listed in the** Versions known to be vulnerable **column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability for affected F5 products, you should only permit management access to F5 products over a secure network and limit shell access to trusted users.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x - 12.x)\n * SOL10025: Managing BIG-IP product hotfixes (10.x)\n * SOL9502: BIG-IP hotfix matrix\n", "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html", "https://support.f5.com/kb/en-us/solutions/public/9000/500/sol9502.html", "https://support.f5.com/kb/en-us/solutions/public/13000/100/sol13123", "https://support.f5.com/kb/en-us/solutions/public/10000/000/sol10025.html", "https://support.f5.com/kb/en-us/solutions/public/0000/100/sol167.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "id": "SOL17326", "affectedSoftware": [{"version": "10.2.4", "name": "BIG-IP PSM", "operator": "le"}, {"version": "12.0.0", "name": "BIG-IP AAM", "operator": "le"}, {"version": "12.0.0", "name": "BIG-IP AFM", "operator": "le"}, {"version": "12.0.0", "name": "BIG-IP APM", "operator": "le"}, {"version": "11.6.0", "name": "BIG-IP Link Controller", "operator": "le"}, {"version": "4.5.0", "name": "BIG-IQ Device", "operator": "le"}, {"version": "11.6.0", "name": "BIG-IP GTM", "operator": "le"}, {"version": "11.6.0", "name": "BIG-IP PEM", "operator": "le"}, {"version": "3.1.1", "name": "Enterprise Manager", "operator": "le"}, {"version": "10.2.4", "name": "BIG-IP APM", "operator": "le"}, {"version": "12.0.0", "name": "BIG-IP DNS\n", "operator": "le"}, {"version": "11.6.0", "name": "BIG-IP Analytics", "operator": "le"}, {"version": "11.3.0", "name": "BIG-IP WebAccelerator", "operator": "le"}, {"version": "12.0.0", "name": "BIG-IP Analytics", "operator": "le"}, {"version": "11.6.0", "name": "BIG-IP ASM", "operator": "le"}, {"version": "11.3.0", "name": "BIG-IP Edge Gateway\n", "operator": "le"}, {"version": "4.4.0", "name": "Traffix SDC", "operator": "le"}, {"version": "10.2.4", "name": "BIG-IP LTM", "operator": "le"}, {"version": "11.4.1", "name": "BIG-IP PSM", "operator": "le"}, {"version": "11.6.0", "name": "BIG-IP LTM", "operator": "le"}, {"version": "11.6.0", "name": "BIG-IP AAM", "operator": "le"}, {"version": "10.2.4", "name": "BIG-IP ASM", "operator": "le"}, {"version": "10.2.4", "name": "BIG-IP WebAccelerator", "operator": "le"}, {"version": "12.0.0", "name": "BIG-IP PEM", "operator": "le"}, {"version": "10.2.4", "name": "BIG-IP Link Controller", "operator": "le"}, {"version": "11.6.0", "name": "BIG-IP AFM", "operator": "le"}, {"version": "4.5.0", "name": "BIG-IQ Cloud", "operator": "le"}, {"version": "11.6.0", "name": "BIG-IP APM", "operator": "le"}, {"version": "12.0.0", "name": "BIG-IP Link Controller", "operator": "le"}, {"version": "10.2.4", "name": "BIG-IP WOM", "operator": "le"}, {"version": "4.5.0", "name": "BIG-IQ Security", "operator": "le"}, {"version": "10.2.4", "name": "BIG-IP GTM", "operator": "le"}, {"version": "12.0.0", "name": "BIG-IP LTM", "operator": "le"}, {"version": "4.5.0", "name": "BIG-IQ ADC", "operator": "le"}, {"version": "11.3.0", "name": "BIG-IP WOM", "operator": "le"}, {"version": "3.5.1", "name": "Traffix SDC", "operator": "le"}, {"version": "10.2.4", "name": "BIG-IP Edge Gateway\n", "operator": "le"}, {"version": "12.0.0", "name": "BIG-IP ASM", "operator": "le"}]}
{"cve": [{"lastseen": "2017-04-18T15:57:28", "bulletinFamily": "NVD", "description": "arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI.", "modified": "2016-12-21T21:59:59", "published": "2015-08-31T06:59:11", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5157", "id": "CVE-2015-5157", "title": "CVE-2015-5157", "type": "cve", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "f5": [{"lastseen": "2019-02-20T21:07:46", "bulletinFamily": "software", "description": "\nF5 Product Development has assigned ID 547962 (BIG-IP), ID 548085 (BIG-IQ), ID 548087 (Enterprise Manager), and INSTALLER-1837 (Traffix SDC) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability. Addditionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H547380 on the **Diagnostics** > **Identified** > **Medium** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| 12.0.0 - 12.1.1 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| 12.1.2| Medium| Linux kernel \nBIG-IP AAM| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.0| 12.1.2| Medium| Linux kernel \nBIG-IP AFM| 12.0.0 - 12.1.1 \n11.3.0 - 11.6.0| 12.1.2| Medium| Linux kernel \nBIG-IP Analytics| 12.0.0 - 12.1.1 \n11.0.0 - 11.6.0| 12.1.2| Medium| Linux kernel \nBIG-IP APM| 12.0.0 - 12.1.1 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| 12.1.2| Medium| Linux kernel \nBIG-IP ASM| 12.0.0 - 12.1.1 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| 12.1.2| Medium| Linux kernel \nBIG-IP DNS| 12.0.0 - 12.1.1| 12.1.2| Medium| Linux kernel \nBIG-IP Edge Gateway| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| None| Medium| Linux kernel \nBIG-IP GTM| 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| None| Medium| Linux kernel \nBIG-IP Link Controller| 12.0.0 - 12.1.1 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| 12.1.2| Medium| Linux kernel \nBIG-IP PEM| 12.0.0 - 12.1.1 \n11.3.0 - 11.6.0| 12.1.2| Medium| Linux kernel \nBIG-IP PSM| 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4| None| Medium| Linux kernel \nBIG-IP WebAccelerator| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| None| Medium| Linux kernel \nBIG-IP WOM| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| None| Medium| Linux kernel \nARX| None| 6.0.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| 3.0.0 - 3.1.1| None| Medium| Linux kernel \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| Not vulnerable| None \nBIG-IQ Cloud| 4.0.0 - 4.5.0| None| Medium| Linux kernel \nBIG-IQ Device| 4.2.0 - 4.5.0| None| Medium| Linux kernel \nBIG-IQ Security| 4.0.0 - 4.5.0| None| Medium| Linux kernel \nBIG-IQ ADC| 4.5.0| None| Medium| Linux kernel \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1| None| Low| Linux kernel\n\nIf you are running a version listed in the** Versions known to be vulnerable **column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo mitigate this vulnerability for affected F5 products, you should only permit management access to F5 products over a secure network and limit shell access to trusted users.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "modified": "2017-01-24T21:51:00", "published": "2015-09-25T21:54:00", "id": "F5:K17326", "href": "https://support.f5.com/csp/article/K17326", "title": "Linux kernel vulnerability CVE-2015-5157", "type": "f5", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-09-28T18:22:53", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2016-3519", "modified": "2018-09-28T00:00:00", "published": "2016-02-22T00:00:00", "id": "OPENVAS:1361412562310122886", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122886", "title": "Oracle Linux Local Check: ELSA-2016-3519", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2016-3519.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122886\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2016-02-22 07:34:20 +0200 (Mon, 22 Feb 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2016-3519\");\n script_tag(name:\"insight\", value:\"ELSA-2016-3519 - Unbreakable Enterprise kernel security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2016-3519\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2016-3519.html\");\n script_cve_id(\"CVE-2015-5157\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(7|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"dtrace-modules\", rpm:\"dtrace-modules~3.8.13~118.3.2.el7uek~0.4.5~3.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~3.8.13~118.3.2.el7uek\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~3.8.13~118.3.2.el7uek\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~3.8.13~118.3.2.el7uek\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~3.8.13~118.3.2.el7uek\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~3.8.13~118.3.2.el7uek\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~3.8.13~118.3.2.el7uek\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"dtrace-modules\", rpm:\"dtrace-modules~3.8.13~118.3.2.el6uek~0.4.5~3.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~3.8.13~118.3.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~3.8.13~118.3.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~3.8.13~118.3.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~3.8.13~118.3.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~3.8.13~118.3.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~3.8.13~118.3.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-28T18:22:32", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2016-0185", "modified": "2018-09-28T00:00:00", "published": "2016-02-18T00:00:00", "id": "OPENVAS:1361412562310122884", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122884", "title": "Oracle Linux Local Check: ELSA-2016-0185", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2016-0185.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122884\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2016-02-18 07:27:24 +0200 (Thu, 18 Feb 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2016-0185\");\n script_tag(name:\"insight\", value:\"ELSA-2016-0185 - kernel security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2016-0185\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2016-0185.html\");\n script_cve_id(\"CVE-2015-7872\", \"CVE-2015-5157\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~327.10.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~3.10.0~327.10.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~327.10.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~327.10.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~327.10.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~3.10.0~327.10.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~327.10.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~327.10.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~327.10.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~327.10.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~327.10.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~327.10.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:47:26", "bulletinFamily": "scanner", "description": "Check the version of kernel", "modified": "2017-07-10T00:00:00", "published": "2016-05-06T00:00:00", "id": "OPENVAS:1361412562310882482", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882482", "title": "CentOS Update for kernel CESA-2016:0715 centos6 ", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2016:0715 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882482\");\n script_version(\"$Revision: 6658 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:51:48 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-06 15:29:06 +0530 (Fri, 06 May 2016)\");\n script_cve_id(\"CVE-2015-5157\", \"CVE-2015-8767\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for kernel CESA-2016:0715 centos6 \");\n script_tag(name: \"summary\", value: \"Check the version of kernel\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help \nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The kernel packages contain the Linux kernel, \nthe core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A flaw was found in the way the Linux kernel handled IRET faults during\nthe processing of NMIs. An unprivileged, local user could use this flaw to\ncrash the system or, potentially (although highly unlikely), escalate their\nprivileges on the system. (CVE-2015-5157, Moderate)\n\n* A race condition flaw was found in the way the Linux kernel's SCTP\nimplementation handled sctp_accept() during the processing of heartbeat\ntimeout events. A remote attacker could use this flaw to prevent further\nconnections to be accepted by the SCTP server running on the system,\nresulting in a denial of service. (CVE-2015-8767, Moderate)\n\nBug Fix(es):\n\n* When the nvme driver held the queue lock for too long, for example during\nDMA mapping, a lockup occurred leading to nvme hard-lockup panic. This\nupdate fixes the underlying source code, and nvme now works as\nexpected.(BZ#1314209)\n\n* Due to a regression, a Unix domain datagram socket could come to a\ndeadlock when sending a datagram to itself. The provided patch adds another\n'sk' check to the unix_dgram_sendmsg() function, and the aforementioned\ndeadlock no longer occurs. (BZ#1315696)\n\n* Previously, writing a large file using direct I/O in 16 MB chunks\nsometimes caused a pathological allocation pattern where 16 MB chunks of\nlarge free extent were allocated to a file in reversed order. The provided\npatch avoids the backward allocation, and writing a large file using direct\nI/O now proceeds successfully. (BZ#1320031)\n\n* MD RAID1 devices that repeatedly became hot removed and re-added could\nbecome mismatched due to a race condition. This caused them to return stale\ndata, leading to data corruption. The provided set of patches fixes this\nbug, and hot removals and re-additions of md devices now work as expected.\n(BZ#1320863)\n\n* A couple of previous fixes caused a deadlock on the 'rq' lock leading to\na kernel panic on CPU 0. The provided set of patches reverts the relevant\ncommits, thus preventing the panic from occurring. (BZ#1326043)\n\nEnhancement(s):\n\n* VLAN support has been updated to integrate some of the latest upstream\nfeatures. This update also makes sure that Null pointer crashes related to\nVLAN support in bonding mode no longer occur and that tag stripping and\ninsertion work as expected. (BZ#1315706)\n\n* This update adds additional model numbers for Broadwell to perf.\n(BZ#1320035)\n\");\n script_tag(name: \"affected\", value: \"kernel on CentOS 6\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"CESA\", value: \"2016:0715\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2016-May/021858.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~573.26.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~573.26.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~573.26.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~573.26.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~573.26.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~573.26.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~573.26.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~573.26.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~573.26.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~2.6.32~573.26.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-12T12:38:06", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2016-0715", "modified": "2018-10-12T00:00:00", "published": "2016-05-09T00:00:00", "id": "OPENVAS:1361412562310122929", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122929", "title": "Oracle Linux Local Check: ELSA-2016-0715", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2016-0715.nasl 11856 2018-10-12 07:45:29Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.fi>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.fi\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122929\");\n script_version(\"$Revision: 11856 $\");\n script_tag(name:\"creation_date\", value:\"2016-05-09 14:24:46 +0300 (Mon, 09 May 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 09:45:29 +0200 (Fri, 12 Oct 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2016-0715\");\n script_tag(name:\"insight\", value:\"ELSA-2016-0715 - kernel security, bug fix, and enhancement update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2016-0715\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2016-0715.html\");\n script_cve_id(\"CVE-2015-5157\", \"CVE-2015-8767\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~573.26.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~573.26.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~573.26.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~573.26.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~573.26.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~573.26.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~573.26.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~573.26.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~573.26.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~2.6.32~573.26.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-23T15:10:54", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2016-05-06T00:00:00", "id": "OPENVAS:1361412562310871606", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871606", "title": "RedHat Update for kernel RHSA-2016:0715-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2016:0715-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871606\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-06 15:29:35 +0530 (Fri, 06 May 2016)\");\n script_cve_id(\"CVE-2015-5157\", \"CVE-2015-8767\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for kernel RHSA-2016:0715-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel,\nthe core of any Linux operating system.\n\nSecurity Fix(es):\n\n * A flaw was found in the way the Linux kernel handled IRET faults during\nthe processing of NMIs. An unprivileged, local user could use this flaw to\ncrash the system or, potentially (although highly unlikely), escalate their\nprivileges on the system. (CVE-2015-5157, Moderate)\n\n * A race condition flaw was found in the way the Linux kernel's SCTP\nimplementation handled sctp_accept() during the processing of heartbeat\ntimeout events. A remote attacker could use this flaw to prevent further\nconnections to be accepted by the SCTP server running on the system,\nresulting in a denial of service. (CVE-2015-8767, Moderate)\n\nBug Fix(es):\n\n * When the nvme driver held the queue lock for too long, for example during\nDMA mapping, a lockup occurred leading to nvme hard-lockup panic. This\nupdate fixes the underlying source code, and nvme now works as\nexpected.(BZ#1314209)\n\n * Due to a regression, a Unix domain datagram socket could come to a\ndeadlock when sending a datagram to itself. The provided patch adds another\n'sk' check to the unix_dgram_sendmsg() function, and the aforementioned\ndeadlock no longer occurs. (BZ#1315696)\n\n * Previously, writing a large file using direct I/O in 16 MB chunks\nsometimes caused a pathological allocation pattern where 16 MB chunks of\nlarge free extent were allocated to a file in reversed order. The provided\npatch avoids the backward allocation, and writing a large file using direct\nI/O now proceeds successfully. (BZ#1320031)\n\n * MD RAID1 devices that repeatedly became hot removed and re-added could\nbecome mismatched due to a race condition. This caused them to return stale\ndata, leading to data corruption. The provided set of patches fixes this\nbug, and hot removals and re-additions of md devices now work as expected.\n(BZ#1320863)\n\n * A couple of previous fixes caused a deadlock on the 'rq' lock leading to\na kernel panic on CPU 0. The provided set of patches reverts the relevant\ncommits, thus preventing the panic from occurring. (BZ#1326043)\n\nEnhancement(s):\n\n * VLAN support has been updated to integrate some of the latest upstream\nfeatures. This update also makes sure that Null pointer crashes related to\nVLAN support in bonding mode no longer occur and that tag stripping and\ninsertion work as expected. (BZ#1315706)\n\n * This update adds additional model numbers for Broadwell to perf.\n(BZ#1320035)\");\n script_tag(name:\"affected\", value:\"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2016:0715-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2016-May/msg00007.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~573.26.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~573.26.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~573.26.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~573.26.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~573.26.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~573.26.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~573.26.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~573.26.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~573.26.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~2.6.32~573.26.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~2.6.32~573.26.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~573.26.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~573.26.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~573.26.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~573.26.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-23T15:10:17", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2016-02-17T00:00:00", "id": "OPENVAS:1361412562310871558", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871558", "title": "RedHat Update for kernel RHSA-2016:0185-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2016:0185-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871558\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-02-17 06:26:00 +0100 (Wed, 17 Feb 2016)\");\n script_cve_id(\"CVE-2015-5157\", \"CVE-2015-7872\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for kernel RHSA-2016:0185-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel,\nthe core of any Linux operating system.\n\n * It was found that the Linux kernel's keys subsystem did not correctly\ngarbage collect uninstantiated keyrings. A local attacker could use this\nflaw to crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2015-7872, Important)\n\n * A flaw was found in the way the Linux kernel handled IRET faults during\nthe processing of NMIs. An unprivileged, local user could use this flaw to\ncrash the system or, potentially (although highly unlikely), escalate their\nprivileges on the system. (CVE-2015-5157, Moderate)\n\nThis update also fixes the following bugs:\n\n * Previously, processing packets with a lot of different IPv6 source\naddresses caused the kernel to return warnings concerning soft-lockups due\nto high lock contention and latency increase. With this update, lock\ncontention is reduced by backing off concurrent waiting threads on the\nlock. As a result, the kernel no longer issues warnings in the described\nscenario. (BZ#1285370)\n\n * Prior to this update, block device readahead was artificially limited.\nAs a consequence, the read performance was poor, especially on RAID\ndevices. Now, per-device readahead limits are used for each device instead\nof a global limit. As a result, read performance has improved, especially\non RAID devices. (BZ#1287550)\n\n * After injecting an EEH error, the host was previously not recovering and\nobserving I/O hangs in HTX tool logs. This update makes sure that when one\nor both of EEH_STATE_MMIO_ACTIVE and EEH_STATE_MMIO_ENABLED flags is marked\nin the PE state, the PE's IO path is regarded as enabled as well. As a\nresult, the host no longer hangs and recovers as expected. (BZ#1289101)\n\n * The genwqe device driver was previously using the GFP_ATOMIC flag for\nallocating consecutive memory pages from the kernel's atomic memory pool,\neven in non-atomic situations. This could lead to allocation failures\nduring memory pressure. With this update, the genwqe driver's memory\nallocations use the GFP_KERNEL flag, and the driver can allocate memory\neven during memory pressure situations. (BZ#1289450)\n\n * The nx842 co-processor for IBM Power Systems could in some circumstances\nprovide invalid data due to a data corruption bug during uncompression.\nWith this update, all compression and uncompression calls to the nx842\nco-processor contain a cyclic redundancy check (CRC) flag, which forces all\ncompression and uncompression operations to check data integrity and\nprevents the co-processor from providing corrupted data. (BZ#1289451)\n\n * A failed 'updatepp' operation ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"kernel on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2016:0185-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2016-February/msg00026.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~3.10.0~327.10.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~3.10.0~327.10.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~327.10.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~327.10.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~3.10.0~327.10.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~327.10.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~3.10.0~327.10.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~3.10.0~327.10.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~327.10.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~327.10.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~327.10.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-debuginfo\", rpm:\"kernel-tools-debuginfo~3.10.0~327.10.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~327.10.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~327.10.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~3.10.0~327.10.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~327.10.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~3.10.0~327.10.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:48:53", "bulletinFamily": "scanner", "description": "Check the version of kernel", "modified": "2017-07-10T00:00:00", "published": "2016-02-17T00:00:00", "id": "OPENVAS:1361412562310882396", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882396", "title": "CentOS Update for kernel CESA-2016:0185 centos7 ", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2016:0185 centos7 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882396\");\n script_version(\"$Revision: 6658 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:51:48 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-02-17 06:27:32 +0100 (Wed, 17 Feb 2016)\");\n script_cve_id(\"CVE-2015-5157\", \"CVE-2015-7872\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for kernel CESA-2016:0185 centos7 \");\n script_tag(name: \"summary\", value: \"Check the version of kernel\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help \nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The kernel packages contain the Linux \nkernel, the core of any Linux operating system.\n\n* It was found that the Linux kernel's keys subsystem did not correctly\ngarbage collect uninstantiated keyrings. A local attacker could use this\nflaw to crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2015-7872, Important)\n\n* A flaw was found in the way the Linux kernel handled IRET faults during\nthe processing of NMIs. An unprivileged, local user could use this flaw to\ncrash the system or, potentially (although highly unlikely), escalate their\nprivileges on the system. (CVE-2015-5157, Moderate)\n\nThis update also fixes the following bugs:\n\n* Previously, processing packets with a lot of different IPv6 source\naddresses caused the kernel to return warnings concerning soft-lockups due\nto high lock contention and latency increase. With this update, lock\ncontention is reduced by backing off concurrent waiting threads on the\nlock. As a result, the kernel no longer issues warnings in the described\nscenario. (BZ#1285370)\n\n* Prior to this update, block device readahead was artificially limited.\nAs a consequence, the read performance was poor, especially on RAID\ndevices. Now, per-device readahead limits are used for each device instead\nof a global limit. As a result, read performance has improved, especially\non RAID devices. (BZ#1287550)\n\n* After injecting an EEH error, the host was previously not recovering and\nobserving I/O hangs in HTX tool logs. This update makes sure that when one\nor both of EEH_STATE_MMIO_ACTIVE and EEH_STATE_MMIO_ENABLED flags is marked\nin the PE state, the PE's IO path is regarded as enabled as well. As a\nresult, the host no longer hangs and recovers as expected. (BZ#1289101)\n\n* The genwqe device driver was previously using the GFP_ATOMIC flag for\nallocating consecutive memory pages from the kernel's atomic memory pool,\neven in non-atomic situations. This could lead to allocation failures\nduring memory pressure. With this update, the genwqe driver's memory\nallocations use the GFP_KERNEL flag, and the driver can allocate memory\neven during memory pressure situations. (BZ#1289450)\n\n* The nx842 co-processor for IBM Power Systems could in some circumstances\nprovide invalid data due to a data corruption bug during uncompression.\nWith this update, all compression and uncompression calls to the nx842\nco-processor contain a cyclic redundancy check (CRC) flag, which forces all\ncompression and uncompression operations to check data integrity and\nprevents the co-processor from providing corrupted data. (BZ#1289451)\n\n* A failed 'updatepp' operation on the little-endian variant o ... \n\n Description truncated, for more information please check the Reference URL\");\n script_tag(name: \"affected\", value: \"kernel on CentOS 7\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"CESA\", value: \"2016:0185\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2016-February/021705.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~327.10.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~3.10.0~327.10.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~327.10.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~327.10.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~327.10.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~3.10.0~327.10.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~327.10.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~327.10.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~327.10.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~327.10.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~327.10.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~327.10.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-19T13:01:41", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2015-07-31T00:00:00", "id": "OPENVAS:1361412562310842399", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842399", "title": "Ubuntu Update for linux USN-2700-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux USN-2700-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842399\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-31 07:23:36 +0200 (Fri, 31 Jul 2015)\");\n script_cve_id(\"CVE-2015-3290\", \"CVE-2015-3291\", \"CVE-2015-5157\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux USN-2700-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested\nNMIs (non-maskable interrupts). An unprivileged local user could exploit\nthis flaw to cause a denial of service (system crash) or potentially\nescalate their privileges. (CVE-2015-3290)\n\nAndy Lutomirski discovered a flaw that allows user to cause the Linux\nkernel to ignore some NMIs (non-maskable interrupts). A local unprivileged\nuser could exploit this flaw to potentially cause the system to miss\nimportant NMIs resulting in unspecified effects. (CVE-2015-3291)\n\nAndy Lutomirski and Petr Matousek discovered that an NMI (non-maskable\ninterrupt) that interrupts userspace and encounters an IRET fault is\nincorrectly handled by the Linux kernel. An unprivileged local user could\nexploit this flaw to cause a denial of service (kernel OOPs), corruption,\nor potentially escalate privileges on the system. (CVE-2015-5157)\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2700-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2700-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-61-generic\", ver:\"3.13.0-61.100\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-61-generic-lpae\", ver:\"3.13.0-61.100\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-61-lowlatency\", ver:\"3.13.0-61.100\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-61-powerpc-e500\", ver:\"3.13.0-61.100\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-61-powerpc-e500mc\", ver:\"3.13.0-61.100\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-61-powerpc-smp\", ver:\"3.13.0-61.100\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-61-powerpc64-emb\", ver:\"3.13.0-61.100\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-61-powerpc64-smp\", ver:\"3.13.0-61.100\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-19T13:01:33", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2015-07-31T00:00:00", "id": "OPENVAS:1361412562310842396", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842396", "title": "Ubuntu Update for linux-lts-trusty USN-2701-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-lts-trusty USN-2701-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842396\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-31 07:22:30 +0200 (Fri, 31 Jul 2015)\");\n script_cve_id(\"CVE-2015-3290\", \"CVE-2015-3291\", \"CVE-2015-5157\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-lts-trusty USN-2701-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-trusty'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested\nNMIs (non-maskable interrupts). An unprivileged local user could exploit\nthis flaw to cause a denial of service (system crash) or potentially\nescalate their privileges. (CVE-2015-3290)\n\nAndy Lutomirski discovered a flaw that allows user to cause the Linux\nkernel to ignore some NMIs (non-maskable interrupts). A local unprivileged\nuser could exploit this flaw to potentially cause the system to miss\nimportant NMIs resulting in unspecified effects. (CVE-2015-3291)\n\nAndy Lutomirski and Petr Matousek discovered that an NMI (non-maskable\ninterrupt) that interrupts userspace and encounters an IRET fault is\nincorrectly handled by the Linux kernel. An unprivileged local user could\nexploit this flaw to cause a denial of service (kernel OOPs), corruption,\nor potentially escalate privileges on the system. (CVE-2015-5157)\");\n script_tag(name:\"affected\", value:\"linux-lts-trusty on Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2701-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2701-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-61-generic\", ver:\"3.13.0-61.100~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-61-generic-lpae\", ver:\"3.13.0-61.100~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-19T13:01:57", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2015-07-30T00:00:00", "id": "OPENVAS:1361412562310842389", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842389", "title": "Ubuntu Update for linux-lts-utopic USN-2689-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-lts-utopic USN-2689-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842389\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-30 05:13:46 +0200 (Thu, 30 Jul 2015)\");\n script_cve_id(\"CVE-2015-3290\", \"CVE-2015-1333\", \"CVE-2015-3291\", \"CVE-2015-5157\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-lts-utopic USN-2689-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-utopic'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Andy Lutomirski discovered a flaw in the\nLinux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged\nlocal user could exploit this flaw to cause a denial of service (system crash)\nor potentially escalate their privileges. (CVE-2015-3290)\n\nColin King discovered a flaw in the add_key function of the Linux kernel's\nkeyring subsystem. A local user could exploit this flaw to cause a denial\nof service (memory exhaustion). (CVE-2015-1333)\n\nAndy Lutomirski discovered a flaw that allows user to cause the Linux\nkernel to ignore some NMIs (non-maskable interrupts). A local unprivileged\nuser could exploit this flaw to potentially cause the system to miss\nimportant NMIs resulting in unspecified effects. (CVE-2015-3291)\n\nAndy Lutomirski and Petr Matousek discovered that an NMI (non-maskable\ninterrupt) that interrupts userspace and encounters an IRET fault is\nincorrectly handled by the Linux kernel. An unprivileged local user could\nexploit this flaw to cause a denial of service (kernel OOPs), corruption,\nor potentially escalate privileges on the system. (CVE-2015-5157)\");\n script_tag(name:\"affected\", value:\"linux-lts-utopic on Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2689-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2689-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-45-generic\", ver:\"3.16.0-45.60~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-45-generic-lpae\", ver:\"3.16.0-45.60~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-45-lowlatency\", ver:\"3.16.0-45.60~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-45-powerpc-e500mc\", ver:\"3.16.0-45.60~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-45-powerpc-smp\", ver:\"3.16.0-45.60~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-45-powerpc64-emb\", ver:\"3.16.0-45.60~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-45-powerpc64-smp\", ver:\"3.16.0-45.60~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:38:15", "bulletinFamily": "unix", "description": "kernel-uek\n[3.8.13-118.3.2]\n- x86/nmi/64: Use DF to avoid userspace RSP confusing nested NMI detection (Andy Lutomirski) [Orabug: 22742507] {CVE-2015-5157}\n- x86/nmi/64: Reorder nested NMI checks (Andy Lutomirski) [Orabug: 22742507] {CVE-2015-5157}\n- x86/nmi/64: Improve nested NMI comments (Andy Lutomirski) [Orabug: 22742507] {CVE-2015-5157}\n- x86/nmi/64: Switch stacks on userspace NMI entry (Andy Lutomirski) [Orabug: 22742507] {CVE-2015-5157}\n- x86/paravirt: Replace the paravirt nop with a bona fide empty function (Andy Lutomirski) [Orabug: 22742507] {CVE-2015-5157}", "modified": "2016-02-18T00:00:00", "published": "2016-02-18T00:00:00", "id": "ELSA-2016-3519", "href": "http://linux.oracle.com/errata/ELSA-2016-3519.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:46:05", "bulletinFamily": "unix", "description": "[2.6.32-573.26.1]\n- [kernel] revert 'sched: core: Use hrtimer_start_expires' (Jiri Olsa) [1326043 1324318]\n- [kernel] Revert 'Cleanup bandwidth timers' (Jiri Olsa) [1326043 1324318]\n- [kernel] revert 'fair: Test list head instead of list entry in throttle_cfs_rq' (Jiri Olsa) [1326043 1324318]\n- [kernel] revert 'sched, perf: Fix periodic timers' (Jiri Olsa) [1326043 1324318]\n- [kernel] Revert 'fix KABI break' (Jiri Olsa) [1326043 1324318]\n[2.6.32-573.25.1]\n- [x86] nmi/64: Fix a paravirt stack-clobbering bug in the NMI code (Denys Vlasenko) [1259580 1259581] {CVE-2015-5157}\n- [x86] nmi/64: Switch stacks on userspace NMI entry (Denys Vlasenko) [1259580 1259581] {CVE-2015-5157}\n- [fs] anon_inodes implement dname (Aristeu Rozanski) [1322707 1296019]\n- [fs] xfs: Avoid pathological backwards allocation (Bill O'Donnell) [1320031 1302777]\n- [net] sctp: Prevent soft lockup when sctp_accept() is called during a timeout event (Jacob Tanenbaum) [1297421 1297422] {CVE-2015-8767}\n- [net] udp: move logic out of udp[46]_ufo_send_check (Sabrina Dubroca) [1319276 1299975]\n- [net] af_unix: Guard against other == sk in unix_dgram_sendmsg (Jakub Sitnicki) [1315696 1309241]\n- [md] raid10: don't clear bitmap bit when bad-block-list write fails (Jes Sorensen) [1320863 1273546]\n- [md] raid1: don't clear bitmap bit when bad-block-list write fails (Jes Sorensen) [1320863 1273546]\n- [md] raid10: submit_bio_wait returns 0 on success (Jes Sorensen) [1320863 1273546]\n- [md] raid1: submit_bio_wait() returns 0 on success (Jes Sorensen) [1320863 1273546]\n- [md] crash in md-raid1 and md-raid10 due to incorrect list manipulation (Jes Sorensen) [1320863 1273546]\n- [md] raid10: ensure device failure recorded before write request returns (Jes Sorensen) [1320863 1273546]\n- [md] raid1: ensure device failure recorded before write request returns (Jes Sorensen) [1320863 1273546]\n[2.6.32-573.24.1]\n- [sched] fix KABI break (Seth Jennings) [1314878 1230310]\n- [sched] fair: Test list head instead of list entry in throttle_cfs_rq (Seth Jennings) [1314878 1230310]\n- [sched] sched,perf: Fix periodic timers (Seth Jennings) [1314878 1230310]\n- [sched] sched: debug: Remove the cfs bandwidth timer_active printout (Seth Jennings) [1314878 1230310]\n- [sched] Cleanup bandwidth timers (Seth Jennings) [1314878 1230310]\n- [sched] sched: core: Use hrtimer_start_expires (Seth Jennings) [1314878 1230310]\n- [sched] fair: Fix unlocked reads of some cfs_b->quota/period (Seth Jennings) [1314878 1230310]\n- [sched] Fix potential near-infinite distribute_cfs_runtime loop (Seth Jennings) [1314878 1230310]\n- [sched] fair: Fix tg_set_cfs_bandwidth deadlock on rq->lock (Seth Jennings) [1314878 1230310]\n- [sched] Fix hrtimer_cancel/rq->lock deadlock (Seth Jennings) [1314878 1230310]\n- [sched] Fix cfs_bandwidth misuse of hrtimer_expires_remaining (Seth Jennings) [1314878 1230310]\n- [sched] Refine the code in unthrottle_cfs_rq (Seth Jennings) [1314878 1230310]\n- [sched] Update rq clock earlier in unthrottle_cfs_rq (Seth Jennings) [1314878 1230310]\n- [block] Fix q_suspended logic error for io submission (David Milburn) [1314209 1227342]\n- [block] nvme: No lock while DMA mapping data (David Milburn) [1314209 1227342]\n- [netdrv] ixgbe: finish ixgbe: Update ixgbe to use new vlan accleration (John Greene) [1315706 1249244]\n[2.6.32-573.23.1]\n- [x86] perf: Add more Broadwell model numbers (Jiri Olsa) [1320035 1242694]\n- [perf] perf/x86/intel: Remove incorrect model number from Haswell perf (Jiri Olsa) [1320035 1242694]", "modified": "2016-05-03T00:00:00", "published": "2016-05-03T00:00:00", "id": "ELSA-2016-0715", "href": "http://linux.oracle.com/errata/ELSA-2016-0715.html", "title": "kernel security, bug fix, and enhancement update", "type": "oraclelinux", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:45:41", "bulletinFamily": "unix", "description": "- [3.10.0-327.10.1.OL7]\n- Oracle Linux certificates (Alexey Petrenko)\n[3.10.0-327.10.1]\n- [of] return NUMA_NO_NODE from fallback of_node_to_nid() (Thadeu Lima de Souza Cascardo) [1300614 1294398]\n- [net] openvswitch: do not allocate memory from offline numa node (Thadeu Lima de Souza Cascardo) [1300614 1294398]\n[3.10.0-327.9.1]\n- [security] keys: Fix keyring ref leak in join_session_keyring() (David Howells) [1298931 1298036] {CVE-2016-0728}\n[3.10.0-327.8.1]\n- [md] dm: fix AB-BA deadlock in __dm_destroy() (Mike Snitzer) [1296566 1292481]\n- [md] revert 'dm-mpath: fix stalls when handling invalid ioctls' (Mike Snitzer) [1287552 1277194]\n- [cpufreq] intel_pstate: Fix limits->max_perf rounding error (Prarit Bhargava) [1296276 1279617]\n- [cpufreq] intel_pstate: Fix limits->max_policy_pct rounding error (Prarit Bhargava) [1296276 1279617]\n- [cpufreq] revert 'intel_pstate: fix rounding error in max_freq_pct' (Prarit Bhargava) [1296276 1279617]\n- [crypto] nx: 842 - Add CRC and validation support (Gustavo Duarte) [1289451 1264905]\n- [powerpc] eeh: More relaxed condition for enabled IO path (Steve Best) [1289101 1274731]\n- [security] keys: Don't permit request_key() to construct a new keyring (David Howells) [1275929 1273465] {CVE-2015-7872}\n- [security] keys: Fix crash when attempt to garbage collect an uninstantiated keyring (David Howells) [1275929 1273465] {CVE-2015-7872}\n- [security] keys: Fix race between key destruction and finding a keyring by name (David Howells) [1275929 1273465] {CVE-2015-7872}\n- [x86] paravirt: Replace the paravirt nop with a bona fide empty function (Mateusz Guzik) [1259582 1259583] {CVE-2015-5157}\n- [x86] nmi: Fix a paravirt stack-clobbering bug in the NMI code (Mateusz Guzik) [1259582 1259583] {CVE-2015-5157}\n- [x86] nmi: Use DF to avoid userspace RSP confusing nested NMI detection (Mateusz Guzik) [1259582 1259583] {CVE-2015-5157}\n- [x86] nmi: Reorder nested NMI checks (Mateusz Guzik) [1259582 1259583] {CVE-2015-5157}\n- [x86] nmi: Improve nested NMI comments (Mateusz Guzik) [1259582 1259583] {CVE-2015-5157}\n- [x86] nmi: Switch stacks on userspace NMI entry (Mateusz Guzik) [1259582 1259583] {CVE-2015-5157}\n[3.10.0-327.7.1]\n- [scsi] scsi_sysfs: protect against double execution of __scsi_remove_device() (Vitaly Kuznetsov) [1292075 1273723]\n- [powerpc] mm: Recompute hash value after a failed update (Gustavo Duarte) [1289452 1264920]\n- [misc] genwqe: get rid of atomic allocations (Hendrik Brueckner) [1289450 1270244]\n- [mm] use only per-device readahead limit (Eric Sandeen) [1287550 1280355]\n- [net] ipv6: update ip6_rt_last_gc every time GC is run (Hannes Frederic Sowa) [1285370 1270092]\n- [kernel] tick: broadcast: Prevent livelock from event handler (Prarit Bhargava) [1284043 1265283]\n- [kernel] clockevents: Serialize calls to clockevents_update_freq() in the core (Prarit Bhargava) [1284043 1265283]\n[3.10.0-327.6.1]\n- [netdrv] bonding: propagate LRO disable to slave devices (Jarod Wilson) [1292072 1266578]\n[3.10.0-327.5.1]\n- [net] vsock: Fix lockdep issue (Dave Anderson) [1292372 1253971]\n- [net] vsock: sock_put wasn't safe to call in interrupt context (Dave Anderson) [1292372 1253971]", "modified": "2016-02-16T00:00:00", "published": "2016-02-16T00:00:00", "id": "ELSA-2016-0185", "href": "http://linux.oracle.com/errata/ELSA-2016-0185.html", "title": "kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:48:27", "bulletinFamily": "unix", "description": "[2.6.39-400.298.2]\n- x86: Use PRED_CMD MSR when ibpb is enabled (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/spec: Dont print the Missing arguments for option spectre_v2 (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86: Move ENABLE_IBRS in the interrupt macro (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- Add set_ibrs_disabled and set_ibpb_disabled (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/boot: Add early cmdline parsing for options with arguments (Tom Lendacky) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86, boot: Carve out early cmdline parsing function (Borislav Petkov) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86: Fix kABI build breakage (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86: Add command-line options 'spectre_v2' and 'nospectre_v2' (Kanth Ghatraju) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/mm: Set IBPB upon context switch (Brian Maly) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86: Display correct settings for the SPECTRE_V2 bug (Kanth Ghatraju) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- Set CONFIG_GENERIC_CPU_VULNERABILITIES flag (Kanth Ghatraju) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/cpu: Implement CPU vulnerabilites sysfs functions (Thomas Gleixner) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- sysfs/cpu: Fix typos in vulnerability documentation (David Woodhouse) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- sysfs/cpu: Add vulnerability folder (Thomas Gleixner) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86, cpu: Expand cpufeature facility to include cpu bugs (Borislav Petkov) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (David Woodhouse) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/cpufeatures: Add X86_BUG_CPU_MELTDOWN (Kanth Ghatraju) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/spec: STUFF_RSB _before_ ENABLE_IBRS (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86: Move STUFF_RSB in to the idt macro (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/IBRS/IBPB: Set sysctl_ibrs/ibpb_enabled properly (Boris Ostrovsky) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/IBRS: Make sure we restore MSR_IA32_SPEC_CTRL to a valid value (Boris Ostrovsky) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/spec_ctrl: Add missing 'lfence' when IBRS is not supported (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/ia32: Move STUFF_RSB And ENABLE_IBRS (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/entry: Stuff RSB for entry to kernel for non-SMEP platform (Tim Chen) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86: Use IBRS for firmware update path (David Woodhouse) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/spec_ctrl: Disable if running as Xen PV guest (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/microcode: Recheck IBRS features on microcode reload (Tim Chen) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/idle: Disable IBRS entering idle and enable it on wakeup (Tim Chen) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature (Tim Chen) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/enter: Use IBRS on syscall and interrupts (Tim Chen) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/enter: MACROS to set/clear IBRS and set IBPB (Tim Chen) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/feature: Detect the x86 IBRS feature to control Speculation (Tim Chen) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86: fix build breakage (Brian Maly) [Orabug: 27346425] {CVE-2017-5753}\n- kaiser: rename X86_FEATURE_KAISER to X86_FEATURE_PTI to match upstream (Mike Kravetz) {CVE-2017-5754}\n- x86/kaiser: Check boottime cmdline params (Mike Kravetz) [Orabug: 27333761] {CVE-2017-5754}\n- x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling (Borislav Petkov) [Orabug: 27333761] {CVE-2017-5754}\n- KPTI: Report when enabled (Mike Kravetz) [Orabug: 27333761] {CVE-2017-5754}\n- PTI: unbreak EFI old_memmap (Jiri Kosina) [Orabug: 27333761] [Orabug: 27333760] {CVE-2017-5754}\n- kaiser: Set _PAGE_NX only if supported (Guenter Roeck) [Orabug: 27333761] [Orabug: 27333760] {CVE-2017-5754}\n- KPTI: Rename to PAGE_TABLE_ISOLATION (Kees Cook) [Orabug: 27333761] {CVE-2017-5754}\n- kaiser: kaiser_flush_tlb_on_return_to_user() check PCID (Hugh Dickins) [Orabug: 27333761] {CVE-2017-5754}\n- kaiser: asm/tlbflush.h handle noPGE at lower level (Hugh Dickins) [Orabug: 27333761] {CVE-2017-5754}\n- kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush (Hugh Dickins) [Orabug: 27333761] {CVE-2017-5754}\n- x86/alternatives: add asm ALTERNATIVE macro (Mike Kravetz) [Orabug: 27333761] {CVE-2017-5754}\n- x86/kaiser: Reenable PARAVIRT, dynamically disable KAISER if PARAVIRT (Borislav Petkov) [Orabug: 27333761] {CVE-2017-5754}\n- kaiser: add 'nokaiser' boot option, using ALTERNATIVE (Hugh Dickins) [Orabug: 27333761] {CVE-2017-5754}\n- x86-32: Fix boot with CONFIG_X86_INVD_BUG (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- kaiser: alloc_ldt_struct() use get_zeroed_page() (Hugh Dickins) [Orabug: 27333761] {CVE-2017-5754}\n- kaiser: user_map __kprobes_text too (Hugh Dickins) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm/kaiser: re-enable vsyscalls (Andrea Arcangeli) [Orabug: 27333761] {CVE-2017-5754}\n- KAISER: Kernel Address Isolation (Hugh Dickins) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm: fix bad backport to disable PCID on Xen (Borislav Petkov) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm/64: Fix reboot interaction with CR4.PCIDE (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm: Enable CR4.PCIDE on supported systems (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm: Add the 'nopcid' boot option to turn off PCID (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm: Disable PCID on 32-bit kernels (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm: Remove the UP asm/tlbflush.h code, always use the (formerly) SMP code (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- sched/core: Idle_task_exit() shouldnt use switch_mm_irqs_off() (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm, sched/core: Turn off IRQs in switch_mm() (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm, sched/core: Uninline switch_mm() (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm: Build arch/x86/mm/tlb.c even on !SMP (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- sched/core: Add switch_mm_irqs_off() and use it in the scheduler (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- mm/mmu_context, sched/core: Fix mmu_context.h assumption (Ingo Molnar) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm: If INVPCID is available, use it to flush global mappings (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm: Add a 'noinvpcid' boot option to turn off INVPCID (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm: Fix INVPCID asm constraint (Borislav Petkov) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm: Add INVPCID helpers (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- x86, cpufeature: Add CPU features from Intel document 319433-012A (H. Peter Anvin) [Orabug: 27333761] {CVE-2017-5754}\n- x86/paravirt: Dont patch flush_tlb_single (Thomas Gleixner) [Orabug: 27333761] {CVE-2017-5754}\n- x86-64: Map the HPET NX (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- x86/ldt: Make modify_ldt synchronous (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754} {CVE-2015-5157}\n- x86, cpu: Add cpufeature flag for PCIDs (Arun Thomas) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm: Disable preemption during CR3 read+write (Sebastian Andrzej Siewior) [Orabug: 27333761] {CVE-2017-5754}\n- locking/barriers: fix compile issue (Brian Maly) [Orabug: 27346425] {CVE-2017-5753}\n- x86: Add another set of MSR accessor functions (Borislav Petkov) [Orabug: 27346425] {CVE-2017-5753}\n- udf: prevent speculative execution (Elena Reshetova) [Orabug: 27346425] {CVE-2017-5753}\n- fs: prevent speculative execution (Elena Reshetova) [Orabug: 27346425] {CVE-2017-5753}\n- qla2xxx: prevent speculative execution (Elena Reshetova) [Orabug: 27346425] {CVE-2017-5753}\n- p54: prevent speculative execution (Elena Reshetova) [Orabug: 27346425] {CVE-2017-5753}\n- carl9170: prevent speculative execution (Elena Reshetova) [Orabug: 27346425] {CVE-2017-5753}\n- uvcvideo: prevent speculative execution (Elena Reshetova) [Orabug: 27346425] {CVE-2017-5753}\n- locking/barriers: introduce new observable speculation barrier (Elena Reshetova) [Orabug: 27346425] {CVE-2017-5753}\n- x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature (Elena Reshetova) [Orabug: 27346425] {CVE-2017-5753}\n- x86/cpu/AMD: Make the LFENCE instruction serialized (Elena Reshetova) [Orabug: 27346425] {CVE-2017-5753}", "modified": "2018-01-24T00:00:00", "published": "2018-01-24T00:00:00", "id": "ELSA-2018-4020", "href": "http://linux.oracle.com/errata/ELSA-2018-4020.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:39:35", "bulletinFamily": "unix", "description": "kernel-uek\n[3.8.13-118.20.2]\n- x86: Add another set of MSR accessor functions (Borislav Petkov) [Orabug: 27444923] {CVE-2017-5753}\n- userns: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- udf: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- fs: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- qla2xxx: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- p54: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- carl9170: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- uvcvideo: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- locking/barriers: introduce new observable speculation barrier (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- x86/cpu/AMD: Make the LFENCE instruction serialized (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- x86/rsb: add comment specifying why we skip STUFF_RSB (Ankur Arora) [Orabug: 27451658] {CVE-2017-5715}\n- x86/rsb: make STUFF_RSB jmp labels more robust (Ankur Arora) [Orabug: 27451658] {CVE-2017-5715}\n- x86/spec: Also print IBRS if IBPB is disabled. (Konrad Rzeszutek Wilk) {CVE-2017-5715}\n- x86/spectre: Drop the warning about ibrs being obsolete. (Konrad Rzeszutek Wilk) {CVE-2017-5715}\n- Add set_ibrs_disabled and set_ibpb_disabled (Konrad Rzeszutek Wilk) [Orabug: 27376697] {CVE-2017-5715}\n- x86/spec: Don't print the Missing arguments for option spectre_v2 (Konrad Rzeszutek Wilk) [Orabug: 27376697] {CVE-2017-5715}\n- x86/boot: Add early cmdline parsing for options with arguments (Tom Lendacky) [Orabug: 27376697] {CVE-2017-5715}\n- x86, boot: Carve out early cmdline parsing function (Borislav Petkov) [Orabug: 27376697] \n- x86: Add command-line options 'spectre_v2' and 'nospectre_v2' (Kanth Ghatraju) [Orabug: 27376697] {CVE-2017-5715}\n- x86: Fix kABI build breakage (Konrad Rzeszutek Wilk) [Orabug: 27376697] {CVE-2017-5715}\n- x86/mm: Only set IBPB when the new thread cannot ptrace current thread (Konrad Rzeszutek Wilk) [Orabug: 27376697] {CVE-2017-5715}\n- x86: Use PRED_CMD MSR when ibpb is enabled (Konrad Rzeszutek Wilk) [Orabug: 27376697] {CVE-2017-5715}\n- x86/mm: Set IBPB upon context switch (Brian Maly) [Orabug: 27376697] {CVE-2017-5715}\n- x86: Display correct settings for the SPECTRE_V[12] bug (Kanth Ghatraju) [Orabug: 27376697] {CVE-2017-5715} {CVE-2017-5753}\n- x86/cpu: Implement CPU vulnerabilites sysfs functions (Thomas Gleixner) [Orabug: 27376697] {CVE-2017-5715} {CVE-2017-5753}\n- x86/IBRS/IBPB: Set sysctl_ibrs/ibpb_enabled properly (Boris Ostrovsky) [Orabug: 27376697] {CVE-2017-5715}\n- x86/spec_ctrl: Disable if running as Xen PV guest (Konrad Rzeszutek Wilk) [Orabug: 27376697] {CVE-2017-5715}\n- sysfs/cpu: Add vulnerability folder (Thomas Gleixner) [Orabug: 27376697] {CVE-2017-5715} {CVE-2017-5754}\n- x86, cpu: Expand cpufeature facility to include cpu bugs (Borislav Petkov) [Orabug: 27376697] {CVE-2017-5715}\n- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (Kanth Ghatraju) [Orabug: 27376697] {CVE-2017-5715}\n- x86/cpufeatures: Add X86_BUG_CPU_MELTDOWN (Kanth Ghatraju) [Orabug: 27376697] {CVE-2017-5754}\n- x86/entry: STUFF_RSB only after switching to kernel CR3 (Ankur Arora) [Orabug: 27376697] {CVE-2017-5715}\n- x86/entry: Stuff RSB for entry to kernel for non-SMEP platform (Tim Chen) [Orabug: 27376697] {CVE-2017-5715}\n- x86/IBRS: Make sure we restore MSR_IA32_SPEC_CTRL to a valid value (Boris Ostrovsky) [Orabug: 27376697] {CVE-2017-5715}\n- x86: Use IBRS for firmware update path (David Woodhouse) [Orabug: 27376697] {CVE-2017-5715}\n- x86/microcode: Recheck IBRS features on microcode reload (Tim Chen) [Orabug: 27376697] {CVE-2017-5715}\n- x86/idle: Disable IBRS entering idle and enable it on wakeup (Tim Chen) [Orabug: 27376697] {CVE-2017-5715}\n- x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature (Tim Chen) [Orabug: 27376697] {CVE-2017-5715}\n- x86/enter: Use IBRS on syscall and interrupts (Tim Chen) [Orabug: 27376697] {CVE-2017-5715}\n- x86/enter: MACROS to set/clear IBRS (Tim Chen) [Orabug: 27376697] {CVE-2017-5715}\n- x86/feature: Detect the x86 IBRS feature to control Speculation (Tim Chen) [Orabug: 27376697] {CVE-2017-5715}\n- x86/pti/efi: broken conversion from efi to kernel page table (Pavel Tatashin) [Orabug: 27333764] {CVE-2017-5754}\n- PTI: unbreak EFI old_memmap (Jiri Kosina) [Orabug: 27333764] [Orabug: 27333760] {CVE-2017-5754} {CVE-2017-5754}\n- kaiser: Set _PAGE_NX only if supported (Lepton Wu) [Orabug: 27333764] {CVE-2017-5754}\n- kaiser: rename X86_FEATURE_KAISER to X86_FEATURE_PTI (Mike Kravetz) [Orabug: 27333764] {CVE-2017-5754}\n- KPTI: Rename to PAGE_TABLE_ISOLATION (Kees Cook) [Orabug: 27333764] {CVE-2017-5754}\n- x86/kaiser: Check boottime cmdline params (Mike Kravetz) [Orabug: 27333764] {CVE-2017-5754}\n- kaiser: x86: Fix NMI handling (Jiri Kosina) [Orabug: 27333764] {CVE-2017-5754}\n- kaiser: move paravirt clock vsyscall mapping out of kaiser_init (Mike Kravetz) [Orabug: 27333764] {CVE-2017-5754}\n- kaiser: disable if xen PARAVIRT (Mike Kravetz) [Orabug: 27333764] {CVE-2017-5754}\n- x86/kaiser: Reenable PARAVIRT (Borislav Petkov) [Orabug: 27333764] {CVE-2017-5754}\n- kaiser: kaiser_flush_tlb_on_return_to_user() check PCID (Hugh Dickins) [Orabug: 27333764] {CVE-2017-5754}\n- kaiser: asm/tlbflush.h handle noPGE at lower level (Hugh Dickins) [Orabug: 27333764] {CVE-2017-5754}\n- kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush (Hugh Dickins) [Orabug: 27333764] {CVE-2017-5754}\n- x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling (Borislav Petkov) [Orabug: 27333764] {CVE-2017-5754}\n- kaiser: add 'nokaiser' boot option, using ALTERNATIVE (Hugh Dickins) [Orabug: 27333764] {CVE-2017-5754}\n- x86/alternatives: add asm ALTERNATIVE macro (Mike Kravetz) [Orabug: 27333764] {CVE-2017-5754}\n- kaiser: alloc_ldt_struct() use get_zeroed_page() (Hugh Dickins) [Orabug: 27333764] {CVE-2017-5754}\n- x86: kvmclock: Disable use from vDSO if KPTI is enabled (Ben Hutchings) [Orabug: 27333764] {CVE-2017-5754}\n- kaiser: Fix build with CONFIG_FUNCTION_GRAPH_TRACER (Kees Cook) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm/kaiser: re-enable vsyscalls (Andrea Arcangeli) [Orabug: 27333764] {CVE-2017-5754}\n- KAISER: Kernel Address Isolation (Richard Fellner) [Orabug: 27333764] {CVE-2017-5754}\n- kprobes: Prohibit probing on .entry.text code (Masami Hiramatsu) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm/64: Fix reboot interaction with CR4.PCIDE (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm: Enable CR4.PCIDE on supported systems (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm: Add the 'nopcid' boot option to turn off PCID (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm: Disable PCID on 32-bit kernels (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm: Remove the UP asm/tlbflush.h code, always use the (formerly) SMP code (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm: Fix flush_tlb_page() on Xen (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm: Disable preemption during CR3 read+write (Sebastian Andrzej Siewior) [Orabug: 27333764] {CVE-2017-5754}\n- sched/core: Idle_task_exit() shouldn't use switch_mm_irqs_off() (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm, sched/core: Turn off IRQs in switch_mm() (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm, sched/core: Uninline switch_mm() (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm: Build arch/x86/mm/tlb.c even on !SMP (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- sched/core: Add switch_mm_irqs_off() and use it in the scheduler (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- mm/mmu_context, sched/core: Fix mmu_context.h assumption (Ingo Molnar) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm: If INVPCID is available, use it to flush global mappings (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm: Add a 'noinvpcid' boot option to turn off INVPCID (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm: Fix INVPCID asm constraint (Borislav Petkov) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm: Add INVPCID helpers (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- x86: Clean up cr4 manipulation (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- x86/paravirt: Dont patch flush_tlb_single (Thomas Gleixner) [Orabug: 27333764] {CVE-2017-5754}\n- x86/ldt: Make modify_ldt synchronous (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754} {CVE-2015-5157}", "modified": "2018-01-29T00:00:00", "published": "2018-01-29T00:00:00", "id": "ELSA-2018-4022", "href": "http://linux.oracle.com/errata/ELSA-2018-4022.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:44:44", "bulletinFamily": "unix", "description": "[2.6.32-642]\n- [scsi] fc: revert - ensure scan_work isnt active when freeing fc_rport (Ewan Milne) [1326447]\n- [netdrv] ixgbe: Update ixgbe driver to use __netdev_pick_tx in ixgbe_select_queue (John Greene) [1310749]\n- [netdrv] mlx5e: Fix adding vlan rule with vid zero twice (Kamal Heib) [1322809]\n[2.6.32-641]\n- [netdrv] ixgbe: restore proper CHECKSUM_UNNECESSARY behavior for LRO packets (Neil Horman) [1318426]\n- [netdrv] revert ' net/mlx5_core: Add pci error handlers to mlx5_core driver' (Don Dutile) [1324599]\n- [x86] kernel: espfix not working for 32-bit KVM paravirt guests (Jacob Tanenbaum) [1172767] {CVE-2014-8134}\n[2.6.32-640]\n- [net] use GFP_ATOMIC in dst_ops_extend_register (Sabrina Dubroca) [1323252]\n- [kernel] revert 'sched: core: Use hrtimer_start_expires' (Jiri Olsa) [1324318]\n- [kernel] Revert 'Cleanup bandwidth timers' (Jiri Olsa) [1324318]\n- [kernel] revert 'fair: Test list head instead of list entry in throttle_cfs_rq' (Jiri Olsa) [1324318]\n- [kernel] revert 'sched, perf: Fix periodic timers' (Jiri Olsa) [1324318]\n- [kernel] Revert 'fix KABI break' (Jiri Olsa) [1324318]\n[2.6.32-639]\n- [input] wacom: fix ExpressKeys remote events (Aristeu Rozanski) [1318027]\n- [fs] revert 'writeback: remove wb_list' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: bdi_writeback_task must set task state before calling schedule' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: merge bdi_writeback_task and bdi_start_fn' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: harmonize writeback threads naming' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: fix possible race when creating bdi threads' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: do not lose wake-ups in the forker thread - 1' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: do not lose wake-ups in the forker thread - 2' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: do not lose wake-ups in bdi threads' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: simplify bdi code a little' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: do not remove bdi from bdi_list' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: move last_active to bdi' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: restructure bdi forker loop a little' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: move bdi threads exiting logic to the forker thread' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: prevent unnecessary bdi threads wakeups' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: optimize periodic bdi thread wakeups' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: remove unnecessary init_timer call' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: cleanup bdi_register' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: fix bad _bh spinlock nesting' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: do not lose wakeup events when forking bdi threads' (Jeff Moyer) [1322297]\n- [fs] revert 'writeback: Fix lost wake-up shutting down writeback thread' (Jeff Moyer) [1322297]\n- [mm] revert 'backing-dev: ensure wakeup_timer is deleted' (Jeff Moyer) [1322297]\n- [perf] revert: perf changes out of 'sched, perf: Fix periodic timers' (Jiri Olsa) [1322488]\n[2.6.32-638]\n- [mm] hugetlb: prevent BUG_ON in hugetlb_fault -> hugetlb_cow (Dave Anderson) [1303495]\n- [mm] hugetlb: fix race condition in hugetlb_fault (Dave Anderson) [1303495]\n- [s390] kdump: fix wrong BUG_ON statement (Hendrik Brueckner) [1321316]\n- [scsi] cxgb4i: Increased the value of MAX_IMM_TX_PKT_LEN from 128 to 256 bytes (Sai Vemuri) [1320193]\n- [fs] nfs: fix a regression causing deadlock in nfs_wb_page_cancel() (Benjamin Coddington) [1135601]\n- [netdrv] cxgb4/ethtool: Get/set rx checksum (Sai Vemuri) [1225167]\n- [netdrv] cxgb4vf:The RX checksum feature was not completely ported to cxgb4vf driver (Sai Vemuri) [1225167]\n- [netdrv] cxgb4/cxgb4vf: Enable GRO (Sai Vemuri) [1225167]\n- [netdrv] cxgb4: Enable RX checksum offload flag (Sai Vemuri) [1225167]\n- [netdrv] cxgb4: Report correct link speed for unsupported ones (Sai Vemuri) [1296467]\n- [netdrv] cxgb4: Use vmalloc, if kmalloc fails (Sai Vemuri) [1296473]\n- [netdrv] cxgb4: Enhance driver to update FW, when FW is too old (Sai Vemuri) [1296472]\n[2.6.32-637]\n- [netdrv] mlx4-en: add missing patch to init rss_rings in get_profile (Don Dutile) [1321164]\n- [netdrv] mlx4-en: disable traffic class queueing by default (Don Dutile) [1321164]\n- [netdrv] mlx4_core: Fix mailbox leak in error flow when performing update qp (Don Dutile) [1321164]\n- [x86] nmi/64: Fix a paravirt stack-clobbering bug in the NMI code (Denys Vlasenko) [1259581] {CVE-2015-5157}\n- [x86] nmi/64: Switch stacks on userspace NMI entry (Denys Vlasenko) [1259581] {CVE-2015-5157}\n[2.6.32-636]\n- [netdrv] mlx4_en: Choose time-stamping shift value according to HW frequency (Kamal Heib) [1320448]\n- [fs] anon_inodes implement dname (Aristeu Rozanski) [1296019]\n- [net] packet: set transport header before doing xmit (John Greene) [1309526]\n- [net] tuntap: set transport header before passing it to kernel (John Greene) [1309526]\n- [netdrv] macvtap: set transport header before passing skb to lower device (John Greene) [1309526]\n- [net] ipv6: tcp: add rcu locking in tcp_v6_send_synack() (Jakub Sitnicki) [1312740]\n- [net] ipv6: sctp: add rcu protection around np->opt (Jakub Sitnicki) [1312740]\n- [net] ipv6: add complete rcu protection around np->opt (Jakub Sitnicki) [1312740]\n- [net] dccp: remove unnecessary codes in ipv6.c (Jakub Sitnicki) [1312740]\n- [net] ipv6: remove unnecessary codes in tcp_ipv6.c (Jakub Sitnicki) [1312740]\n- [net] ipv6: Refactor update of IPv6 flowi destination address for srcrt (RH) option (Jakub Sitnicki) [1312740]\n- [net] ipv6: protect flow label renew against GC (Sabrina Dubroca) [1313231]\n- [net] ipv6: fix possible deadlock in ip6_fl_purge / ip6_fl_gc (Sabrina Dubroca) [1313231]\n- [perf] annotate: Support full source file paths for srcline fix (Jiri Olsa) [1304472 1304479]\n- [perf] tools: Support full source file paths for srcline (Jiri Olsa) [1304472 1304479]\n- [perf] annotate: Fix -i option, which is currently ignored (Jiri Olsa) [1304472 1304479]\n[2.6.32-635]\n- [mm] backing-dev: ensure wakeup_timer is deleted (Jeff Moyer) [1318930]\n- [hv] vss: run only on supported host versions (Vitaly Kuznetsov) [1319813]\n- [sound] hda: Fix internal speaker for HP Z240 (Jaroslav Kysela) [1316673]\n- [perf] trace: Fix race condition at the end of started workloads (Jiri Olsa) [1302928]\n- [fs] nfsd: Combine decode operations for v4 and v4.1 (J. Bruce Fields) [1314536]\n- [hv] revert 'vmbus: avoid scheduling in interrupt context in vmbus_initiate_unload' (Vitaly Kuznetsov) [1318882]\n- [hv] revert 'vmbus: dont loose HVMSG_TIMER_EXPIRED messages' (Vitaly Kuznetsov) [1318882]\n- [hv] revert 'vmbus: avoid unneeded compiler optimizations in vmbus_wait_for_unload' (Vitaly Kuznetsov) [1318882]\n- [hv] revert 'vmbus: remove code duplication in message handling' (Vitaly Kuznetsov) [1318882]\n- [hv] revert 'vmbus: avoid wait_for_completion on crash' (Vitaly Kuznetsov) [1318882]\n[2.6.32-634]\n- [scsi] cxgbi: Convert over to dst_neigh_lookup (Sai Vemuri) [1296461]\n- [netdrv] cxgb4: For T4, dont read the Firmware Mailbox Control register (Sai Vemuri) [1296469]\n- [netdrv] cxgb4: Use ACCES_ONCE macro to read queues consumer index (Sai Vemuri) [1296484]\n- [netdrv] cxgb4: prevent simultaneous execution of service_ofldq (Sai Vemuri) [1296483]\n- [netdrv] cxgb4: Adds PCI device id for new T5 adapters (Sai Vemuri) [1296481]\n- [netdrv] cxgb4: Dont disallow turning off auto-negotiation (Sai Vemuri) [1296476]\n- [mm] check if section present during memory block registering (Xunlei Pang) [1297840]\n- [tty] ldisc: Close/Reopen race prevention should check tty->ldisc (Denys Vlasenko) [1312383]\n- [fs] proc-vmcore: wrong data type casting fix (Baoquan He) [1312206]\n- [infiniband] iw_cxgb3: Ignore positive return values from the ofld send functions (Sai Vemuri) [1296999]\n- [netdrv] cxgb4: Deal with wrap-around of queue for Work request (Sai Vemuri) [1296482]\n- [infiniband] iw_cxgb4: detect fatal errors while creating listening filters (Sai Vemuri) [1296480]\n- [md] dm snapshot: suspend merging snapshot when doing exception handover (Mike Snitzer) [1177389]\n- [md] dm snapshot: suspend origin when doing exception handover (Mike Snitzer) [1177389]\n- [md] dm snapshot: allocate a per-target structure for snapshot-origin target (Mike Snitzer) [1177389]\n- [md] dm: fix a race condition in dm_get_md (Mike Snitzer) [1177389]\n- [infiniband] iw_cxgb4: pass the ord/ird in connect reply events (Sai Vemuri) [1296478]\n- [infiniband] iw_cxgb4: fix misuse of ep->ord for minimum ird calculation (Sai Vemuri) [1296478]\n- [infiniband] iw_cxgb4: reverse the ord/ird in the ESTABLISHED upcall (Sai Vemuri) [1296478]\n- [usb] Revert 'Revert 'Update USB default wakeup settings'' (Torez Smith) [1319081]\n- [netdrv] ibmveth: add support for TSO6 (Gustavo Duarte) [1318412]\n[2.6.32-633]\n- [s390] lib: export udelay_simple for systemtap (Hendrik Brueckner) [1233912]\n- [netdrv] ixgbe: fix RSS limit for X550 (John Greene) [1314583]\n- [netdrv] mlx4_core: Fix error message deprecation for ConnectX-2 cards (Don Dutile) [1316013]\n- [dm] thin metadata: dont issue prefetches if a transaction abort has failed (Mike Snitzer) [1310661]\n- [scsi] be2iscsi: Add warning message for unsupported adapter (Maurizio Lombardi) [1253016]\n- [scsi] be2iscsi: Revert 'Add warning message for, unsupported adapter' (Maurizio Lombardi) [1253016]\n- [scsi] hpsa: update copyright information (Joseph Szczypek) [1315469]\n- [scsi] hpsa: correct abort tmf for hba devices (Joseph Szczypek) [1315469]\n- [scsi] hpsa: correct ioaccel2 sg chain len (Joseph Szczypek) [1315469]\n- [scsi] hpsa: fix physical target reset (Joseph Szczypek) [1315469]\n- [scsi] hpsa: fix hpsa_adjust_hpsa_scsi_table (Joseph Szczypek) [1315469]\n- [scsi] hpsa: correct transfer length for 6 byte read/write commands (Joseph Szczypek) [1315469]\n- [scsi] hpsa: abandon rescans on memory alloaction failures (Joseph Szczypek) [1315469]\n- [scsi] hpsa: allow driver requested rescans (Joseph Szczypek) [1315469]\n[2.6.32-632]\n- [s390] dasd: fix incorrect locking order for LCU device add/remove (Hendrik Brueckner) [1315740]\n- [s390] dasd: fix hanging device after LCU change (Hendrik Brueckner) [1315729]\n- [s390] dasd: prevent incorrect length error under z/VM after PAV changes (Hendrik Brueckner) [1313774]\n- [netdrv] igb: Fix VLAN tag stripping on Intel i350 (Corinna Vinschen) [1210699]\n- [netdrv] 3c59x: mask LAST_FRAG bit from length field in ring (Neil Horman) [1309210]\n- [ata] ahci: Remove obsolete Intel Lewisburg SATA RAID device IDs (Steve Best) [1317045]\n- [pci] fix truncation of resource size to 32 bits (Myron Stowe) [1316345]\n- [pci] fix pci_resource_alignment prototype (Myron Stowe) [1316345]\n- [sound] hda: Fix headphone mic input on a few Dell ALC293 machines (Jaroslav Kysela) [1315932]\n- [sound] hda: Add some FIXUP quirks for white noise on Dell laptop (Jaroslav Kysela) [1315932]\n- [sound] hda: Fix the white noise on Dell laptop (Jaroslav Kysela) [1315932]\n- [sound] hda: one Dell machine needs the headphone white noise fixup (Jaroslav Kysela) [1315932]\n- [sound] hda: Fix audio crackles on Dell Latitude E7x40 (Jaroslav Kysela) [1315932]\n- [fs] xfs: Avoid pathological backwards allocation (Bill ODonnell) [1302777]\n[2.6.32-631]\n- [input] synaptics: handle spurious release of trackstick buttons, again (Benjamin Tissoires) [1317808]\n- [hv] kvp: fix IP Failover (Vitaly Kuznetsov) [1312290]\n- [hv] util: Pass the channel information during the init call (Vitaly Kuznetsov) [1312290]\n- [hv] utils: Invoke the poll function after handshake (Vitaly Kuznetsov) [1312290]\n- [hv] utils: run polling callback always in interrupt context (Vitaly Kuznetsov) [1312290]\n- [hv] util: Increase the timeout for util services (Vitaly Kuznetsov) [1312290]\n[2.6.32-630]\n- [mm] avoid hangs in lru_add_drain_all (Vitaly Kuznetsov) [1314683]\n- [net] esp{4, 6}: fix potential MTU calculation overflows (Herbert Xu) [1304313]\n- [net] xfrm: take net hdr len into account for esp payload size calculation (Herbert Xu) [1304313]\n[2.6.32-629]\n- [x86] acpi: Avoid SRAT table checks for Hyper-V VMs (Vi t a l y K u z n e t s o v ) [ 1 3 1 2 7 1 1 ] b r > - [ i n f i n i b a n d ] i p o i b : F o r s e n d o n l y j o i n f r e e t h e m u l t i c a s t g r o u p o n l e a v e ( D o n D u t i l e ) [ 1 3 1 5 3 8 2 ] b r > - [ i n f i n i b a n d ] i p o i b : i n c r e a s e t h e m a x m c a s t b a c k l o g q u e u e ( D o n D u t i l e ) [ 1 3 1 5 3 8 2 ] b r > - [ i n f i n i b a n d ] i p o i b : M a k e s e n d o n l y m u l t i c a s t j o i n s c r e a t e t h e m c a s t g r o u p ( D o n D u t i l e ) [ 1 3 1 5 3 8 2 ] b r > - [ i n f i n i b a n d ] i p o i b : E x p i r e s e n d o n l y m u l t i c a s t j o i n s ( D o n D u t i l e ) [ 1 3 1 5 3 8 2 ] b r > - [ i n f i n i b a n d ] i p o i b : C l e a n u p s e n d - o n l y m u l t i c a s t j o i n s ( D o n D u t i l e ) [ 1 3 1 5 3 8 2 ] b r > - [ i n f i n i b a n d ] i p o i b : S u p p r e s s w a r n i n g f o r s e n d o n l y j o i n f a i l u r e s ( D o n D u t i l e ) [ 1 3 1 5 3 8 2 ] b r > - [ d r m ] i 9 1 5 : s h u t u p g e n 8 + S D E i r q d m e s g n o i s e ( R o b C l a r k ) [ 1 3 1 3 6 8 1 ] b r > - [ d r m ] i 9 1 5 : f i x t h e S D E i r q d m e s g w a r n i n g s p r o p e r l y ( R o b C l a r k ) [ 1 3 1 3 6 8 1 ] b r > - [ h v ] v m b u s : a v o i d w a i t _ f o r _ c o m p l e t i o n o n c r a s h ( V i t a l y K u z n e t s o v ) [ 1 3 0 1 9 0 3 ] b r > - [ h v ] v m b u s : r e m o v e c o d e d u p l i c a t i o n i n m e s s a g e h a n d l i n g ( V i t a l y K u z n e t s o v ) [ 1 3 0 1 9 0 3 ] b r > - [ h v ] v m b u s : a v o i d u n n e e d e d c o m p i l e r o p t i m i z a t i o n s i n v m b u s _ w a i t _ f o r _ u n l o a d ( V i t a l y K u z n e t s o v ) [ 1 3 0 1 9 0 3 ] b r > - [ h v ] v m b u s : d o n t l o o s e H V M S G _ T I M E R _ E X P I R E D m e s s a g e s ( V i t a l y K u z n e t s o v ) [ 1 3 0 1 9 0 3 ] b r > - [ h v ] v m b u s : a v o i d s c h e d u l i n g i n i n t e r r u p t c o n t e x t i n v m b u s _ i n i t i a t e _ u n l o a d ( V i t a l y K u z n e t s o v ) [ 1 3 0 1 9 0 3 ] b r > b r > [ 2 . 6 . 3 2 - 6 2 8 ] b r > - [ n e t d r v ] b n x 2 x : f i x c r a s h o n b i g - e n d i a n w h e n a d d i n g V L A N ( M i c h a l S c h m i d t ) [ 1 3 1 1 4 3 3 ] b r > - [ s o u n d ] a l s a h d a : o n l y s y n c B C L K t o t h e d i s p l a y c l o c k f o r H a s w e l l & B r o a d w e l l ( J a r o s l a v K y s e l a ) [ 1 3 1 3 6 7 2 ] b r > - [ s o u n d ] a l s a h d a : a d d c o m p o n e n t s u p p o r t ( J a r o s l a v K y s e l a ) [ 1 3 1 3 6 7 2 ] b r > - [ s o u n d ] a l s a h d a : p a s s i n t e l _ h d a t o a l l i 9 1 5 i n t e r f a c e f u n c t i o n s ( J a r o s l a v K y s e l a ) [ 1 3 1 3 6 7 2 ] b r > - [ n e t d r v ] i g b : f i x r a c e a c c e s s i n g p a g e - > _ c o u n t ( C o r i n n a V i n s c h e n ) [ 1 3 1 5 4 0 2 ] b r > - [ n e t d r v ] i g b : f i x r e c e n t V L A N c h a n g e s t h a t w o u l d l e a v e V L A N s d i s a b l e d a f t e r r e s e t ( C o r i n n a V i n s c h e n ) [ 1 3 0 9 9 6 8 ] b r > - [ m m ] a l w a y s d e c r e m e n t a n o n _ v m a d e g r e e w h e n t h e v m a l i s t i s e m p t y ( J e r o m e M a r c h a n d ) [ 1 3 0 9 8 9 8 ] b r > b r > [ 2 . 6 . 3 2 - 6 2 7 ] b r > - [ n e t ] r d s : r e s t o r e r e t u r n v a l u e i n r d s _ c m s g _ r d m a _ a r g s ( D o n D u t i l e ) [ 1 3 1 3 0 8 9 ] b r > - [ n e t ] r d s : F i x a s s e r t i o n l e v e l f r o m f a t a l t o w a r n i n g ( D o n D u t i l e ) [ 1 3 1 3 0 8 9 ] b r > - [ n e t d r v ] b e 2 n e t : d o n t e n a b l e m u l t i c a s t f l a g i n b e _ e n a b l e _ i f _ f i l t e r s r o u t i n e ( I v a n V e c e r a ) [ 1 3 0 9 1 5 7 ] b r > - [ n e t ] u n i x : c o r r e c t l y t r a c k i n - f l i g h t f d s i n s e n d i n g p r o c e s s u s e r _ s t r u c t ( H a n n e s F r e d e r i c S o w a ) [ 1 3 1 3 0 5 2 ] { C V E - 2 0 1 6 - 2 5 5 0 } b r > - [ n e t ] s c t p : P r e v e n t s o f t l o c k u p w h e n s c t p _ a c c e p t ( ) i s c a l l e d d u r i n g a t i m e o u t e v e n t ( J a c o b T a n e n b a u m ) [ 1 2 9 7 4 2 2 ] { C V E - 2 0 1 5 - 8 7 6 7 } b r > b r > [ 2 . 6 . 3 2 - 6 2 6 ] b r > - [ f s ] n f s v 4 : O P E N m u s t h a n d l e t h e N F S 4 E R R _ I O r e t u r n c o d e c o r r e c t l y ( B e n j a m i n C o d d i n g t o n ) [ 1 2 7 2 6 8 7 ] b r > - [ f s ] q u o t a : f i x u n w a n t e d s o f t l i m i t e n f o r c e m e n t ( L u k a s C z e r n e r ) [ 1 3 0 4 6 0 3 ] b r > - [ f s ] x f s : f l u s h e n t i r e l a s t p a g e o f o l d E O F o n t r u n c a t e u p ( B r i a n F o s t e r ) [ 1 3 0 8 4 8 2 ] b r > - [ f s ] x f s : t r u n c a t e _ s e t s i z e s h o u l d b e o u t s i d e t r a n s a c t i o n s ( B r i a n F o s t e r ) [ 1 3 0 8 4 8 2 ] b r > - [ s c s i ] m e g a r a i d : o v e r c o m e a f w d e f i c i e n c y ( M a u r i z i o L o m b a r d i ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : A d d a n i / o b a r r i e r ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : F i x S M A P i s s u e ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : F i x f o r I O f a i l i n g p o s t O C R i n S R I O V e n v i r o n m e n t ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d : f i x n u l l p o i n t e r c h e c k i n m e g a s a s _ d e t a c h _ o n e ( ) ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : d r i v e r v e r s i o n u p g r a d e ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : S P E R C O C R c h a n g e s ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : I n t r o d u c e m o d u l e p a r a m e t e r f o r S C S I c o m m a n d t i m e o u t ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : M F I a d a p t e r O C R c h a n g e s ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : M a k e a d p r e c o v e r y v a r i a b l e a t o m i c ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : I O t h r o t t l i n g s u p p o r t ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : D u a l q u e u e d e p t h s u p p o r t ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : C o d e o p t i m i z a t i o n b u i l d _ a n d _ i s s u e _ c m d r e t u r n - t y p e ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : R e p l y D e s c r i p t o r P o s t Q u e u e ( R D P Q ) s u p p o r t ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : F a s t p a t h r e g i o n l o c k b y p a s s ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : U p d a t e d e v i c e q u e u e d e p t h b a s e d o n i n t e r f a c e t y p e ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : T a s k m a n a g e m e n t s u p p o r t ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : S y n c i n g r e q u e s t f l a g s m a c r o n a m e s w i t h f i r m w a r e ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : M F I I O t i m e o u t h a n d l i n g ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : D o n o t a l l o w P C I a c c e s s d u r i n g O C R ( T o m a s H e n z l ) [ 1 2 9 4 9 8 3 ] b r > - [ s c s i ] h p s a : c h e c k f o r a n u l l p h y s _ d i s k p o i n t e r i n i o a c c e l 2 p a t h ( J o s e p h S z c z y p e k ) [ 1 3 1 1 7 2 8 ] b r > b r > [ 2 . 6 . 3 2 - 6 2 5 ] b r > - [ n e t d r v ] c x g b 4 : P a t c h t o f i x k e r n e l p a n i c o n p i n g i n g o v e r v l a n i n t e r f a c e ( S a i V e m u r i ) [ 1 3 0 3 4 9 3 ] b r > - [ x 8 6 ] m m : I m p r o v e A M D B u l l d o z e r A S L R w o r k a r o u n d ( R i k v a n R i e l ) [ 1 2 4 0 8 8 3 ] b r > - [ x 8 6 ] P r o p e r l y e x p o r t M S R v a l u e s i n k e r n e l h e a d e r s ( J a c o b T a n e n b a u m ) [ 1 2 9 8 2 5 5 ] b r > - [ n e t d r v ] t e h u t i : F i r m w a r e f i l e n a m e i s t e h u t i / b d x . b i n ( I v a n V e c e r a ) [ 1 2 3 5 9 6 1 ] b r > - [ n e t d r v ] i x g b e : c o n v e r t t o n d o _ f i x _ f e a t u r e s ( J o h n G r e e n e ) [ 1 2 7 9 5 2 2 ] b r > - [ d r m ] r e v e r t ' d r m : U s e v b l a n k t i m e s t a m p s t o g u e s s t i m a t e h o w m a n y v b l a n k s w e r e m i s s e d ' ( L y u d e P a u l ) [ 1 3 0 0 0 8 6 ] b r > - [ f s ] w r i t e b a c k : F i x l o s t w a k e - u p s h u t t i n g d o w n w r i t e b a c k t h r e a d ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : d o n o t l o s e w a k e u p e v e n t s w h e n f o r k i n g b d i t h r e a d s ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : f i x b a d _ b h s p i n l o c k n e s t i n g ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : c l e a n u p b d i _ r e g i s t e r ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : r e m o v e u n n e c e s s a r y i n i t _ t i m e r c a l l ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : o p t i m i z e p e r i o d i c b d i t h r e a d w a k e u p s ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : p r e v e n t u n n e c e s s a r y b d i t h r e a d s w a k e u p s ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : m o v e b d i t h r e a d s e x i t i n g l o g i c t o t h e f o r k e r t h r e a d ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : r e s t r u c t u r e b d i f o r k e r l o o p a l i t t l e ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : m o v e l a s t _ a c t i v e t o b d i ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : d o n o t r e m o v e b d i f r o m b d i _ l i s t ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : s i m p l i f y b d i c o d e a l i t t l e ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : d o n o t l o s e w a k e - u p s i n b d i t h r e a d s ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : d o n o t l o s e w a k e - u p s i n t h e f o r k e r t h r e a d - 2 ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : d o n o t l o s e w a k e - u p s i n t h e f o r k e r t h r e a d - 1 ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : f i x p o s s i b l e r a c e w h e n c r e a t i n g b d i t h r e a d s ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : h a r m o n i z e w r i t e b a c k t h r e a d s n a m i n g ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : m e r g e b d i _ w r i t e b a c k _ t a s k a n d b d i _ s t a r t _ f n ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : b d i _ w r i t e b a c k _ t a s k m u s t s e t t a s k s t a t e b e f o r e c a l l i n g s c h e d u l e ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : r e m o v e w b _ l i s t ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ d r m ] i 9 1 5 : C h a n g e W A R N _ O N ( ! w m _ c h a n g e d ) t o I 9 1 5 _ S T A T E _ W A R N _ O N ( L y u d e P a u l ) [ 1 3 0 9 8 8 8 ] b r > - [ d r m ] i 9 1 5 : Q u i e t d o w n s t a t e c h e c k s ( L y u d e P a u l ) [ 1 3 0 9 8 8 8 ] b r > - [ d r m ] i 9 1 5 : F i x a f e w o f t h e ! w m _ c h a n g e d w a r n i n g s ( L y u d e P a u l ) [ 1 3 0 9 8 8 8 ] b r > b r > [ 2 . 6 . 3 2 - 6 2 4 ] b r > - [ n e t d r v ] t g 3 : F i x f o r t g 3 t r a n s m i t q u e u e 0 t i m e d o u t w h e n t o o m a n y g s o _ s e g s ( I v a n V e c e r a ) [ 1 2 2 2 4 2 6 ] b r > - [ n e t d r v ] b n a : f i x l i s t c o r r u p t i o n ( I v a n V e c e r a ) [ 1 3 1 0 9 5 7 ] b r > - [ n e t d r v ] c x g b 4 : A d d c x g b 4 T 4 / T 5 f i r m w a r e v e r s i o n 1 . 1 4 . 4 . 0 , h a r d c o d e d r i v e r t o t h e s a m e ( S a i V e m u r i ) [ 1 2 7 0 3 4 7 ] b r > - [ d r m ] i 9 1 5 : W a R s D i s a b l e C o a r s e P o w e r G a t i n g ( R o b C l a r k ) [ 1 3 0 2 2 6 9 ] b r > - [ d r m ] i 9 1 5 / s k l : A d d S K L G T 4 P C I I D s ( R o b C l a r k ) [ 1 3 0 2 2 6 9 ] b r > b r > [ 2 . 6 . 3 2 - 6 2 3 ] b r > - [ p e r f ] r e v e r t ' p e r f / x 8 6 / i n t e l u n c o r e : M o v e u n c o r e _ b o x _ i n i t ( ) o u t o f d r i v e r i n i t i a l i z a t i o n ' ( J i r i O l s a ) [ 1 3 1 3 0 6 2 ] b r > - [ n e t ] u d p : m o v e l o g i c o u t o f u d p [ 4 6 ] _ u f o _ s e n d _ c h e c k ( S a b r i n a D u b r o c a ) [ 1 2 9 9 9 7 5 ] b r > - [ n e t d r v ] h v _ n e t v s c : R e s t o r e n e e d e d _ h e a d r o o m r e q u e s t ( V i t a l y K u z n e t s o v ) [ 1 3 0 5 0 0 0 ] b r > - [ n e t ] p k t g e n : f i x n u l l p t r d e r e f i n s k b a l l o c a t i o n ( V i t a l y K u z n e t s o v ) [ 1 3 0 5 0 0 0 ] b r > - [ n e t ] p k t g e n : O b s e r v e n e e d e d _ h e a d r o o m o f t h e d e v i c e ( V i t a l y K u z n e t s o v ) [ 1 3 0 5 0 0 0 ] b r > - [ n e t ] p k t g e n : i p v 6 : n u m a : c o n s o l i d a t e s k b a l l o c a t i o n t o p k t g e n _ a l l o c _ s k b ( V i t a l y K u z n e t s o v ) [ 1 3 0 5 0 0 0 ] b r > - [ n e t ] p k t g e n : f i x c r a s h w i t h v l a n a n d p a c k e t s i z e l e s s t h a n 4 6 ( V i t a l y K u z n e t s o v ) [ 1 3 0 5 0 0 0 ] b r > - [ n e t ] p k t g e n : s p e e d u p f r a g m e n t e d s k b s ( V i t a l y K u z n e t s o v ) [ 1 3 0 5 0 0 0 ] b r > - [ n e t ] p k t g e n : c o r r e c t u n i n i t i a l i z e d q u e u e _ m a p ( V i t a l y K u z n e t s o v ) [ 1 3 0 5 0 0 0 ] b r > - [ n e t ] p k t g e n n o d e a l l o c a t i o n ( V i t a l y K u z n e t s o v ) [ 1 3 0 5 0 0 0 ] b r > - [ n e t ] a f _ u n i x : G u a r d a g a i n s t o t h e r = = s k i n u n i x _ d g r a m _ s e n d m s g ( J a k u b S i t n i c k i ) [ 1 3 0 9 2 4 1 ] b r > - [ n e t ] v e t h : d o n t m o d i f y i p _ s u m m e d ; d o i n g s o t r e a t s p a c k e t s w i t h b a d c h e c k s u m s a s g o o d ( S a b r i n a D u b r o c a ) [ 1 3 0 8 5 8 6 ] b r > - [ n e t ] i p v 6 : u d p : u s e s t i c k y p k t i n f o e g r e s s i f i n d e x o n c o n n e c t ( ) ( X i n L o n g ) [ 1 3 0 1 4 7 5 ] b r > - [ n e t ] p r o v i d e d e f a u l t _ a d v m s s ( ) m e t h o d s t o b l a c k h o l e d s t _ o p s ( P a o l o A b e n i ) [ 1 3 0 5 0 6 8 ] b r > - [ n e t ] s c t p : t r a n s l a t e n e t w o r k o r d e r t o h o s t o r d e r w h e n u s e r s g e t a h m a c i d ( X i n L o n g ) [ 1 3 0 3 8 2 2 ] b r > - [ p o w e r p c ] p s e r i e s : M a k e 3 2 - b i t M S I q u i r k w o r k o n s y s t e m s l a c k i n g f i r m w a r e s u p p o r t ( O d e d G a b b a y ) [ 1 3 0 3 6 7 8 ] b r > - [ p o w e r p c ] p s e r i e s : F o r c e 3 2 b i t M S I s f o r d e v i c e s t h a t r e q u i r e i t ( O d e d G a b b a y ) [ 1 3 0 3 6 7 8 ] b r > - [ n e t d r v ] b n x t _ e n : F i x z e r o p a d d i n g o f t x p u s h d a t a ( J o h n L i n v i l l e ) [ 1 3 1 0 3 0 1 ] b r > - [ n e t d r v ] b n x t _ e n : F a i l u r e t o u p d a t e P H Y i s n o t f a t a l c o n d i t i o n ( J o h n L i n v i l l e ) [ 1 3 1 0 3 0 1 ] b r > - [ n e t d r v ] b n x t _ e n : R e m o v e u n n e c e s s a r y c a l l t o u p d a t e P H Y s e t t i n g s ( J o h n L i n v i l l e ) [ 1 3 1 0 3 0 1 ] b r > - [ n e t d r v ] b n x t _ e n : P o l l l i n k a t t h e e n d o f _ _ b n x t _ o p e n _ n i c ( J o h n L i n v i l l e ) [ 1 3 1 0 3 0 1 ] b r > - [ n e t d r v ] b n x t _ e n : R e d u c e d e f a u l t r i n g s i z e s ( J o h n L i n v i l l e ) [ 1 3 1 0 3 0 1 ] b r > - [ n e t d r v ] b n x t _ e n : F i x i m p l e m e n t a t i o n o f t x p u s h o p e r a t i o n ( J o h n L i n v i l l e ) [ 1 3 1 0 3 0 1 ] b r > - [ n e t d r v ] b n x t _ e n : R e m o v e 2 0 G s u p p o r t a n d a d v e r t i s e o n l y 4 0 G b a s e C R 4 ( J o h n L i n v i l l e ) [ 1 3 1 0 3 0 1 ] b r > - [ n e t d r v ] b n x t _ e n : C l e a n u p a n d F i x f l o w c o n t r o l s e t u p l o g i c ( J o h n L i n v i l l e ) [ 1 3 1 0 3 0 1 ] b r > - [ n e t d r v ] b n x t _ e n : F i x e t h t o o l a u t o n e g l o g i c ( J o h n L i n v i l l e ) [ 1 3 1 0 3 0 1 ] b r > b r > [ 2 . 6 . 3 2 - 6 2 2 ] b r > - [ n e t d r v ] b o n d i n g : F i x A R P m o n i t o r v a l i d a t i o n ( J a r o d W i l s o n ) [ 1 2 4 4 1 7 0 ] b r > - [ n e t d r v ] s f c : o n l y u s e R S S f i l t e r s i f w e r e u s i n g R S S ( J a r o d W i l s o n ) [ 1 3 0 4 3 1 1 ] b r > - [ d m ] d e l a y : f i x R H E L 6 s p e c i f i c b u g w h e n e s t a b l i s h i n g f u t u r e ' e x p i r e s ' t i m e ( M i k e S n i t z e r ) [ 1 3 1 1 6 1 5 ] b r > - [ a t a ] A d d i n g I n t e l L e w i s b u r g d e v i c e I D s f o r S A T A ( S t e v e B e s t ) [ 1 3 1 0 2 3 7 ] b r > - [ i 2 c ] i 8 0 1 : A d d i n g I n t e l L e w i s b u r g s u p p o r t f o r i T C O ( R u i W a n g ) [ 1 3 0 4 8 7 2 ] b r > - [ x 8 6 ] M a r k G r a n g e v i l l e i x g b e P C I I D 1 5 A E ( 1 g i g P H Y ) u n s u p p o r t e d ( S t e v e B e s t ) [ 1 3 1 0 5 8 5 ] b r > - [ k e r n e l ] l o c k d : p r o p e r l y c o n v e r t b e 3 2 v a l u e s i n d e b u g m e s s a g e s ( H a r s h u l a J a y a s u r i y a ) [ 1 2 8 9 8 4 8 ] b r > - [ i 2 c ] c o n v e r t i 2 c - i s c h t o p l a t f o r m _ d e v i c e ( P r a r i t B h a r g a v a ) [ 1 2 1 1 7 4 7 ] b r > - [ t t y ] d o n o t r e s e t m a s t e r s p a c k e t m o d e ( D e n y s V l a s e n k o ) [ 1 3 0 8 6 6 0 ] b r > - [ b l o c k ] d o n t a s s u m e l a s t p u t o f s h a r e d t a g s i s f o r t h e h o s t ( J e f f M o y e r ) [ 1 3 0 0 5 3 8 ] b r > - [ n e t d r v ] i 4 0 e v f : u s e p a g e s c o r r e c t l y i n R x ( S t e f a n A s s m a n n ) [ 1 2 9 3 7 5 4 ] b r > - [ n e t d r v ] i 4 0 e : f i x b u g i n d m a s y n c ( S t e f a n A s s m a n n ) [ 1 2 9 3 7 5 4 ] b r > - [ s c h e d ] f i x K A B I b r e a k ( S e t h J e n n i n g s ) [ 1 2 3 0 3 1 0 ] b r > - [ s c h e d ] f a i r : T e s t l i s t h e a d i n s t e a d o f l i s t e n t r y i n t h r o t t l e _ c f s _ r q ( S e t h J e n n i n g s ) [ 1 2 3 0 3 1 0 ] b r > - [ s c h e d ] s c h e d , p e r f : F i x p e r i o d i c t i m e r s ( S e t h J e n n i n g s ) [ 1 2 3 0 3 1 0 ] b r > - [ s c h e d ] s c h e d : d e b u g : R e m o v e t h e c f s b a n d w i d t h t i m e r _ a c t i v e p r i n t o u t ( S e t h J e n n i n g s ) [ 1 2 3 0 3 1 0 ] b r > - [ s c h e d ] C l e a n u p b a n d w i d t h t i m e r s ( S e t h J e n n i n g s ) [ 1 2 3 0 3 1 0 ] b r > - [ s c h e d ] s c h e d : c o r e : U s e h r t i m e r _ s t a r t _ e x p i r e s ( S e t h J e n n i n g s ) [ 1 2 3 0 3 1 0 ] b r > - [ s c h e d ] f a i r : F i x u n l o c k e d r e a d s o f s o m e c f s _ b - > q u o t a / p e r i o d ( S e t h J e n n i n g s ) [ 1 2 3 0 3 1 0 ] b r > - [ s c h e d ] F i x p o t e n t i a l n e a r - i n f i n i t e d i s t r i b u t e _ c f s _ r u n t i m e l o o p ( S e t h J e n n i n g s ) [ 1 2 3 0 3 1 0 ] b r > - [ s c h e d ] f a i r : F i x t g _ s e t _ c f s _ b a n d w i d t h d e a d l o c k o n r q - > l o c k ( S e t h J e n n i n g s ) [ 1 2 3 0 3 1 0 ] b r > - [ s c h e d ] F i x h r t i m e r _ c a n c e l / r q - > l o c k d e a d l o c k ( S e t h J e n n i n g s ) [ 1 2 3 0 3 1 0 ] b r > - [ s c h e d ] F i x c f s _ b a n d w i d t h m i s u s e o f h r t i m e r _ e x p i r e s _ r e m a i n i n g ( S e t h J e n n i n g s ) [ 1 2 3 0 3 1 0 ] b r > - [ s c h e d ] R e f i n e t h e c o d e i n u n t h r o t t l e _ c f s _ r q ( S e t h J e n n i n g s ) [ 1 2 3 0 3 1 0 ] b r > - [ s c h e d ] U p d a t e r q c l o c k e a r l i e r i n u n t h r o t t l e _ c f s _ r q ( S e t h J e n n i n g s ) [ 1 2 3 0 3 1 0 ] b r > - [ d r m ] r a d e o n : m a s k o u t W C f r o m B O o n u n s u p p o r t e d a r c h e s ( O d e d G a b b a y ) [ 1 3 0 3 6 7 8 ] b r > - [ d r m ] a d d h e l p e r t o c h e c k f o r w c m e m o r y s u p p o r t ( O d e d G a b b a y ) [ 1 3 0 3 6 7 8 ] b r > - [ a c p i ] p c i : A c c o u n t f o r A R I i n _ P R T l o o k u p s ( I v a n V e c e r a ) [ 1 3 1 1 4 2 1 ] b r > - [ p c i ] M o v e p c i _ a r i _ e n a b l e d ( ) t o g l o b a l h e a d e r ( I v a n V e c e r a ) [ 1 3 1 1 4 2 1 ] b r > - [ a c p i ] t p m , t p m _ t i s : f i x t p m _ t i s A C P I d e t e c t i o n i s s u e w i t h T P M 2 . 0 ( J e r r y S n i t s e l a a r ) [ 1 3 0 9 6 4 1 ] b r > - [ a c p i ] C e n t r a l i z e d p r o c e s s i n g o f A C P I d e v i c e r e s o u r c e s ( J e r r y S n i t s e l a a r ) [ 1 3 0 9 6 4 1 ] b r > - [ a c p i ] a c p i : A d d d e v i c e r e s o u r c e s i n t e r p r e t a t i o n c o d e t o A C P I c o r e ( J e r r y S n i t s e l a a r ) [ 1 3 0 9 6 4 1 ] b r > - [ n e t d r v ] c x g b 4 : F i x f o r t h e k e r n e l p a n i c c a u s e d b y c a l l i n g t 4 _ e n a b l e _ v i _ p a r a m s ( S a i V e m u r i ) [ 1 3 0 3 4 9 3 ] b r > - [ m m ] R e m o v e f a l s e W A R N _ O N f r o m p a g e c a c h e _ i s i z e _ e x t e n d e d ( B r i a n F o s t e r ) [ 1 2 0 5 0 1 4 ] b r > b r > [ 2 . 6 . 3 2 - 6 2 1 ] b r > - [ n e t d r v ] n e t / m l x 4 _ e n : W a k e T X q u e u e s o n l y w h e n t h e r e s e n o u g h r o o m ( D o n D u t i l e ) [ 1 3 0 9 8 9 3 ] b r > - [ n e t d r v ] r e v e r t ' n e t / m l x 4 _ c o r e : F i x m a i l b o x l e a k i n e r r o r f l o w w h e n p e r f o r m i n g u p d a t e q p ' ( D o n D u t i l e ) [ 1 3 0 9 8 9 3 ] b r > - [ n e t d r v ] r e v e r t ' m l x 4 - e n : a d d m i s s i n g p a t c h t o i n i t r s s _ r i n g s i n g e t _ p r o f i l e ' ( D o n D u t i l e ) [ 1 3 0 9 8 9 3 ] b r > - [ n e t d r v ] r e v e r t ' m l x 4 - e n : d i s a b l e t r a f f i c c l a s s q u e u e i n g b y d e f a u l t ' ( D o n D u t i l e ) [ 1 3 0 9 8 9 3 ] b r > b r > [ 2 . 6 . 3 2 - 6 2 0 ] b r > - [ n e t d r v ] m l x 4 - e n : d i s a b l e t r a f f i c c l a s s q u e u e i n g b y d e f a u l t ( D o n D u t i l e ) [ 1 3 0 9 8 9 3 ] b r > - [ n e t d r v ] m l x 4 - e n : a d d m i s s i n g p a t c h t o i n i t r s s _ r i n g s i n g e t _ p r o f i l e ( D o n D u t i l e ) [ 1 3 0 9 8 9 3 ] b r > - [ n e t d r v ] n e t / m l x 4 _ c o r e : F i x m a i l b o x l e a k i n e r r o r f l o w w h e n p e r f o r m i n g u p d a t e q p ( D o n D u t i l e ) [ 1 3 0 9 8 9 3 ] b r > b r > [ 2 . 6 . 3 2 - 6 1 9 ] b r > - [ n e t d r v ] c x g b 4 : a d d d e v i c e I D f o r f e w T 5 a d a p t e r s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : F i x f o r w r i t e - c o m b i n i n g s t a t s c o n f i g u r a t i o n ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : F i x t x f l i t c a l c u l a t i o n ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : c h a n g e s f o r n e w f i r m w a r e 1 . 1 4 . 4 . 0 ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : m e m o r y c o r r u p t i o n i n d e b u g f s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : F o r c e u n i n i t i a l i z e d s t a t e i f F W i n a d a p t e r i s u n s u p p o r t e d ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d M P S t r a c i n g s u p p o r t ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d s o m e m o r e d e t a i l s t o s g e q i n f o ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : m i s s i n g c u r l y b r a c e s i n t 4 _ s e t u p _ d e b u g f s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d s u p p o r t t o d u m p e d c b i s t s t a t u s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d d e b u g f s s u p p o r t t o d u m p m e m i n f o ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 v f : R e a d c o r r e c t F L c o n g e s t i o n t h r e s h o l d f o r T 5 a n d T 6 ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A l l o w f i r m w a r e f l a s h , o n l y i f c x g b 4 i s t h e m a s t e r d r i v e r ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d d e b u g f s e n t r y t o e n a b l e b a c k d o o r a c c e s s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 v f : F i x c h e c k t o u s e n e w U s e r D o o r b e l l m e c h a n i s m ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : E n a b l e c i m _ l a d u m p t o s u p p o r t T 6 ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : R e a d s t a t s f o r o n l y a v a i l a b l e c h a n n e l s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : U p d a t e r e g i s t e r r a n g e s f o r T 6 a d a p t e r ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : D o n t u s e e n t i r e L 2 T t a b l e , u s e o n l y i t s s l i c e ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d P C I d e v i c e i d s f o r f e w m o r e T 5 a n d T 6 a d a p t e r s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : F i x i n c o r r e c t s e q u e n c e n u m b e r s s h o w n i n d e v l o g ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d P C I d e v i c e I D f o r c u s t o m T 5 2 2 & T 5 2 0 a d a p t e r ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ i n f i n i b a n d ] i w _ c x g b 4 : s u p p o r t f o r b a r 2 q i d d e n s i t i e s e x c e e d i n g t h e p a g e s i z e ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : S u p p o r t f o r u s e r m o d e b a r 2 m a p p i n g s w i t h T 4 ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d d e b u g f s e n t r y t o d u m p c h a n n e l r a t e ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d d e b u g f s e n t r y t o d u m p C I M P I F l o g i c a n a l y z e r c o n t e n t s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d a d e b u g f s e n t r y t o d u m p C I M M A l o g i c a n a l y z e r l o g s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : F i x s t a t i c c h e c k e r w a r n i n g ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : U s e F W L D S T c m d t o a c c e s s T P _ P I O _ A D D R , T P _ P I O _ D A T A r e g i s t e r f i r s t ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : p r o g r a m p c i c o m p l e t i o n t i m e o u t ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : S e t m a c a d d r f r o m v p d , w h e n w e c a n t c o n t a c t f i r m w a r e ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : R e n a m e t 4 _ l i n k _ s t a r t t o t 4 _ l i n k _ l 1 c f g ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d s g e e c c o n t e x t f l u s h s e r v i c e ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : F r e e V i r t u a l I n t e r f a c e s i n r e m o v e r o u t i n e ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : R e m o v e W O L g e t / s e t e t h t o o l s u p p o r t ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d s u p p o r t t o d u m p l o o p b a c k p o r t s t a t s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d s u p p o r t i n e t h t o o l t o d u m p c h a n n e l s t a t s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d e t h t o o l s u p p o r t t o g e t a d a p t e r s t a t s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 v f : A d d s S R I O V d r i v e r c h a n g e s f o r T 6 a d a p t e r ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d s s u p p o r t f o r T 6 a d a p t e r ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d i s _ t 6 m a c r o a n d T 6 r e g i s t e r r a n g e s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : r e m o v e u n u s e d f n t o e n a b l e / d i s a b l e d b c o a l e s c i n g ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 v f : f u n c t i o n a n d a r g u m e n t n a m e c l e a n u p ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d d e b u g f s f a c i l i t y t o i n j e c t F L s t a r v a t i o n ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d P H Y f i r m w a r e s u p p o r t f o r T 4 2 0 - B T c a r d s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : U p d a t e T 4 / T 5 a d a p t e r r e g i s t e r r a n g e s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : O p t i m i z e a n d c l e a n u p s e t u p m e m o r y w i n d o w c o d e ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : r e p l a c e n t o h s , n t o h l a n d h t o n s , h t o n l c a l l s w i t h t h e g e n e r i c b y t e o r d e r ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : R e m o v e d e a d f u n c t i o n t 4 _ r e a d _ e d c a n d t 4 _ r e a d _ m c ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 v f : C l e a n u p m a c r o s , a d d c o m m e n t s a n d a d d n e w M A C R O S ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : I n i t i a l i z e R S S m o d e f o r a l l P o r t s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : D i s c a r d t h e p a c k e t i f t h e l e n g t h i s g r e a t e r t h a n m t u ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : M o v e S G E I n g r e s s D M A s t a t e m o n i t o r ( D o n D u t i l e ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d d e v i c e n o d e t o U L D i n f o ( D o n D u t i l e ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : P a s s i n a C o n g e s t i o n C h a n n e l M a p t o t 4 _ s g e _ a l l o c _ r x q ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : E n a b l e c o n g e s t i o n n o t i f i c a t i o n f r o m S G E f o r I Q s a n d F L s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : M a k e s u r e t h a t F r e e l i s t s i z e i s l a r g e r t h a n E g r e s s C o n g e s t i o n T h r e s h o l d ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ i n f i n i b a n d ] i w _ c x g b 4 : C l e a n u p r e g i s t e r d e f i n e s / M A C R O S ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 v f : F i x s p a r s e w a r n i n g s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : I m p r o v e I E E E D C B x s u p p o r t , o t h e r m i n o r o p e n - l l d p f i x e s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ s c s i ] c x g b 4 i : C a l l i n t o r e c e n t l y a d d e d c x g b 4 i p v 6 a p i ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 v f : F i x q u e u e a l l o c a t i o n f o r 4 0 G a d a p t e r ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 v f : I n i t i a l i z e m d i o _ a d d r b e f o r e u s i n g i t ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 v f : F i x e t h t o o l g e t _ s e t t i n g s f o r V F d r i v e r ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c s i o s t o r : C l e a n u p m a c r o s / r e g i s t e r d e f i n e s r e l a t e d t o p o r t a n d V I ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : F i x D C B p r i o r i t y g r o u p s b e i n g r e t u r n e d i n w r o n g o r d e r ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : d c b o p e n - l l d p i n t e r o p f i x e s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : F i x b u g i n D C B a p p d e l e t i o n ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : H a n d l e d c b e n a b l e c o r r e c t l y ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : I m p r o v e h a n d l i n g o f D C B n e g o t i a t i o n o r l o s s t h e r e o f ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : I E E E f i x e s f o r D C B x s t a t e m a c h i n e ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : F i x e n d i a n b u g i n t r o d u c e d i n c x g b 4 d c b p a t c h s e t ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : M a k e f i l e & K c o n f i g c h a n g e s f o r D C B x s u p p o r t ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : I n t e g r a t e D C B x s u p p o r t i n t o c x g b 4 m o d u l e . R e g i s t e r d b c n l _ o p s t o g i v e a c c e s s t o D C B x f u n c t i o n s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : A d d D C B x s u p p o r t c o d e b a s e a n d d c b n l _ o p s ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > - [ n e t d r v ] c x g b 4 : U p d a t e f w i n t e r f a c e f i l e f o r D C B x s u p p o r t . A d d s a l l t h e r e q u i r e d f i e l d s t o f w i n t e r f a c e t o c o m m u n i c a t e D C B x i n f o ( S a i V e m u r i ) [ 1 2 5 2 5 9 8 ] b r > b r > [ 2 . 6 . 3 2 - 6 1 8 ] b r > - [ d o c u m e n t a t i o n ] f i l e s y s t e m s : d e s c r i b e t h e s h a r e d m e m o r y u s a g e / a c c o u n t i n g ( R o d r i g o F r e i r e ) [ 1 2 9 3 6 1 5 ] b r > - [ k e r n e l ] F i x c g c l e a r f a i l u r e w h e n e n c o u n t e r i n g t h e r p c i o d k e r n e l t h r e a d ( L a r r y W o o d m a n ) [ 1 2 2 0 8 2 8 ] b r > - [ n e t d r v ] q l c n i c : c o n s t i f y q l c n i c _ m b x _ o p s s t r u c t u r e ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] n e t : q l c n i c : d e l e t e r e d u n d a n t m e m s e t s ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] q l c n i c : U p d a t e v e r s i o n t o 5 . 3 . 6 3 ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] q l c n i c : D o n t u s e k z a l l o c u n n c e c e s s a r i l y f o r a l l o c a t i n g l a r g e c h u n k o f m e m o r y ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] q l c n i c : A d d n e w V F d e v i c e I D 0 x 8 C 3 0 ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] q l c n i c : P r i n t f i r m w a r e m i n i d u m p b u f f e r a n d t e m p l a t e h e a d e r a d d r e s s e s ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] q l c n i c : A d d s u p p o r t t o e n a b l e c a p a b i l i t y t o e x t e n d m i n i d u m p f o r i S C S I ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] q l c n i c : R e a r r a n g e o r d e r i n g o f h e a d e r f i l e s i n c l u s i o n ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] q l c n i c : F i x c o r r u p t i o n w h i l e c o p y i n g ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] n e t : q l c n i c : D e l e t i o n o f u n n e c e s s a r y m e m s e t ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] n e t : q l c n i c : c l e a n u p s y s f s e r r o r c o d e s ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] q l c n i c : c o d e s p e l l c o m m e n t s p e l l i n g f i x e s ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] q l c n i c : F i x t y p o i n p r i n t k m e s s a g e s ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] q l c n i c : F i x t r i v i a l t y p o i n c o m m e n t ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] q l o g i c : D e l e t i o n o f u n n e c e s s a r y c h e c k s b e f o r e t w o f u n c t i o n c a l l s ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ n e t d r v ] q l c n i c : F i x d u m p _ s k b o u t p u t ( H a r i s h P a t i l ) [ 1 2 5 2 1 1 9 ] b r > - [ v i r t ] k v m : x 8 6 : D o n t r e p o r t g u e s t u s e r s p a c e e m u l a t i o n e r r o r t o u s e r s p a c e ( B a n d a n D a s ) [ 1 1 6 3 7 6 4 ] { C V E - 2 0 1 0 - 5 3 1 3 C V E - 2 0 1 4 - 7 8 4 2 } b r > - [ v i r t ] k v m : i n j e c t # U D i f i n s t r u c t i o n e m u l a t i o n f a i l s a n d e x i t t o u s e r s p a c e ( B a n d a n D a s ) [ 1 1 6 3 7 6 4 ] { C V E - 2 0 1 0 - 5 3 1 3 C V E - 2 0 1 4 - 7 8 4 2 } b r > - [ n e t d r v ] i w l w i f i : A d d n e w P C I I D s f o r t h e 8 2 6 0 s e r i e s ( J o h n L i n v i l l e ) [ 1 2 8 6 8 7 1 1 3 0 8 6 3 6 ] b r > - [ n e t d r v ] i w l w i f i : p c i e : f i x ( a g a i n ) p r e p a r e c a r d f l o w ( J o h n L i n v i l l e ) [ 1 2 8 6 8 7 1 1 3 0 8 6 3 6 ] b r > - [ n e t d r v ] n l 8 0 2 1 1 : F i x p o t e n t i a l m e m o r y l e a k f r o m p a r s e _ a c l _ d a t a ( J o h n L i n v i l l e ) [ 1 2 8 6 8 7 1 1 3 0 8 6 3 6 ] b r > - [ n e t d r v ] m a c 8 0 2 1 1 : f i x d i v i d e b y z e r o w h e n N O A u p d a t e ( J o h n L i n v i l l e ) [ 1 2 8 6 8 7 1 1 3 0 8 6 3 6 ] b r > - [ n e t d r v ] m a c 8 0 2 1 1 : a l l o w n u l l c h a n d e f i n t r a c i n g ( J o h n L i n v i l l e ) [ 1 2 8 6 8 7 1 1 3 0 8 6 3 6 ] b r > - [ n e t d r v ] m a c 8 0 2 1 1 : f i x d r i v e r R S S I e v e n t c a l c u l a t i o n s ( J o h n L i n v i l l e ) [ 1 2 8 6 8 7 1 1 3 0 8 6 3 6 ] b r > - [ n e t d r v ] m a c 8 0 2 1 1 : F i x l o c a l d e a u t h w h i l e a s s o c i a t i n g ( J o h n L i n v i l l e ) [ 1 2 8 6 8 7 1 1 3 0 8 6 3 6 ] b r > - [ f s ] x f s : e n s u r e W B _ S Y N C _ A L L w r i t e b a c k h a n d l e s p a r t i a l p a g e s c o r r e c t l y ( B r i a n F o s t e r ) [ 7 4 7 5 6 4 ] b r > - [ f s ] m m : i n t r o d u c e s e t _ p a g e _ w r i t e b a c k _ k e e p w r i t e ( ) ( B r i a n F o s t e r ) [ 7 4 7 5 6 4 ] b r > - [ f s ] x f s : a l w a y s l o g t h e i n o d e o n u n w r i t t e n e x t e n t c o n v e r s i o n ( Z o r r o L a n g ) [ 1 0 1 8 4 6 5 ] b r > - [ f s ] v f s : f i x d a t a c o r r u p t i o n w h e n b l o c k s i z e p a g e s i z e f o r m m a p e d d a t a ( L u k a s C z e r n e r ) [ 1 2 0 5 0 1 4 ] b r > b r > [ 2 . 6 . 3 2 - 6 1 7 ] b r > - [ i n f i n i b a n d ] r d m a / o c r d m a : B u m p u p o c r d m a v e r s i o n n u m b e r t o 1 1 . 0 . 0 . 0 ( D o n D u t i l e ) [ 1 2 5 3 0 2 1 ] b r > - [ i n f i n i b a n d ] r d m a / o c r d m a : P r e v e n t C Q - D o o r b e l l f l o o d s ( D o n D u t i l e ) [ 1 2 5 3 0 2 1 ] b r > - [ i n f i n i b a n d ] r d m a / o c r d m a : C h e c k r e s o u r c e i d s r e c e i v e d i n A s y n c C Q E ( D o n D u t i l e ) [ 1 2 5 3 0 2 1 ] b r > - [ i n f i n i b a n d ] r d m a / o c r d m a : A v o i d a p o s s i b l e c r a s h i n o c r d m a _ r e m _ p o r t _ s t a t s ( D o n D u t i l e ) [ 1 2 5 3 0 2 1 ] b r > - [ k e r n e l ] d r i v e r c o r e : F i x u s e a f t e r f r e e o f d e v - > p a r e n t i n d e v i c e _ s h u t d o w n ( T o m a s H e n z l ) [ 1 3 0 3 2 1 5 ] b r > - [ k e r n e l ] d r i v e r c o r e : f i x s h u t d o w n r a c e s w i t h p r o b e / r e m o v e ( T o m a s H e n z l ) [ 1 3 0 3 2 1 5 ] b r > - [ k e r n e l ] d r i v e r c o r e : P r o t e c t d e v i c e s h u t d o w n f r o m h o t u n p l u g e v e n t s ( T o m a s H e n z l ) [ 1 3 0 3 2 1 5 ] b r > - [ n e t d r v ] b n x 2 x : A d d n e w d e v i c e i d s u n d e r t h e Q l o g i c v e n d o r ( M i c h a l S c h m i d t ) [ 1 3 0 4 2 5 2 ] b r > - [ k e r n e l ] k l i s t : f i x s t a r t i n g p o i n t r e m o v e d b u g i n k l i s t i t e r a t o r s ( E w a n M i l n e ) [ 1 1 9 0 2 7 3 ] b r > - [ m d ] r a i d 1 : e x t e n d s p i n l o c k t o p r o t e c t r a i d 1 _ e n d _ r e a d _ r e q u e s t a g a i n s t i n c o n s i s t e n c i e s ( J e s S o r e n s e n ) [ 1 3 0 9 1 5 4 ] b r > - [ m d ] r a i d 1 : f i x t e s t f o r ' w a s r e a d e r r o r f r o m l a s t w o r k i n g d e v i c e ' ( J e s S o r e n s e n ) [ 1 3 0 9 1 5 4 ] b r > - [ s 3 9 0 ] c i o : u p d a t e m e a s u r e m e n t c h a r a c t e r i s t i c s ( H e n d r i k B r u e c k n e r ) [ 1 3 0 4 2 5 7 ] b r > - [ s 3 9 0 ] c i o : e n s u r e c o n s i s t e n t m e a s u r e m e n t s t a t e ( H e n d r i k B r u e c k n e r ) [ 1 3 0 4 2 5 7 ] b r > - [ s 3 9 0 ] c i o : f i x m e a s u r e m e n t c h a r a c t e r i s t i c s m e m l e a k ( H e n d r i k B r u e c k n e r ) [ 1 3 0 4 2 5 7 ] b r > - [ f s ] p i p e : f i x o f f s e t a n d l e n m i s m a t c h o n p i p e _ i o v _ c o p y _ t o _ u s e r f a i l u r e ( S e t h J e n n i n g s ) [ 1 3 0 2 2 2 3 ] { C V E - 2 0 1 6 - 0 7 7 4 } b r > b r > [ 2 . 6 . 3 2 - 6 1 6 ] b r > - [ k e r n e l ] i s o l c p u s : O u t p u t w a r n i n g w h e n t h e ' i s o l c p u s = ' k e r n e l p a r a m e t e r i s i n v a l i d ( P r a r i t B h a r g a v a ) [ 1 3 0 4 2 1 6 ] b r > - [ m m c ] P r e v e n t 1 . 8 V s w i t c h f o r S D h o s t s t h a t d o n t s u p p o r t U H S m o d e s ( P e t r O r o s ) [ 1 3 0 7 0 6 5 ] b r > - [ m m c ] s d h c i - p c i - o 2 m i c r o : F i x D e l l E 5 4 4 0 i s s u e ( P e t r O r o s ) [ 1 3 0 7 0 6 5 ] b r > - [ m m c ] s d h c i - p c i - o 2 m i c r o : A d d S e a B i r d S e a E a g l e S D 3 s u p p o r t ( P e t r O r o s ) [ 1 3 0 7 0 6 5 ] b r > - [ w a t c h d o g ] h u n g t a s k d e b u g g i n g : I n j e c t N M I w h e n h u n g a n d g o i n g t o p a n i c ( D o n Z i c k u s ) [ 1 3 0 5 9 1 9 ] b r > - [ w a t c h d o g ] a d d s y s c t l k n o b h a r d l o c k u p _ p a n i c ( D o n Z i c k u s ) [ 1 3 0 5 9 1 9 ] b r > - [ w a t c h d o g ] p e r f o r m a l l - C P U b a c k t r a c e i n c a s e o f h a r d l o c k u p ( D o n Z i c k u s ) [ 1 3 0 5 9 1 9 ] b r > - [ d r m ] i 9 1 5 : D r o p i n t e l _ u p d a t e _ s p r i t e _ w a t e r m a r k s ( L y u d e ) [ 1 3 0 6 4 2 5 ] b r > - [ d r m ] i 9 1 5 : S e t u p D D I c l k f o r M S T o n S K L i ( L y u d e ) [ 1 3 0 6 4 2 5 ] b r > - [ d r m ] i 9 1 5 : E x p l i c i t l y c h e c k f o r e D P i n s k l _ d d i _ p l l _ s e l e c t ( L y u d e ) [ 1 3 0 6 4 2 5 ] b r > - [ d r m ] i 9 1 5 : D o n t s k i p m s t e n c o d e r s i n s k l _ d d i _ p l l _ s e l e c t ( L y u d e ) [ 1 3 0 6 4 2 5 ] b r > - [ s c s i ] q l a 2 x x x : S e t r e l o g i n f l a g w h e n w e f a i l t o q u e u e l o g i n r e q u e s t s ( C h a d D u p u i s ) [ 1 3 0 6 0 3 3 ] b r > - [ s 3 9 0 ] k e r n e l / s y s c a l l s : c o r r e c t s y s c a l l n u m b e r f o r _ _ N R _ s e t n s ( H e n d r i k B r u e c k n e r ) [ 1 2 1 9 5 8 6 ] b r > - [ e d a c ] s b _ e d a c : f i x c h a n n e l / c s r o w e m u l a t i o n o n B r o a d w e l l ( A r i s t e u R o z a n s k i ) [ 1 3 0 1 2 3 0 ] b r > - [ u s b ] x h c i : W o r k a r o u n d t o g e t I n t e l x H C I r e s e t w o r k i n g m o r e r e l i a b l y ( G o p a l T i w a r i ) [ 1 1 4 6 8 7 5 ] b r > - [ f s ] r e v e r t r e v e r t ' d l m : p r i n t k e r n e l m e s s a g e w h e n w e g e t a n e r r o r f r o m k e r n e l _ s e n d p a g e ' ( R o b e r t S P e t e r s o n ) [ 1 2 6 4 4 9 2 ] b r > - [ f s ] r e v e r t ' [ f s ] d l m : R e p l a c e n o d e i d _ t o _ a d d r w i t h k e r n e l _ g e t p e e r n a m e ' ( R o b e r t S P e t e r s o n ) [ 1 2 6 4 4 9 2 ] b r > - [ s 3 9 0 ] s c l p : D e t e r m i n e H S A s i z e d y n a m i c a l l y f o r z f c p d u m p ( H e n d r i k B r u e c k n e r ) [ 1 3 0 3 5 5 7 ] b r > - [ s 3 9 0 ] s c l p : M o v e d e c l a r a t i o n s f o r s c l p _ s d i a s i n t o s e p a r a t e h e a d e r f i l e ( H e n d r i k B r u e c k n e r ) [ 1 3 0 3 5 5 7 ] b r > - [ n e t d r v ] m l x 4 _ e n : a d d m i s s i n g t x _ q u e u e i n i t i n e n _ s t a r t _ p o r t ( D o n D u t i l e ) [ 1 3 0 4 0 1 6 ] b r > b r > [ 2 . 6 . 3 2 - 6 1 5 ] b r > - [ s 3 9 0 ] q e t h : i n i t i a l i z e n e t _ d e v i c e w i t h c a r r i e r o f f ( H e n d r i k B r u e c k n e r ) [ 1 1 9 8 6 6 6 ] b r > - [ n e t d r v ] A d d r t l w i f i d r i v e r f r o m l i n u x 4 . 3 ( S t a n i s l a w G r u s z k a ) [ 1 2 4 5 4 5 2 1 2 6 3 3 8 6 1 2 8 9 5 7 4 7 6 1 5 2 5 ] b r > b r > [ 2 . 6 . 3 2 - 6 1 4 ] b r > - [ p o w e r p c ] p s e r i e s : L i m i t E P O W r e s e t e v e n t w a r n i n g s ( G u s t a v o D u a r t e ) [ 1 3 0 0 2 0 2 ] b r > - [ p e r f ] t o o l s : D o n o t s h o w t r a c e c o m m a n d i f i t s n o t c o m p i l e d i n ( J i r i O l s a ) [ 1 2 1 2 5 3 9 ] b r > - [ p e r f ] t o o l s s p e c : D i s a b l e t r a c e c o m m a n d o n p p c a r c h ( J i r i O l s a ) [ 1 2 1 2 5 3 9 ] b r > - [ n e t d r v ] m l x 4 _ e n : F i x t h e b l u e f l a m e i n T X p a t h ( K a m a l H e i b ) [ 1 2 9 5 8 7 2 1 3 0 3 6 6 1 1 3 0 3 8 6 3 1 3 0 4 2 7 2 ] b r > - [ n e t d r v ] m l x 4 _ e n : F i x H W t i m e s t a m p i n i t i s s u e u p o n s y s t e m s t a r t u p ( K a m a l H e i b ) [ 1 2 9 5 8 7 2 1 3 0 4 2 7 2 ] b r > - [ n e t d r v ] m l x 4 _ e n : R e m o v e d e p e n d e n c y b e t w e e n t i m e s t a m p i n g c a p a b i l i t y a n d s e r v i c e _ t a s k ( K a m a l H e i b ) [ 1 2 9 5 8 7 2 1 3 0 4 2 7 2 ] b r > - [ n e t d r v ] m l x 5 _ c o r e : F i x t r i m m i n g d o w n I R Q n u m b e r ( K a m a l H e i b ) [ 1 3 0 4 2 7 2 ] b r > - [ x 8 6 ] M a r k I n t e l B r o a d w e l l - D E S o C s u p p o r t e d ( S t e v e B e s t ) [ 1 2 5 3 8 5 6 ] b r > - [ s 3 9 0 ] z f c p d u m p : F i x c o l l e c t i n g o f r e g i s t e r s ( H e n d r i k B r u e c k n e r ) [ 1 3 0 3 5 5 8 ] b r > - [ s 3 9 0 ] d a s d : f i x f a i l f a s t f o r d i s c o n n e c t e d d e v i c e s ( H e n d r i k B r u e c k n e r ) [ 1 3 0 3 5 5 9 ] b r > - [ n e t d r v ] b n x t _ e n : F i x c r a s h i n b n x t _ f r e e _ t x _ s k b s ( ) d u r i n g t x t i m e o u t ( J o h n L i n v i l l e ) [ 1 3 0 3 7 0 3 ] b r > - [ n e t d r v ] b n x t _ e n : E x c l u d e r x _ d r o p _ p k t s h w c o u n t e r f r o m t h e s t a c k s r x _ d r o p p e d c o u n t e r ( J o h n L i n v i l l e ) [ 1 3 0 3 7 0 3 ] b r > - [ n e t d r v ] b n x t _ e n : R i n g f r e e r e s p o n s e f r o m c l o s e p a t h s h o u l d u s e c o m p l e t i o n r i n g ( J o h n L i n v i l l e ) [ 1 3 0 3 7 0 3 ] b r > - [ b l o c k ] F i x q _ s u s p e n d e d l o g i c e r r o r f o r i o s u b m i s s i o n ( D a v i d M i l b u r n ) [ 1 2 2 7 3 4 2 ] b r > - [ b l o c k ] n v m e : N o l o c k w h i l e D M A m a p p i n g d a t a ( D a v i d M i l b u r n ) [ 1 2 2 7 3 4 2 ] b r > / p > \n \n \n b r > h 2 > R e l a t e d C V E s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 8 1 3 4 . h t m l \" > C V E - 2 0 1 4 - 8 1 3 4 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 0 - 5 3 1 3 . h t m l \" > C V E - 2 0 1 0 - 5 3 1 3 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 7 8 4 2 . h t m l \" > C V E - 2 0 1 4 - 7 8 4 2 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 5 - 5 1 5 6 . h t m l \" > C V E - 2 0 1 5 - 5 1 5 6 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 4 3 1 2 . h t m l \" > C V E - 2 0 1 3 - 4 3 1 2 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 5 - 8 2 1 5 . h t m l \" > C V E - 2 0 1 5 - 8 2 1 5 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 5 - 8 3 2 4 . h t m l \" > C V E - 2 0 1 5 - 8 3 2 4 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 5 - 8 5 4 3 . h t m l \" > C V E - 2 0 1 5 - 8 5 4 3 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 5 - 7 5 0 9 . h t m l \" > C V E - 2 0 1 5 - 7 5 0 9 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n b r > h 2 > U p d a t e d P a c k a g e s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r s t y l e = \" c o l o r : # F F 0 0 0 0 ; \" > t d > b > R e l e a s e / A r c h i t e c t u r e / b > t d > b > F i l e n a m e / b > / t d > t d > b > M D 5 s u m / b > / t d > t d > b > S u p e r s e d e d B y A d v i s o r y / b > / t d > / t r > \n t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 6 ( i 3 8 6 ) / t d > t d > k e r n e l - 2 . 6 . 3 2 - 6 4 2 . e l 6 . s r c . r p m / t d > t d > e 2 a 7 9 1 c 8 8 e 4 d 2 a b 6 4 e d 9 3 5 8 0 3 0 8 2 e 0 d 0 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - 2 . 6 . 3 2 - 6 4 2 . e l 6 . i 6 8 6 . r p m / t d > t d > 8 4 5 b 9 9 5 6 9 8 2 3 3 2 4 d d c 8 b 9 e 2 c 0 6 3 b 2 8 c 6 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - a b i - w h i t e l i s t s - 2 . 6 . 3 2 - 6 4 2 . e l 6 . n o a r c h . r p m / t d > t d > 2 e e 2 2 a 9 0 0 3 7 5 f e 4 3 2 7 e 1 e 3 9 3 1 8 e b c 7 d c / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - 2 . 6 . 3 2 - 6 4 2 . e l 6 . i 6 8 6 . r p m / t d > t d > 0 c 2 9 a f 5 9 d d 4 3 d 0 2 b c 3 c b 7 8 f b 5 0 f 8 b 0 7 1 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - d e v e l - 2 . 6 . 3 2 - 6 4 2 . e l 6 . i 6 8 6 . r p m / t d > t d > 2 9 c 5 a 7 0 9 f 2 1 5 f 5 3 4 4 6 f c 9 b 5 6 3 7 e d 9 6 5 f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e v e l - 2 . 6 . 3 2 - 6 4 2 . e l 6 . i 6 8 6 . r p m / t d > t d > 0 5 d 0 5 7 6 2 5 4 5 1 1 2 f d 7 f 6 8 8 7 0 3 5 6 8 4 3 5 3 9 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d o c - 2 . 6 . 3 2 - 6 4 2 . e l 6 . n o a r c h . r p m / t d > t d > 4 7 f d e f 2 3 1 f 2 d 6 8 e 1 8 c a 5 0 9 9 a 0 d 7 0 6 a e 4 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - f i r m w a r e - 2 . 6 . 3 2 - 6 4 2 . e l 6 . n o a r c h . r p m / t d > t d > d f 1 2 d a 0 e a 7 5 d 7 c 2 5 a 8 1 7 6 d a 0 9 f e 8 c 1 0 4 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - h e a d e r s - 2 . 6 . 3 2 - 6 4 2 . e l 6 . i 6 8 6 . r p m / t d > t d > c 1 6 b f 7 7 a 7 7 5 f e 4 3 6 4 d e e b 2 8 8 6 9 a 5 3 6 c d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > p e r f - 2 . 6 . 3 2 - 6 4 2 . e l 6 . i 6 8 6 . r p m / t d > t d > b d 7 3 c 7 7 3 4 f 1 9 d 3 2 5 6 3 e e 7 f c a 0 9 2 3 0 b a 6 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > p y t h o n - p e r f - 2 . 6 . 3 2 - 6 4 2 . e l 6 . i 6 8 6 . r p m / t d > t d > 5 a 8 4 0 5 2 0 9 e d 6 6 5 4 a 0 0 c 3 9 1 6 a a 1 a f 9 0 7 0 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 6 ( x 8 6 _ 6 4 ) / t d > t d > k e r n e l - 2 . 6 . 3 2 - 6 4 2 . e l 6 . s r c . r p m / t d > t d > e 2 a 7 9 1 c 8 8 e 4 d 2 a b 6 4 e d 9 3 5 8 0 3 0 8 2 e 0 d 0 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - 2 . 6 . 3 2 - 6 4 2 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > e 5 1 4 e 3 3 c 4 d 2 c a f 8 8 e 1 d b 6 5 3 6 0 9 e 9 6 6 6 6 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - a b i - w h i t e l i s t s - 2 . 6 . 3 2 - 6 4 2 . e l 6 . n o a r c h . r p m / t d > t d > 2 e e 2 2 a 9 0 0 3 7 5 f e 4 3 2 7 e 1 e 3 9 3 1 8 e b c 7 d c / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - 2 . 6 . 3 2 - 6 4 2 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > 3 b e 8 e 3 3 a e 8 d 9 f 3 8 c a a 5 f 2 f b b c 9 d a 2 0 7 9 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - d e v e l - 2 . 6 . 3 2 - 6 4 2 . e l 6 . i 6 8 6 . r p m / t d > t d > 2 9 c 5 a 7 0 9 f 2 1 5 f 5 3 4 4 6 f c 9 b 5 6 3 7 e d 9 6 5 f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - d e v e l - 2 . 6 . 3 2 - 6 4 2 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > 9 5 d b f 6 b 5 3 0 9 3 6 2 7 9 9 e f c 5 d e f 5 d 2 b a 4 3 b / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e v e l - 2 . 6 . 3 2 - 6 4 2 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > a 4 a 7 5 e 4 2 7 d b d 1 4 5 1 2 a d a c f 0 5 7 7 6 7 2 1 a a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d o c - 2 . 6 . 3 2 - 6 4 2 . e l 6 . n o a r c h . r p m / t d > t d > 4 7 f d e f 2 3 1 f 2 d 6 8 e 1 8 c a 5 0 9 9 a 0 d 7 0 6 a e 4 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - f i r m w a r e - 2 . 6 . 3 2 - 6 4 2 . e l 6 . n o a r c h . r p m / t d > t d > d f 1 2 d a 0 e a 7 5 d 7 c 2 5 a 8 1 7 6 d a 0 9 f e 8 c 1 0 4 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - h e a d e r s - 2 . 6 . 3 2 - 6 4 2 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > b 9 3 7 3 3 f 6 1 e 2 4 b 2 6 6 5 d d 9 4 6 3 f 9 d 2 4 b 9 5 a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > p e r f - 2 . 6 . 3 2 - 6 4 2 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > 1 5 6 a f 1 5 b c f 3 d 3 5 d 0 5 8 7 a 7 b 4 a 9 0 a 8 d 4 9 b / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > p y t h o n - p e r f - 2 . 6 . 3 2 - 6 4 2 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > d 6 3 f 3 e 5 2 6 9 c 6 7 3 8 f 0 f c 0 0 7 8 c d 5 2 3 7 6 0 d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n \n b r > b r > \n b r > p > \n T h i s p a g e i s g e n e r a t e d a u t o m a t i c a l l y a n d h a s n o t b e e n c h e c k e d f o r e r r o r s o r o m i s s i o n s . F o r c l a r i f i c a t i o n \n o r c o r r e c t i o n s p l e a s e c o n t a c t t h e a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / \" > O r a c l e L i n u x U L N t e a m / a > / p > \n \n \n \n / d i v > \n ! - - \n / d i v > \n - - > \n / d i v > \n / d i v > \n \n \n d i v i d = \" m c 1 6 \" c l a s s = \" m c 1 6 v 0 \" > \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > T e c h n i c a l i n f o r m a t i o n / h 2 > \n u l > \n l i > a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / h a r d w a r e - c e r t i f i c a t i o n s \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x C e r t i f i e d H a r d w a r e / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / l i b r a r y / e l s p - l i f e t i m e - 0 6 9 3 3 8 . p d f \" > O r a c l e L i n u x S u p p o r t e d R e l e a s e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > O r a c l e L i n u x S u p p o r t / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / t e c h n o l o g i e s / l i n u x / O r a c l e L i n u x S u p p o r t / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x S u p p o r t / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / p r e m i e r / s e r v e r s - s t o r a g e / o v e r v i e w / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e P r e m i e r S u p p o r t f o r S y s t e m s / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / a d v a n c e d - c u s t o m e r - s e r v i c e s / o v e r v i e w / \" > A d v a n c e d C u s t o m e r S e r v i c e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 2 \" > \n h 2 > C o n n e c t / h 2 > \n u l > \n l i c l a s s = \" f b i c o n \" > a h r e f = \" h t t p : / / w w w . f a c e b o o k . c o m / o r a c l e l i n u x \" t i t l e = \" F a c e b o o k \" n a m e = \" F a c e b o o k \" t a r g e t = \" _ b l a n k \" i d = \" F a c e b o o k \" > F a c e b o o k / a > / l i > \n l i c l a s s = \" t w i c o n \" > a h r e f = \" h t t p : / / w w w . t w i t t e r . c o m / O r a c l e L i n u x \" t i t l e = \" T w i t t e r \" n a m e = \" T w i t t e r \" t a r g e t = \" _ b l a n k \" i d = \" T w i t t e r \" > T w i t t e r / a > / l i > \n l i c l a s s = \" i n i c o n \" > a h r e f = \" h t t p : / / w w w . l i n k e d i n . c o m / g r o u p s ? g i d = 1 2 0 2 3 8 \" t i t l e = \" L i n k e d I n \" n a m e = \" L i n k e d I n \" t a r g e t = \" _ b l a n k \" i d = \" L i n k e d I n \" > L i n k e d I n / a > / l i > \n l i c l a s s = \" y t i c o n \" > a h r e f = \" h t t p : / / w w w . y o u t u b e . c o m / o r a c l e l i n u x c h a n n e l \" t i t l e = \" Y o u T u b e \" n a m e = \" Y o u T u b e \" t a r g e t = \" _ b l a n k \" i d = \" Y o u T u b e \" > Y o u T u b e / a > / l i > \n l i c l a s s = \" b l o g i c o n \" > a h r e f = \" h t t p : / / b l o g s . o r a c l e . c o m / l i n u x \" t i t l e = \" B l o g \" n a m e = \" B l o g \" > B l o g / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 3 \" > \n h 2 > C o n t a c t U s / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / c o r p o r a t e / c o n t a c t / g l o b a l - 0 7 0 5 1 1 . h t m l \" > G l o b a l c o n t a c t s / a > / l i > \n l i > O r a c l e 1 - 8 0 0 - 6 3 3 - 0 6 9 1 / l i > \n / u l > \n / d i v > \n / d i v > \n / d i v > \n \n d i v i d = \" m c 0 4 \" c l a s s = \" m c 0 4 v 1 \" > \n d i v c l a s s = \" m c 0 4 w 1 \" > \n a h r e f = \" h t t p : / / o r a c l e . c o m \" > i m g s r c = \" / / w w w . o r a c l e i m g . c o m / a s s e t s / m c 0 4 - f o o t e r - l o g o . p n g \" b o r d e r = \" 0 \" a l t = \" s o f t w a r e . h a r d w a r e . c o m p l e t e \" / > / a > \n / d i v > \n \n d i v c l a s s = \" m c 0 4 w 2 \" > \n a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / s u b s c r i b e / i n d e x . h t m l \" > S u b s c r i b e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / e m p l o y m e n t / i n d e x . h t m l \" > C a r e e r s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / c o n t a c t / i n d e x . h t m l \" > C o n t a c t U s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / c o p y r i g h t . h t m l \" > L e g a l N o t i c e s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / t e r m s . h t m l \" > T e r m s o f U s e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / p r i v a c y . h t m l \" > Y o u r P r i v a c y R i g h t s / a > \n / d i v > \n / d i v > \n / d i v > \n / b o d y > \n / h t m l > \n ", "modified": "2016-05-16T00:00:00", "published": "2016-05-16T00:00:00", "id": "ELSA-2016-0855", "href": "http://linux.oracle.com/errata/ELSA-2016-0855.html", "title": "kernel security, bug fix, and enhancement update", "type": "oraclelinux", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:39:25", "bulletinFamily": "unix", "description": "kernel-uek\n[3.8.13-118.21.1]\n- media: imon: Fix null-ptr-deref in imon_probe (Arvind Yadav) [Orabug: 27208380] {CVE-2017-16537}\n- Input: gtco - fix potential out-of-bound access (Dmitry Torokhov) [Orabug: 27215090] {CVE-2017-16643}\n- usb: usbtest: fix NULL pointer dereference (Alan Stern) [Orabug: 27602324] {CVE-2017-16532}\n- x86/spectre_v2: Fix cpu offlining with IPBP. (Konrad Rzeszutek Wilk) \n- fuse: fix deadlock caused by wrong locking order (Junxiao Bi) [Orabug: 27760268] \n- jbd: dont wait (forever) for stale tid caused by wraparound (Jan Kara) [Orabug: 27842289] \n- netfilter: ebtables: CONFIG_COMPAT: dont trust userland offsets (Florian Westphal) [Orabug: 27774015] {CVE-2018-1068}\n- RDS: IB: Fix null pointer issue (hui.han) [Orabug: 27843171] \n- ext4: add validity checks for bitmap block numbers (Theodore Tso) [Orabug: 27854376] {CVE-2018-1093} {CVE-2018-1093}\n- USB: core: prevent malicious bNumInterfaces overflow (Alan Stern) [Orabug: 27898074] {CVE-2017-17558}\n- netfilter: nfnetlink_cthelper: Add missing permission checks (Kevin Cernekee) [Orabug: 27898167] {CVE-2017-17448}\n- KEYS: dont let add_key() update an uninstantiated key (David Howells) [Orabug: 27913332] {CVE-2017-15299}\n- RDS: Heap OOB write in rds_message_alloc_sgs() (Mohamed Ghannam) [Orabug: 27934073] {CVE-2018-5332}\n- x86/entry/64: Dont use IST entry for #BP stack (Andy Lutomirski) {CVE-2018-8897}\n- perf/hwbp: Simplify the perf-hwbp code, fix documentation (Linus Torvalds) [Orabug: 27947608] {CVE-2018-100199}\n- x86/microcode: probe CPU features on microcode update (Ankur Arora) [Orabug: 27806667] \n- x86/microcode: microcode_write() should not reference boot_cpu_data (Ankur Arora) [Orabug: 27806667] \n- x86/cpufeatures: use cpu_data in init_scattered_cpuid_flags() (Ankur Arora) [Orabug: 27806667] \n- Drivers: hv: fcopy: set .owner reference for file operations (Joe Jin) [Orabug: 21191022] \n- ALSA: usb-audio: Kill stray URB at exiting (Takashi Iwai) [Orabug: 27148281] {CVE-2017-16527}\n- HID: usbhid: fix out-of-bounds bug (Jaejoong Kim) [Orabug: 27207929] {CVE-2017-16533}\n- [media] cx231xx-cards: fix NULL-deref on missing association descriptor (Johan Hovold) [Orabug: 27208072] {CVE-2017-16536}\n- net: cdc_ether: fix divide by 0 on bad descriptors (Bjorn Mork) [Orabug: 27215201] {CVE-2017-16649}\n- x86/microcode/intel: Extend BDW late-loading with a revision check (Jia Zhang) [Orabug: 27343577] \n- x86/microcode/intel: Disable late loading on model 79 (Borislav Petkov) [Orabug: 27343577] \n- Bluetooth: bnep: bnep_add_connection() should verify that its dealing with l2cap socket (Al Viro) [Orabug: 27344793] {CVE-2017-15868}\n- Bluetooth: hidp: verify l2cap sockets (David Herrmann) [Orabug: 27344793] {CVE-2017-15868}\n- ALSA: pcm: prevent UAF in snd_pcm_info (Robb Glasser) [Orabug: 27344843] {CVE-2017-0861} {CVE-2017-0861}\n- ptrace: use fsuid, fsgid, effective creds for fs access checks (Jann Horn) [Orabug: 27364691] {CVE-2017-14140}\n- sctp: do not peel off an assoc from one netns to another one (Xin Long) [Orabug: 27387001] {CVE-2017-15115}\n- Revert 'x86/spec_ctrl: Add 'nolfence' knob to disable fallback for spectre_v2 mitigation' (Ankur Arora) [Orabug: 27601787] {CVE-2017-5715}\n- Revert 'x86/spec: Add 'lfence_enabled' in sysfs' (Ankur Arora) [Orabug: 27601787] {CVE-2017-5715}\n- Revert 'x86/mitigation/spectre_v2: Add reporting of 'lfence'' (Ankur Arora) [Orabug: 27601787] {CVE-2017-5715}\n- x86/mitigation/spectre_v2: Add reporting of 'lfence' (Konrad Rzeszutek Wilk) {CVE-2017-5715}\n- x86/spec: Add 'lfence_enabled' in sysfs (Konrad Rzeszutek Wilk) {CVE-2017-5715}\n- x86/spec_ctrl: Add 'nolfence' knob to disable fallback for spectre_v2 mitigation (Konrad Rzeszutek Wilk) {CVE-2017-5715}\n- x86/spectre: bring spec_ctrl management logic closer to UEK4 (Ankur Arora) [Orabug: 27516512] {CVE-2017-5715}\n- x86/cpufeatures: Clean up Spectre v2 related CPUID flags (David Woodhouse) [Orabug: 27516357] {CVE-2017-5715}\n- x86/spectre_v2: Remove 0xc2 from spectre_bad_microcodes (Darren Kenny) [Orabug: 27516419] {CVE-2017-5715}\n- x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes (David Woodhouse) [Orabug: 27516419] {CVE-2017-5715}\n- x86: intel-family.h: Add GEMINI_LAKE SOC (Len Brown) [Orabug: 27516419] \n- x86/cpu/intel: Introduce macros for Intel family numbers (Dave Hansen) [Orabug: 27516419] \n- x86/spectre: expose 'stibp' (Konrad Rzeszutek Wilk) [Orabug: 27516419] {CVE-2017-5715}\n- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support (David Woodhouse) [Orabug: 27516379] {CVE-2017-5715}\n- x86/speculation: Use Indirect Branch Prediction Barrier in context switch (Tim Chen) [Orabug: 27516379] {CVE-2017-5715}\n- x86/spectre: fix spectre_v1 mitigation indicators (Ankur Arora) [Orabug: 27509932] {CVE-2017-5715}\n- x86/ia32/syscall: Clear extended registers %r8-%r15 (Ankur Arora) [Orabug: 27452028] {CVE-2017-5715}\n- x86/ia32/syscall: Save full stack frame throughout the entry code (Ankur Arora) [Orabug: 27452028] {CVE-2017-5715}\n- x86/ia32/syscall: cleanup trailing whitespace (Ankur Arora) [Orabug: 27452028] {CVE-2017-5715}\n- x86/syscall: Clear callee saved registers (%r12-%r15, %rbp, %rbx) (Ankur Arora) [Orabug: 27452028] {CVE-2017-5715}\n- x86/syscall: Save callee saved registers on syscall entrance (Ankur Arora) [Orabug: 27452028] {CVE-2017-5715}\n- gre: fix a possible skb leak (Eric Dumazet) [Orabug: 26403972] {CVE-2017-9074}\n- ipv6: Fix leak in ipv6_gso_segment(). (David S. Miller) [Orabug: 26403972] {CVE-2017-9074}\n- ipv6: xfrm: Handle errors reported by xfrm6_find_1stfragopt() (Ben Hutchings) [Orabug: 26403972] {CVE-2017-9074}\n- ipv6: Check ip6_find_1stfragopt() return value properly. (David S. Miller) [Orabug: 26403972] {CVE-2017-9074}\n- ipv6: Prevent overrun when parsing v6 header options (Craig Gallek) [Orabug: 26403972] {CVE-2017-9074}\n- tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0 (Wei Wang) [Orabug: 26813390] {CVE-2017-14106}\n- rxrpc: Fix several cases where a padded len isnt checked in ticket decode (David Howells) [Orabug: 26880517] {CVE-2017-7482} {CVE-2017-7482}\n- xen/mmu: Call xen_cleanhighmap() with 4MB aligned for page tables mapping (Zhenzhong Duan) [Orabug: 26883322] \n- KVM: x86: fix deadlock in clock-in-progress request handling (Marcelo Tosatti) [Orabug: 27065995] \n- ocfs2: fstrim: Fix start offset of first cluster group during fstrim (Ashish Samant) [Orabug: 27099835] \n- USB: serial: console: fix use-after-free after failed setup (Johan Hovold) [Orabug: 27206837] {CVE-2017-16525}\n- uwb: properly check kthread_run return value (Andrey Konovalov) [Orabug: 27206897] {CVE-2017-16526}\n- ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor (Takashi Iwai) [Orabug: 27206928] {CVE-2017-16529}\n- USB: fix out-of-bounds in usb_set_configuration (Greg Kroah-Hartman) [Orabug: 27207240] {CVE-2017-16531}\n- USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor() (Alan Stern) [Orabug: 27207983] {CVE-2017-16535}\n- dccp: CVE-2017-8824: use-after-free in DCCP code (Mohamed Ghannam) [Orabug: 27290301] {CVE-2017-8824}\n- x86: Add another set of MSR accessor functions (Borislav Petkov) [Orabug: 27444923] {CVE-2017-5753}\n- userns: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- udf: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- fs: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- qla2xxx: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- p54: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- carl9170: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- uvcvideo: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- locking/barriers: introduce new observable speculation barrier (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- x86/cpu/AMD: Make the LFENCE instruction serialized (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- x86/rsb: add comment specifying why we skip STUFF_RSB (Ankur Arora) [Orabug: 27451658] {CVE-2017-5715}\n- x86/rsb: make STUFF_RSB jmp labels more robust (Ankur Arora) [Orabug: 27451658] {CVE-2017-5715}\n- x86/spec: Also print IBRS if IBPB is disabled. (Konrad Rzeszutek Wilk) {CVE-2017-5715}\n- x86/spectre: Drop the warning about ibrs being obsolete. (Konrad Rzeszutek Wilk) {CVE-2017-5715}\n- Add set_ibrs_disabled and set_ibpb_disabled (Konrad Rzeszutek Wilk) [Orabug: 27376697] {CVE-2017-5715}\n- x86/spec: Dont print the Missing arguments for option spectre_v2 (Konrad Rzeszutek Wilk) [Orabug: 27376697] {CVE-2017-5715}\n- x86/boot: Add early cmdline parsing for options with arguments (Tom Lendacky) [Orabug: 27376697] {CVE-2017-5715}\n- x86, boot: Carve out early cmdline parsing function (Borislav Petkov) [Orabug: 27376697] \n- x86: Add command-line options 'spectre_v2' and 'nospectre_v2' (Kanth Ghatraju) [Orabug: 27376697] {CVE-2017-5715}\n- x86: Fix kABI build breakage (Konrad Rzeszutek Wilk) [Orabug: 27376697] {CVE-2017-5715}\n- x86/mm: Only set IBPB when the new thread cannot ptrace current thread (Konrad Rzeszutek Wilk) [Orabug: 27376697] {CVE-2017-5715}\n- x86: Use PRED_CMD MSR when ibpb is enabled (Konrad Rzeszutek Wilk) [Orabug: 27376697] {CVE-2017-5715}\n- x86/mm: Set IBPB upon context switch (Brian Maly) [Orabug: 27376697] {CVE-2017-5715}\n- x86: Display correct settings for the SPECTRE_V[12] bug (Kanth Ghatraju) [Orabug: 27376697] {CVE-2017-5715} {CVE-2017-5753}\n- x86/cpu: Implement CPU vulnerabilites sysfs functions (Thomas Gleixner) [Orabug: 27376697] {CVE-2017-5715} {CVE-2017-5753}\n- x86/IBRS/IBPB: Set sysctl_ibrs/ibpb_enabled properly (Boris Ostrovsky) [Orabug: 27376697] {CVE-2017-5715}\n- x86/spec_ctrl: Disable if running as Xen PV guest (Konrad Rzeszutek Wilk) [Orabug: 27376697] {CVE-2017-5715}\n- sysfs/cpu: Add vulnerability folder (Thomas Gleixner) [Orabug: 27376697] {CVE-2017-5715} {CVE-2017-5754}\n- x86, cpu: Expand cpufeature facility to include cpu bugs (Borislav Petkov) [Orabug: 27376697] {CVE-2017-5715}\n- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (Kanth Ghatraju) [Orabug: 27376697] {CVE-2017-5715}\n- x86/cpufeatures: Add X86_BUG_CPU_MELTDOWN (Kanth Ghatraju) [Orabug: 27376697] {CVE-2017-5754}\n- x86/entry: STUFF_RSB only after switching to kernel CR3 (Ankur Arora) [Orabug: 27376697] {CVE-2017-5715}\n- x86/entry: Stuff RSB for entry to kernel for non-SMEP platform (Tim Chen) [Orabug: 27376697] {CVE-2017-5715}\n- x86/IBRS: Make sure we restore MSR_IA32_SPEC_CTRL to a valid value (Boris Ostrovsky) [Orabug: 27376697] {CVE-2017-5715}\n- x86: Use IBRS for firmware update path (David Woodhouse) [Orabug: 27376697] {CVE-2017-5715}\n- x86/microcode: Recheck IBRS features on microcode reload (Tim Chen) [Orabug: 27376697] {CVE-2017-5715}\n- x86/idle: Disable IBRS entering idle and enable it on wakeup (Tim Chen) [Orabug: 27376697] {CVE-2017-5715}\n- x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature (Tim Chen) [Orabug: 27376697] {CVE-2017-5715}\n- x86/enter: Use IBRS on syscall and interrupts (Tim Chen) [Orabug: 27376697] {CVE-2017-5715}\n- x86/enter: MACROS to set/clear IBRS (Tim Chen) [Orabug: 27376697] {CVE-2017-5715}\n- x86/feature: Detect the x86 IBRS feature to control Speculation (Tim Chen) [Orabug: 27376697] {CVE-2017-5715}\n- x86/pti/efi: broken conversion from efi to kernel page table (Pavel Tatashin) [Orabug: 27333764] {CVE-2017-5754}\n- PTI: unbreak EFI old_memmap (Jiri Kosina) [Orabug: 27333764] [Orabug: 27333760] {CVE-2017-5754} {CVE-2017-5754}\n- kaiser: Set _PAGE_NX only if supported (Lepton Wu) [Orabug: 27333764] {CVE-2017-5754}\n- kaiser: rename X86_FEATURE_KAISER to X86_FEATURE_PTI (Mike Kravetz) [Orabug: 27333764] {CVE-2017-5754}\n- KPTI: Rename to PAGE_TABLE_ISOLATION (Kees Cook) [Orabug: 27333764] {CVE-2017-5754}\n- x86/kaiser: Check boottime cmdline params (Mike Kravetz) [Orabug: 27333764] {CVE-2017-5754}\n- k a i s e r : x 8 6 : F i x N M I h a n d l i n g ( J i r i K o s i n a ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - k a i s e r : m o v e p a r a v i r t c l o c k v s y s c a l l m a p p i n g o u t o f k a i s e r _ i n i t ( M i k e K r a v e t z ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - k a i s e r : d i s a b l e i f x e n P A R A V I R T ( M i k e K r a v e t z ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / k a i s e r : R e e n a b l e P A R A V I R T ( B o r i s l a v P e t k o v ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - k a i s e r : k a i s e r _ f l u s h _ t l b _ o n _ r e t u r n _ t o _ u s e r ( ) c h e c k P C I D ( H u g h D i c k i n s ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - k a i s e r : a s m / t l b f l u s h . h h a n d l e n o P G E a t l o w e r l e v e l ( H u g h D i c k i n s ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - k a i s e r : u s e A L T E R N A T I V E i n s t e a d o f x 8 6 _ c r 3 _ p c i d _ n o f l u s h ( H u g h D i c k i n s ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / k a i s e r : R e n a m e a n d s i m p l i f y X 8 6 _ F E A T U R E _ K A I S E R h a n d l i n g ( B o r i s l a v P e t k o v ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - k a i s e r : a d d ' n o k a i s e r ' b o o t o p t i o n , u s i n g A L T E R N A T I V E ( H u g h D i c k i n s ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / a l t e r n a t i v e s : a d d a s m A L T E R N A T I V E m a c r o ( M i k e K r a v e t z ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - k a i s e r : a l l o c _ l d t _ s t r u c t ( ) u s e g e t _ z e r o e d _ p a g e ( ) ( H u g h D i c k i n s ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 : k v m c l o c k : D i s a b l e u s e f r o m v D S O i f K P T I i s e n a b l e d ( B e n H u t c h i n g s ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - k a i s e r : F i x b u i l d w i t h C O N F I G _ F U N C T I O N _ G R A P H _ T R A C E R ( K e e s C o o k ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m / k a i s e r : r e - e n a b l e v s y s c a l l s ( A n d r e a A r c a n g e l i ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - K A I S E R : K e r n e l A d d r e s s I s o l a t i o n ( R i c h a r d F e l l n e r ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - k p r o b e s : P r o h i b i t p r o b i n g o n . e n t r y . t e x t c o d e ( M a s a m i H i r a m a t s u ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m / 6 4 : F i x r e b o o t i n t e r a c t i o n w i t h C R 4 . P C I D E ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m : E n a b l e C R 4 . P C I D E o n s u p p o r t e d s y s t e m s ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m : A d d t h e ' n o p c i d ' b o o t o p t i o n t o t u r n o f f P C I D ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m : D i s a b l e P C I D o n 3 2 - b i t k e r n e l s ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m : R e m o v e t h e U P a s m / t l b f l u s h . h c o d e , a l w a y s u s e t h e ( f o r m e r l y ) S M P c o d e ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m : F i x f l u s h _ t l b _ p a g e ( ) o n X e n ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m : D i s a b l e p r e e m p t i o n d u r i n g C R 3 r e a d + w r i t e ( S e b a s t i a n A n d r z e j S i e w i o r ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - s c h e d / c o r e : I d l e _ t a s k _ e x i t ( ) s h o u l d n t u s e s w i t c h _ m m _ i r q s _ o f f ( ) ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m , s c h e d / c o r e : T u r n o f f I R Q s i n s w i t c h _ m m ( ) ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m , s c h e d / c o r e : U n i n l i n e s w i t c h _ m m ( ) ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m : B u i l d a r c h / x 8 6 / m m / t l b . c e v e n o n ! S M P ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - s c h e d / c o r e : A d d s w i t c h _ m m _ i r q s _ o f f ( ) a n d u s e i t i n t h e s c h e d u l e r ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - m m / m m u _ c o n t e x t , s c h e d / c o r e : F i x m m u _ c o n t e x t . h a s s u m p t i o n ( I n g o M o l n a r ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m : I f I N V P C I D i s a v a i l a b l e , u s e i t t o f l u s h g l o b a l m a p p i n g s ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m : A d d a ' n o i n v p c i d ' b o o t o p t i o n t o t u r n o f f I N V P C I D ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m : F i x I N V P C I D a s m c o n s t r a i n t ( B o r i s l a v P e t k o v ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m : A d d I N V P C I D h e l p e r s ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 : C l e a n u p c r 4 m a n i p u l a t i o n ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / p a r a v i r t : D o n t p a t c h f l u s h _ t l b _ s i n g l e ( T h o m a s G l e i x n e r ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / l d t : M a k e m o d i f y _ l d t s y n c h r o n o u s ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 4 ] { C V E - 2 0 1 7 - 5 7 5 4 } { C V E - 2 0 1 5 - 5 1 5 7 } / p > \n \n \n b r > h 2 > R e l a t e d C V E s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 7 - 1 7 5 5 8 . h t m l \" > C V E - 2 0 1 7 - 1 7 5 5 8 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 7 - 1 7 4 4 8 . h t m l \" > C V E - 2 0 1 7 - 1 7 4 4 8 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 7 - 1 6 5 3 2 . h t m l \" > C V E - 2 0 1 7 - 1 6 5 3 2 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 8 - 1 0 6 8 . h t m l \" > C V E - 2 0 1 8 - 1 0 6 8 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 8 - 1 0 9 3 . h t m l \" > C V E - 2 0 1 8 - 1 0 9 3 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 7 - 1 6 6 4 3 . h t m l \" > C V E - 2 0 1 7 - 1 6 6 4 3 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 8 - 5 3 3 2 . h t m l \" > C V E - 2 0 1 8 - 5 3 3 2 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 7 - 1 6 5 3 7 . h t m l \" > C V E - 2 0 1 7 - 1 6 5 3 7 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 7 - 1 5 2 9 9 . h t m l \" > C V E - 2 0 1 7 - 1 5 2 9 9 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n b r > h 2 > U p d a t e d P a c k a g e s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r s t y l e = \" c o l o r : # F F 0 0 0 0 ; \" > t d > b > R e l e a s e / A r c h i t e c t u r e / b > t d > b > F i l e n a m e / b > / t d > t d > b > M D 5 s u m / b > / t d > t d > b > S u p e r s e d e d B y A d v i s o r y / b > / t d > / t r > \n t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 6 ( x 8 6 _ 6 4 ) / t d > t d > d t r a c e - m o d u l e s - 3 . 8 . 1 3 - 1 1 8 . 2 1 . 1 . e l 6 u e k - 0 . 4 . 5 - 3 . e l 6 . s r c . r p m / t d > t d > 7 a b b 1 2 8 2 0 7 8 3 1 6 5 5 a 5 9 4 4 6 6 4 d 9 1 c 2 5 0 8 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 3 . 8 . 1 3 - 1 1 8 . 2 1 . 1 . e l 6 u e k . s r c . r p m / t d > t d > a 2 5 a 0 f 2 5 5 1 7 b 3 0 9 8 e 0 f 9 b e 9 7 f e 7 0 a c 1 b / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > d t r a c e - m o d u l e s - 3 . 8 . 1 3 - 1 1 8 . 2 1 . 1 . e l 6 u e k - 0 . 4 . 5 - 3 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > 9 5 6 7 b b 1 b f 1 2 4 3 1 4 a b b b 0 7 9 f 8 0 e b 5 0 6 8 9 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 3 . 8 . 1 3 - 1 1 8 . 2 1 . 1 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > a d 2 c 6 b 1 5 7 5 9 b 9 4 8 4 1 1 c 1 2 7 7 c c b 0 a 8 6 4 2 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - 3 . 8 . 1 3 - 1 1 8 . 2 1 . 1 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 8 1 d a 7 c b 2 9 c 0 0 4 6 4 5 b e 8 3 4 2 d c 9 3 7 c f e 1 4 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - d e v e l - 3 . 8 . 1 3 - 1 1 8 . 2 1 . 1 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > b b 1 2 3 c c 6 a 8 9 b 5 1 a 7 d a f d 2 4 2 1 0 f 3 9 5 1 9 2 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e v e l - 3 . 8 . 1 3 - 1 1 8 . 2 1 . 1 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 1 6 a 1 f 7 7 8 5 3 2 9 6 7 f c 6 c 4 d 0 c 9 b 6 2 3 9 7 6 1 6 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d o c - 3 . 8 . 1 3 - 1 1 8 . 2 1 . 1 . e l 6 u e k . n o a r c h . r p m / t d > t d > 1 e 9 1 e f 4 7 a 7 9 2 0 4 e f 8 b 0 0 e c e 9 0 0 5 6 3 d 5 9 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - f i r m w a r e - 3 . 8 . 1 3 - 1 1 8 . 2 1 . 1 . e l 6 u e k . n o a r c h . r p m / t d > t d > 6 6 7 1 d 8 6 3 f 6 e f 5 4 7 1 3 6 1 8 8 e 1 2 f b a 4 f 1 9 5 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 7 ( x 8 6 _ 6 4 ) / t d > t d > d t r a c e - m o d u l e s - 3 . 8 . 1 3 - 1 1 8 . 2 1 . 1 . e l 7 u e k - 0 . 4 . 5 - 3 . e l 7 . s r c . r p m / t d > t d > 6 4 9 8 6 8 d f f d 8 9 6 c f e 7 2 e 1 0 0 2 5 4 2 1 c b d 1 d / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 3 . 8 . 1 3 - 1 1 8 . 2 1 . 1 . e l 7 u e k . s r c . r p m / t d > t d > 7 d 8 b 8 5 8 3 c 2 e c f 3 f 7 8 b 1 1 5 a 3 0 2 9 2 2 7 b d 0 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > d t r a c e - m o d u l e s - 3 . 8 . 1 3 - 1 1 8 . 2 1 . 1 . e l 7 u e k - 0 . 4 . 5 - 3 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > f 7 3 3 f 6 d 2 2 5 f 2 8 e e f 5 2 9 9 7 5 a 1 9 7 3 c 9 e b 8 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 3 . 8 . 1 3 - 1 1 8 . 2 1 . 1 . e l 7 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 2 c 6 a 4 4 b 8 4 a c 8 4 7 f e 0 d 2 5 7 d 4 f 2 1 8 7 5 f e a / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - 3 . 8 . 1 3 - 1 1 8 . 2 1 . 1 . e l 7 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 7 2 6 4 8 9 b 9 d 6 d b 2 4 b 4 1 4 d a 5 2 a 2 6 d 4 c 2 3 d e / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - d e v e l - 3 . 8 . 1 3 - 1 1 8 . 2 1 . 1 . e l 7 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 4 2 7 b 9 4 7 7 6 b 0 d 8 f 2 8 d c 3 1 1 b 1 6 e 8 5 7 1 b 9 9 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e v e l - 3 . 8 . 1 3 - 1 1 8 . 2 1 . 1 . e l 7 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 1 a 4 1 a a f 8 3 5 0 4 9 5 b b a 5 4 9 f d f 5 d d b c 2 1 f 9 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d o c - 3 . 8 . 1 3 - 1 1 8 . 2 1 . 1 . e l 7 u e k . n o a r c h . r p m / t d > t d > b d b 3 c 0 2 2 2 a f 4 2 e 6 1 7 d 0 d b 2 f b 5 c 2 a 4 4 c 2 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - f i r m w a r e - 3 . 8 . 1 3 - 1 1 8 . 2 1 . 1 . e l 7 u e k . n o a r c h . r p m / t d > t d > 4 9 5 8 1 8 c 3 9 0 c 1 d 2 3 9 d a 6 3 8 f 4 9 1 6 9 1 e 1 e 0 / t d > t d > a h r e f = # > - / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n \n b r > b r > \n b r > p > \n T h i s p a g e i s g e n e r a t e d a u t o m a t i c a l l y a n d h a s n o t b e e n c h e c k e d f o r e r r o r s o r o m i s s i o n s . F o r c l a r i f i c a t i o n \n o r c o r r e c t i o n s p l e a s e c o n t a c t t h e a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / \" > O r a c l e L i n u x U L N t e a m / a > / p > \n \n \n \n / d i v > \n ! - - \n / d i v > \n - - > \n / d i v > \n / d i v > \n \n \n d i v i d = \" m c 1 6 \" c l a s s = \" m c 1 6 v 0 \" > \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > T e c h n i c a l i n f o r m a t i o n / h 2 > \n u l > \n l i > a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / h a r d w a r e - c e r t i f i c a t i o n s \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x C e r t i f i e d H a r d w a r e / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / l i b r a r y / e l s p - l i f e t i m e - 0 6 9 3 3 8 . p d f \" > O r a c l e L i n u x S u p p o r t e d R e l e a s e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > O r a c l e L i n u x S u p p o r t / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / t e c h n o l o g i e s / l i n u x / O r a c l e L i n u x S u p p o r t / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x S u p p o r t / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / p r e m i e r / s e r v e r s - s t o r a g e / o v e r v i e w / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e P r e m i e r S u p p o r t f o r S y s t e m s / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / a d v a n c e d - c u s t o m e r - s e r v i c e s / o v e r v i e w / \" > A d v a n c e d C u s t o m e r S e r v i c e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 2 \" > \n h 2 > C o n n e c t / h 2 > \n u l > \n l i c l a s s = \" f b i c o n \" > a h r e f = \" h t t p : / / w w w . f a c e b o o k . c o m / o r a c l e l i n u x \" t i t l e = \" F a c e b o o k \" n a m e = \" F a c e b o o k \" t a r g e t = \" _ b l a n k \" i d = \" F a c e b o o k \" > F a c e b o o k / a > / l i > \n l i c l a s s = \" t w i c o n \" > a h r e f = \" h t t p : / / w w w . t w i t t e r . c o m / O r a c l e L i n u x \" t i t l e = \" T w i t t e r \" n a m e = \" T w i t t e r \" t a r g e t = \" _ b l a n k \" i d = \" T w i t t e r \" > T w i t t e r / a > / l i > \n l i c l a s s = \" i n i c o n \" > a h r e f = \" h t t p : / / w w w . l i n k e d i n . c o m / g r o u p s ? g i d = 1 2 0 2 3 8 \" t i t l e = \" L i n k e d I n \" n a m e = \" L i n k e d I n \" t a r g e t = \" _ b l a n k \" i d = \" L i n k e d I n \" > L i n k e d I n / a > / l i > \n l i c l a s s = \" y t i c o n \" > a h r e f = \" h t t p : / / w w w . y o u t u b e . c o m / o r a c l e l i n u x c h a n n e l \" t i t l e = \" Y o u T u b e \" n a m e = \" Y o u T u b e \" t a r g e t = \" _ b l a n k \" i d = \" Y o u T u b e \" > Y o u T u b e / a > / l i > \n l i c l a s s = \" b l o g i c o n \" > a h r e f = \" h t t p : / / b l o g s . o r a c l e . c o m / l i n u x \" t i t l e = \" B l o g \" n a m e = \" B l o g \" > B l o g / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 3 \" > \n h 2 > C o n t a c t U s / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / c o r p o r a t e / c o n t a c t / g l o b a l - 0 7 0 5 1 1 . h t m l \" > G l o b a l c o n t a c t s / a > / l i > \n l i > O r a c l e 1 - 8 0 0 - 6 3 3 - 0 6 9 1 / l i > \n / u l > \n / d i v > \n / d i v > \n / d i v > \n \n d i v i d = \" m c 0 4 \" c l a s s = \" m c 0 4 v 1 \" > \n d i v c l a s s = \" m c 0 4 w 1 \" > \n a h r e f = \" h t t p : / / o r a c l e . c o m \" > i m g s r c = \" / / w w w . o r a c l e i m g . c o m / a s s e t s / m c 0 4 - f o o t e r - l o g o . p n g \" b o r d e r = \" 0 \" a l t = \" s o f t w a r e . h a r d w a r e . c o m p l e t e \" / > / a > \n / d i v > \n \n d i v c l a s s = \" m c 0 4 w 2 \" > \n a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / s u b s c r i b e / i n d e x . h t m l \" > S u b s c r i b e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / e m p l o y m e n t / i n d e x . h t m l \" > C a r e e r s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / c o n t a c t / i n d e x . h t m l \" > C o n t a c t U s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / c o p y r i g h t . h t m l \" > L e g a l N o t i c e s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / t e r m s . h t m l \" > T e r m s o f U s e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / p r i v a c y . h t m l \" > Y o u r P r i v a c y R i g h t s / a > \n / d i v > \n / d i v > \n / d i v > \n / b o d y > \n / h t m l > \n ", "modified": "2018-05-15T00:00:00", "published": "2018-05-15T00:00:00", "id": "ELSA-2018-4109", "href": "http://linux.oracle.com/errata/ELSA-2018-4109.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:40:06", "bulletinFamily": "unix", "description": "[2.6.39-400.299.1]\n- ext4/jbd2: dont wait (forever) for stale tid caused by wraparound (Theodore Tso) [Orabug: 26424268] \n- jbd2: dont wake kjournald unnecessarily (Eric Sandeen) [Orabug: 26424268] \n- ext4: fix data corruption in inodes with journalled data (Jan Kara) [Orabug: 26424268] \n- media: imon: Fix null-ptr-deref in imon_probe (Arvind Yadav) [Orabug: 27208383] {CVE-2017-16537}\n- Input: gtco - fix potential out-of-bound access (Dmitry Torokhov) [Orabug: 27215095] {CVE-2017-16643}\n- RDS: IB: Fix null pointer issue (Guanglei Li) [Orabug: 27241654] \n- usb: usbtest: fix NULL pointer dereference (Alan Stern) [Orabug: 27602321] {CVE-2017-16532}\n- vfs,proc: guarantee unique inodes in /proc (Linus Torvalds) [Orabug: 27637293] \n- vfs: dont chain pipe/anon/socket on superblock s_inodes list (Eric Dumazet) [Orabug: 27637293] \n- fuse: fix deadlock caused by wrong locking order (Junxiao Bi) [Orabug: 27719848] \n- jbd: dont wait (forever) for stale tid caused by wraparound (Jan Kara) [Orabug: 27734012] \n- netfilter: ebtables: CONFIG_COMPAT: dont trust userland offsets (Florian Westphal) [Orabug: 27774010] {CVE-2018-1068}\n- x86/spec: set_ibrs[ibpb]_disabled() should disable ibrs[ibpb]_admin_disabled (Krish Sadhukhan) [Orabug: 27788624] \n- x86/spec: Fix wrong output from sysfs (Krish Sadhukhan) [Orabug: 27795350] \n- x86/spec: Fix spectre_v1 bug and mitigation indicators (John Haxby) [Orabug: 27811437] \n- ext4: add validity checks for bitmap block numbers (Theodore Tso) [Orabug: 27854370] {CVE-2018-1093} {CVE-2018-1093}\n- x86/microcode: probe CPU features on microcode update (Ankur Arora) [Orabug: 27878228] \n- x86/microcode: microcode_write() should not reference boot_cpu_data (Ankur Arora) [Orabug: 27878228] \n- x86/cpufeatures: use cpu_data in scan_spec_ctrl_features and rescan_spec_ctrl_features (Ankur Arora) [Orabug: 27878228] \n- USB: core: prevent malicious bNumInterfaces overflow (Alan Stern) [Orabug: 27898064] {CVE-2017-17558}\n- retpoline: microcode incorrectly reported as broken during early boot (Chuck Anderson) [Orabug: 27915293] \n- x86/spec: scan_spec_ctrl_feature should be executed only for cpu_index 0 (Krish Sadhukhan) [Orabug: 27915355] \n- RDS: Heap OOB write in rds_message_alloc_sgs() (Mohamed Ghannam) [Orabug: 27934081] {CVE-2018-5332}\n- xfs: set format back to extents if xfs_bmap_extents_to_btree (Eric Sandeen) [Orabug: 27989490] {CVE-2018-10323}\n- net/rds: Fix endless RNR situation (Hakon Bugge) [Orabug: 27645402] \n- x86/entry/64: Dont use IST entry for #BP stack (Andy Lutomirski) {CVE-2018-8897}\n- perf/hwbp: Simplify the perf-hwbp code, fix documentation (Linus Torvalds) [Orabug: 27947612] {CVE-2018-100199}\n- xen-netfront: fix rx stall when req_prod_pvt goes back to more than zero again (Dongli Zhang) [Orabug: 25053376] \n- x86/IBRS: Remove support for IBRS_ENABLED_USER mode (Boris Ostrovsky) [Orabug: 27430615] \n- x86/microcode/intel: Disable late loading on model 79 (Borislav Petkov) [Orabug: 27343579] \n- ALSA: usb-audio: Kill stray URB at exiting (Takashi Iwai) [Orabug: 27148283] {CVE-2017-16527}\n- uwb: properly check kthread_run return value (Andrey Konovalov) [Orabug: 27206900] {CVE-2017-16526}\n- HID: usbhid: fix out-of-bounds bug (Jaejoong Kim) [Orabug: 27207935] {CVE-2017-16533}\n- cx231xx-cards: fix NULL-deref on missing association descriptor (Johan Hovold) [Orabug: 27208080] {CVE-2017-16536}\n- net: cdc_ether: fix divide by 0 on bad descriptors (Bjorn Mork) [Orabug: 27215206] {CVE-2017-16649}\n- Bluetooth: bnep: bnep_add_connection() should verify that its dealing with l2cap socket (Al Viro) [Orabug: 27344787] {CVE-2017-15868}\n- Bluetooth: hidp: verify l2cap sockets (David Herrmann) [Orabug: 27344787] {CVE-2017-15868}\n- ALSA: pcm: prevent UAF in snd_pcm_info (Robb Glasser) [Orabug: 27344840] {CVE-2017-0861} {CVE-2017-0861}\n- Addendum: x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes (David Woodhouse) [Orabug: 27516441] \n- x86/cpufeature: Add X86_FEATURE_IA32_ARCH_CAPS and X86_FEATURE_IBRS_ATT (David Woodhouse) [Orabug: 27649498] {CVE-2017-5715}\n- x86/cpufeatures: Clean up Spectre v2 related CPUID flags (David Woodhouse) [Orabug: 27649510] {CVE-2017-5715}\n- x86/spectre: Now that we expose 'stbibp' make sure it is correct. (Konrad Rzeszutek Wilk) [Orabug: 27649631] {CVE-2017-5715}\n- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support (KarimAllah Ahmed) [Orabug: 27649640] {CVE-2017-5715}\n- x86: Add STIBP feature enumeration (David Woodhouse) [Orabug: 27649693] {CVE-2017-5715}\n- x86/cpu/AMD: Add speculative control support for AMD (Tom Lendacky) [Orabug: 27649706] {CVE-2017-5715}\n- x86/spectre_v2: Dont spam the console with these: (Konrad Rzeszutek Wilk) [Orabug: 27649723] {CVE-2017-5715}\n- x86/spectre_v2: Remove 0xc2 from spectre_bad_microcodes (Darren Kenny) [Orabug: 27600848] \n- Revert 'x86/spec_ctrl: Add 'nolfence' knob to disable fallback for spectre_v2 mitigation' (Konrad Rzeszutek Wilk) [Orabug: 27601773] \n- x86/syscall: run syscall exit code with extra registers cleared (Alexandre Chartre) [Orabug: 27501176] \n- x86/syscall: run syscall-specific code with extra registers cleared (Alexandre Chartre) [Orabug: 27501176] \n- x86/syscall: run syscall entry code with extra registers cleared (Alexandre Chartre) [Orabug: 27501176] \n- x86/spectre: Drop the warning about ibrs being obsolete (Konrad Rzeszutek Wilk) [Orabug: 27518974] \n- x86: Include linux/device.h in bugs_64.c (Boris Ostrovsky) [Orabug: 27519044] \n- x86: fix mitigation details of UEK2 spectre v1 (Konrad Rzeszutek Wilk) [Orabug: 27509909] \n- x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes (David Woodhouse) [Orabug: 27516441] {CVE-2017-5715}\n- x86, intel: Output microcode revision in /proc/cpuinfo (Andi Kleen) [Orabug: 27516441] \n- x86: intel-family.h: Add GEMINI_LAKE SOC (Len Brown) [Orabug: 27516441] \n- x86/cpu/intel: Introduce macros for Intel family numbers (Dave Hansen) [Orabug: 27516441] \n- x86/mitigation/spectre_v2: Add reporting of 'lfence' (Konrad Rzeszutek Wilk) [Orabug: 27525958] \n- x86/spec: Add 'lfence_enabled' in sysfs (Konrad Rzeszutek Wilk) [Orabug: 27525954] \n- x86/spec_ctrl: Add 'nolfence' knob to disable fallback for spectre_v2 mitigation (Konrad Rzeszutek Wilk) [Orabug: 27525923] \n- x86/spec: Also print IBRS if IBPB is disabled (Konrad Rzeszutek Wilk) [Orabug: 27519083] \n- x86: Use Indirect Branch Prediction Barrier in context switch (Tim Chen) [Orabug: 27516378] \n- ext4: limit group search loop for non-extent files (Lachlan McIlroy) [Orabug: 17488415] \n- ext4: fixup 64-bit divides in 3.0-stable backport of upstream fix (Todd Poynor) [Orabug: 17488415] \n- ext4: use atomic64_t for the per-flexbg free_clusters count (Theodore Tso) [Orabug: 17488415] \n- ext4: init pagevec in ext4_da_block_invalidatepages (Eric Sandeen) [Orabug: 17488415] \n- ext4: do not try to write superblock on ro remount w/o journal (Michael Tokarev) [Orabug: 17488415] \n- xen-netback: fix grant_copy_op array size (Niranjan Patil) [Orabug: 25653941] \n- xen-netback: explicitly check max_slots_needed against meta_prod counter (Niranjan Patil) [Orabug: 25653941] \n- xen-netback: Fix handling of skbs requiring too many slots (Zoltan Kiss) [Orabug: 25653941] \n- xen-netback: worse-case estimate in xenvif_rx_action is underestimating (Paul Durrant) [Orabug: 25653941] \n- xen-netback: Add worse-case estimates of max_slots_needed in netbk_rx_action (Niranjan Patil) [Orabug: 25653941] \n- KEYS: Remove key_type::match in favour of overriding default by match_preparse (Tim Tianyang Chen) [Orabug: 25757946] {CVE-2017-6951}\n- xen/mmu: Call xen_cleanhighmap() with 4MB aligned for page tables mapping (Zhenzhong Duan) [Orabug: 26737475] \n- tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0 (Wei Wang) [Orabug: 26813391] {CVE-2017-14106}\n- rxrpc: Fix several cases where a padded len isnt checked in ticket decode (David Howells) [Orabug: 26880520] {CVE-2017-7482} {CVE-2017-7482}\n- ocfs2: fstrim: Fix start offset of first cluster group during fstrim (Ashish Samant) [Orabug: 27099836] \n- Check validity of cl_rpcclient in nfs_server_list_show (Malahal Naineni) [Orabug: 27112186] \n- USB: serial: console: fix use-after-free after failed setup (Johan Hovold) [Orabug: 27206839] {CVE-2017-16525}\n- ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor (Takashi Iwai) [Orabug: 27206934] {CVE-2017-16529}\n- USB: fix out-of-bounds in usb_set_configuration (Greg Kroah-Hartman) [Orabug: 27207243] {CVE-2017-16531}\n- dccp: CVE-2017-8824: use-after-free in DCCP code (Mohamed Ghannam) [Orabug: 27290308] {CVE-2017-8824}\n- x86: Use PRED_CMD MSR when ibpb is enabled (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/spec: Dont print the Missing arguments for option spectre_v2 (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86: Move ENABLE_IBRS in the interrupt macro (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- Add set_ibrs_disabled and set_ibpb_disabled (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/boot: Add early cmdline parsing for options with arguments (Tom Lendacky) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86, boot: Carve out early cmdline parsing function (Borislav Petkov) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86: Fix kABI build breakage (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86: Add command-line options 'spectre_v2' and 'nospectre_v2' (Kanth Ghatraju) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/mm: Set IBPB upon context switch (Brian Maly) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86: Display correct settings for the SPECTRE_V2 bug (Kanth Ghatraju) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- Set CONFIG_GENERIC_CPU_VULNERABILITIES flag (Kanth Ghatraju) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/cpu: Implement CPU vulnerabilites sysfs functions (Thomas Gleixner) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- sysfs/cpu: Fix typos in vulnerability documentation (David Woodhouse) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- sysfs/cpu: Add vulnerability folder (Thomas Gleixner) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86, cpu: Expand cpufeature facility to include cpu bugs (Borislav Petkov) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (David Woodhouse) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/cpufeatures: Add X86_BUG_CPU_MELTDOWN (Kanth Ghatraju) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/spec: STUFF_RSB _before_ ENABLE_IBRS (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86: Move STUFF_RSB in to the idt macro (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/IBRS/IBPB: Set sysctl_ibrs/ibpb_enabled properly (Boris Ostrovsky) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/IBRS: Make sure we restore MSR_IA32_SPEC_CTRL to a valid value (Boris Ostrovsky) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/spec_ctrl: Add missing 'lfence' when IBRS is not supported (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/ia32: Move STUFF_RSB And ENABLE_IBRS (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/entry: Stuff RSB for entry to kernel for non-SMEP platform (Tim Chen) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86: Use IBRS for firmware update path (David Woodhouse) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/spec_ctrl: Disable if running as Xen PV guest (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/microcode: Recheck IBRS features on microcode reload (Tim Chen) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/idle: Disable IBRS entering idle and enable it on wakeup (Tim Chen) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature (Tim Chen) [Orabug: 27369777] {CVE-2017-5715 } { C V E - 2 0 1 7 - 5 7 5 3 } b r > - x 8 6 / e n t e r : U s e I B R S o n s y s c a l l a n d i n t e r r u p t s ( T i m C h e n ) [ O r a b u g : 2 7 3 6 9 7 7 7 ] { C V E - 2 0 1 7 - 5 7 1 5 } { C V E - 2 0 1 7 - 5 7 5 3 } b r > - x 8 6 / e n t e r : M A C R O S t o s e t / c l e a r I B R S a n d s e t I B P B ( T i m C h e n ) [ O r a b u g : 2 7 3 6 9 7 7 7 ] { C V E - 2 0 1 7 - 5 7 1 5 } { C V E - 2 0 1 7 - 5 7 5 3 } b r > - x 8 6 / f e a t u r e : D e t e c t t h e x 8 6 I B R S f e a t u r e t o c o n t r o l S p e c u l a t i o n ( T i m C h e n ) [ O r a b u g : 2 7 3 6 9 7 7 7 ] { C V E - 2 0 1 7 - 5 7 1 5 } { C V E - 2 0 1 7 - 5 7 5 3 } b r > - x 8 6 : f i x b u i l d b r e a k a g e ( B r i a n M a l y ) [ O r a b u g : 2 7 3 4 6 4 2 5 ] { C V E - 2 0 1 7 - 5 7 5 3 } b r > - k a i s e r : r e n a m e X 8 6 _ F E A T U R E _ K A I S E R t o X 8 6 _ F E A T U R E _ P T I t o m a t c h u p s t r e a m ( M i k e K r a v e t z ) { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / k a i s e r : C h e c k b o o t t i m e c m d l i n e p a r a m s ( M i k e K r a v e t z ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / k a i s e r : R e n a m e a n d s i m p l i f y X 8 6 _ F E A T U R E _ K A I S E R h a n d l i n g ( B o r i s l a v P e t k o v ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - K P T I : R e p o r t w h e n e n a b l e d ( M i k e K r a v e t z ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - P T I : u n b r e a k E F I o l d _ m e m m a p ( J i r i K o s i n a ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] [ O r a b u g : 2 7 3 3 3 7 6 0 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - k a i s e r : S e t _ P A G E _ N X o n l y i f s u p p o r t e d ( G u e n t e r R o e c k ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] [ O r a b u g : 2 7 3 3 3 7 6 0 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - K P T I : R e n a m e t o P A G E _ T A B L E _ I S O L A T I O N ( K e e s C o o k ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - k a i s e r : k a i s e r _ f l u s h _ t l b _ o n _ r e t u r n _ t o _ u s e r ( ) c h e c k P C I D ( H u g h D i c k i n s ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - k a i s e r : a s m / t l b f l u s h . h h a n d l e n o P G E a t l o w e r l e v e l ( H u g h D i c k i n s ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - k a i s e r : u s e A L T E R N A T I V E i n s t e a d o f x 8 6 _ c r 3 _ p c i d _ n o f l u s h ( H u g h D i c k i n s ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / a l t e r n a t i v e s : a d d a s m A L T E R N A T I V E m a c r o ( M i k e K r a v e t z ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / k a i s e r : R e e n a b l e P A R A V I R T , d y n a m i c a l l y d i s a b l e K A I S E R i f P A R A V I R T ( B o r i s l a v P e t k o v ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - k a i s e r : a d d ' n o k a i s e r ' b o o t o p t i o n , u s i n g A L T E R N A T I V E ( H u g h D i c k i n s ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 - 3 2 : F i x b o o t w i t h C O N F I G _ X 8 6 _ I N V D _ B U G ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - k a i s e r : a l l o c _ l d t _ s t r u c t ( ) u s e g e t _ z e r o e d _ p a g e ( ) ( H u g h D i c k i n s ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - k a i s e r : u s e r _ m a p _ _ k p r o b e s _ t e x t t o o ( H u g h D i c k i n s ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m / k a i s e r : r e - e n a b l e v s y s c a l l s ( A n d r e a A r c a n g e l i ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - K A I S E R : K e r n e l A d d r e s s I s o l a t i o n ( H u g h D i c k i n s ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m : f i x b a d b a c k p o r t t o d i s a b l e P C I D o n X e n ( B o r i s l a v P e t k o v ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m / 6 4 : F i x r e b o o t i n t e r a c t i o n w i t h C R 4 . P C I D E ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m : E n a b l e C R 4 . P C I D E o n s u p p o r t e d s y s t e m s ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m : A d d t h e ' n o p c i d ' b o o t o p t i o n t o t u r n o f f P C I D ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m : D i s a b l e P C I D o n 3 2 - b i t k e r n e l s ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m : R e m o v e t h e U P a s m / t l b f l u s h . h c o d e , a l w a y s u s e t h e ( f o r m e r l y ) S M P c o d e ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - s c h e d / c o r e : I d l e _ t a s k _ e x i t ( ) s h o u l d n t u s e s w i t c h _ m m _ i r q s _ o f f ( ) ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m , s c h e d / c o r e : T u r n o f f I R Q s i n s w i t c h _ m m ( ) ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m , s c h e d / c o r e : U n i n l i n e s w i t c h _ m m ( ) ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m : B u i l d a r c h / x 8 6 / m m / t l b . c e v e n o n ! S M P ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - s c h e d / c o r e : A d d s w i t c h _ m m _ i r q s _ o f f ( ) a n d u s e i t i n t h e s c h e d u l e r ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - m m / m m u _ c o n t e x t , s c h e d / c o r e : F i x m m u _ c o n t e x t . h a s s u m p t i o n ( I n g o M o l n a r ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m : I f I N V P C I D i s a v a i l a b l e , u s e i t t o f l u s h g l o b a l m a p p i n g s ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m : A d d a ' n o i n v p c i d ' b o o t o p t i o n t o t u r n o f f I N V P C I D ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m : F i x I N V P C I D a s m c o n s t r a i n t ( B o r i s l a v P e t k o v ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m : A d d I N V P C I D h e l p e r s ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 , c p u f e a t u r e : A d d C P U f e a t u r e s f r o m I n t e l d o c u m e n t 3 1 9 4 3 3 - 0 1 2 A ( H . P e t e r A n v i n ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / p a r a v i r t : D o n t p a t c h f l u s h _ t l b _ s i n g l e ( T h o m a s G l e i x n e r ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 - 6 4 : M a p t h e H P E T N X ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / l d t : M a k e m o d i f y _ l d t s y n c h r o n o u s ( A n d y L u t o m i r s k i ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } { C V E - 2 0 1 5 - 5 1 5 7 } b r > - x 8 6 , c p u : A d d c p u f e a t u r e f l a g f o r P C I D s ( A r u n T h o m a s ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - x 8 6 / m m : D i s a b l e p r e e m p t i o n d u r i n g C R 3 r e a d + w r i t e ( S e b a s t i a n A n d r z e j S i e w i o r ) [ O r a b u g : 2 7 3 3 3 7 6 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - l o c k i n g / b a r r i e r s : f i x c o m p i l e i s s u e ( B r i a n M a l y ) [ O r a b u g : 2 7 3 4 6 4 2 5 ] { C V E - 2 0 1 7 - 5 7 5 3 } b r > - x 8 6 : A d d a n o t h e r s e t o f M S R a c c e s s o r f u n c t i o n s ( B o r i s l a v P e t k o v ) [ O r a b u g : 2 7 3 4 6 4 2 5 ] { C V E - 2 0 1 7 - 5 7 5 3 } b r > - u d f : p r e v e n t s p e c u l a t i v e e x e c u t i o n ( E l e n a R e s h e t o v a ) [ O r a b u g : 2 7 3 4 6 4 2 5 ] { C V E - 2 0 1 7 - 5 7 5 3 } b r > - f s : p r e v e n t s p e c u l a t i v e e x e c u t i o n ( E l e n a R e s h e t o v a ) [ O r a b u g : 2 7 3 4 6 4 2 5 ] { C V E - 2 0 1 7 - 5 7 5 3 } b r > - q l a 2 x x x : p r e v e n t s p e c u l a t i v e e x e c u t i o n ( E l e n a R e s h e t o v a ) [ O r a b u g : 2 7 3 4 6 4 2 5 ] { C V E - 2 0 1 7 - 5 7 5 3 } b r > - p 5 4 : p r e v e n t s p e c u l a t i v e e x e c u t i o n ( E l e n a R e s h e t o v a ) [ O r a b u g : 2 7 3 4 6 4 2 5 ] { C V E - 2 0 1 7 - 5 7 5 3 } b r > - c a r l 9 1 7 0 : p r e v e n t s p e c u l a t i v e e x e c u t i o n ( E l e n a R e s h e t o v a ) [ O r a b u g : 2 7 3 4 6 4 2 5 ] { C V E - 2 0 1 7 - 5 7 5 3 } b r > - u v c v i d e o : p r e v e n t s p e c u l a t i v e e x e c u t i o n ( E l e n a R e s h e t o v a ) [ O r a b u g : 2 7 3 4 6 4 2 5 ] { C V E - 2 0 1 7 - 5 7 5 3 } b r > - l o c k i n g / b a r r i e r s : i n t r o d u c e n e w o b s e r v a b l e s p e c u l a t i o n b a r r i e r ( E l e n a R e s h e t o v a ) [ O r a b u g : 2 7 3 4 6 4 2 5 ] { C V E - 2 0 1 7 - 5 7 5 3 } b r > - x 8 6 / c p u / A M D : R e m o v e n o w u n u s e d d e f i n i t i o n o f M F E N C E _ R D T S C f e a t u r e ( E l e n a R e s h e t o v a ) [ O r a b u g : 2 7 3 4 6 4 2 5 ] { C V E - 2 0 1 7 - 5 7 5 3 } b r > - x 8 6 / c p u / A M D : M a k e t h e L F E N C E i n s t r u c t i o n s e r i a l i z e d ( E l e n a R e s h e t o v a ) [ O r a b u g : 2 7 3 4 6 4 2 5 ] { C V E - 2 0 1 7 - 5 7 5 3 } / p > \n \n \n b r > h 2 > R e l a t e d C V E s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 7 - 1 7 5 5 8 . h t m l \" > C V E - 2 0 1 7 - 1 7 5 5 8 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 7 - 1 7 4 4 8 . h t m l \" > C V E - 2 0 1 7 - 1 7 4 4 8 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 7 - 1 6 5 3 2 . h t m l \" > C V E - 2 0 1 7 - 1 6 5 3 2 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 8 - 1 0 6 8 . h t m l \" > C V E - 2 0 1 8 - 1 0 6 8 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 8 - 1 0 9 3 . h t m l \" > C V E - 2 0 1 8 - 1 0 9 3 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 7 - 1 6 6 4 3 . h t m l \" > C V E - 2 0 1 7 - 1 6 6 4 3 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 8 - 5 3 3 2 . h t m l \" > C V E - 2 0 1 8 - 5 3 3 2 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 7 - 1 6 5 3 7 . h t m l \" > C V E - 2 0 1 7 - 1 6 5 3 7 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 7 - 1 5 2 9 9 . h t m l \" > C V E - 2 0 1 7 - 1 5 2 9 9 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n b r > h 2 > U p d a t e d P a c k a g e s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r s t y l e = \" c o l o r : # F F 0 0 0 0 ; \" > t d > b > R e l e a s e / A r c h i t e c t u r e / b > t d > b > F i l e n a m e / b > / t d > t d > b > M D 5 s u m / b > / t d > t d > b > S u p e r s e d e d B y A d v i s o r y / b > / t d > / t r > \n t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 5 ( i 3 8 6 ) / t d > t d > k e r n e l - u e k - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 5 u e k . s r c . r p m / t d > t d > 0 6 a d 8 8 6 a 5 c f e 7 9 b c 6 e 2 8 e f a 7 9 e 0 5 b b 1 3 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 5 u e k . i 6 8 6 . r p m / t d > t d > f a b a b d 6 6 6 d 7 4 a 6 0 a 1 9 0 1 5 e a 7 2 5 8 2 2 4 8 7 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 5 u e k . i 6 8 6 . r p m / t d > t d > 4 2 9 e 1 d d 7 b 8 c f c 1 0 c 8 2 4 a 9 a 3 4 9 c 5 a 3 1 8 7 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - d e v e l - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 5 u e k . i 6 8 6 . r p m / t d > t d > 5 a 3 a 8 b 2 f 1 3 0 d 2 6 2 2 1 f 0 5 2 7 9 f b a d 5 5 7 5 3 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e v e l - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 5 u e k . i 6 8 6 . r p m / t d > t d > 7 1 a 5 e 3 a 5 7 f a 9 f d c a 3 0 e f d e c 3 b 1 1 3 f e 1 8 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d o c - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 5 u e k . n o a r c h . r p m / t d > t d > f b 5 3 7 a 5 3 f 7 8 e 5 7 3 b 2 e 0 c d b 2 4 5 3 0 e 5 3 8 f / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - f i r m w a r e - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 5 u e k . n o a r c h . r p m / t d > t d > 6 0 5 7 e 7 a 2 b f e 2 0 4 1 8 8 a 3 2 5 3 7 b 5 0 7 3 b b 7 0 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 5 ( x 8 6 _ 6 4 ) / t d > t d > k e r n e l - u e k - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 5 u e k . s r c . r p m / t d > t d > 0 6 a d 8 8 6 a 5 c f e 7 9 b c 6 e 2 8 e f a 7 9 e 0 5 b b 1 3 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 5 u e k . x 8 6 _ 6 4 . r p m / t d > t d > d 3 2 5 2 f e 8 3 1 c 0 a 5 9 a 8 7 d b 5 7 e 4 8 4 c b 8 3 9 5 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 5 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 2 6 8 e d 8 8 6 0 2 0 0 4 7 d 7 1 6 a 2 9 5 7 2 e 9 0 6 8 4 7 4 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - d e v e l - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 5 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 3 3 b e a c f 7 f e 2 4 8 1 d 4 2 1 7 4 5 e d e 7 7 5 f 3 9 4 b / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e v e l - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 5 u e k . x 8 6 _ 6 4 . r p m / t d > t d > e 1 9 8 9 b 5 f 5 6 b 2 1 2 4 c 9 b d 9 9 1 f d 2 8 4 7 2 8 f 3 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d o c - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 5 u e k . n o a r c h . r p m / t d > t d > f b 5 3 7 a 5 3 f 7 8 e 5 7 3 b 2 e 0 c d b 2 4 5 3 0 e 5 3 8 f / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - f i r m w a r e - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 5 u e k . n o a r c h . r p m / t d > t d > 6 0 5 7 e 7 a 2 b f e 2 0 4 1 8 8 a 3 2 5 3 7 b 5 0 7 3 b b 7 0 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 6 ( i 3 8 6 ) / t d > t d > k e r n e l - u e k - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 6 u e k . s r c . r p m / t d > t d > 6 a 8 3 d 4 3 1 3 5 b 2 3 1 d f e 1 f d 4 3 8 3 0 d e d 4 9 2 6 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 6 u e k . i 6 8 6 . r p m / t d > t d > 3 6 c 7 c 8 c f 2 4 4 9 1 4 a f 6 1 9 2 d 4 2 9 9 7 5 1 9 2 c 7 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 6 u e k . i 6 8 6 . r p m / t d > t d > 2 a 8 5 5 6 3 f 1 4 6 2 6 8 c b 3 4 6 4 c d 3 a c 4 1 3 6 a d b / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - d e v e l - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 6 u e k . i 6 8 6 . r p m / t d > t d > 3 a 4 8 8 5 5 c c 4 d c b 9 6 c 8 8 f 7 e e f 7 3 1 d f d 2 9 4 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e v e l - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 6 u e k . i 6 8 6 . r p m / t d > t d > e e f 7 d 6 e 1 f 0 8 a a 0 2 b f 3 f d d 7 0 b 3 9 0 4 6 5 b 9 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d o c - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 6 u e k . n o a r c h . r p m / t d > t d > a 3 4 b f 2 d e c a e 1 7 b f f 5 b 5 a 2 1 f 4 4 c 2 e d 4 b a / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - f i r m w a r e - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 6 u e k . n o a r c h . r p m / t d > t d > a e 3 f d 3 1 5 c c 9 c 8 e c 2 c 4 4 1 6 e 1 2 1 a 3 b 6 1 1 2 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 6 ( x 8 6 _ 6 4 ) / t d > t d > k e r n e l - u e k - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 6 u e k . s r c . r p m / t d > t d > 6 a 8 3 d 4 3 1 3 5 b 2 3 1 d f e 1 f d 4 3 8 3 0 d e d 4 9 2 6 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > e 4 9 8 6 4 a c 5 f 6 a 9 2 4 d 3 e c d 3 5 f 8 5 4 0 c 6 c a b / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > c 8 6 4 c 7 d 2 d 9 e d a 2 4 8 3 4 9 9 0 6 1 9 e 4 b 5 d e f b / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - d e v e l - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 9 1 9 8 e c 8 0 3 3 9 7 e c 2 5 b 5 5 d d 6 2 8 3 f 1 6 a a a 8 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e v e l - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 2 d c 3 1 6 d 2 f 6 6 7 1 d 1 b a d 5 7 2 0 1 a f 7 9 f 4 9 7 8 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d o c - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 6 u e k . n o a r c h . r p m / t d > t d > a 3 4 b f 2 d e c a e 1 7 b f f 5 b 5 a 2 1 f 4 4 c 2 e d 4 b a / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - f i r m w a r e - 2 . 6 . 3 9 - 4 0 0 . 2 9 9 . 1 . e l 6 u e k . n o a r c h . r p m / t d > t d > a e 3 f d 3 1 5 c c 9 c 8 e c 2 c 4 4 1 6 e 1 2 1 a 3 b 6 1 1 2 / t d > t d > a h r e f = # > - / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n \n b r > b r > \n b r > p > \n T h i s p a g e i s g e n e r a t e d a u t o m a t i c a l l y a n d h a s n o t b e e n c h e c k e d f o r e r r o r s o r o m i s s i o n s . F o r c l a r i f i c a t i o n \n o r c o r r e c t i o n s p l e a s e c o n t a c t t h e a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / \" > O r a c l e L i n u x U L N t e a m / a > / p > \n \n \n \n / d i v > \n ! - - \n / d i v > \n - - > \n / d i v > \n / d i v > \n \n \n d i v i d = \" m c 1 6 \" c l a s s = \" m c 1 6 v 0 \" > \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > T e c h n i c a l i n f o r m a t i o n / h 2 > \n u l > \n l i > a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / h a r d w a r e - c e r t i f i c a t i o n s \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x C e r t i f i e d H a r d w a r e / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / l i b r a r y / e l s p - l i f e t i m e - 0 6 9 3 3 8 . p d f \" > O r a c l e L i n u x S u p p o r t e d R e l e a s e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > O r a c l e L i n u x S u p p o r t / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / t e c h n o l o g i e s / l i n u x / O r a c l e L i n u x S u p p o r t / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x S u p p o r t / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / p r e m i e r / s e r v e r s - s t o r a g e / o v e r v i e w / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e P r e m i e r S u p p o r t f o r S y s t e m s / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / a d v a n c e d - c u s t o m e r - s e r v i c e s / o v e r v i e w / \" > A d v a n c e d C u s t o m e r S e r v i c e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 2 \" > \n h 2 > C o n n e c t / h 2 > \n u l > \n l i c l a s s = \" f b i c o n \" > a h r e f = \" h t t p : / / w w w . f a c e b o o k . c o m / o r a c l e l i n u x \" t i t l e = \" F a c e b o o k \" n a m e = \" F a c e b o o k \" t a r g e t = \" _ b l a n k \" i d = \" F a c e b o o k \" > F a c e b o o k / a > / l i > \n l i c l a s s = \" t w i c o n \" > a h r e f = \" h t t p : / / w w w . t w i t t e r . c o m / O r a c l e L i n u x \" t i t l e = \" T w i t t e r \" n a m e = \" T w i t t e r \" t a r g e t = \" _ b l a n k \" i d = \" T w i t t e r \" > T w i t t e r / a > / l i > \n l i c l a s s = \" i n i c o n \" > a h r e f = \" h t t p : / / w w w . l i n k e d i n . c o m / g r o u p s ? g i d = 1 2 0 2 3 8 \" t i t l e = \" L i n k e d I n \" n a m e = \" L i n k e d I n \" t a r g e t = \" _ b l a n k \" i d = \" L i n k e d I n \" > L i n k e d I n / a > / l i > \n l i c l a s s = \" y t i c o n \" > a h r e f = \" h t t p : / / w w w . y o u t u b e . c o m / o r a c l e l i n u x c h a n n e l \" t i t l e = \" Y o u T u b e \" n a m e = \" Y o u T u b e \" t a r g e t = \" _ b l a n k \" i d = \" Y o u T u b e \" > Y o u T u b e / a > / l i > \n l i c l a s s = \" b l o g i c o n \" > a h r e f = \" h t t p : / / b l o g s . o r a c l e . c o m / l i n u x \" t i t l e = \" B l o g \" n a m e = \" B l o g \" > B l o g / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 3 \" > \n h 2 > C o n t a c t U s / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / c o r p o r a t e / c o n t a c t / g l o b a l - 0 7 0 5 1 1 . h t m l \" > G l o b a l c o n t a c t s / a > / l i > \n l i > O r a c l e 1 - 8 0 0 - 6 3 3 - 0 6 9 1 / l i > \n / u l > \n / d i v > \n / d i v > \n / d i v > \n \n d i v i d = \" m c 0 4 \" c l a s s = \" m c 0 4 v 1 \" > \n d i v c l a s s = \" m c 0 4 w 1 \" > \n a h r e f = \" h t t p : / / o r a c l e . c o m \" > i m g s r c = \" / / w w w . o r a c l e i m g . c o m / a s s e t s / m c 0 4 - f o o t e r - l o g o . p n g \" b o r d e r = \" 0 \" a l t = \" s o f t w a r e . h a r d w a r e . c o m p l e t e \" / > / a > \n / d i v > \n \n d i v c l a s s = \" m c 0 4 w 2 \" > \n a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / s u b s c r i b e / i n d e x . h t m l \" > S u b s c r i b e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / e m p l o y m e n t / i n d e x . h t m l \" > C a r e e r s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / c o n t a c t / i n d e x . h t m l \" > C o n t a c t U s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / c o p y r i g h t . h t m l \" > L e g a l N o t i c e s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / t e r m s . h t m l \" > T e r m s o f U s e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / p r i v a c y . h t m l \" > Y o u r P r i v a c y R i g h t s / a > \n / d i v > \n / d i v > \n / d i v > \n / b o d y > \n / h t m l > \n ", "modified": "2018-05-15T00:00:00", "published": "2018-05-15T00:00:00", "id": "ELSA-2018-4110", "href": "http://linux.oracle.com/errata/ELSA-2018-4110.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2019-02-21T01:26:06", "bulletinFamily": "scanner", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - x86/nmi/64: Use DF to avoid userspace RSP confusing nested NMI detection (Andy Lutomirski) [Orabug:\n 22742507] (CVE-2015-5157)\n\n - x86/nmi/64: Reorder nested NMI checks (Andy Lutomirski) [Orabug: 22742507] (CVE-2015-5157)\n\n - x86/nmi/64: Improve nested NMI comments (Andy Lutomirski) [Orabug: 22742507] (CVE-2015-5157)\n\n - x86/nmi/64: Switch stacks on userspace NMI entry (Andy Lutomirski) [Orabug: 22742507] (CVE-2015-5157)\n\n - x86/paravirt: Replace the paravirt nop with a bona fide empty function (Andy Lutomirski) [Orabug: 22742507] (CVE-2015-5157)", "modified": "2018-07-24T00:00:00", "id": "ORACLEVM_OVMSA-2016-0014.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=88858", "published": "2016-02-19T00:00:00", "title": "OracleVM 3.3 : Unbreakable / etc (OVMSA-2016-0014)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2016-0014.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(88858);\n script_version(\"2.3\");\n script_cvs_date(\"Date: 2018/07/24 18:56:11\");\n\n script_cve_id(\"CVE-2015-5157\");\n script_bugtraq_id(76005);\n\n script_name(english:\"OracleVM 3.3 : Unbreakable / etc (OVMSA-2016-0014)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - x86/nmi/64: Use DF to avoid userspace RSP confusing\n nested NMI detection (Andy Lutomirski) [Orabug:\n 22742507] (CVE-2015-5157)\n\n - x86/nmi/64: Reorder nested NMI checks (Andy Lutomirski)\n [Orabug: 22742507] (CVE-2015-5157)\n\n - x86/nmi/64: Improve nested NMI comments (Andy\n Lutomirski) [Orabug: 22742507] (CVE-2015-5157)\n\n - x86/nmi/64: Switch stacks on userspace NMI entry (Andy\n Lutomirski) [Orabug: 22742507] (CVE-2015-5157)\n\n - x86/paravirt: Replace the paravirt nop with a bona fide\n empty function (Andy Lutomirski) [Orabug: 22742507]\n (CVE-2015-5157)\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2016-February/000419.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c66348a2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel-uek / kernel-uek-firmware packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! ereg(pattern:\"^OVS\" + \"3\\.3\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.3\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.3\", reference:\"kernel-uek-3.8.13-118.3.2.el6uek\")) flag++;\nif (rpm_check(release:\"OVS3.3\", reference:\"kernel-uek-firmware-3.8.13-118.3.2.el6uek\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-uek / kernel-uek-firmware\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:26:06", "bulletinFamily": "scanner", "description": "Description of changes:\n\nkernel-uek [3.8.13-118.3.2.el7uek]\n- x86/nmi/64: Use DF to avoid userspace RSP confusing nested NMI detection (Andy Lutomirski) [Orabug: 22742507] {CVE-2015-5157}\n- x86/nmi/64: Reorder nested NMI checks (Andy Lutomirski) [Orabug: 22742507] {CVE-2015-5157}\n- x86/nmi/64: Improve nested NMI comments (Andy Lutomirski) [Orabug: 22742507] {CVE-2015-5157}\n- x86/nmi/64: Switch stacks on userspace NMI entry (Andy Lutomirski) [Orabug: 22742507] {CVE-2015-5157}\n- x86/paravirt: Replace the paravirt nop with a bona fide empty function (Andy Lutomirski) [Orabug: 22742507] {CVE-2015-5157}", "modified": "2016-02-19T00:00:00", "id": "ORACLELINUX_ELSA-2016-3519.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=88857", "published": "2016-02-19T00:00:00", "title": "Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3519)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2016-3519.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(88857);\n script_version(\"$Revision: 2.1 $\");\n script_cvs_date(\"$Date: 2016/02/19 14:53:29 $\");\n\n script_cve_id(\"CVE-2015-5157\");\n\n script_name(english:\"Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3519)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Description of changes:\n\nkernel-uek\n[3.8.13-118.3.2.el7uek]\n- x86/nmi/64: Use DF to avoid userspace RSP confusing nested NMI \ndetection (Andy Lutomirski) [Orabug: 22742507] {CVE-2015-5157}\n- x86/nmi/64: Reorder nested NMI checks (Andy Lutomirski) [Orabug: \n22742507] {CVE-2015-5157}\n- x86/nmi/64: Improve nested NMI comments (Andy Lutomirski) [Orabug: \n22742507] {CVE-2015-5157}\n- x86/nmi/64: Switch stacks on userspace NMI entry (Andy Lutomirski) \n[Orabug: 22742507] {CVE-2015-5157}\n- x86/paravirt: Replace the paravirt nop with a bona fide empty function \n(Andy Lutomirski) [Orabug: 22742507] {CVE-2015-5157}\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2016-February/005819.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2016-February/005820.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected unbreakable enterprise kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.3.2.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.3.2.el7uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6 / 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"dtrace-modules-3.8.13-118.3.2.el6uek-0.4.5-3.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-3.8.13\") && rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"kernel-uek-3.8.13-118.3.2.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-3.8.13\") && rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"kernel-uek-debug-3.8.13-118.3.2.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-devel-3.8.13\") && rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"kernel-uek-debug-devel-3.8.13-118.3.2.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-devel-3.8.13\") && rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"kernel-uek-devel-3.8.13-118.3.2.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-doc-3.8.13\") && rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"kernel-uek-doc-3.8.13-118.3.2.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-firmware-3.8.13\") && rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"kernel-uek-firmware-3.8.13-118.3.2.el6uek\")) flag++;\n\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"dtrace-modules-3.8.13-118.3.2.el7uek-0.4.5-3.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-uek-3.8.13\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-uek-3.8.13-118.3.2.el7uek\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-uek-debug-3.8.13\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-uek-debug-3.8.13-118.3.2.el7uek\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-uek-debug-devel-3.8.13\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-uek-debug-devel-3.8.13-118.3.2.el7uek\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-uek-devel-3.8.13\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-uek-devel-3.8.13-118.3.2.el7uek\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-uek-doc-3.8.13\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-uek-doc-3.8.13-118.3.2.el7uek\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-uek-firmware-3.8.13\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-uek-firmware-3.8.13-118.3.2.el7uek\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:28:50", "bulletinFamily": "scanner", "description": "arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI. (CVE-2015-5157)", "modified": "2019-01-04T00:00:00", "id": "F5_BIGIP_SOL17326.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=95963", "published": "2016-12-21T00:00:00", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (K17326)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K17326.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95963);\n script_version(\"3.4\");\n script_cvs_date(\"Date: 2019/01/04 10:03:40\");\n\n script_cve_id(\"CVE-2015-5157\");\n script_bugtraq_id(76005);\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (K17326)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the\nx86_64 platform mishandles IRET faults in processing NMIs that\noccurred during userspace execution, which might allow local users to\ngain privileges by triggering an NMI. (CVE-2015-5157)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K17326\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K17326.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K17326\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"12.0.0-12.1.1\",\"11.3.0-11.6.0\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"12.1.2\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"12.0.0-12.1.1\",\"11.4.0-11.6.0\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"12.1.2\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"12.0.0-12.1.1\",\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"12.1.2\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"12.0.0-12.1.1\",\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"12.1.2\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"12.0.0-12.1.1\",\"11.0.0-11.6.0\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"12.1.2\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"12.0.0-12.1.1\",\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"12.1.2\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"12.0.0-12.1.1\",\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"12.1.2\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"12.0.0-12.1.1\",\"11.3.0-11.6.0\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"12.1.2\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:26:04", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2016:0185 :\n\nUpdated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* It was found that the Linux kernel's keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2015-7872, Important)\n\n* A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially (although highly unlikely), escalate their privileges on the system. (CVE-2015-5157, Moderate)\n\nThis update also fixes the following bugs :\n\n* Previously, processing packets with a lot of different IPv6 source addresses caused the kernel to return warnings concerning soft-lockups due to high lock contention and latency increase. With this update, lock contention is reduced by backing off concurrent waiting threads on the lock. As a result, the kernel no longer issues warnings in the described scenario. (BZ#1285370)\n\n* Prior to this update, block device readahead was artificially limited. As a consequence, the read performance was poor, especially on RAID devices. Now, per-device readahead limits are used for each device instead of a global limit. As a result, read performance has improved, especially on RAID devices. (BZ#1287550)\n\n* After injecting an EEH error, the host was previously not recovering and observing I/O hangs in HTX tool logs. This update makes sure that when one or both of EEH_STATE_MMIO_ACTIVE and EEH_STATE_MMIO_ENABLED flags is marked in the PE state, the PE's IO path is regarded as enabled as well. As a result, the host no longer hangs and recovers as expected. (BZ#1289101)\n\n* The genwqe device driver was previously using the GFP_ATOMIC flag for allocating consecutive memory pages from the kernel's atomic memory pool, even in non-atomic situations. This could lead to allocation failures during memory pressure. With this update, the genwqe driver's memory allocations use the GFP_KERNEL flag, and the driver can allocate memory even during memory pressure situations.\n(BZ#1289450)\n\n* The nx842 co-processor for IBM Power Systems could in some circumstances provide invalid data due to a data corruption bug during uncompression. With this update, all compression and uncompression calls to the nx842 co-processor contain a cyclic redundancy check (CRC) flag, which forces all compression and uncompression operations to check data integrity and prevents the co-processor from providing corrupted data. (BZ#1289451)\n\n* A failed 'updatepp' operation on the little-endian variant of IBM Power Systems could previously cause a wrong hash value to be used for the next hash insert operation in the page table. This could result in a missing hash pte update or invalidate operation, potentially causing memory corruption. With this update, the hash value is always recalculated after a failed 'updatepp' operation, avoiding memory corruption. (BZ#1289452)\n\n* Large Receive Offload (LRO) flag disabling was not being propagated downwards from above devices in vlan and bond hierarchy, breaking the flow of traffic. This problem has been fixed and LRO flags now propagate correctly. (BZ#1292072)\n\n* Due to rounding errors in the CPU frequency of the intel_pstate driver, the CPU frequency never reached the value requested by the user. A kernel patch has been applied to fix these rounding errors.\n(BZ#1296276)\n\n* When running several containers (up to 100), reports of hung tasks were previously reported. This update fixes the AB-BA deadlock in the dm_destroy() function, and the hung reports no longer occur.\n(BZ#1296566)\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "modified": "2018-07-24T00:00:00", "id": "ORACLELINUX_ELSA-2016-0185.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=88778", "published": "2016-02-17T00:00:00", "title": "Oracle Linux 7 : kernel (ELSA-2016-0185)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2016:0185 and \n# Oracle Linux Security Advisory ELSA-2016-0185 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(88778);\n script_version(\"2.4\");\n script_cvs_date(\"Date: 2018/07/24 18:56:12\");\n\n script_cve_id(\"CVE-2015-5157\", \"CVE-2015-7872\");\n script_xref(name:\"RHSA\", value:\"2016:0185\");\n\n script_name(english:\"Oracle Linux 7 : kernel (ELSA-2016-0185)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2016:0185 :\n\nUpdated kernel packages that fix two security issues and several bugs\nare now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* It was found that the Linux kernel's keys subsystem did not\ncorrectly garbage collect uninstantiated keyrings. A local attacker\ncould use this flaw to crash the system or, potentially, escalate\ntheir privileges on the system. (CVE-2015-7872, Important)\n\n* A flaw was found in the way the Linux kernel handled IRET faults\nduring the processing of NMIs. An unprivileged, local user could use\nthis flaw to crash the system or, potentially (although highly\nunlikely), escalate their privileges on the system. (CVE-2015-5157,\nModerate)\n\nThis update also fixes the following bugs :\n\n* Previously, processing packets with a lot of different IPv6 source\naddresses caused the kernel to return warnings concerning soft-lockups\ndue to high lock contention and latency increase. With this update,\nlock contention is reduced by backing off concurrent waiting threads\non the lock. As a result, the kernel no longer issues warnings in the\ndescribed scenario. (BZ#1285370)\n\n* Prior to this update, block device readahead was artificially\nlimited. As a consequence, the read performance was poor, especially\non RAID devices. Now, per-device readahead limits are used for each\ndevice instead of a global limit. As a result, read performance has\nimproved, especially on RAID devices. (BZ#1287550)\n\n* After injecting an EEH error, the host was previously not recovering\nand observing I/O hangs in HTX tool logs. This update makes sure that\nwhen one or both of EEH_STATE_MMIO_ACTIVE and EEH_STATE_MMIO_ENABLED\nflags is marked in the PE state, the PE's IO path is regarded as\nenabled as well. As a result, the host no longer hangs and recovers as\nexpected. (BZ#1289101)\n\n* The genwqe device driver was previously using the GFP_ATOMIC flag\nfor allocating consecutive memory pages from the kernel's atomic\nmemory pool, even in non-atomic situations. This could lead to\nallocation failures during memory pressure. With this update, the\ngenwqe driver's memory allocations use the GFP_KERNEL flag, and the\ndriver can allocate memory even during memory pressure situations.\n(BZ#1289450)\n\n* The nx842 co-processor for IBM Power Systems could in some\ncircumstances provide invalid data due to a data corruption bug during\nuncompression. With this update, all compression and uncompression\ncalls to the nx842 co-processor contain a cyclic redundancy check\n(CRC) flag, which forces all compression and uncompression operations\nto check data integrity and prevents the co-processor from providing\ncorrupted data. (BZ#1289451)\n\n* A failed 'updatepp' operation on the little-endian variant of IBM\nPower Systems could previously cause a wrong hash value to be used for\nthe next hash insert operation in the page table. This could result in\na missing hash pte update or invalidate operation, potentially causing\nmemory corruption. With this update, the hash value is always\nrecalculated after a failed 'updatepp' operation, avoiding memory\ncorruption. (BZ#1289452)\n\n* Large Receive Offload (LRO) flag disabling was not being propagated\ndownwards from above devices in vlan and bond hierarchy, breaking the\nflow of traffic. This problem has been fixed and LRO flags now\npropagate correctly. (BZ#1292072)\n\n* Due to rounding errors in the CPU frequency of the intel_pstate\ndriver, the CPU frequency never reached the value requested by the\nuser. A kernel patch has been applied to fix these rounding errors.\n(BZ#1296276)\n\n* When running several containers (up to 100), reports of hung tasks\nwere previously reported. This update fixes the AB-BA deadlock in the\ndm_destroy() function, and the hung reports no longer occur.\n(BZ#1296566)\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2016-February/005789.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-abi-whitelists-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-abi-whitelists-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-debug-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-debug-devel-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-devel-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-doc-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-doc-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-headers-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-tools-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-tools-libs-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-tools-libs-devel-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"perf-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-327.10.1.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:26:05", "bulletinFamily": "scanner", "description": "Updated kernel-rt packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel-rt packages contain the Linux kernel, the core of any Linux operating system.\n\n* It was found that the Linux kernel's keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2015-7872, Important)\n\n* A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially (although highly unlikely), escalate their privileges on the system. (CVE-2015-5157, Moderate)\n\nThe kernel-rt packages have been upgraded to version 3.10.0-327.10.1, which provides a number of bug fixes and enhancements, including :\n\n* [md] dm: fix AB-BA deadlock in __dm_destroy()\n\n* [md] revert 'dm-mpath: fix stalls when handling invalid ioctl\n\n* [cpufreq] intel_pstate: Fix limits->max_perf and limits->max_policy_pct rounding errors\n\n* [cpufreq] revert 'intel_pstate: fix rounding error in max_freq_pct'\n\n* [crypto] nx: 842 - Add CRC and validation support\n\n* [of] return NUMA_NO_NODE from fallback of_node_to_nid()\n\n(BZ#1282591)\n\nThis update also fixes the following bugs :\n\n* Because the realtime kernel replaces most of the spinlocks with rtmutexes, the locking scheme used in both NAPI polling and busy polling could become out of synchronization with the State Machine they protected. This could cause system performance degradation or even a livelock situation when a machine with faster NICs (10g or 40g) was subject to a heavy pressure receiving network packets. The locking schemes on NAPI polling and busy polling routines have been hardened to enforce the State machine sanity to help ensure the system continues to function properly under pressure. (BZ#1293230)\n\n* A possible livelock in the NAPI polling and busy polling routines could lead the system to a livelock on threads running at high, realtime, priorities. The threads running at priorities lower than the ones of the threads involved in the livelock were prevented from running on the CPUs affected by the livelock. Among those lower priority threads are the rcuc/ threads. With this update, right before (4 jiffies) a RCU stall is detected, the rcuc/ threads on the CPUs facing the livelock have their priorities boosted above the priority of the threads involved in the livelock. The softirq code has also been updated to be more robust. These modifications allow the rcuc/ threads to execute even under system pressure, mitigating the RCU stalls. (BZ#1293229)\n\n* Multiple CPUs trying to take an rq lock previously caused large latencies on machines with many CPUs. On systems with more than 32 cores, this update uses the 'push' rather than 'pull' approach and provides multiple changes to the scheduling of rq locks. As a result, machines no longer suffer from multiplied latencies on large CPU systems. (BZ#1282597)\n\n* Previously, the SFC driver for 10 GB cards executed polling in NAPI mode, using a locking mechanism similar to a 'trylock'. Consequently, when running on a Realtime kernel, a livelock could occur. This update modifies the locking mechanism so that once the lock is taken it is not released until the operation is complete. (BZ#1282609)\n\nAll kernel-rt users are advised to upgrade to these updated packages, which correct these issues and add these enhancements. The system must be rebooted for this update to take effect.", "modified": "2018-11-10T00:00:00", "id": "REDHAT-RHSA-2016-0212.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=88791", "published": "2016-02-17T00:00:00", "title": "RHEL 7 : kernel-rt (RHSA-2016:0212)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:0212. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(88791);\n script_version(\"2.7\");\n script_cvs_date(\"Date: 2018/11/10 11:49:55\");\n\n script_cve_id(\"CVE-2015-5157\", \"CVE-2015-7872\");\n script_xref(name:\"RHSA\", value:\"2016:0212\");\n\n script_name(english:\"RHEL 7 : kernel-rt (RHSA-2016:0212)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel-rt packages that fix two security issues, several bugs,\nand add various enhancements are now available for Red Hat Enterprise\nLinux 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* It was found that the Linux kernel's keys subsystem did not\ncorrectly garbage collect uninstantiated keyrings. A local attacker\ncould use this flaw to crash the system or, potentially, escalate\ntheir privileges on the system. (CVE-2015-7872, Important)\n\n* A flaw was found in the way the Linux kernel handled IRET faults\nduring the processing of NMIs. An unprivileged, local user could use\nthis flaw to crash the system or, potentially (although highly\nunlikely), escalate their privileges on the system. (CVE-2015-5157,\nModerate)\n\nThe kernel-rt packages have been upgraded to version 3.10.0-327.10.1,\nwhich provides a number of bug fixes and enhancements, including :\n\n* [md] dm: fix AB-BA deadlock in __dm_destroy()\n\n* [md] revert 'dm-mpath: fix stalls when handling invalid ioctl\n\n* [cpufreq] intel_pstate: Fix limits->max_perf and\nlimits->max_policy_pct rounding errors\n\n* [cpufreq] revert 'intel_pstate: fix rounding error in max_freq_pct'\n\n* [crypto] nx: 842 - Add CRC and validation support\n\n* [of] return NUMA_NO_NODE from fallback of_node_to_nid()\n\n(BZ#1282591)\n\nThis update also fixes the following bugs :\n\n* Because the realtime kernel replaces most of the spinlocks with\nrtmutexes, the locking scheme used in both NAPI polling and busy\npolling could become out of synchronization with the State Machine\nthey protected. This could cause system performance degradation or\neven a livelock situation when a machine with faster NICs (10g or 40g)\nwas subject to a heavy pressure receiving network packets. The locking\nschemes on NAPI polling and busy polling routines have been hardened\nto enforce the State machine sanity to help ensure the system\ncontinues to function properly under pressure. (BZ#1293230)\n\n* A possible livelock in the NAPI polling and busy polling routines\ncould lead the system to a livelock on threads running at high,\nrealtime, priorities. The threads running at priorities lower than the\nones of the threads involved in the livelock were prevented from\nrunning on the CPUs affected by the livelock. Among those lower\npriority threads are the rcuc/ threads. With this update, right before\n(4 jiffies) a RCU stall is detected, the rcuc/ threads on the CPUs\nfacing the livelock have their priorities boosted above the priority\nof the threads involved in the livelock. The softirq code has also\nbeen updated to be more robust. These modifications allow the rcuc/\nthreads to execute even under system pressure, mitigating the RCU\nstalls. (BZ#1293229)\n\n* Multiple CPUs trying to take an rq lock previously caused large\nlatencies on machines with many CPUs. On systems with more than 32\ncores, this update uses the 'push' rather than 'pull' approach and\nprovides multiple changes to the scheduling of rq locks. As a result,\nmachines no longer suffer from multiplied latencies on large CPU\nsystems. (BZ#1282597)\n\n* Previously, the SFC driver for 10 GB cards executed polling in NAPI\nmode, using a locking mechanism similar to a 'trylock'. Consequently,\nwhen running on a Realtime kernel, a livelock could occur. This update\nmodifies the locking mechanism so that once the lock is taken it is\nnot released until the operation is complete. (BZ#1282609)\n\nAll kernel-rt users are advised to upgrade to these updated packages,\nwhich correct these issues and add these enhancements. The system must\nbe rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2016:0212\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-5157\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7872\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2016:0212\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-3.10.0-327.10.1.rt56.211.el7_2\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debug-3.10.0-327.10.1.rt56.211.el7_2\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debug-debuginfo-3.10.0-327.10.1.rt56.211.el7_2\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debug-devel-3.10.0-327.10.1.rt56.211.el7_2\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-3.10.0-327.10.1.rt56.211.el7_2\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-common-x86_64-3.10.0-327.10.1.rt56.211.el7_2\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-devel-3.10.0-327.10.1.rt56.211.el7_2\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"kernel-rt-doc-3.10.0-327.10.1.rt56.211.el7_2\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-trace-3.10.0-327.10.1.rt56.211.el7_2\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-trace-debuginfo-3.10.0-327.10.1.rt56.211.el7_2\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-trace-devel-3.10.0-327.10.1.rt56.211.el7_2\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-rt / kernel-rt-debug / kernel-rt-debug-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:26:50", "bulletinFamily": "scanner", "description": "Security Fix(es) :\n\n - A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially (although highly unlikely), escalate their privileges on the system. (CVE-2015-5157, Moderate)\n\n - A race condition flaw was found in the way the Linux kernel's SCTP implementation handled sctp_accept() during the processing of heartbeat timeout events. A remote attacker could use this flaw to prevent further connections to be accepted by the SCTP server running on the system, resulting in a denial of service.\n (CVE-2015-8767, Moderate)\n\nBug Fix(es) :\n\n - When the nvme driver held the queue lock for too long, for example during DMA mapping, a lockup occurred leading to nvme hard-lockup panic. This update fixes the underlying source code, and nvme now works as expected.\n\n - Due to a regression, a Unix domain datagram socket could come to a deadlock when sending a datagram to itself.\n The provided patch adds another 'sk' check to the unix_dgram_sendmsg() function, and the aforementioned deadlock no longer occurs.\n\n - Previously, writing a large file using direct I/O in 16 MB chunks sometimes caused a pathological allocation pattern where 16 MB chunks of large free extent were allocated to a file in reversed order. The provided patch avoids the backward allocation, and writing a large file using direct I/O now proceeds successfully.\n\n - MD RAID1 devices that repeatedly became hot removed and re-added could become mismatched due to a race condition. This caused them to return stale data, leading to data corruption. The provided set of patches fixes this bug, and hot removals and re-additions of md devices now work as expected.\n\n - A couple of previous fixes caused a deadlock on the 'rq' lock leading to a kernel panic on CPU 0. The provided set of patches reverts the relevant commits, thus preventing the panic from occurring.\n\nEnhancement(s) :\n\n - VLAN support has been updated to integrate some of the latest upstream features. This update also makes sure that NULL pointer crashes related to VLAN support in bonding mode no longer occur and that tag stripping and insertion work as expected.\n\n - This update adds additional model numbers for Broadwell to perf.", "modified": "2018-12-28T00:00:00", "id": "SL_20160504_KERNEL_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=90939", "published": "2016-05-06T00:00:00", "title": "Scientific Linux Security Update : kernel on SL6.x i386/x86_64", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90939);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/12/28 10:10:36\");\n\n script_cve_id(\"CVE-2015-5157\", \"CVE-2015-8767\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - A flaw was found in the way the Linux kernel handled\n IRET faults during the processing of NMIs. An\n unprivileged, local user could use this flaw to crash\n the system or, potentially (although highly unlikely),\n escalate their privileges on the system. (CVE-2015-5157,\n Moderate)\n\n - A race condition flaw was found in the way the Linux\n kernel's SCTP implementation handled sctp_accept()\n during the processing of heartbeat timeout events. A\n remote attacker could use this flaw to prevent further\n connections to be accepted by the SCTP server running on\n the system, resulting in a denial of service.\n (CVE-2015-8767, Moderate)\n\nBug Fix(es) :\n\n - When the nvme driver held the queue lock for too long,\n for example during DMA mapping, a lockup occurred\n leading to nvme hard-lockup panic. This update fixes the\n underlying source code, and nvme now works as expected.\n\n - Due to a regression, a Unix domain datagram socket could\n come to a deadlock when sending a datagram to itself.\n The provided patch adds another 'sk' check to the\n unix_dgram_sendmsg() function, and the aforementioned\n deadlock no longer occurs.\n\n - Previously, writing a large file using direct I/O in 16\n MB chunks sometimes caused a pathological allocation\n pattern where 16 MB chunks of large free extent were\n allocated to a file in reversed order. The provided\n patch avoids the backward allocation, and writing a\n large file using direct I/O now proceeds successfully.\n\n - MD RAID1 devices that repeatedly became hot removed and\n re-added could become mismatched due to a race\n condition. This caused them to return stale data,\n leading to data corruption. The provided set of patches\n fixes this bug, and hot removals and re-additions of md\n devices now work as expected.\n\n - A couple of previous fixes caused a deadlock on the 'rq'\n lock leading to a kernel panic on CPU 0. The provided\n set of patches reverts the relevant commits, thus\n preventing the panic from occurring.\n\nEnhancement(s) :\n\n - VLAN support has been updated to integrate some of the\n latest upstream features. This update also makes sure\n that NULL pointer crashes related to VLAN support in\n bonding mode no longer occur and that tag stripping and\n insertion work as expected.\n\n - This update adds additional model numbers for Broadwell\n to perf.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1605&L=scientific-linux-errata&F=&S=&P=417\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d2aea0bf\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"kernel-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-abi-whitelists-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-debuginfo-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-devel-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debuginfo-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debuginfo-common-i686-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-devel-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-doc-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-firmware-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-headers-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"perf-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"perf-debuginfo-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"python-perf-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"python-perf-debuginfo-2.6.32-573.26.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:26:05", "bulletinFamily": "scanner", "description": "Updated kernel-rt packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise MRG 2.5.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel-rt packages contain the Linux kernel, the core of any Linux operating system.\n\n* It was found that the Linux kernel's keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2015-7872, Important)\n\n* A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially (although highly unlikely), escalate their privileges on the system. (CVE-2015-5157, Moderate)\n\nThis update provides a build of the kernel-rt package for Red Hat Enterprise MRG 2.5 that is layered on Red Hat Enterprise Linux 6, and provides a number of bug fixes and enhancements, including :\n\n* [md] dm: fix AB-BA deadlock in __dm_destroy()\n\n* [md] revert 'dm-mpath: fix stalls when handling invalid ioctl\n\n* [cpufreq] intel_pstate: Fix limits->max_perf and limits->max_policy_pct rounding errors\n\n* [cpufreq] revert 'intel_pstate: fix rounding error in max_freq_pct'\n\n* [crypto] nx: 842 - Add CRC and validation support\n\n* [of] return NUMA_NO_NODE from fallback of_node_to_nid()\n\n(BZ#1277670)\n\nThe HP Smart Array (hpsa) SCSI driver has been updated to the latest version included in a Red Hat release. (BZ#1224096)\n\nThis update also fixes the following bugs :\n\n* A heavy load of incoming packets on a fast networking driver (like the i40e) will both stress the softirq mechanism on the realtime kernel (as described in BZ#1293229) and exercise the possible livelock in the netpoll NAPI/busy polling routines (as described in BZ#1293230). The fixes applied to both BZ#1293229 and BZ#1293230 will address these issues by hardening the locking mechanism for the netpoll NAPI/busy polling and by enhancing the way softirqs are serviced. These fixes also create a failsafe to avoiding RCU stalls on a heavily loaded system and allows the networking driver to work as expected. (BZ#1200766)\n\n* The nohz_full code in older versions of the MRG-Realtime kernels was incomplete and known to be problematic due to the way the old implementation interacted with the real time features in the kernel.\nThe nohz_full kernel code has been updated enabling this feature to function as expected and allowing this feature to be enabled in the realtime kernel. (BZ#1278511)\n\n* Because the realtime kernel replaces most of the spinlocks with rtmutexes, the locking scheme used in both NAPI polling and busy polling could become out of synchronization with the State Machine they protected. This could cause system performance degradation or even a livelock situation when a machine with faster NICs (10g or 40g) was subject to a heavy pressure receiving network packets. The locking schemes on NAPI polling and busy polling routines were hardened to enforce the State machine sanity to help ensure the system continues to function properly under pressure. (BZ#1295884)\n\n* A possible livelock in the NAPI polling and busy polling routines could lead the system to a livelock on threads running at high, realtime, priorities. The threads running at priorities lower than the ones of the threads involved in the livelock would be prevented from running on the CPUs affected by the livelock. Among those lower priority threads are the rcuc/ threads. Right before (4 jiffies) a RCU stall is detected, the rcuc/ threads on the CPUs facing the livelock have their priorities boosted above the priority of the threads involved in the livelock. The softirq code was also updated to be more robust. These modifications allowed the rcuc/ threads to execute even under system pressure, mitigating the RCU stalls. (BZ#1295885)\n\nAll kernel-rt users are advised to upgrade to these updated packages, which correct these issues and add these enhancements. The system must be rebooted for this update to take effect.", "modified": "2018-11-10T00:00:00", "id": "REDHAT-RHSA-2016-0224.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=88792", "published": "2016-02-17T00:00:00", "title": "RHEL 6 : MRG (RHSA-2016:0224)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:0224. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(88792);\n script_version(\"2.7\");\n script_cvs_date(\"Date: 2018/11/10 11:49:55\");\n\n script_cve_id(\"CVE-2015-5157\", \"CVE-2015-7872\");\n script_xref(name:\"RHSA\", value:\"2016:0224\");\n\n script_name(english:\"RHEL 6 : MRG (RHSA-2016:0224)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel-rt packages that fix two security issues, several bugs,\nand add various enhancements are now available for Red Hat Enterprise\nMRG 2.5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* It was found that the Linux kernel's keys subsystem did not\ncorrectly garbage collect uninstantiated keyrings. A local attacker\ncould use this flaw to crash the system or, potentially, escalate\ntheir privileges on the system. (CVE-2015-7872, Important)\n\n* A flaw was found in the way the Linux kernel handled IRET faults\nduring the processing of NMIs. An unprivileged, local user could use\nthis flaw to crash the system or, potentially (although highly\nunlikely), escalate their privileges on the system. (CVE-2015-5157,\nModerate)\n\nThis update provides a build of the kernel-rt package for Red Hat\nEnterprise MRG 2.5 that is layered on Red Hat Enterprise Linux 6, and\nprovides a number of bug fixes and enhancements, including :\n\n* [md] dm: fix AB-BA deadlock in __dm_destroy()\n\n* [md] revert 'dm-mpath: fix stalls when handling invalid ioctl\n\n* [cpufreq] intel_pstate: Fix limits->max_perf and\nlimits->max_policy_pct rounding errors\n\n* [cpufreq] revert 'intel_pstate: fix rounding error in max_freq_pct'\n\n* [crypto] nx: 842 - Add CRC and validation support\n\n* [of] return NUMA_NO_NODE from fallback of_node_to_nid()\n\n(BZ#1277670)\n\nThe HP Smart Array (hpsa) SCSI driver has been updated to the latest\nversion included in a Red Hat release. (BZ#1224096)\n\nThis update also fixes the following bugs :\n\n* A heavy load of incoming packets on a fast networking driver (like\nthe i40e) will both stress the softirq mechanism on the realtime\nkernel (as described in BZ#1293229) and exercise the possible livelock\nin the netpoll NAPI/busy polling routines (as described in\nBZ#1293230). The fixes applied to both BZ#1293229 and BZ#1293230 will\naddress these issues by hardening the locking mechanism for the\nnetpoll NAPI/busy polling and by enhancing the way softirqs are\nserviced. These fixes also create a failsafe to avoiding RCU stalls on\na heavily loaded system and allows the networking driver to work as\nexpected. (BZ#1200766)\n\n* The nohz_full code in older versions of the MRG-Realtime kernels was\nincomplete and known to be problematic due to the way the old\nimplementation interacted with the real time features in the kernel.\nThe nohz_full kernel code has been updated enabling this feature to\nfunction as expected and allowing this feature to be enabled in the\nrealtime kernel. (BZ#1278511)\n\n* Because the realtime kernel replaces most of the spinlocks with\nrtmutexes, the locking scheme used in both NAPI polling and busy\npolling could become out of synchronization with the State Machine\nthey protected. This could cause system performance degradation or\neven a livelock situation when a machine with faster NICs (10g or 40g)\nwas subject to a heavy pressure receiving network packets. The locking\nschemes on NAPI polling and busy polling routines were hardened to\nenforce the State machine sanity to help ensure the system continues\nto function properly under pressure. (BZ#1295884)\n\n* A possible livelock in the NAPI polling and busy polling routines\ncould lead the system to a livelock on threads running at high,\nrealtime, priorities. The threads running at priorities lower than the\nones of the threads involved in the livelock would be prevented from\nrunning on the CPUs affected by the livelock. Among those lower\npriority threads are the rcuc/ threads. Right before (4 jiffies) a RCU\nstall is detected, the rcuc/ threads on the CPUs facing the livelock\nhave their priorities boosted above the priority of the threads\ninvolved in the livelock. The softirq code was also updated to be more\nrobust. These modifications allowed the rcuc/ threads to execute even\nunder system pressure, mitigating the RCU stalls. (BZ#1295885)\n\nAll kernel-rt users are advised to upgrade to these updated packages,\nwhich correct these issues and add these enhancements. The system must\nbe rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2016:0224\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7872\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-5157\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2016:0224\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL6\", rpm:\"mrg-release\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MRG\");\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-3.10.0-327.rt56.171.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debug-3.10.0-327.rt56.171.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debug-debuginfo-3.10.0-327.rt56.171.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debug-devel-3.10.0-327.rt56.171.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-3.10.0-327.rt56.171.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-common-x86_64-3.10.0-327.rt56.171.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-devel-3.10.0-327.rt56.171.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-rt-doc-3.10.0-327.rt56.171.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-rt-firmware-3.10.0-327.rt56.171.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-trace-3.10.0-327.rt56.171.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-trace-debuginfo-3.10.0-327.rt56.171.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-trace-devel-3.10.0-327.rt56.171.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-vanilla-3.10.0-327.rt56.171.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-vanilla-debuginfo-3.10.0-327.rt56.171.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-vanilla-devel-3.10.0-327.rt56.171.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-rt / kernel-rt-debug / kernel-rt-debug-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:26:05", "bulletinFamily": "scanner", "description": "- It was found that the Linux kernel's keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2015-7872, Important)\n\n - A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially (although highly unlikely), escalate their privileges on the system. (CVE-2015-5157, Moderate)\n\nThis update also fixes the following bugs :\n\n - Previously, processing packets with a lot of different IPv6 source addresses caused the kernel to return warnings concerning soft-lockups due to high lock contention and latency increase. With this update, lock contention is reduced by backing off concurrent waiting threads on the lock. As a result, the kernel no longer issues warnings in the described scenario.\n\n - Prior to this update, block device readahead was artificially limited. As a consequence, the read performance was poor, especially on RAID devices. Now, per-device readahead limits are used for each device instead of a global limit. As a result, read performance has improved, especially on RAID devices.\n\n - After injecting an EEH error, the host was previously not recovering and observing I/O hangs in HTX tool logs.\n This update makes sure that when one or both of EEH_STATE_MMIO_ACTIVE and EEH_STATE_MMIO_ENABLED flags is marked in the PE state, the PE's IO path is regarded as enabled as well. As a result, the host no longer hangs and recovers as expected.\n\n - The genwqe device driver was previously using the GFP_ATOMIC flag for allocating consecutive memory pages from the kernel's atomic memory pool, even in non-atomic situations. This could lead to allocation failures during memory pressure. With this update, the genwqe driver's memory allocations use the GFP_KERNEL flag, and the driver can allocate memory even during memory pressure situations.\n\n - The nx842 co-processor for IBM Power Systems could in some circumstances provide invalid data due to a data corruption bug during uncompression. With this update, all compression and uncompression calls to the nx842 co- processor contain a cyclic redundancy check (CRC) flag, which forces all compression and uncompression operations to check data integrity and prevents the co-processor from providing corrupted data.\n\n - A failed 'updatepp' operation on the little-endian variant of IBM Power Systems could previously cause a wrong hash value to be used for the next hash insert operation in the page table. This could result in a missing hash pte update or invalidate operation, potentially causing memory corruption. With this update, the hash value is always recalculated after a failed 'updatepp' operation, avoiding memory corruption.\n\n - Large Receive Offload (LRO) flag disabling was not being propagated downwards from above devices in vlan and bond hierarchy, breaking the flow of traffic. This problem has been fixed and LRO flags now propagate correctly.\n\n - Due to rounding errors in the CPU frequency of the intel_pstate driver, the CPU frequency never reached the value requested by the user. A kernel patch has been applied to fix these rounding errors.\n\n - When running several containers (up to 100), reports of hung tasks were previously reported. This update fixes the AB-BA deadlock in the dm_destroy() function, and the hung reports no longer occur.\n\nThe system must be rebooted for this update to take effect.", "modified": "2018-12-28T00:00:00", "id": "SL_20160216_KERNEL_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=88799", "published": "2016-02-17T00:00:00", "title": "Scientific Linux Security Update : kernel on SL7.x x86_64", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(88799);\n script_version(\"2.2\");\n script_cvs_date(\"Date: 2018/12/28 10:10:36\");\n\n script_cve_id(\"CVE-2015-5157\", \"CVE-2015-7872\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL7.x x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - It was found that the Linux kernel's keys subsystem did\n not correctly garbage collect uninstantiated keyrings. A\n local attacker could use this flaw to crash the system\n or, potentially, escalate their privileges on the\n system. (CVE-2015-7872, Important)\n\n - A flaw was found in the way the Linux kernel handled\n IRET faults during the processing of NMIs. An\n unprivileged, local user could use this flaw to crash\n the system or, potentially (although highly unlikely),\n escalate their privileges on the system. (CVE-2015-5157,\n Moderate)\n\nThis update also fixes the following bugs :\n\n - Previously, processing packets with a lot of different\n IPv6 source addresses caused the kernel to return\n warnings concerning soft-lockups due to high lock\n contention and latency increase. With this update, lock\n contention is reduced by backing off concurrent waiting\n threads on the lock. As a result, the kernel no longer\n issues warnings in the described scenario.\n\n - Prior to this update, block device readahead was\n artificially limited. As a consequence, the read\n performance was poor, especially on RAID devices. Now,\n per-device readahead limits are used for each device\n instead of a global limit. As a result, read performance\n has improved, especially on RAID devices.\n\n - After injecting an EEH error, the host was previously\n not recovering and observing I/O hangs in HTX tool logs.\n This update makes sure that when one or both of\n EEH_STATE_MMIO_ACTIVE and EEH_STATE_MMIO_ENABLED flags\n is marked in the PE state, the PE's IO path is regarded\n as enabled as well. As a result, the host no longer\n hangs and recovers as expected.\n\n - The genwqe device driver was previously using the\n GFP_ATOMIC flag for allocating consecutive memory pages\n from the kernel's atomic memory pool, even in non-atomic\n situations. This could lead to allocation failures\n during memory pressure. With this update, the genwqe\n driver's memory allocations use the GFP_KERNEL flag, and\n the driver can allocate memory even during memory\n pressure situations.\n\n - The nx842 co-processor for IBM Power Systems could in\n some circumstances provide invalid data due to a data\n corruption bug during uncompression. With this update,\n all compression and uncompression calls to the nx842 co-\n processor contain a cyclic redundancy check (CRC) flag,\n which forces all compression and uncompression\n operations to check data integrity and prevents the\n co-processor from providing corrupted data.\n\n - A failed 'updatepp' operation on the little-endian\n variant of IBM Power Systems could previously cause a\n wrong hash value to be used for the next hash insert\n operation in the page table. This could result in a\n missing hash pte update or invalidate operation,\n potentially causing memory corruption. With this update,\n the hash value is always recalculated after a failed\n 'updatepp' operation, avoiding memory corruption.\n\n - Large Receive Offload (LRO) flag disabling was not being\n propagated downwards from above devices in vlan and bond\n hierarchy, breaking the flow of traffic. This problem\n has been fixed and LRO flags now propagate correctly.\n\n - Due to rounding errors in the CPU frequency of the\n intel_pstate driver, the CPU frequency never reached the\n value requested by the user. A kernel patch has been\n applied to fix these rounding errors.\n\n - When running several containers (up to 100), reports of\n hung tasks were previously reported. This update fixes\n the AB-BA deadlock in the dm_destroy() function, and the\n hung reports no longer occur.\n\nThe system must be rebooted for this update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1602&L=scientific-linux-errata&F=&S=&P=9094\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?aec769f0\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"kernel-abi-whitelists-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"kernel-doc-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"perf-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"perf-debuginfo-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-327.10.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-3.10.0-327.10.1.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:26:48", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2016:0715 :\n\nAn update for kernel is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially (although highly unlikely), escalate their privileges on the system. (CVE-2015-5157, Moderate)\n\n* A race condition flaw was found in the way the Linux kernel's SCTP implementation handled sctp_accept() during the processing of heartbeat timeout events. A remote attacker could use this flaw to prevent further connections to be accepted by the SCTP server running on the system, resulting in a denial of service. (CVE-2015-8767, Moderate)\n\nBug Fix(es) :\n\n* When the nvme driver held the queue lock for too long, for example during DMA mapping, a lockup occurred leading to nvme hard-lockup panic. This update fixes the underlying source code, and nvme now works as expected.(BZ #1314209)\n\n* Due to a regression, a Unix domain datagram socket could come to a deadlock when sending a datagram to itself. The provided patch adds another 'sk' check to the unix_dgram_sendmsg() function, and the aforementioned deadlock no longer occurs. (BZ#1315696)\n\n* Previously, writing a large file using direct I/O in 16 MB chunks sometimes caused a pathological allocation pattern where 16 MB chunks of large free extent were allocated to a file in reversed order. The provided patch avoids the backward allocation, and writing a large file using direct I/O now proceeds successfully. (BZ#1320031)\n\n* MD RAID1 devices that repeatedly became hot removed and re-added could become mismatched due to a race condition. This caused them to return stale data, leading to data corruption. The provided set of patches fixes this bug, and hot removals and re-additions of md devices now work as expected. (BZ#1320863)\n\n* A couple of previous fixes caused a deadlock on the 'rq' lock leading to a kernel panic on CPU 0. The provided set of patches reverts the relevant commits, thus preventing the panic from occurring. (BZ#1326043)\n\nEnhancement(s) :\n\n* VLAN support has been updated to integrate some of the latest upstream features. This update also makes sure that NULL pointer crashes related to VLAN support in bonding mode no longer occur and that tag stripping and insertion work as expected. (BZ#1315706)\n\n* This update adds additional model numbers for Broadwell to perf.\n(BZ# 1320035)", "modified": "2018-09-05T00:00:00", "id": "ORACLELINUX_ELSA-2016-0715.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=90880", "published": "2016-05-04T00:00:00", "title": "Oracle Linux 6 : kernel (ELSA-2016-0715)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2016:0715 and \n# Oracle Linux Security Advisory ELSA-2016-0715 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90880);\n script_version(\"2.7\");\n script_cvs_date(\"Date: 2018/09/05 15:02:26\");\n\n script_cve_id(\"CVE-2015-5157\", \"CVE-2015-8767\");\n script_xref(name:\"RHSA\", value:\"2016:0715\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2016-0715)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2016:0715 :\n\nAn update for kernel is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* A flaw was found in the way the Linux kernel handled IRET faults\nduring the processing of NMIs. An unprivileged, local user could use\nthis flaw to crash the system or, potentially (although highly\nunlikely), escalate their privileges on the system. (CVE-2015-5157,\nModerate)\n\n* A race condition flaw was found in the way the Linux kernel's SCTP\nimplementation handled sctp_accept() during the processing of\nheartbeat timeout events. A remote attacker could use this flaw to\nprevent further connections to be accepted by the SCTP server running\non the system, resulting in a denial of service. (CVE-2015-8767,\nModerate)\n\nBug Fix(es) :\n\n* When the nvme driver held the queue lock for too long, for example\nduring DMA mapping, a lockup occurred leading to nvme hard-lockup\npanic. This update fixes the underlying source code, and nvme now\nworks as expected.(BZ #1314209)\n\n* Due to a regression, a Unix domain datagram socket could come to a\ndeadlock when sending a datagram to itself. The provided patch adds\nanother 'sk' check to the unix_dgram_sendmsg() function, and the\naforementioned deadlock no longer occurs. (BZ#1315696)\n\n* Previously, writing a large file using direct I/O in 16 MB chunks\nsometimes caused a pathological allocation pattern where 16 MB chunks\nof large free extent were allocated to a file in reversed order. The\nprovided patch avoids the backward allocation, and writing a large\nfile using direct I/O now proceeds successfully. (BZ#1320031)\n\n* MD RAID1 devices that repeatedly became hot removed and re-added\ncould become mismatched due to a race condition. This caused them to\nreturn stale data, leading to data corruption. The provided set of\npatches fixes this bug, and hot removals and re-additions of md\ndevices now work as expected. (BZ#1320863)\n\n* A couple of previous fixes caused a deadlock on the 'rq' lock\nleading to a kernel panic on CPU 0. The provided set of patches\nreverts the relevant commits, thus preventing the panic from\noccurring. (BZ#1326043)\n\nEnhancement(s) :\n\n* VLAN support has been updated to integrate some of the latest\nupstream features. This update also makes sure that NULL pointer\ncrashes related to VLAN support in bonding mode no longer occur and\nthat tag stripping and insertion work as expected. (BZ#1315706)\n\n* This update adds additional model numbers for Broadwell to perf.\n(BZ# 1320035)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2016-May/005997.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-abi-whitelists-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-abi-whitelists-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-devel-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-devel-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-doc-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-firmware-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-headers-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"perf-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"python-perf-2.6.32-573.26.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:26:48", "bulletinFamily": "scanner", "description": "An update for kernel is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially (although highly unlikely), escalate their privileges on the system. (CVE-2015-5157, Moderate)\n\n* A race condition flaw was found in the way the Linux kernel's SCTP implementation handled sctp_accept() during the processing of heartbeat timeout events. A remote attacker could use this flaw to prevent further connections to be accepted by the SCTP server running on the system, resulting in a denial of service. (CVE-2015-8767, Moderate)\n\nBug Fix(es) :\n\n* When the nvme driver held the queue lock for too long, for example during DMA mapping, a lockup occurred leading to nvme hard-lockup panic. This update fixes the underlying source code, and nvme now works as expected.(BZ #1314209)\n\n* Due to a regression, a Unix domain datagram socket could come to a deadlock when sending a datagram to itself. The provided patch adds another 'sk' check to the unix_dgram_sendmsg() function, and the aforementioned deadlock no longer occurs. (BZ#1315696)\n\n* Previously, writing a large file using direct I/O in 16 MB chunks sometimes caused a pathological allocation pattern where 16 MB chunks of large free extent were allocated to a file in reversed order. The provided patch avoids the backward allocation, and writing a large file using direct I/O now proceeds successfully. (BZ#1320031)\n\n* MD RAID1 devices that repeatedly became hot removed and re-added could become mismatched due to a race condition. This caused them to return stale data, leading to data corruption. The provided set of patches fixes this bug, and hot removals and re-additions of md devices now work as expected. (BZ#1320863)\n\n* A couple of previous fixes caused a deadlock on the 'rq' lock leading to a kernel panic on CPU 0. The provided set of patches reverts the relevant commits, thus preventing the panic from occurring. (BZ#1326043)\n\nEnhancement(s) :\n\n* VLAN support has been updated to integrate some of the latest upstream features. This update also makes sure that NULL pointer crashes related to VLAN support in bonding mode no longer occur and that tag stripping and insertion work as expected. (BZ#1315706)\n\n* This update adds additional model numbers for Broadwell to perf.\n(BZ# 1320035)", "modified": "2018-11-10T00:00:00", "id": "CENTOS_RHSA-2016-0715.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=90868", "published": "2016-05-04T00:00:00", "title": "CentOS 6 : kernel (CESA-2016:0715)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:0715 and \n# CentOS Errata and Security Advisory 2016:0715 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90868);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2018/11/10 11:49:31\");\n\n script_cve_id(\"CVE-2015-5157\", \"CVE-2015-8767\");\n script_xref(name:\"RHSA\", value:\"2016:0715\");\n\n script_name(english:\"CentOS 6 : kernel (CESA-2016:0715)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* A flaw was found in the way the Linux kernel handled IRET faults\nduring the processing of NMIs. An unprivileged, local user could use\nthis flaw to crash the system or, potentially (although highly\nunlikely), escalate their privileges on the system. (CVE-2015-5157,\nModerate)\n\n* A race condition flaw was found in the way the Linux kernel's SCTP\nimplementation handled sctp_accept() during the processing of\nheartbeat timeout events. A remote attacker could use this flaw to\nprevent further connections to be accepted by the SCTP server running\non the system, resulting in a denial of service. (CVE-2015-8767,\nModerate)\n\nBug Fix(es) :\n\n* When the nvme driver held the queue lock for too long, for example\nduring DMA mapping, a lockup occurred leading to nvme hard-lockup\npanic. This update fixes the underlying source code, and nvme now\nworks as expected.(BZ #1314209)\n\n* Due to a regression, a Unix domain datagram socket could come to a\ndeadlock when sending a datagram to itself. The provided patch adds\nanother 'sk' check to the unix_dgram_sendmsg() function, and the\naforementioned deadlock no longer occurs. (BZ#1315696)\n\n* Previously, writing a large file using direct I/O in 16 MB chunks\nsometimes caused a pathological allocation pattern where 16 MB chunks\nof large free extent were allocated to a file in reversed order. The\nprovided patch avoids the backward allocation, and writing a large\nfile using direct I/O now proceeds successfully. (BZ#1320031)\n\n* MD RAID1 devices that repeatedly became hot removed and re-added\ncould become mismatched due to a race condition. This caused them to\nreturn stale data, leading to data corruption. The provided set of\npatches fixes this bug, and hot removals and re-additions of md\ndevices now work as expected. (BZ#1320863)\n\n* A couple of previous fixes caused a deadlock on the 'rq' lock\nleading to a kernel panic on CPU 0. The provided set of patches\nreverts the relevant commits, thus preventing the panic from\noccurring. (BZ#1326043)\n\nEnhancement(s) :\n\n* VLAN support has been updated to integrate some of the latest\nupstream features. This update also makes sure that NULL pointer\ncrashes related to VLAN support in bonding mode no longer occur and\nthat tag stripping and insertion work as expected. (BZ#1315706)\n\n* This update adds additional model numbers for Broadwell to perf.\n(BZ# 1320035)\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2016-May/021858.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?084ef046\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-abi-whitelists-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-debug-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-debug-devel-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-devel-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-doc-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-firmware-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-headers-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"perf-2.6.32-573.26.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"python-perf-2.6.32-573.26.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2018-12-11T19:41:49", "bulletinFamily": "unix", "description": "The kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* It was found that the Linux kernel's keys subsystem did not correctly\ngarbage collect uninstantiated keyrings. A local attacker could use this\nflaw to crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2015-7872, Important)\n\n* A flaw was found in the way the Linux kernel handled IRET faults during\nthe processing of NMIs. An unprivileged, local user could use this flaw to\ncrash the system or, potentially (although highly unlikely), escalate their\nprivileges on the system. (CVE-2015-5157, Moderate)\n\nThis update provides a build of the kernel-rt package for Red Hat\nEnterprise MRG 2.5 that is layered on Red Hat Enterprise Linux 6, and\nprovides a number of bug fixes and enhancements, including:\n\n* [md] dm: fix AB-BA deadlock in __dm_destroy() \n\n* [md] revert \"dm-mpath: fix stalls when handling invalid ioctl\n\n* [cpufreq] intel_pstate: Fix limits->max_perf and limits->max_policy_pct\nrounding errors\n\n* [cpufreq] revert \"intel_pstate: fix rounding error in max_freq_pct\"\n\n* [crypto] nx: 842 - Add CRC and validation support\n\n* [of] return NUMA_NO_NODE from fallback of_node_to_nid()\n\n(BZ#1277670)\n\nThe HP Smart Array (hpsa) SCSI driver has been updated to the latest\nversion included in a Red Hat release. (BZ#1224096)\n\nThis update also fixes the following bugs:\n\n* A heavy load of incoming packets on a fast networking driver (like the\ni40e) will both stress the softirq mechanism on the realtime kernel (as\ndescribed in BZ#1293229) and exercise the possible livelock in the netpoll\nNAPI/busy polling routines (as described in BZ#1293230). The fixes applied\nto both BZ#1293229 and BZ#1293230 will address these issues by hardening\nthe locking mechanism for the netpoll NAPI/busy polling and by enhancing\nthe way softirqs are serviced. These fixes also create a failsafe to\navoiding RCU stalls on a heavily loaded system and allows the networking\ndriver to work as expected. (BZ#1200766)\n\n* The nohz_full code in older versions of the MRG-Realtime kernels was\nincomplete and known to be problematic due to the way the old\nimplementation interacted with the real time features in the kernel.\nThe nohz_full kernel code has been updated enabling this feature to\nfunction as expected and allowing this feature to be enabled in the\nrealtime kernel. (BZ#1278511)\n\n* Because the realtime kernel replaces most of the spinlocks with\nrtmutexes, the locking scheme used in both NAPI polling and busy polling\ncould become out of synchronization with the State Machine they protected.\nThis could cause system performance degradation or even a livelock\nsituation when a machine with faster NICs (10g or 40g) was subject to a\nheavy pressure receiving network packets. The locking schemes on NAPI\npolling and busy polling routines were hardened to enforce the State\nmachine sanity to help ensure the system continues to function properly\nunder pressure. (BZ#1295884)\n\n* A possible livelock in the NAPI polling and busy polling routines could\nlead the system to a livelock on threads running at high, realtime,\npriorities. The threads running at priorities lower than the ones of the\nthreads involved in the livelock would be prevented from running on the\nCPUs affected by the livelock. Among those lower priority threads are the\nrcuc/ threads. Right before (4 jiffies) a RCU stall is detected, the rcuc/\nthreads on the CPUs facing the livelock have their priorities boosted above\nthe priority of the threads involved in the livelock. The softirq code was\nalso updated to be more robust. These modifications allowed the rcuc/\nthreads to execute even under system pressure, mitigating the RCU stalls.\n(BZ#1295885)\n\nAll kernel-rt users are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements. The system must be\nrebooted for this update to take effect.\n", "modified": "2018-06-07T08:58:34", "published": "2016-02-16T05:00:00", "id": "RHSA-2016:0224", "href": "https://access.redhat.com/errata/RHSA-2016:0224", "type": "redhat", "title": "(RHSA-2016:0224) Important: kernel-rt security, bug fix, and enhancement update", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:43:14", "bulletinFamily": "unix", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* It was found that the Linux kernel's keys subsystem did not correctly\ngarbage collect uninstantiated keyrings. A local attacker could use this\nflaw to crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2015-7872, Important)\n\n* A flaw was found in the way the Linux kernel handled IRET faults during\nthe processing of NMIs. An unprivileged, local user could use this flaw to\ncrash the system or, potentially (although highly unlikely), escalate their\nprivileges on the system. (CVE-2015-5157, Moderate)\n\nThis update also fixes the following bugs:\n\n* Previously, processing packets with a lot of different IPv6 source\naddresses caused the kernel to return warnings concerning soft-lockups due\nto high lock contention and latency increase. With this update, lock\ncontention is reduced by backing off concurrent waiting threads on the\nlock. As a result, the kernel no longer issues warnings in the described\nscenario. (BZ#1285370)\n\n* Prior to this update, block device readahead was artificially limited.\nAs a consequence, the read performance was poor, especially on RAID\ndevices. Now, per-device readahead limits are used for each device instead\nof a global limit. As a result, read performance has improved, especially\non RAID devices. (BZ#1287550)\n\n* After injecting an EEH error, the host was previously not recovering and\nobserving I/O hangs in HTX tool logs. This update makes sure that when one\nor both of EEH_STATE_MMIO_ACTIVE and EEH_STATE_MMIO_ENABLED flags is marked\nin the PE state, the PE's IO path is regarded as enabled as well. As a\nresult, the host no longer hangs and recovers as expected. (BZ#1289101)\n\n* The genwqe device driver was previously using the GFP_ATOMIC flag for\nallocating consecutive memory pages from the kernel's atomic memory pool,\neven in non-atomic situations. This could lead to allocation failures\nduring memory pressure. With this update, the genwqe driver's memory\nallocations use the GFP_KERNEL flag, and the driver can allocate memory\neven during memory pressure situations. (BZ#1289450)\n\n* The nx842 co-processor for IBM Power Systems could in some circumstances\nprovide invalid data due to a data corruption bug during uncompression.\nWith this update, all compression and uncompression calls to the nx842\nco-processor contain a cyclic redundancy check (CRC) flag, which forces all\ncompression and uncompression operations to check data integrity and\nprevents the co-processor from providing corrupted data. (BZ#1289451)\n\n* A failed \"updatepp\" operation on the little-endian variant of IBM Power\nSystems could previously cause a wrong hash value to be used for the next\nhash insert operation in the page table. This could result in a missing\nhash pte update or invalidate operation, potentially causing memory\ncorruption. With this update, the hash value is always recalculated after a\nfailed \"updatepp\" operation, avoiding memory corruption. (BZ#1289452)\n\n* Large Receive Offload (LRO) flag disabling was not being propagated\ndownwards from above devices in vlan and bond hierarchy, breaking the flow\nof traffic. This problem has been fixed and LRO flags now propagate\ncorrectly. (BZ#1292072)\n\n* Due to rounding errors in the CPU frequency of the intel_pstate driver,\nthe CPU frequency never reached the value requested by the user. A kernel\npatch has been applied to fix these rounding errors. (BZ#1296276)\n\n* When running several containers (up to 100), reports of hung tasks were\npreviously reported. This update fixes the AB-BA deadlock in the\ndm_destroy() function, and the hung reports no longer occur. (BZ#1296566)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.", "modified": "2018-04-12T03:32:42", "published": "2016-02-16T15:28:15", "id": "RHSA-2016:0185", "href": "https://access.redhat.com/errata/RHSA-2016:0185", "type": "redhat", "title": "(RHSA-2016:0185) Important: kernel security and bug fix update", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T19:42:19", "bulletinFamily": "unix", "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially (although highly unlikely), escalate their privileges on the system. (CVE-2015-5157, Moderate)\n\n* A race condition flaw was found in the way the Linux kernel's SCTP implementation handled sctp_accept() during the processing of heartbeat timeout events. A remote attacker could use this flaw to prevent further connections to be accepted by the SCTP server running on the system, resulting in a denial of service. (CVE-2015-8767, Moderate)\n\nBug Fix(es):\n\n* When the nvme driver held the queue lock for too long, for example during DMA mapping, a lockup occurred leading to nvme hard-lockup panic. This update fixes the underlying source code, and nvme now works as expected.(BZ#1314209)\n\n* Due to a regression, a Unix domain datagram socket could come to a deadlock when sending a datagram to itself. The provided patch adds another \"sk\" check to the unix_dgram_sendmsg() function, and the aforementioned deadlock no longer occurs. (BZ#1315696)\n\n* Previously, writing a large file using direct I/O in 16 MB chunks sometimes caused a pathological allocation pattern where 16 MB chunks of large free extent were allocated to a file in reversed order. The provided patch avoids the backward allocation, and writing a large file using direct I/O now proceeds successfully. (BZ#1320031)\n\n* MD RAID1 devices that repeatedly became hot removed and re-added could become mismatched due to a race condition. This caused them to return stale data, leading to data corruption. The provided set of patches fixes this bug, and hot removals and re-additions of md devices now work as expected. (BZ#1320863)\n\n* A couple of previous fixes caused a deadlock on the \"rq\" lock leading to a kernel panic on CPU 0. The provided set of patches reverts the relevant commits, thus preventing the panic from occurring. (BZ#1326043)\n\nEnhancement(s):\n\n* VLAN support has been updated to integrate some of the latest upstream features. This update also makes sure that Null pointer crashes related to VLAN support in bonding mode no longer occur and that tag stripping and insertion work as expected. (BZ#1315706)\n\n* This update adds additional model numbers for Broadwell to perf. (BZ#1320035)", "modified": "2018-06-06T20:24:35", "published": "2016-05-04T00:45:28", "id": "RHSA-2016:0715", "href": "https://access.redhat.com/errata/RHSA-2016:0715", "type": "redhat", "title": "(RHSA-2016:0715) Moderate: kernel security, bug fix, and enhancement update", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:43:41", "bulletinFamily": "unix", "description": "The kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* It was found that the Linux kernel's keys subsystem did not correctly\ngarbage collect uninstantiated keyrings. A local attacker could use this\nflaw to crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2015-7872, Important)\n\n* A flaw was found in the way the Linux kernel handled IRET faults during\nthe processing of NMIs. An unprivileged, local user could use this flaw to\ncrash the system or, potentially (although highly unlikely), escalate their\nprivileges on the system. (CVE-2015-5157, Moderate)\n\nThe kernel-rt packages have been upgraded to version 3.10.0-327.10.1, which\nprovides a number of bug fixes and enhancements, including:\n\n* [md] dm: fix AB-BA deadlock in __dm_destroy() \n\n* [md] revert \"dm-mpath: fix stalls when handling invalid ioctl\n\n* [cpufreq] intel_pstate: Fix limits->max_perf and limits->max_policy_pct\nrounding errors\n\n* [cpufreq] revert \"intel_pstate: fix rounding error in max_freq_pct\"\n\n* [crypto] nx: 842 - Add CRC and validation support\n\n* [of] return NUMA_NO_NODE from fallback of_node_to_nid()\n\n(BZ#1282591)\n\nThis update also fixes the following bugs:\n\n* Because the realtime kernel replaces most of the spinlocks with\nrtmutexes, the locking scheme used in both NAPI polling and busy polling\ncould become out of synchronization with the State Machine they protected.\nThis could cause system performance degradation or even a livelock\nsituation when a machine with faster NICs (10g or 40g) was subject to a\nheavy pressure receiving network packets. The locking schemes on NAPI\npolling and busy polling routines have been hardened to enforce the State\nmachine sanity to help ensure the system continues to function properly\nunder pressure. (BZ#1293230)\n\n* A possible livelock in the NAPI polling and busy polling routines could\nlead the system to a livelock on threads running at high, realtime,\npriorities. The threads running at priorities lower than the ones of the\nthreads involved in the livelock were prevented from running on the CPUs\naffected by the livelock. Among those lower priority threads are the rcuc/\nthreads. With this update, right before (4 jiffies) a RCU stall is\ndetected, the rcuc/ threads on the CPUs facing the livelock have their\npriorities boosted above the priority of the threads involved in the\nlivelock. The softirq code has also been updated to be more robust.\nThese modifications allow the rcuc/ threads to execute even under system\npressure, mitigating the RCU stalls. (BZ#1293229)\n\n* Multiple CPUs trying to take an rq lock previously caused large latencies\non machines with many CPUs. On systems with more than 32 cores, this update\nuses the \"push\" rather than \"pull\" approach and provides multiple changes\nto the scheduling of rq locks. As a result, machines no longer suffer from\nmultiplied latencies on large CPU systems. (BZ#1282597)\n\n* Previously, the SFC driver for 10 GB cards executed polling in NAPI mode,\nusing a locking mechanism similar to a \"trylock\". Consequently, when\nrunning on a Realtime kernel, a livelock could occur. This update modifies\nthe locking mechanism so that once the lock is taken it is not released\nuntil the operation is complete. (BZ#1282609)\n\nAll kernel-rt users are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements. The system must be\nrebooted for this update to take effect.", "modified": "2018-03-19T16:29:52", "published": "2016-02-16T15:28:21", "id": "RHSA-2016:0212", "href": "https://access.redhat.com/errata/RHSA-2016:0212", "type": "redhat", "title": "(RHSA-2016:0212) Important: kernel-rt security, bug fix, and enhancement update", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2017-10-03T18:25:57", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2016:0185\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* It was found that the Linux kernel's keys subsystem did not correctly\ngarbage collect uninstantiated keyrings. A local attacker could use this\nflaw to crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2015-7872, Important)\n\n* A flaw was found in the way the Linux kernel handled IRET faults during\nthe processing of NMIs. An unprivileged, local user could use this flaw to\ncrash the system or, potentially (although highly unlikely), escalate their\nprivileges on the system. (CVE-2015-5157, Moderate)\n\nThis update also fixes the following bugs:\n\n* Previously, processing packets with a lot of different IPv6 source\naddresses caused the kernel to return warnings concerning soft-lockups due\nto high lock contention and latency increase. With this update, lock\ncontention is reduced by backing off concurrent waiting threads on the\nlock. As a result, the kernel no longer issues warnings in the described\nscenario. (BZ#1285370)\n\n* Prior to this update, block device readahead was artificially limited.\nAs a consequence, the read performance was poor, especially on RAID\ndevices. Now, per-device readahead limits are used for each device instead\nof a global limit. As a result, read performance has improved, especially\non RAID devices. (BZ#1287550)\n\n* After injecting an EEH error, the host was previously not recovering and\nobserving I/O hangs in HTX tool logs. This update makes sure that when one\nor both of EEH_STATE_MMIO_ACTIVE and EEH_STATE_MMIO_ENABLED flags is marked\nin the PE state, the PE's IO path is regarded as enabled as well. As a\nresult, the host no longer hangs and recovers as expected. (BZ#1289101)\n\n* The genwqe device driver was previously using the GFP_ATOMIC flag for\nallocating consecutive memory pages from the kernel's atomic memory pool,\neven in non-atomic situations. This could lead to allocation failures\nduring memory pressure. With this update, the genwqe driver's memory\nallocations use the GFP_KERNEL flag, and the driver can allocate memory\neven during memory pressure situations. (BZ#1289450)\n\n* The nx842 co-processor for IBM Power Systems could in some circumstances\nprovide invalid data due to a data corruption bug during uncompression.\nWith this update, all compression and uncompression calls to the nx842\nco-processor contain a cyclic redundancy check (CRC) flag, which forces all\ncompression and uncompression operations to check data integrity and\nprevents the co-processor from providing corrupted data. (BZ#1289451)\n\n* A failed \"updatepp\" operation on the little-endian variant of IBM Power\nSystems could previously cause a wrong hash value to be used for the next\nhash insert operation in the page table. This could result in a missing\nhash pte update or invalidate operation, potentially causing memory\ncorruption. With this update, the hash value is always recalculated after a\nfailed \"updatepp\" operation, avoiding memory corruption. (BZ#1289452)\n\n* Large Receive Offload (LRO) flag disabling was not being propagated\ndownwards from above devices in vlan and bond hierarchy, breaking the flow\nof traffic. This problem has been fixed and LRO flags now propagate\ncorrectly. (BZ#1292072)\n\n* Due to rounding errors in the CPU frequency of the intel_pstate driver,\nthe CPU frequency never reached the value requested by the user. A kernel\npatch has been applied to fix these rounding errors. (BZ#1296276)\n\n* When running several containers (up to 100), reports of hung tasks were\npreviously reported. This update fixes the AB-BA deadlock in the\ndm_destroy() function, and the hung reports no longer occur. (BZ#1296566)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2016-February/021705.html\n\n**Affected packages:**\nkernel\nkernel-abi-whitelists\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-tools\nkernel-tools-libs\nkernel-tools-libs-devel\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-0185.html", "modified": "2016-02-17T03:38:06", "published": "2016-02-17T03:38:06", "href": "http://lists.centos.org/pipermail/centos-announce/2016-February/021705.html", "id": "CESA-2016:0185", "title": "kernel, perf, python security update", "type": "centos", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:25:12", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2016:0715\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially (although highly unlikely), escalate their privileges on the system. (CVE-2015-5157, Moderate)\n\n* A race condition flaw was found in the way the Linux kernel's SCTP implementation handled sctp_accept() during the processing of heartbeat timeout events. A remote attacker could use this flaw to prevent further connections to be accepted by the SCTP server running on the system, resulting in a denial of service. (CVE-2015-8767, Moderate)\n\nBug Fix(es):\n\n* When the nvme driver held the queue lock for too long, for example during DMA mapping, a lockup occurred leading to nvme hard-lockup panic. This update fixes the underlying source code, and nvme now works as expected.(BZ#1314209)\n\n* Due to a regression, a Unix domain datagram socket could come to a deadlock when sending a datagram to itself. The provided patch adds another \"sk\" check to the unix_dgram_sendmsg() function, and the aforementioned deadlock no longer occurs. (BZ#1315696)\n\n* Previously, writing a large file using direct I/O in 16 MB chunks sometimes caused a pathological allocation pattern where 16 MB chunks of large free extent were allocated to a file in reversed order. The provided patch avoids the backward allocation, and writing a large file using direct I/O now proceeds successfully. (BZ#1320031)\n\n* MD RAID1 devices that repeatedly became hot removed and re-added could become mismatched due to a race condition. This caused them to return stale data, leading to data corruption. The provided set of patches fixes this bug, and hot removals and re-additions of md devices now work as expected. (BZ#1320863)\n\n* A couple of previous fixes caused a deadlock on the \"rq\" lock leading to a kernel panic on CPU 0. The provided set of patches reverts the relevant commits, thus preventing the panic from occurring. (BZ#1326043)\n\nEnhancement(s):\n\n* VLAN support has been updated to integrate some of the latest upstream features. This update also makes sure that Null pointer crashes related to VLAN support in bonding mode no longer occur and that tag stripping and insertion work as expected. (BZ#1315706)\n\n* This update adds additional model numbers for Broadwell to perf. (BZ#1320035)\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2016-May/021858.html\n\n**Affected packages:**\nkernel\nkernel-abi-whitelists\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-firmware\nkernel-headers\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-0715.html", "modified": "2016-05-04T03:07:19", "published": "2016-05-04T03:07:19", "href": "http://lists.centos.org/pipermail/centos-announce/2016-May/021858.html", "id": "CESA-2016:0715", "title": "kernel, perf, python security update", "type": "centos", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:10:23", "bulletinFamily": "unix", "description": "Andy Lutomirski discovered a flaw in the Linux kernel\u2019s handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. (CVE-2015-3290)\n\nColin King discovered a flaw in the add_key function of the Linux kernel\u2019s keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). (CVE-2015-1333)\n\nAndy Lutomirski discovered a flaw that allows user to cause the Linux kernel to ignore some NMIs (non-maskable interrupts). A local unprivileged user could exploit this flaw to potentially cause the system to miss important NMIs resulting in unspecified effects. (CVE-2015-3291)\n\nAndy Lutomirski and Petr Matousek discovered that an NMI (non-maskable interrupt) that interrupts userspace and encounters an IRET fault is incorrectly handled by the Linux kernel. An unprivileged local user could exploit this flaw to cause a denial of service (kernel OOPs), corruption, or potentially escalate privileges on the system. (CVE-2015-5157)", "modified": "2015-07-28T00:00:00", "published": "2015-07-28T00:00:00", "id": "USN-2688-1", "href": "https://usn.ubuntu.com/2688-1/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:09:28", "bulletinFamily": "unix", "description": "Andy Lutomirski discovered a flaw in the Linux kernel\u2019s handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. (CVE-2015-3290)\n\nColin King discovered a flaw in the add_key function of the Linux kernel\u2019s keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). (CVE-2015-1333)\n\nAndy Lutomirski discovered a flaw that allows user to cause the Linux kernel to ignore some NMIs (non-maskable interrupts). A local unprivileged user could exploit this flaw to potentially cause the system to miss important NMIs resulting in unspecified effects. (CVE-2015-3291)\n\nAndy Lutomirski and Petr Matousek discovered that an NMI (non-maskable interrupt) that interrupts userspace and encounters an IRET fault is incorrectly handled by the Linux kernel. An unprivileged local user could exploit this flaw to cause a denial of service (kernel OOPs), corruption, or potentially escalate privileges on the system. (CVE-2015-5157)", "modified": "2015-07-28T00:00:00", "published": "2015-07-28T00:00:00", "id": "USN-2691-1", "href": "https://usn.ubuntu.com/2691-1/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:45", "bulletinFamily": "unix", "description": "Andy Lutomirski discovered a flaw in the Linux kernel\u2019s handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. (CVE-2015-3290)\n\nColin King discovered a flaw in the add_key function of the Linux kernel\u2019s keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). (CVE-2015-1333)\n\nAndy Lutomirski discovered a flaw that allows user to cause the Linux kernel to ignore some NMIs (non-maskable interrupts). A local unprivileged user could exploit this flaw to potentially cause the system to miss important NMIs resulting in unspecified effects. (CVE-2015-3291)\n\nAndy Lutomirski and Petr Matousek discovered that an NMI (non-maskable interrupt) that interrupts userspace and encounters an IRET fault is incorrectly handled by the Linux kernel. An unprivileged local user could exploit this flaw to cause a denial of service (kernel OOPs), corruption, or potentially escalate privileges on the system. (CVE-2015-5157)", "modified": "2015-07-28T00:00:00", "published": "2015-07-28T00:00:00", "id": "USN-2690-1", "href": "https://usn.ubuntu.com/2690-1/", "title": "Linux kernel (Vivid HWE) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:44", "bulletinFamily": "unix", "description": "Andy Lutomirski discovered a flaw in the Linux kernel\u2019s handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. (CVE-2015-3290)\n\nColin King discovered a flaw in the add_key function of the Linux kernel\u2019s keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). (CVE-2015-1333)\n\nAndy Lutomirski discovered a flaw that allows user to cause the Linux kernel to ignore some NMIs (non-maskable interrupts). A local unprivileged user could exploit this flaw to potentially cause the system to miss important NMIs resulting in unspecified effects. (CVE-2015-3291)\n\nAndy Lutomirski and Petr Matousek discovered that an NMI (non-maskable interrupt) that interrupts userspace and encounters an IRET fault is incorrectly handled by the Linux kernel. An unprivileged local user could exploit this flaw to cause a denial of service (kernel OOPs), corruption, or potentially escalate privileges on the system. (CVE-2015-5157)", "modified": "2015-07-28T00:00:00", "published": "2015-07-28T00:00:00", "id": "USN-2689-1", "href": "https://usn.ubuntu.com/2689-1/", "title": "Linux kernel (Utopic HWE) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:45", "bulletinFamily": "unix", "description": "Andy Lutomirski discovered a flaw in the Linux kernel\u2019s handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. (CVE-2015-3290)\n\nColin King discovered a flaw in the add_key function of the Linux kernel\u2019s keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). (CVE-2015-1333)\n\nAndy Lutomirski discovered a flaw that allows user to cause the Linux kernel to ignore some NMIs (non-maskable interrupts). A local unprivileged user could exploit this flaw to potentially cause the system to miss important NMIs resulting in unspecified effects. (CVE-2015-3291)\n\nAndy Lutomirski and Petr Matousek discovered that an NMI (non-maskable interrupt) that interrupts userspace and encounters an IRET fault is incorrectly handled by the Linux kernel. An unprivileged local user could exploit this flaw to cause a denial of service (kernel OOPs), corruption, or potentially escalate privileges on the system. (CVE-2015-5157)", "modified": "2015-07-28T00:00:00", "published": "2015-07-28T00:00:00", "id": "USN-2687-1", "href": "https://usn.ubuntu.com/2687-1/", "title": "Linux kernel (Trusty HWE) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:11:00", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA512\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-3313-1 security@debian.org\r\nhttps://www.debian.org/security/ Salvatore Bonaccorso\r\nJuly 23, 2015 https://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : linux\r\nCVE ID : CVE-2015-3290 CVE-2015-3291 CVE-2015-4167 CVE-2015-5157\r\n CVE-2015-5364 CVE-2015-5366\r\n\r\nSeveral vulnerabilities have been discovered in the Linux kernel that\r\nmay lead to a privilege escalation or denial of service.\r\n\r\nCVE-2015-3290\r\n\r\n Andy Lutomirski discovered that the Linux kernel does not properly\r\n handle nested NMIs. A local, unprivileged user could use this flaw\r\n for privilege escalation.\r\n\r\nCVE-2015-3291\r\n\r\n Andy Lutomirski discovered that under certain conditions a malicious\r\n userspace program can cause the kernel to skip NMIs leading to a\r\n denial of service.\r\n\r\nCVE-2015-4167\r\n\r\n Carl Henrik Lunde discovered that the UDF implementation is missing\r\n a necessary length check. A local user that can mount devices could\r\n use this flaw to crash the system.\r\n\r\nCVE-2015-5157\r\n\r\n Petr Matousek and Andy Lutomirski discovered that an NMI that\r\n interrupts userspace and encounters an IRET fault is incorrectly\r\n handled. A local, unprivileged user could use this flaw for denial\r\n of service or possibly for privilege escalation.\r\n\r\nCVE-2015-5364\r\n\r\n It was discovered that the Linux kernel does not properly handle\r\n invalid UDP checksums. A remote attacker could exploit this flaw to\r\n cause a denial of service using a flood of UDP packets with invalid\r\n checksums.\r\n\r\nCVE-2015-5366\r\n\r\n It was discovered that the Linux kernel does not properly handle\r\n invalid UDP checksums. A remote attacker can cause a denial of\r\n service against applications that use epoll by injecting a single\r\n packet with an invalid checksum.\r\n\r\nFor the stable distribution (jessie), these problems have been fixed in\r\nversion 3.16.7-ckt11-1+deb8u2.\r\n\r\nFor the unstable distribution (sid), these problems have been fixed in\r\nversion 4.0.8-2 or earlier versions.\r\n\r\nWe recommend that you upgrade your linux packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: https://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1\r\n\r\niQIcBAEBCgAGBQJVsI3hAAoJEAVMuPMTQ89EqhcP/3/kR3DnbodC4GFblOYwidim\r\nLclDavSNCZGxJzLhlqDczTmEma/z0nr2UxSy1Y4E3QlIXzd+3KaYZBBH71Ktnk6L\r\nLJ79i3KKHtHogwvSUcjPNJD6++mbh5WS4uFKLepH9zO6ApF8BggThr7PFtl4r8Wn\r\nbPxUHYd0fhrfqksvvBSM3JDlDvZx2xTMl0/FG9Ka21zm5AjnU7TVa3VsQiU5Qirv\r\nhKTQSq5OyJ6URkfaOnB0ulmTWofCSy/A6QSN9meu8eHsB1qCkKw01DPBIs3LMaiv\r\nAzZZ3s/F9ovNI+BiQyWRvsJvqV6uYYHTrTsW/2LXdULsIR5nwohoi6OBHbtyA88L\r\njOPgMMGZ0WwXTDGDgPjzWXInBhJh31j0hZr/yiW+owBhlqKrPoxgUoa3GDNgBvXS\r\nPe/22MjxAne2XjIY0aWGJFokIDB10n4TJuLHYCtgqOUtAr2r5x/3p5nmU325QiqD\r\nf/9MMDwRS6AXabh6xFeW38b/NrYDuSm8wbYlFlzFh5plzNrb1pSSnW8QBAcapZuN\r\nu0XVrTSHpW0vabokKXs0KLlLhDGWIr0QnGCFt9DMEAISkyn13zLOYr65U8w+AXjB\r\nUFeDPcmZul83a4BlW86DxCBQmRPkGl1LeS/xRqYLMBS0OneE3xZx1Nv2FneVxwlr\r\nCu+sM+Z7F1vlYKqRzhxw\r\n=4jts\r\n-----END PGP SIGNATURE-----\r\n\r\n", "modified": "2015-07-26T00:00:00", "published": "2015-07-26T00:00:00", "id": "SECURITYVULNS:DOC:32352", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32352", "title": "[SECURITY] [DSA 3313-1] linux security update", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:01", "bulletinFamily": "software", "description": "Multiple USB over WiFi memory corruptions, DoS, race conditions.", "modified": "2015-09-21T00:00:00", "published": "2015-09-21T00:00:00", "id": "SECURITYVULNS:VULN:14579", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14579", "title": "Linux kernel multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}], "debian": [{"lastseen": "2018-10-16T22:12:54", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3313-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nJuly 23, 2015 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : linux\nCVE ID : CVE-2015-3290 CVE-2015-3291 CVE-2015-4167 CVE-2015-5157\n CVE-2015-5364 CVE-2015-5366\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation or denial of service.\n\nCVE-2015-3290\n\n Andy Lutomirski discovered that the Linux kernel does not properly\n handle nested NMIs. A local, unprivileged user could use this flaw\n for privilege escalation.\n\nCVE-2015-3291\n\n Andy Lutomirski discovered that under certain conditions a malicious\n userspace program can cause the kernel to skip NMIs leading to a\n denial of service.\n\nCVE-2015-4167\n\n Carl Henrik Lunde discovered that the UDF implementation is missing\n a necessary length check. A local user that can mount devices could\n use this flaw to crash the system.\n\nCVE-2015-5157\n\n Petr Matousek and Andy Lutomirski discovered that an NMI that\n interrupts userspace and encounters an IRET fault is incorrectly\n handled. A local, unprivileged user could use this flaw for denial\n of service or possibly for privilege escalation.\n\nCVE-2015-5364\n\n It was discovered that the Linux kernel does not properly handle\n invalid UDP checksums. A remote attacker could exploit this flaw to\n cause a denial of service using a flood of UDP packets with invalid\n checksums.\n\nCVE-2015-5366\n\n It was discovered that the Linux kernel does not properly handle\n invalid UDP checksums. A remote attacker can cause a denial of\n service against applications that use epoll by injecting a single\n packet with an invalid checksum.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 3.16.7-ckt11-1+deb8u2.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 4.0.8-2 or earlier versions.\n\nWe recommend that you upgrade your linux packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2015-07-23T06:49:55", "published": "2015-07-23T06:49:55", "id": "DEBIAN:DSA-3313-1:00F99", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2015/msg00209.html", "title": "[SECURITY] [DSA 3313-1] linux security update", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T11:50:20", "bulletinFamily": "unix", "description": "The SUSE Linux Enterprise 12 kernel was updated to 3.12.48-52.27 to\n receive various security and bugfixes.\n\n Following security bugs were fixed:\n * CVE-2015-7613: A flaw was found in the Linux kernel IPC code that could\n lead to arbitrary code execution. The ipc_addid() function initialized a\n shared object that has unset uid/gid values. Since the fields are not\n initialized, the check can falsely succeed. (bsc#948536)\n * CVE-2015-5156: When a guests KVM network devices is in a bridge\n configuration the kernel can create a situation in which packets are\n fragmented in an unexpected fashion. The GRO functionality can create a\n situation in which multiple SKB's are chained together in a single\n packets fraglist (by design). (bsc#940776)\n * CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel before\n 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs\n that occurred during userspace execution, which might allow local users\n to gain privileges by triggering an NMI (bsc#938706).\n * CVE-2015-6252: A flaw was found in the way the Linux kernel's vhost\n driver treated userspace provided log file descriptor when processing\n the VHOST_SET_LOG_FD ioctl command. The file descriptor was never\n released and continued to consume kernel memory. A privileged local user\n with access to the /dev/vhost-net files could use this flaw to create a\n denial-of-service attack (bsc#942367).\n * CVE-2015-5697: The get_bitmap_file function in drivers/md/md.c in the\n Linux kernel before 4.1.6 does not initialize a certain bitmap data\n structure, which allows local users to obtain sensitive information from\n kernel memory via a GET_BITMAP_FILE ioctl call. (bnc#939994)\n * CVE-2015-6937: A NULL pointer dereference flaw was found in the Reliable\n Datagram Sockets (RDS) implementation allowing a local user to cause\n system DoS. A verification was missing that the underlying transport\n exists when a connection was created. (bsc#945825)\n * CVE-2015-5283: A NULL pointer dereference flaw was found in SCTP\n implementation allowing a local user to cause system DoS. Creation of\n multiple sockets in parallel when system doesn't have SCTP module loaded\n can lead to kernel panic. (bsc#947155)\n\n The following non-security bugs were fixed:\n - ALSA: hda - Abort the probe without i915 binding for HSW/BDW\n (bsc#936556).\n - Btrfs: Backport subvolume mount option handling (bsc#934962)\n - Btrfs: Handle unaligned length in extent_same (bsc#937609).\n - Btrfs: advertise which crc32c implementation is being used on mount\n (bsc#946057).\n - Btrfs: allow mounting btrfs subvolumes with different ro/rw options.\n - Btrfs: check if previous transaction aborted to avoid fs corruption\n (bnc#942509).\n - Btrfs: clean up error handling in mount_subvol() (bsc#934962).\n - Btrfs: cleanup orphans while looking up default subvolume (bsc#914818).\n - Btrfs: do not update mtime/ctime on deduped inodes (bsc#937616).\n - Btrfs: fail on mismatched subvol and subvolid mount options (bsc#934962).\n - Btrfs: fix chunk allocation regression leading to transaction abort\n (bnc#938550).\n - Btrfs: fix clone / extent-same deadlocks (bsc#937612).\n - Btrfs: fix crash on close_ctree() if cleaner starts new transaction\n (bnc#938891).\n - Btrfs: fix deadlock with extent-same and readpage (bsc#937612).\n - Btrfs: fix file corruption after cloning inline extents (bnc#942512).\n - Btrfs: fix file read corruption after extent cloning and fsync\n (bnc#946902).\n - Btrfs: fix find_free_dev_extent() malfunction in case device tree has\n hole (bnc#938550).\n - Btrfs: fix hang when failing to submit bio of directIO (bnc#942685).\n - Btrfs: fix list transaction-&gt;pending_ordered corruption (bnc#938893).\n - Btrfs: fix memory corruption on failure to submit bio for direct IO\n (bnc#942685).\n - Btrfs: fix memory leak in the extent_same ioctl (bsc#937613).\n - Btrfs: fix put dio bio twice when we submit dio bio fail (bnc#942685).\n - Btrfs: fix race between balance and unused block group deletion\n (bnc#938892).\n - Btrfs: fix range cloning when same inode used as source and destination\n (bnc#942511).\n - Btrfs: fix read corruption of compressed and shared extents (bnc#946906).\n - Btrfs: fix uninit variable in clone ioctl (bnc#942511).\n - Btrfs: fix use-after-free in mount_subvol().\n - Btrfs: fix wrong check for btrfs_force_chunk_alloc() (bnc#938550).\n - Btrfs: lock superblock before remounting for rw subvol (bsc#934962).\n - Btrfs: pass unaligned length to btrfs_cmp_data() (bsc#937609).\n - Btrfs: remove all subvol options before mounting top-level (bsc#934962).\n - Btrfs: show subvol= and subvolid= in /proc/mounts (bsc#934962).\n - Btrfs: unify subvol= and subvolid= mounting (bsc#934962).\n - Btrfs: fill ->last_trans for delayed inode in btrfs_fill_inode\n (bnc#942925).\n - Btrfs: fix metadata inconsistencies after directory fsync (bnc#942925).\n - Btrfs: fix stale dir entries after removing a link and fsync\n (bnc#942925).\n - Btrfs: fix stale dir entries after unlink, inode eviction and fsync\n (bnc#942925).\n - Btrfs: fix stale directory entries after fsync log replay (bnc#942925).\n - Btrfs: make btrfs_search_forward return with nodes unlocked (bnc#942925).\n - Btrfs: support NFSv2 export (bnc#929871).\n - Btrfs: update fix for read corruption of compressed and shared extents\n (bsc#948256).\n - Drivers: hv: do not do hypercalls when hypercall_page is NULL.\n - Drivers: hv: vmbus: add special crash handler.\n - Drivers: hv: vmbus: add special kexec handler.\n - Drivers: hv: vmbus: remove hv_synic_free_cpu() call from\n hv_synic_cleanup().\n - Input: evdev - do not report errors form flush() (bsc#939834).\n - Input: synaptics - do not retrieve the board id on old firmwares\n (bsc#929092).\n - Input: synaptics - log queried and quirked dimension values (bsc#929092).\n - Input: synaptics - query min dimensions for fw v8.1.\n - Input: synaptics - remove X1 Carbon 3rd gen from the topbuttonpad list\n (bsc#929092).\n - Input: synaptics - remove X250 from the topbuttonpad list.\n - Input: synaptics - remove obsolete min/max quirk for X240 (bsc#929092).\n - Input: synaptics - skip quirks when post-2013 dimensions (bsc#929092).\n - Input: synaptics - split synaptics_resolution(), query first\n (bsc#929092).\n - Input: synaptics - support min/max board id in min_max_pnpid_table\n (bsc#929092).\n - NFS: Make sure XPRT_CONNECTING gets cleared when needed (bsc#946309).\n - NFSv4: do not set SETATTR for O_RDONLY|O_EXCL (bsc#939716).\n - PCI: Move MPS configuration check to pci_configure_device() (bsc#943313).\n - PCI: Set MPS to match upstream bridge (bsc#943313).\n - SCSI: fix regression in scsi_send_eh_cmnd() (bsc#930813).\n - SCSI: fix scsi_error_handler vs. scsi_host_dev_release race (bnc#942204).\n - SCSI: vmw_pvscsi: Fix pvscsi_abort() function (bnc#940398).\n - UAS: fixup for remaining use of dead_list (bnc#934942).\n - USB: storage: use %*ph specifier to dump small buffers (bnc#934942).\n - aio: fix reqs_available handling (bsc#943378).\n - audit: do not generate loginuid log when audit disabled (bsc#941098).\n - blk-merge: do not compute bi_phys_segments from bi_vcnt for cloned bio\n (bnc#934430).\n - blk-merge: fix blk_recount_segments (bnc#934430).\n - blk-merge: recaculate segment if it isn't less than max segments\n (bnc#934430).\n - block: add queue flag for disabling SG merging (bnc#934430).\n - block: blk-merge: fix blk_recount_segments() (bnc#934430).\n - config: disable CONFIG_TCM_RBD on ppc64le and s390x\n - cpufreq: intel_pstate: Add CPU ID for Braswell processor.\n - dlm: fix missing endian conversion of rcom_status flags (bsc#940679).\n - dm cache mq: fix memory allocation failure for large cache devices\n (bsc#942707).\n - drm/i915: Avoid race of intel_crt_detect_hotplug() with HPD interrupt\n (bsc#942938).\n - drm/i915: Make hpd arrays big enough to avoid out of bounds access\n (bsc#942938).\n - drm/i915: Only print hotplug event message when hotplug bit is set\n (bsc#942938).\n - drm/i915: Queue reenable timer also when enable_hotplug_processing is\n false (bsc#942938).\n - drm/i915: Use an interrupt save spinlock in intel_hpd_irq_handler()\n (bsc#942938).\n - drm/radeon: fix hotplug race at startup (bsc#942307).\n - ethtool, net/mlx4_en: Add 100M, 20G, 56G speeds ethtool reporting\n support (bsc#945710).\n - hrtimer: prevent timer interrupt DoS (bnc#886785).\n - hv: fcopy: add memory barrier to propagate state (bnc#943529).\n - inotify: Fix nested sleeps in inotify_read() (bsc#940925).\n - intel_pstate: Add CPU IDs for Broadwell processors.\n - intel_pstate: Add CPUID for BDW-H CPU.\n - intel_pstate: Add support for SkyLake.\n - intel_pstate: Correct BYT VID values (bnc#907973).\n - intel_pstate: Remove periodic P state boost (bnc#907973).\n - intel_pstate: add sample time scaling (bnc#907973, bnc#924722,\n bnc#916543).\n - intel_pstate: don't touch turbo bit if turbo disabled or unavailable\n (bnc#907973).\n - intel_pstate: remove setting P state to MAX on init (bnc#907973).\n - intel_pstate: remove unneeded sample buffers (bnc#907973).\n - intel_pstate: set BYT MSR with wrmsrl_on_cpu() (bnc#907973).\n - ipr: Fix incorrect trace indexing (bsc#940912).\n - ipr: Fix invalid array indexing for HRRQ (bsc#940912).\n - iwlwifi: dvm: drop non VO frames when flushing (bsc#940545).\n - kABI workaround for ieee80211_ops.flush argument change (bsc#940545).\n - kconfig: Do not print status messages in make -s mode (bnc#942160).\n - kernel/modsign_uefi.c: Check for EFI_RUNTIME_SERVICES in load_uefi_certs\n (bsc#856382).\n - kernel: do full redraw of the 3270 screen on reconnect (bnc#943476,\n LTC#129509).\n - kexec: define kexec_in_progress in !CONFIG_KEXEC case.\n - kvm: Use WARN_ON_ONCE for missing X86_FEATURE_NRIPS (bsc#947537).\n - lpfc: Fix scsi prep dma buf error (bsc#908950).\n - mac80211: add vif to flush call (bsc#940545).\n - md/bitmap: do not abuse i_writecount for bitmap files (bsc#943270).\n - md/bitmap: protect clearing of -&gt;bitmap by mddev-&gt;lock\n (bnc#912183).\n - md/raid5: use -&gt;lock to protect accessing raid5 sysfs attributes\n (bnc#912183).\n - md: fix problems with freeing private data after -&gt;run failure\n (bnc#912183).\n - md: level_store: group all important changes into one place (bnc#912183).\n - md: move GET_BITMAP_FILE ioctl out from mddev_lock (bsc#943270).\n - md: protect -&gt;pers changes with mddev-&gt;lock (bnc#912183).\n - md: remove mddev_lock from rdev_attr_show() (bnc#912183).\n - md: remove mddev_lock() from md_attr_show() (bnc#912183).\n - md: remove need for mddev_lock() in md_seq_show() (bnc#912183).\n - md: split detach operation out from -&gt;stop (bnc#912183).\n - md: tidy up set_bitmap_file (bsc#943270).\n - megaraid_sas: Handle firmware initialization after fast boot\n (bsc#922071).\n - mfd: lpc_ich: Assign subdevice ids automatically (bnc#898159).\n - mm: filemap: Avoid unnecessary barriers and waitqueue lookups -fix\n (VM/FS Performance (bnc#941951)).\n - mm: make page pfmemalloc check more robust (bnc#920016).\n - mm: numa: disable change protection for vma(VM_HUGETLB) (bnc#943573).\n - netfilter: nf_conntrack_proto_sctp: minimal multihoming support\n (bsc#932350).\n - net/mlx4_core: Add ethernet backplane autoneg device capability\n (bsc#945710).\n - net/mlx4_core: Introduce ACCESS_REG CMD and eth_prot_ctrl dev cap\n (bsc#945710).\n - net/mlx4_en: Use PTYS register to query ethtool settings (bsc#945710).\n - net/mlx4_en: Use PTYS register to set ethtool settings (Speed)\n (bsc#945710).\n - rcu: Reject memory-order-induced stall-warning false positives\n (bnc#941908).\n - s390/dasd: fix kernel panic when alias is set offline (bnc#940965,\n LTC#128595).\n - sched: Fix KMALLOC_MAX_SIZE overflow during cpumask allocation\n (bnc#939266).\n - sched: Fix cpu_active_mask/cpu_online_mask race (bsc#936773).\n - sched, numa: do not hint for NUMA balancing on VM_MIXEDMAP mappings\n (bnc#943573).\n - uas: Add US_FL_MAX_SECTORS_240 flag (bnc#934942).\n - uas: Add response iu handling (bnc#934942).\n - uas: Add uas_get_tag() helper function (bnc#934942).\n - uas: Check against unexpected completions (bnc#934942).\n - uas: Cleanup uas_log_cmd_state usage (bnc#934942).\n - uas: Do not log urb status error on cancellation (bnc#934942).\n - uas: Do not use scsi_host_find_tag (bnc#934942).\n - uas: Drop COMMAND_COMPLETED flag (bnc#934942).\n - uas: Drop all references to a scsi_cmnd once it has been aborted\n (bnc#934942).\n - uas: Drop inflight list (bnc#934942).\n - uas: Fix memleak of non-submitted urbs (bnc#934942).\n - uas: Fix resetting flag handling (bnc#934942).\n - uas: Free data urbs on completion (bnc#934942).\n - uas: Log error codes when logging errors (bnc#934942).\n - uas: Reduce number of function arguments for uas_alloc_foo functions\n (bnc#934942).\n - uas: Remove cmnd reference from the cmd urb (bnc#934942).\n - uas: Remove support for old sense ui as used in pre-production hardware\n (bnc#934942).\n - uas: Remove task-management / abort error handling code (bnc#934942).\n - uas: Set max_sectors_240 quirk for ASM1053 devices (bnc#934942).\n - uas: Simplify reset / disconnect handling (bnc#934942).\n - uas: Simplify unlink of data urbs on error (bnc#934942).\n - uas: Use scsi_print_command (bnc#934942).\n - uas: pre_reset and suspend: Fix a few races (bnc#934942).\n - uas: zap_pending: data urbs should have completed at this time\n (bnc#934942).\n - x86/kernel: Do not reserve crashkernel high memory if crashkernel low\n memory reserving failed (bsc#939145).\n - x86/smpboot: Check for cpu_active on cpu initialization (bsc#932285).\n - x86/smpboot: Check for cpu_active on cpu initialization (bsc#936773).\n - xhci: Workaround for PME stuck issues in Intel xhci (bnc#944028).\n - xhci: rework cycle bit checking for new dequeue pointers (bnc#944028).\n - xfs: Fix file type directory corruption for btree directories\n (bsc#941305).\n\n", "modified": "2015-10-13T11:09:43", "published": "2015-10-13T11:09:43", "id": "SUSE-SU-2015:1727-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html", "type": "suse", "title": "Security update for kernel-source (important)", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:46:26", "bulletinFamily": "unix", "description": "The SUSE Linux Enterprise 11 SP3 Realtime kernel was updated to receive\n various security and bugfixes.\n\n Following security bugs were fixed:\n - CVE-2015-8104: The KVM subsystem in the Linux kernel allowed guest OS\n users to cause a denial of service (host OS panic or hang) by triggering\n many #DB (aka Debug) exceptions, related to svm.c (bnc#954404).\n - CVE-2015-5307: The KVM subsystem in the Linux kernel allowed guest OS\n users to cause a denial of service (host OS panic or hang) by triggering\n many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c\n (bnc#953527).\n - CVE-2015-7990: RDS: Verify the underlying transport exists before\n creating a connection, preventing possible DoS (bsc#952384,\n CVE-2015-7990).\n - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel on the\n x86_64 platform mishandled IRET faults in processing NMIs that\n occurred during userspace execution, which might allow local users to\n gain privileges by triggering an NMI (bnc#937969 bnc#937970 bnc#938706\n bnc#939207).\n - CVE-2015-7872: The key_gc_unused_keys function in security/keys/gc.c in\n the Linux kernel allowed local users to cause a denial of service (OOPS)\n via crafted keyctl commands (bnc#951440).\n - CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel\n did not validate attempted changes to the MTU value, which allowed\n context-dependent attackers to cause a denial of service (packet loss)\n via a value that is (1) smaller than the minimum compliant value or (2)\n larger than the MTU of an interface, as demonstrated by a Router\n Advertisement (RA) message that is not validated by a daemon, a\n different vulnerability than CVE-2015-0272. NOTE: the scope of\n CVE-2015-0272 is limited to the NetworkManager product. (bnc#955354).\n - CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in\n the Linux kernel allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) or possibly have unspecified\n other impact by using a socket that was not properly bound (bnc#945825).\n - CVE-2015-6252: The vhost_dev_ioctl function in drivers/vhost/vhost.c in\n the Linux kernel allowed local users to cause a denial of service\n (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggers\n permanent file-descriptor allocation (bnc#942367).\n\n The following non-security bugs were fixed:\n - alsa: hda - Disable 64bit address for Creative HDA controllers\n (bnc#814440).\n - btrfs: fix hang when failing to submit bio of directIO (bnc#942688).\n - btrfs: fix memory corruption on failure to submit bio for direct IO\n (bnc#942688).\n - btrfs: fix put dio bio twice when we submit dio bio fail (bnc#942688).\n - dm: do not start current request if it would've merged with the previous\n (bsc#904348).\n - dm: impose configurable deadline for dm_request_fn's merge heuristic\n (bsc#904348).\n - dm-snap: avoid deadock on s-&gt;lock when a read is split (bsc#939826).\n - dm sysfs: introduce ability to add writable attributes (bsc#904348).\n - drm/i915: Add bit field to record which pins have received HPD events\n (v3) (bsc#942938).\n - drm/I915: Add enum hpd_pin to intel_encoder (bsc#942938).\n - drm/i915: add hotplug activation period to hotplug update mask\n (bsc#953980).\n - drm/i915: Add HPD IRQ storm detection (v5) (bsc#942938).\n - drm/i915: Add messages useful for HPD storm detection debugging (v2)\n (bsc#942938).\n - drm/i915: Add Reenable Timer to turn Hotplug Detection back on (v4)\n (bsc#942938).\n - drm/i915: assert_spin_locked for pipestat interrupt enable/disable\n (bsc#942938).\n - drm/i915: Avoid race of intel_crt_detect_hotplug() with HPD interrupt\n (bsc#942938).\n - drm/i915: Avoid race of intel_crt_detect_hotplug() with HPD interrupt,\n v2 (bsc#942938).\n - drm/i915: clear crt hotplug compare voltage field before setting\n (bsc#942938).\n - drm/i915: close tiny race in the ilk pcu even interrupt setup\n (bsc#942938).\n - drm/i915: Convert HPD interrupts to make use of HPD pin assignment in\n encoders (v2) (bsc#942938).\n - drm/i915: Disable HPD interrupt on pin when irq storm is detected (v3)\n (bsc#942938).\n - drm/i915: Do not WARN nor handle unexpected hpd interrupts on gmch\n platforms (bsc#942938).\n - drm/i915: Enable hotplug interrupts after querying hw capabilities\n (bsc#942938).\n - drm/i915: Fix DDC probe for passive adapters (bsc#900610, fdo#85924).\n - drm/i915: fix hotplug event bit tracking (bsc#942938).\n - drm/i915: Fix hotplug interrupt enabling for SDVOC (bsc#942938).\n - drm/i915: fix hpd interrupt register locking (bsc#942938).\n - drm/i915: fix hpd work vs. flush_work in the pageflip code deadlock\n (bsc#942938).\n - drm/i915: fix locking around ironlake_enable|disable_display_irq\n (bsc#942938).\n - drm/i915: Fix up sdvo hpd pins for i965g/gm (bsc#942938).\n - drm/i915: fold the hpd_irq_setup call into intel_hpd_irq_handler\n (bsc#942938).\n - drm/i915: fold the no-irq check into intel_hpd_irq_handler (bsc#942938).\n - drm/i915: fold the queue_work into intel_hpd_irq_handler (bsc#942938).\n - drm/i915: Get rid if the "hotplug_supported_mask" in struct\n drm_i915_private (bsc#942938).\n - drm/i915: implement ibx_hpd_irq_setup (bsc#942938).\n - drm/i915: Make hpd arrays big enough to avoid out of bounds access\n (bsc#942938).\n - drm/i915: Mask out the HPD irq bits before setting them individually\n (bsc#942938).\n - drm/i915: Only print hotplug event message when hotplug bit is set\n (bsc#942938).\n - drm/i915: Only reprobe display on encoder which has received an HPD\n event (v2) (bsc#942938).\n - drm/i915: Queue reenable timer also when enable_hotplug_processing is\n false (bsc#942938).\n - drm/i915: (re)init HPD interrupt storm statistics (bsc#942938).\n - drm/i915: Remove i965_hpd_irq_setup (bsc#942938).\n - drm/i915: Remove pch_rq_mask from struct drm_i915_private (bsc#942938).\n - drm/i915: Remove valleyview_hpd_irq_setup (bsc#942938).\n - drm/i915: s/hotplug_irq_storm_detect/intel_hpd_irq_handler/ (bsc#942938).\n - drm/i915: Use an interrupt save spinlock in intel_hpd_irq_handler()\n (bsc#942938).\n - drm/i915: WARN_ONCE() about unexpected interrupts for all chipsets\n (bsc#942938).\n - ehci-pci: enable interrupt on BayTrail (bnc926007).\n - Fixing wording in patch comment (bsc#923002)\n - fix lpfc_send_rscn_event allocation size claims bnc#935757\n - hugetlb: simplify migrate_huge_page() (bnc#947957, VM Functionality).\n - hwpoison, hugetlb: lock_page/unlock_page does not match for handling a\n free hugepage (bnc#947957, VM Functionality).\n - IB/iser: Add Discovery support (bsc#923002).\n - IB/iser: Move informational messages from error to info level\n (bsc#923002).\n - IB/srp: Avoid skipping srp_reset_host() after a transport error\n (bsc#904965).\n - IB/srp: Fix a sporadic crash triggered by cable pulling (bsc#904965).\n - inotify: Fix nested sleeps in inotify_read() (bsc#940925).\n - ipv6: fix tunnel error handling (bsc#952579).\n - ipv6: probe routes asynchronous in rt6_probe (bsc#936118).\n - ipvs: drop first packet to dead server (bsc#946078).\n - ipvs: Fix reuse connection if real server is dead (bnc#945827).\n - kabi: patches.fixes/mm-make-page-pfmemalloc-check-more-robust.patch\n (bnc#920016).\n - KEYS: Fix race between key destruction and finding a keyring by name\n (bsc#951440).\n - ktime: add ktime_after and ktime_before helpe (bsc#904348).\n - libiscsi: Exporting new attrs for iscsi session and connection in sysfs\n (bsc#923002).\n - lib/string.c: introduce memchr_inv() (bnc#930788).\n - macvlan: Support bonding events bsc#948521\n - Make sure XPRT_CONNECTING gets cleared when needed (bsc#946309).\n - memory-failure: do code refactor of soft_offline_page() (bnc#947957, VM\n Functionality).\n - memory-failure: fix an error of mce_bad_pages statistics (bnc#947957, VM\n Functionality).\n - memory-failure: use num_poisoned_pages instead of mce_bad_pages\n (bnc#947957, VM Functionality).\n - memory-hotplug: update mce_bad_pages when removing the memory\n (bnc#947957, VM Functionality).\n - mm: exclude reserved pages from dirtyable memory 32b fix (bnc#940017,\n bnc#949298).\n - mm: make page pfmemalloc check more robust (bnc#920016).\n - mm/memory-failure.c: fix wrong num_poisoned_pages in handling memory\n error on thp (bnc#947957, VM Functionality).\n - mm/memory-failure.c: recheck PageHuge() after hugetlb page migrate\n successfully (bnc#947957, VM Functionality).\n - mm/migrate.c: pair unlock_page() and lock_page() when migrating huge\n pages (bnc#947957, VM Functionality).\n - Modified -rt patches: 344 of 435, useless noise elided.\n - Moved iscsi kabi patch to patches.kabi (bsc#923002)\n - netfilter: nf_conntrack_proto_sctp: minimal multihoming support\n (bsc#932350).\n - PCI: Add dev_flags bit to access VPD through function 0 (bnc#943786).\n - pci: Add flag indicating device has been assigned by KVM (bnc#777565\n FATE#313819).\n - PCI: Add VPD function 0 quirk for Intel Ethernet devices (bnc#943786).\n - PCI: Clear NumVFs when disabling SR-IOV in sriov_init() (bnc#952084).\n - PCI: delay configuration of SRIOV capability (bnc#952084).\n - PCI: Refresh First VF Offset and VF Stride when updating NumVFs\n (bnc#952084).\n - PCI: set pci sriov page size before reading SRIOV BAR (bnc#952084).\n - PCI: Update NumVFs register when disabling SR-IOV (bnc#952084).\n - pktgen: clean up ktime_t helpers (bsc#904348).\n - qla2xxx: do not clear slot in outstanding cmd array (bsc#944993).\n - qla2xxx: Do not reset adapter if SRB handle is in range (bsc#944993).\n - qla2xxx: Remove decrement of sp reference count in abort handler\n (bsc#944993).\n - r8169: remember WOL preferences on driver load (bsc#942305).\n - rcu: Eliminate deadlock between CPU hotplug and expedited grace periods\n (bsc#949706).\n - Refresh patches.xen/1282-usbback-limit-copying.patch (bsc#941202).\n - Rename kabi patch appropriately (bsc#923002)\n - rtc: cmos: Cancel alarm timer if alarm time is equal to now+1 seconds\n (bsc#930145).\n - sched/core: Fix task and run queue sched_info::run_delay inconsistencies\n (bnc#949100).\n - scsi: fix scsi_error_handler vs. scsi_host_dev_release race (bnc#942204).\n - SCSI: hosts: update to use ida_simple for host_no (bsc#939926)\n - SCSI: kabi: allow iscsi disocvery session support (bsc#923002).\n - scsi_transport_iscsi: Exporting new attrs for iscsi session and\n connection in sysfs (bsc#923002).\n - sg: fix read() error reporting (bsc#926774).\n - Update patches.fixes/fanotify-fix-deadlock-during-thread-exit.patch\n (bsc#935053, bsc#926709). Add bug reference.\n - usb: xhci: apply XHCI_AVOID_BEI quirk to all Intel xHCI controllers\n (bnc#944989).\n - USB: xhci: do not start a halted endpoint before its new dequeue is set\n (bnc#933721).\n - usb: xhci: handle Config Error Change (CEC) in xhci driver (bnc#933721).\n - usb: xhci: Prefer endpoint context dequeue pointer over stopped_trb\n (bnc#933721).\n - USB: xhci: Reset a halted endpoint immediately when we encounter a stall\n (bnc#933721).\n - x86: mm: drop TLB flush from ptep_set_access_flags (bsc#948330).\n - x86: mm: only do a local tlb flush in ptep_set_access_flags()\n (bsc#948330).\n - x86/tsc: Change Fast TSC calibration failed from error to info\n (bnc#942605).\n - xfs: add background scanning to clear eofblocks inodes (bnc#930788).\n - xfs: add EOFBLOCKS inode tagging/untagging (bnc#930788).\n - xfs: add inode id filtering to eofblocks scan (bnc#930788).\n - xfs: add minimum file size filtering to eofblocks scan (bnc#930788).\n - xfs: add XFS_IOC_FREE_EOFBLOCKS ioctl (bnc#930788).\n - xfs: create function to scan and clear EOFBLOCKS inodes (bnc#930788).\n - xfs: create helper to check whether to free eofblocks on inode\n (bnc#930788).\n - xfs: Fix lost direct IO write in the last block (bsc#949744).\n - xfs: Fix softlockup in xfs_inode_ag_walk() (bsc#948347).\n - xfs: introduce a common helper xfs_icluster_size_fsb (bsc#932805).\n - xfs: make xfs_free_eofblocks() non-static, return EAGAIN on trylock\n failure (bnc#930788).\n - xfs: support a tag-based inode_ag_iterator (bnc#930788).\n - xfs: support multiple inode id filtering in eofblocks scan (bnc#930788).\n - xfs: use xfs_icluster_size_fsb in xfs_bulkstat (bsc#932805).\n - xfs: use xfs_icluster_size_fsb in xfs_ialloc_inode_init (bsc#932805).\n - xfs: use xfs_icluster_size_fsb in xfs_ifree_cluster (bsc#932805).\n - xfs: use xfs_icluster_size_fsb in xfs_imap (bsc#932805).\n - xhci: Add spurious wakeup quirk for LynxPoint-LP controllers\n (bnc#949981).\n - xhci: Allocate correct amount of scratchpad buffers (bnc#933721).\n - xhci: Calculate old endpoints correctly on device reset (bnc#944831).\n - xhci: change xhci 1.0 only restrictions to support xhci 1.1 (bnc#949502).\n - xhci: Do not enable/disable RWE on bus suspend/resume (bnc#933721).\n - xhci: do not report PLC when link is in internal resume state\n (bnc#933721).\n - xhci: fix isoc endpoint dequeue from advancing too far on transaction\n error (bnc#944837).\n - xhci: fix reporting of 0-sized URBs in control endpoint (bnc#933721).\n - xhci: For streams the css flag most be read from the stream-ctx on ep\n stop (bnc#945691).\n - xhci: report U3 when link is in resume state (bnc#933721).\n - xhci: rework cycle bit checking for new dequeue pointers (bnc#933721).\n - xhci: Solve full event ring by increasing TRBS_PER_SEGMENT to 256\n (bnc#933721).\n - xhci: Treat not finding the event_seg on COMP_STOP the same as\n COMP_STOP_INVAL (bnc#933721).\n - XHCI: use uninterruptible sleep for waiting for internal operations\n (bnc#939955).\n - xhci: Workaround for PME stuck issues in Intel xhci (bnc#933721).\n\n", "modified": "2016-02-05T21:12:31", "published": "2016-02-05T21:12:31", "id": "SUSE-SU-2016:0354-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html", "title": "Security update for the Linux Kernel (important)", "type": "suse", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:33:55", "bulletinFamily": "unix", "description": "The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to receive\n various security and bugfixes.\n\n Following security bugs were fixed:\n - CVE-2015-8104: Prevent guest to host DoS caused by infinite loop in\n microcode via #DB exception (bsc#954404).\n - CVE-2015-5307: Prevent guest to host DoS caused by infinite loop in\n microcode via #AC exception (bsc#953527).\n - CVE-2015-7990: RDS: Verify the underlying transport exists before\n creating a connection, preventing possible DoS (bsc#952384).\n - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel on the\n x86_64 platform mishandled IRET faults in processing NMIs that occurred\n during userspace execution, which might have allowed local users to gain\n privileges by triggering an NMI (bsc#938706).\n - CVE-2015-7872: Possible crash when trying to garbage collect an\n uninstantiated keyring (bsc#951440).\n - CVE-2015-0272: Prevent remote DoS using IPv6 RA with bogus MTU by\n validating before applying it (bsc#944296).\n - CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in\n the Linux kernel allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) or possibly have unspecified other\n impact by using a socket that was not properly bound (bsc#945825).\n - CVE-2015-6252: The vhost_dev_ioctl function in drivers/vhost/vhost.c in\n the Linux kernel allowed local users to cause a denial of service\n (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggered\n permanent file-descriptor allocation (bsc#942367).\n\n The following non-security bugs were fixed:\n - alsa: hda - Disable 64bit address for Creative HDA controllers\n (bsc#814440).\n - btrfs: fix hang when failing to submit bio of directIO (bsc#942688).\n - btrfs: fix memory corruption on failure to submit bio for direct IO\n (bsc#942688).\n - btrfs: fix put dio bio twice when we submit dio bio fail (bsc#942688).\n - dm sysfs: introduce ability to add writable attributes (bsc#904348).\n - dm-snap: avoid deadock on s->lock when a read is split (bsc#939826).\n - dm: do not start current request if it would have merged with the\n previous (bsc#904348).\n - dm: impose configurable deadline for dm_request_fn merge heuristic\n (bsc#904348).\n - drm/i915: (re)init HPD interrupt storm statistics (bsc#942938).\n - drm/i915: Add HPD IRQ storm detection (v5) (bsc#942938).\n - drm/i915: Add Reenable Timer to turn Hotplug Detection back on (v4)\n (bsc#942938).\n - drm/i915: Add bit field to record which pins have received HPD events\n (v3) (bsc#942938).\n - drm/i915: Add enum hpd_pin to intel_encoder (bsc#942938).\n - drm/i915: Add messages useful for HPD storm detection debugging (v2)\n (bsc#942938).\n - drm/i915: Avoid race of intel_crt_detect_hotplug() with HPD interrupt\n (bsc#942938).\n - drm/i915: Convert HPD interrupts to make use of HPD pin assignment in\n encoders (v2) (bsc#942938).\n - drm/i915: Disable HPD interrupt on pin when irq storm is detected (v3)\n (bsc#942938).\n - drm/i915: Do not WARN nor handle unexpected hpd interrupts on gmch\n platforms (bsc#942938).\n - drm/i915: Enable hotplug interrupts after querying hw capabilities\n (bsc#942938).\n - drm/i915: Fix DDC probe for passive adapters (bsc#900610, fdo#85924).\n - drm/i915: Fix hotplug interrupt enabling for SDVOC (bsc#942938).\n - drm/i915: Fix up sdvo hpd pins for i965g/gm (bsc#942938).\n - drm/i915: Get rid if the "^A" in struct drm_i915_private (bsc#942938).\n - drm/i915: Make hpd arrays big enough to avoid out of bounds access\n (bsc#942938).\n - drm/i915: Mask out the HPD irq bits before setting them individually\n (bsc#942938).\n - drm/i915: Only print hotplug event message when hotplug bit is set\n (bsc#942938).\n - drm/i915: Only reprobe display on encoder which has received an HPD\n event (v2) (bsc#942938).\n - drm/i915: Queue reenable timer also when enable_hotplug_processing is\n false (bsc#942938).\n - drm/i915: Remove i965_hpd_irq_setup (bsc#942938).\n - drm/i915: Remove pch_rq_mask from struct drm_i915_private (bsc#942938).\n - drm/i915: Remove valleyview_hpd_irq_setup (bsc#942938).\n - drm/i915: Use an interrupt save spinlock in intel_hpd_irq_handler()\n (bsc#942938).\n - drm/i915: WARN_ONCE() about unexpected interrupts for all chipsets\n (bsc#942938).\n - drm/i915: add hotplug activation period to hotplug update mask\n (bsc#953980).\n - drm/i915: assert_spin_locked for pipestat interrupt enable/disable\n (bsc#942938).\n - drm/i915: clear crt hotplug compare voltage field before setting\n (bsc#942938).\n - drm/i915: close tiny race in the ilk pcu even interrupt setup\n (bsc#942938).\n - drm/i915: fix hotplug event bit tracking (bsc#942938).\n - drm/i915: fix hpd interrupt register locking (bsc#942938).\n - drm/i915: fix hpd work vs. flush_work in the pageflip code deadlock\n (bsc#942938).\n - drm/i915: fix locking around ironlake_enable|disable_display_irq\n (bsc#942938).\n - drm/i915: fold the hpd_irq_setup call into intel_hpd_irq_handler\n (bsc#942938).\n - drm/i915: fold the no-irq check into intel_hpd_irq_handler (bsc#942938).\n - drm/i915: fold the queue_work into intel_hpd_irq_handler (bsc#942938).\n - drm/i915: implement ibx_hpd_irq_setup (bsc#942938).\n - drm/i915: s/hotplug_irq_storm_detect/intel_hpd_irq_handler/ (bsc#942938).\n - ehci-pci: enable interrupt on BayTrail (bnc926007).\n - fix lpfc_send_rscn_event allocation size claims bsc#935757\n - hugetlb: simplify migrate_huge_page() (bsc#947957, VM Functionality).\n - hwpoison, hugetlb: lock_page/unlock_page does not match for handling a\n free hugepage (bsc#947957).\n - ib/iser: Add Discovery support (bsc#923002).\n - ib/iser: Move informational messages from error to info level\n (bsc#923002).\n - ib/srp: Avoid skipping srp_reset_host() after a transport error\n (bsc#904965).\n - ib/srp: Fix a sporadic crash triggered by cable pulling (bsc#904965).\n - inotify: Fix nested sleeps in inotify_read() (bsc#940925).\n - ipv6: fix tunnel error handling (bsc#952579).\n - ipv6: probe routes asynchronous in rt6_probe (bsc#936118).\n - ipvs: Fix reuse connection if real server is dead (bsc#945827).\n - ipvs: drop first packet to dead server (bsc#946078).\n - keys: Fix race between key destruction and finding a keyring by name\n (bsc#951440).\n - ktime: add ktime_after and ktime_before helpe (bsc#904348).\n - lib/string.c: introduce memchr_inv() (bsc#930788).\n - libiscsi: Exporting new attrs for iscsi session and connection in sysfs\n (bsc#923002).\n - macvlan: Support bonding events bsc#948521\n - make sure XPRT_CONNECTING gets cleared when needed (bsc#946309).\n - memory-failure: do code refactor of soft_offline_page() (bsc#947957).\n - memory-failure: fix an error of mce_bad_pages statistics (bsc#947957).\n - memory-failure: use num_poisoned_pages instead of mce_bad_pages\n (bsc#947957).\n - memory-hotplug: update mce_bad_pages when removing the memory\n (bsc#947957).\n - mm/memory-failure.c: fix wrong num_poisoned_pages in handling memory\n error on thp (bsc#947957).\n - mm/memory-failure.c: recheck PageHuge() after hugetlb page migrate\n successfully (bsc#947957).\n - mm/migrate.c: pair unlock_page() and lock_page() when migrating huge\n pages (bsc#947957).\n - mm: exclude reserved pages from dirtyable memory 32b fix (bsc#940017,\n bsc#949298).\n - mm: make page pfmemalloc check more robust (bsc#920016).\n - netfilter: nf_conntrack_proto_sctp: minimal multihoming support\n (bsc#932350).\n - pci: Add VPD function 0 quirk for Intel Ethernet devices (bsc#943786).\n - pci: Add dev_flags bit to access VPD through function 0 (bsc#943786).\n - pci: Add flag indicating device has been assigned by KVM (bsc#777565).\n - pci: Clear NumVFs when disabling SR-IOV in sriov_init() (bsc#952084).\n - pci: Refresh First VF Offset and VF Stride when updating NumVFs\n (bsc#952084).\n - pci: Update NumVFs register when disabling SR-IOV (bsc#952084).\n - pci: delay configuration of SRIOV capability (bsc#952084).\n - pci: set pci sriov page size before reading SRIOV BAR (bsc#952084).\n - pktgen: clean up ktime_t helpers (bsc#904348).\n - qla2xxx: Do not reset adapter if SRB handle is in range (bsc#944993).\n - qla2xxx: Remove decrement of sp reference count in abort handler\n (bsc#944993).\n - qla2xxx: do not clear slot in outstanding cmd array (bsc#944993).\n - r8169: remember WOL preferences on driver load (bsc#942305).\n - rcu: Eliminate deadlock between CPU hotplug and expedited grace periods\n (bsc#949706).\n - rtc: cmos: Cancel alarm timer if alarm time is equal to now+1 seconds\n (bsc#930145).\n - sched/core: Fix task and run queue sched_info::run_delay inconsistencies\n (bsc#949100).\n - scsi: fix scsi_error_handler vs. scsi_host_dev_release race (bsc#942204).\n - scsi: hosts: update to use ida_simple for host_no (bsc#939926)\n - scsi: kabi: allow iscsi disocvery session support (bsc#923002).\n - scsi_transport_iscsi: Exporting new attrs for iscsi session and\n connection in sysfs (bsc#923002).\n - sg: fix read() error reporting (bsc#926774).\n - usb: xhci: Prefer endpoint context dequeue pointer over stopped_trb\n (bsc#933721).\n - usb: xhci: Reset a halted endpoint immediately when we encounter a stall\n (bsc#933721).\n - usb: xhci: apply XHCI_AVOID_BEI quirk to all Intel xHCI controllers\n (bsc#944989).\n - usb: xhci: do not start a halted endpoint before its new dequeue is set\n (bsc#933721).\n - usb: xhci: handle Config Error Change (CEC) in xhci driver (bsc#933721).\n - x86/tsc: Change Fast TSC calibration failed from error to info\n (bsc#942605).\n - x86: mm: drop TLB flush from ptep_set_access_flags (bsc#948330).\n - x86: mm: only do a local tlb flush in ptep_set_access_flags()\n (bsc#948330).\n - xfs: Fix lost direct IO write in the last block (bsc#949744).\n - xfs: Fix softlockup in xfs_inode_ag_walk() (bsc#948347).\n - xfs: add EOFBLOCKS inode tagging/untagging (bsc#930788).\n - xfs: add XFS_IOC_FREE_EOFBLOCKS ioctl (bsc#930788).\n - xfs: add background scanning to clear eofblocks inodes (bsc#930788).\n - xfs: add inode id filtering to eofblocks scan (bsc#930788).\n - xfs: add minimum file size filtering to eofblocks scan (bsc#930788).\n - xfs: create function to scan and clear EOFBLOCKS inodes (bsc#930788).\n - xfs: create helper to check whether to free eofblocks on inode\n (bsc#930788).\n - xfs: introduce a common helper xfs_icluster_size_fsb (bsc#932805).\n - xfs: make xfs_free_eofblocks() non-static, return EAGAIN on trylock\n failure (bsc#930788).\n - xfs: support a tag-based inode_ag_iterator (bsc#930788).\n - xfs: support multiple inode id filtering in eofblocks scan (bsc#930788).\n - xfs: use xfs_icluster_size_fsb in xfs_bulkstat (bsc#932805).\n - xfs: use xfs_icluster_size_fsb in xfs_ialloc_inode_init (bsc#932805).\n - xfs: use xfs_icluster_size_fsb in xfs_ifree_cluster (bsc#932805).\n - xfs: use xfs_icluster_size_fsb in xfs_imap (bsc#932805).\n - xhci: Add spurious wakeup quirk for LynxPoint-LP controllers\n (bsc#949981).\n - xhci: Allocate correct amount of scratchpad buffers (bsc#933721).\n - xhci: Calculate old endpoints correctly on device reset (bsc#944831).\n - xhci: Do not enable/disable RWE on bus suspend/resume (bsc#933721).\n - xhci: For streams the css flag most be read from the stream-ctx on ep\n stop (bsc#945691).\n - xhci: Solve full event ring by increasing TRBS_PER_SEGMENT to 256\n (bsc#933721).\n - xhci: Treat not finding the event_seg on COMP_STOP the same as\n COMP_STOP_INVAL (bsc#933721).\n - xhci: Workaround for PME stuck issues in Intel xhci (bsc#933721).\n - xhci: change xhci 1.0 only restrictions to support xhci 1.1 (bsc#949502).\n - xhci: do not report PLC when link is in internal resume state\n (bsc#933721).\n - xhci: fix isoc endpoint dequeue from advancing too far on transaction\n error (bsc#944837).\n - xhci: fix reporting of 0-sized URBs in control endpoint (bsc#933721).\n - xhci: report U3 when link is in resume state (bsc#933721).\n - xhci: rework cycle bit checking for new dequeue pointers (bsc#933721).\n - xhci: use uninterruptible sleep for waiting for internal operations\n (bsc#939955).\n\n", "modified": "2015-11-26T13:10:56", "published": "2015-11-26T13:10:56", "id": "SUSE-SU-2015:2108-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html", "type": "suse", "title": "Security update for the Linux Kernel (important)", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:40:04", "bulletinFamily": "unix", "description": "The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various\n security and bugfixes.\n\n Following security bugs were fixed:\n - CVE-2015-7509: Mounting ext4 filesystems in no-journal mode could hav\n lead to a system crash (bsc#956709).\n - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the\n Linux kernel did not ensure that certain slot numbers are valid, which\n allowed local users to cause a denial of service (NULL pointer\n dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call\n (bnc#949936).\n - CVE-2015-8104: The KVM subsystem in the Linux kernel allowed guest OS\n users to cause a denial of service (host OS panic or hang) by triggering\n many #DB (aka Debug) exceptions, related to svm.c (bnc#954404).\n - CVE-2015-5307: The KVM subsystem in the Linux kernel allowed guest OS\n users to cause a denial of service (host OS panic or hang) by triggering\n many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c\n (bnc#953527).\n - CVE-2015-7990: RDS: There was no verification that an underlying\n transport exists when creating a connection, causing usage of a NULL\n pointer (bsc#952384).\n - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel on the\n x86_64 platform mishandled IRET faults in processing NMIs that occurred\n during userspace execution, which might have allowed local users to gain\n privileges by triggering an NMI (bnc#938706).\n - CVE-2015-7872: The key_gc_unused_keys function in security/keys/gc.c in\n the Linux kernel allowed local users to cause a denial of service (OOPS)\n via crafted keyctl commands (bnc#951440).\n - CVE-2015-0272: Missing checks allowed remote attackers to cause a denial\n of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6\n Router Advertisement (RA) message, a different vulnerability than\n CVE-2015-8215 (bnc#944296).\n - CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in\n the Linux kernel allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) or possibly have unspecified other\n impact by using a socket that was not properly bound (bnc#945825).\n\n The following non-security bugs were fixed:\n - ALSA: hda - Disable 64bit address for Creative HDA controllers\n (bnc#814440).\n - Driver: Vmxnet3: Fix ethtool -S to return correct rx queue stats\n (bsc#950750).\n - Drivers: hv: do not do hypercalls when hypercall_page is NULL.\n - Drivers: hv: kvp: move poll_channel() to hyperv_vmbus.h.\n - Drivers: hv: util: move kvp/vss function declarations to hyperv_vmbus.h.\n - Drivers: hv: vmbus: Get rid of some unused definitions.\n - Drivers: hv: vmbus: Implement the protocol for tearing down vmbus state.\n - Drivers: hv: vmbus: add special crash handler (bnc#930770).\n - Drivers: hv: vmbus: add special kexec handler.\n - Drivers: hv: vmbus: kill tasklets on module unload.\n - Drivers: hv: vmbus: prefer "^A" notification chain to 'panic'.\n - Drivers: hv: vmbus: remove hv_synic_free_cpu() call from\n hv_synic_cleanup().\n - Drivers: hv: vmbus: unregister panic notifier on module unload.\n - IB/srp: Avoid skipping srp_reset_host() after a transport error\n (bsc#904965).\n - IB/srp: Fix a sporadic crash triggered by cable pulling (bsc#904965).\n - KEYS: Fix race between key destruction and finding a keyring by name\n (bsc#951440).\n - Make sure XPRT_CONNECTING gets cleared when needed (bsc#946309).\n - NFSv4: Fix two infinite loops in the mount code (bsc#954628).\n - PCI: Add VPD function 0 quirk for Intel Ethernet devices (bnc#943786).\n - PCI: Add dev_flags bit to access VPD through function 0 (bnc#943786).\n - PCI: Clear NumVFs when disabling SR-IOV in sriov_init() (bnc#952084).\n - PCI: Refresh First VF Offset and VF Stride when updating NumVFs\n (bnc#952084).\n - PCI: Update NumVFs register when disabling SR-IOV (bnc#952084).\n - PCI: delay configuration of SRIOV capability (bnc#952084).\n - PCI: set pci sriov page size before reading SRIOV BAR (bnc#952084).\n - SCSI: hosts: update to use ida_simple for host_no (bsc#939926)\n - SUNRPC refactor rpcauth_checkverf error returns (bsc#955673).\n - af_iucv: avoid path quiesce of severed path in shutdown() (bnc#946214).\n - ahci: Add Device ID for Intel Sunrise Point PCH (bsc#953799).\n - blktap: also call blkif_disconnect() when frontend switched to closed\n (bsc#952976).\n - blktap: refine mm tracking (bsc#952976).\n - cachefiles: Avoid deadlocks with fs freezing (bsc#935123).\n - dm sysfs: introduce ability to add writable attributes (bsc#904348).\n - dm-snap: avoid deadock on s->lock when a read is split (bsc#939826).\n - dm: do not start current request if it would've merged with the previous\n (bsc#904348).\n - dm: impose configurable deadline for dm_request_fn's merge heuristic\n (bsc#904348).\n - drm/i915: Avoid race of intel_crt_detect_hotplug() with HPD interrupt,\n v2 (bsc#942938).\n - drm/i915: Fix DDC probe for passive adapters (bsc#900610, fdo#85924).\n - drm/i915: add hotplug activation period to hotplug update mask\n (bsc#953980).\n - fix lpfc_send_rscn_event allocation size claims bnc#935757\n - fs: Avoid deadlocks of fsync_bdev() and fs freezing (bsc#935123).\n - fs: Fix deadlocks between sync and fs freezing (bsc#935123).\n - hugetlb: simplify migrate_huge_page() (bnc#947957).\n - hwpoison, hugetlb: lock_page/unlock_page does not match for handling a\n free hugepage (bnc#947957,).\n - ipr: Fix incorrect trace indexing (bsc#940913).\n - ipr: Fix invalid array indexing for HRRQ (bsc#940913).\n - ipv6: fix tunnel error handling (bsc#952579).\n - ipvs: Fix reuse connection if real server is dead (bnc#945827).\n - ipvs: drop first packet to dead server (bsc#946078).\n - kernel: correct uc_sigmask of the compat signal frame (bnc#946214).\n - kernel: fix incorrect use of DIAG44 in continue_trylock_relax()\n (bnc#946214).\n - kexec: Fix race between panic() and crash_kexec() called directly\n (bnc#937444).\n - ktime: add ktime_after and ktime_before helpe (bsc#904348).\n - lib/string.c: introduce memchr_inv() (bnc#930788).\n - lpfc: Fix cq_id masking problem (bsc#944677).\n - macvlan: Support bonding events bsc#948521\n - memory-failure: do code refactor of soft_offline_page() (bnc#947957).\n - memory-failure: fix an error of mce_bad_pages statistics (bnc#947957).\n - memory-failure: use num_poisoned_pages instead of mce_bad_pages\n (bnc#947957).\n - memory-hotplug: update mce_bad_pages when removing the memory\n (bnc#947957).\n - mm/memory-failure.c: fix wrong num_poisoned_pages in handling memory\n error on thp (bnc#947957).\n - mm/memory-failure.c: recheck PageHuge() after hugetlb page migrate\n successfully (bnc#947957).\n - mm/migrate.c: pair unlock_page() and lock_page() when migrating huge\n pages (bnc#947957).\n - mm: exclude reserved pages from dirtyable memory 32b fix (bnc#940017,\n bnc#949298).\n - mm: fix GFP_THISNODE callers and clarify (bsc#954950).\n - mm: remove GFP_THISNODE (bsc#954950).\n - mm: sl[au]b: add knowledge of PFMEMALLOC reserve pages (Swap over NFS).\n - net/core: Add VF link state control policy (bsc#950298).\n - netfilter: xt_recent: fix namespace destroy path (bsc#879378).\n - panic/x86: Allow cpus to save registers even if they (bnc#940946).\n - panic/x86: Fix re-entrance problem due to panic on (bnc#937444).\n - pktgen: clean up ktime_t helpers (bsc#904348).\n - qla2xxx: Do not reset adapter if SRB handle is in range (bsc#944993).\n - qla2xxx: Remove decrement of sp reference count in abort handler\n (bsc#944993).\n - qla2xxx: Remove unavailable firmware files (bsc#921081).\n - qla2xxx: do not clear slot in outstanding cmd array (bsc#944993).\n - qlge: Fix qlge_update_hw_vlan_features to handle if interface is down\n (bsc#930835).\n - quota: Fix deadlock with suspend and quotas (bsc#935123).\n - rcu: Eliminate deadlock between CPU hotplug and expedited grace periods\n (bsc#949706).\n - rtc: cmos: Cancel alarm timer if alarm time is equal to now+1 seconds\n (bsc#930145).\n - rtnetlink: Fix VF IFLA policy (bsc#950298).\n - rtnetlink: fix VF info size (bsc#950298).\n - s390/dasd: fix disconnected device with valid path mask (bnc#946214).\n - s390/dasd: fix invalid PAV assignment after suspend/resume (bnc#946214).\n - s390/dasd: fix list_del corruption after lcu changes (bnc#954984).\n - s390/pci: handle events for unused functions (bnc#946214).\n - s390/pci: improve handling of hotplug event 0x301 (bnc#946214).\n - s390/pci: improve state check when processing hotplug events\n (bnc#946214).\n - sched/core: Fix task and run queue sched_info::run_delay inconsistencies\n (bnc#949100).\n - sg: fix read() error reporting (bsc#926774).\n - usb: xhci: apply XHCI_AVOID_BEI quirk to all Intel xHCI controllers\n (bnc#944989).\n - usbback: correct copy length for partial transfers (bsc#941202).\n - usbvision fix overflow of interfaces array (bnc#950998).\n - veth: extend device features (bsc#879381).\n - vfs: Provide function to get superblock and wait for it to thaw\n (bsc#935123).\n - vmxnet3: adjust ring sizes when interface is down (bsc#950750).\n - vmxnet3: fix ethtool ring buffer size setting (bsc#950750).\n - writeback: Skip writeback for frozen filesystem (bsc#935123).\n - x86, pageattr: Prevent overflow in slow_virt_to_phys() for X86_PAE\n (bnc#937256).\n - x86/evtchn: make use of PHYSDEVOP_map_pirq.\n - x86: mm: drop TLB flush from ptep_set_access_flags (bsc#948330).\n - x86: mm: only do a local tlb flush in ptep_set_access_flags()\n (bsc#948330).\n - xen: x86, pageattr: Prevent overflow in slow_virt_to_phys() for X86_PAE\n (bnc#937256).\n - xfs: Fix lost direct IO write in the last block (bsc#949744).\n - xfs: Fix softlockup in xfs_inode_ag_walk() (bsc#948347).\n - xfs: add EOFBLOCKS inode tagging/untagging (bnc#930788).\n - xfs: add XFS_IOC_FREE_EOFBLOCKS ioctl (bnc#930788).\n - xfs: add background scanning to clear eofblocks inodes (bnc#930788).\n - xfs: add inode id filtering to eofblocks scan (bnc#930788).\n - xfs: add minimum file size filtering to eofblocks scan (bnc#930788).\n - xfs: create function to scan and clear EOFBLOCKS inodes (bnc#930788).\n - xfs: create helper to check whether to free eofblocks on inode\n (bnc#930788).\n - xfs: introduce a common helper xfs_icluster_size_fsb (bsc#932805).\n - xfs: make xfs_free_eofblocks() non-static, return EAGAIN on trylock\n failure (bnc#930788).\n - xfs: support a tag-based inode_ag_iterator (bnc#930788).\n - xfs: support multiple inode id filtering in eofblocks scan (bnc#930788).\n - xfs: use xfs_icluster_size_fsb in xfs_bulkstat (bsc#932805).\n - xfs: use xfs_icluster_size_fsb in xfs_ialloc_inode_init (bsc#932805).\n - xfs: use xfs_icluster_size_fsb in xfs_ifree_cluster (bsc#932805).\n - xfs: use xfs_icluster_size_fsb in xfs_imap (bsc#932805).\n - xhci: Add spurious wakeup quirk for LynxPoint-LP controllers\n (bnc#949981).\n - xhci: Calculate old endpoints correctly on device reset (bnc#944831).\n - xhci: For streams the css flag most be read from the stream-ctx on ep\n stop (bnc#945691).\n - xhci: change xhci 1.0 only restrictions to support xhci 1.1 (bnc#949502).\n - xhci: fix isoc endpoint dequeue from advancing too far on transaction\n error (bnc#944837).\n - xhci: silence TD warning (bnc#939955).\n - xhci: use uninterruptible sleep for waiting for internal operations\n (bnc#939955).\n\n", "modified": "2015-12-22T16:11:01", "published": "2015-12-22T16:11:01", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html", "id": "SUSE-SU-2015:2339-1", "title": "Security update for the Linux Kernel (important)", "type": "suse", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:46:49", "bulletinFamily": "unix", "description": "The SUSE Linux Enterprise 11 SP4 Realtime kernel was updated to receive\n various security and bugfixes.\n\n Following security bugs were fixed:\n - CVE-2015-7509: Mounting a prepared ext2 filesystem as ext4 could lead to\n a local denial of service (crash) (bsc#956709).\n - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the\n Linux kernel did not ensure that certain slot numbers are valid, which\n allowed local users to cause a denial of service (NULL pointer\n dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call\n (bnc#949936).\n - CVE-2015-8104: The KVM subsystem in the Linux kernel allowed guest OS\n users to cause a denial of service (host OS panic or hang) by triggering\n many #DB (aka Debug) exceptions, related to svm.c (bnc#954404).\n - CVE-2015-5307: The KVM subsystem in the Linux kernel allowed guest OS\n users to cause a denial of service (host OS panic or hang) by triggering\n many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c\n (bnc#953527).\n - CVE-2015-7990: RDS: Verify the underlying transport exists before\n creating a connection, preventing possible DoS (bsc#952384).\n - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel on the\n x86_64 platform mishandled IRET faults in processing NMIs that\n occurred during userspace execution, which might allow local users to\n gain privileges by triggering an NMI (bnc#937969 937970 938706 939207).\n - CVE-2015-7872: The key_gc_unused_keys function in security/keys/gc.c in\n the Linux kernel allowed local users to cause a denial of service (OOPS)\n via crafted keyctl commands (bnc#951440).\n - CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel\n did not validate attempted changes to the MTU value, which allowed\n context-dependent attackers to cause a denial of service (packet loss)\n via a value that is (1) smaller than the minimum compliant value or (2)\n larger than the MTU of an interface, as demonstrated by a Router\n Advertisement (RA) message that is not validated by a daemon, a\n different vulnerability than CVE-2015-0272. NOTE: the scope of\n CVE-2015-0272 is limited to the NetworkManager product. (bnc#955354).\n - CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in\n the Linux kernel allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) or possibly have unspecified\n other impact by using a socket that was not properly bound (bnc#945825).\n\n The following non-security bugs were fixed:\n - af_xhci: avoid path quiesce of severed path in shutdown() (bnc#946214,\n LTC#131684).\n - ahci: Add Device ID for Intel Sunrise Point PCH (bsc#953799).\n - alsa: hda - Disable 64bit address for Creative HDA controllers\n (bnc#814440).\n - blktap: also call blkif_disconnect() when frontend switched to closed\n (bsc#952976).\n - blktap: refine mm tracking (bsc#952976).\n - cachefiles: Avoid deadlocks with fs freezing (bsc#935123).\n - dm: do not start current request if it would've merged with the previous\n (bsc#904348).\n - dm: impose configurable deadline for dm_request_fn's merge heuristic\n (bsc#904348).\n - dm-snap: avoid deadock on s-&gt;lock when a read is split (bsc#939826).\n - dm sysfs: introduce ability to add writable attributes (bsc#904348).\n - drivers: hv: do not do hypercalls when hypercall_page is NULL.\n - drivers: hv: kvp: move poll_channel() to hyperv_vmbus.h.\n - drivers: hv: util: move kvp/vss function declarations to hyperv_vmbus.h.\n - drivers: hv: vmbus: add special crash handler (bnc#930770).\n - drivers: hv: vmbus: add special kexec handler.\n - drivers: hv: vmbus: Get rid of some unused definitions.\n - drivers: hv: vmbus: Implement the protocol for tearing down vmbus state.\n - drivers: hv: vmbus: kill tasklets on module unload.\n - drivers: hv: vmbus: prefer "die" notification chain to 'panic'.\n - drivers: hv: vmbus: remove hv_synic_free_cpu() call from\n hv_synic_cleanup().\n - drivers: hv: vmbus: unregister panic notifier on module unload.\n - driver: Vmxnet3: Fix ethtool -S to return correct rx queue stats\n (bsc#950750).\n - drm/i915: add hotplug activation period to hotplug update mask\n (bsc#953980).\n - drm/i915: Avoid race of intel_crt_detect_hotplug() with HPD interrupt,\n v2 (bsc#942938).\n - drm/i915: Fix DDC probe for passive adapters (bsc#900610, fdo#85924).\n - fix lpfc_send_rscn_event allocation size claims bnc#935757\n - fs: Avoid deadlocks of fsync_bdev() and fs freezing (bsc#935123).\n - fs: Fix deadlocks between sync and fs freezing (bsc#935123).\n - hugetlb: simplify migrate_huge_page() (bnc#947957, VM Functionality).\n - hwpoison, hugetlb: lock_page/unlock_page does not match for handling a\n free hugepage (bnc#947957, VM Functionality).\n - IB/srp: Avoid skipping srp_reset_host() after a transport error\n (bsc#904965).\n - IB/srp: Fix a sporadic crash triggered by cable pulling (bsc#904965).\n - Import SP4-RT GA kabi files\n - ipr: Fix incorrect trace indexing (bsc#940913).\n - ipr: Fix invalid array indexing for HRRQ (bsc#940913).\n - ipv6: fix tunnel error handling (bsc#952579).\n - ipvs: drop first packet to dead server (bsc#946078).\n - ipvs: Fix reuse connection if real server is dead (bnc#945827).\n - kernel: correct uc_sigmask of the compat signal frame (bnc#946214,\n LTC#130124).\n - kernel: fix incorrect use of DIAG44 in continue_trylock_relax()\n (bnc#946214, LTC#132100).\n - kexec: Fix race between panic() and crash_kexec() called directly\n (bnc#937444).\n - keys: Fix race between key destruction and finding a keyring by name\n (bsc#951440).\n - ktime: add ktime_after and ktime_before helpe (bsc#904348).\n - lib/string.c: introduce memchr_inv() (bnc#930788).\n - lpfc: Fix cq_id masking problem (bsc#944677).\n - macvlan: Support bonding events bsc#948521\n - Make sure XPRT_CONNECTING gets cleared when needed (bsc#946309).\n - memory-failure: do code refactor of soft_offline_page() (bnc#947957, VM\n Functionality).\n - memory-failure: fix an error of mce_bad_pages statistics (bnc#947957, VM\n Functionality).\n - memory-failure: use num_poisoned_pages instead of mce_bad_pages\n (bnc#947957, VM Functionality).\n - memory-hotplug: update mce_bad_pages when removing the memory\n (bnc#947957, VM Functionality).\n - mm: exclude reserved pages from dirtyable memory 32b fix (bnc#940017,\n bnc#949298).\n - mm: fix GFP_THISNODE callers and clarify (bsc#954950, VM Functionality).\n - mm/memory-failure.c: fix wrong num_poisoned_pages in handling memory\n error on thp (bnc#947957, VM Functionality).\n - mm/memory-failure.c: recheck PageHuge() after hugetlb page migrate\n successfully (bnc#947957, VM Functionality).\n - mm/migrate.c: pair unlock_page() and lock_page() when migrating huge\n pages (bnc#947957, VM Functionality).\n - mm: remove GFP_THISNODE (bsc#954950, VM Functionality).\n - mm: sl[au]b: add knowledge of PFMEMALLOC reserve pages (Swap over NFS\n (fate#304949)).\n - Modified -rt patches: 343 of 434, noise elided.\n - net/core: Add VF link state control policy (bsc#950298).\n - netfilter: xt_recent: fix namespace destroy path (bsc#879378).\n - NFSv4: Fix two infinite loops in the mount code (bsc#954628).\n - panic/x86: Allow cpus to save registers even if they (bnc#940946).\n - panic/x86: Fix re-entrance problem due to panic on (bnc#937444).\n - pci: Add dev_flags bit to access VPD through function 0 (bnc#943786).\n - pci: Add VPD function 0 quirk for Intel Ethernet devices (bnc#943786).\n - pci: Clear NumVFs when disabling SR-IOV in sriov_init() (bnc#952084).\n - pci: delay configuration of SRIOV capability (bnc#952084).\n - pci: Refresh First VF Offset and VF Stride when updating NumVFs\n (bnc#952084).\n - pci: set pci sriov page size before reading SRIOV BAR (bnc#952084).\n - pci: Update NumVFs register when disabling SR-IOV (bnc#952084).\n - pktgen: clean up ktime_t helpers (bsc#904348).\n - qla2xxx: do not clear slot in outstanding cmd array (bsc#944993).\n - qla2xxx: Do not reset adapter if SRB handle is in range (bsc#944993).\n - qla2xxx: Remove decrement of sp reference count in abort handler\n (bsc#944993).\n - qla2xxx: Remove unavailable firmware files (bsc#921081).\n - qlge: Fix qlge_update_hw_vlan_features to handle if interface is down\n (bsc#930835).\n - quota: Fix deadlock with suspend and quotas (bsc#935123).\n - rcu: Eliminate deadlock between CPU hotplug and expedited grace periods\n (bsc#949706).\n - Refresh patches.xen/1282-usbback-limit-copying.patch (bsc#941202).\n - rtc: cmos: Cancel alarm timer if alarm time is equal to now+1 seconds\n (bsc#930145).\n - rtnetlink: Fix VF IFLA policy (bsc#950298).\n - rtnetlink: fix VF info size (bsc#950298).\n - s390/dasd: fix disconnected device with valid path mask (bnc#946214,\n LTC#132707).\n - s390/dasd: fix invalid PAV assignment after suspend/resume (bnc#946214,\n LTC#132706).\n - s390/dasd: fix list_del corruption after lcu changes (bnc#954984,\n LTC#133077).\n - s390/pci: handle events for unused functions (bnc#946214, LTC#130628).\n - s390/pci: improve handling of hotplug event 0x301 (bnc#946214,\n LTC#130628).\n - s390/pci: improve state check when processing hotplug events\n (bnc#946214, LTC#130628).\n - sched/core: Fix task and run queue sched_info::run_delay inconsistencies\n (bnc#949100).\n - scsi: hosts: update to use ida_simple for host_no (bsc#939926)\n - sg: fix read() error reporting (bsc#926774).\n - sunrpc: refactor rpcauth_checkverf error returns (bsc#955673).\n - Update patches.fixes/fanotify-fix-deadlock-during-thread-exit.patch\n (bsc#935053, bsc#926709). Add bug reference.\n - usbback: correct copy length for partial transfers (bsc#941202).\n - usbvision fix overflow of interfaces array (bnc#950998).\n - usb: xhci: apply XHCI_AVOID_BEI quirk to all Intel xHCI controllers\n (bnc#944989).\n - veth: extend device features (bsc#879381).\n - vfs: Provide function to get superblock and wait for it to thaw\n (bsc#935123).\n - vmxnet3: adjust ring sizes when interface is down (bsc#950750).\n - vmxnet3: fix ethtool ring buffer size setting (bsc#950750).\n - writeback: Skip writeback for frozen filesystem (bsc#935123).\n - x86/evtchn: make use of PHYSDEVOP_map_pirq.\n - x86: mm: drop TLB flush from ptep_set_access_flags (bsc#948330).\n - x86: mm: only do a local tlb flush in ptep_set_access_flags()\n (bsc#948330).\n - x86, pageattr: Prevent overflow in slow_virt_to_phys() for X86_PAE\n (fate#317533, bnc#937256).\n - xen: x86, pageattr: Prevent overflow in slow_virt_to_phys() for X86_PAE\n (fate#317533, bnc#937256).\n - xfs: add background scanning to clear eofblocks inodes (bnc#930788).\n - xfs: add EOFBLOCKS inode tagging/untagging (bnc#930788).\n - xfs: add inode id filtering to eofblocks scan (bnc#930788).\n - xfs: add minimum file size filtering to eofblocks scan (bnc#930788).\n - xfs: add XFS_IOC_FREE_EOFBLOCKS ioctl (bnc#930788).\n - xfs: create function to scan and clear EOFBLOCKS inodes (bnc#930788).\n - xfs: create helper to check whether to free eofblocks on inode\n (bnc#930788).\n - xfs: Fix lost direct IO write in the last block (bsc#949744).\n - xfs: Fix softlockup in xfs_inode_ag_walk() (bsc#948347).\n - xfs: introduce a common helper xfs_icluster_size_fsb (bsc#932805).\n - xfs: make xfs_free_eofblocks() non-static, return EAGAIN on trylock\n failure (bnc#930788).\n - xfs: support a tag-based inode_ag_iterator (bnc#930788).\n - xfs: support multiple inode id filtering in eofblocks scan (bnc#930788).\n - xfs: use xfs_icluster_size_fsb in xfs_bulkstat (bsc#932805).\n - xfs: use xfs_icluster_size_fsb in xfs_ialloc_inode_init (bsc#932805).\n - xfs: use xfs_icluster_size_fsb in xfs_ifree_cluster (bsc#932805).\n - xfs: use xfs_icluster_size_fsb in xfs_imap (bsc#932805).\n - xhci: Add spurious wakeup quirk for LynxPoint-LP controllers\n (bnc#949981).\n - xhci: Calculate old endpoints correctly on device reset (bnc#944831).\n - xhci: change xhci 1.0 only restrictions to support xhci 1.1 (bnc#949502).\n - xhci: fix isoc endpoint dequeue from advancing too far on transaction\n error (bnc#944837).\n - xhci: For streams the css flag most be read from the stream-ctx on ep\n stop (bnc#945691).\n - xhci: silence TD warning (bnc#939955).\n - xhci: use uninterruptible sleep for waiting for internal operations\n (bnc#939955).\n\n", "modified": "2015-12-23T18:10:37", "published": "2015-12-23T18:10:37", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html", "id": "SUSE-SU-2015:2350-1", "title": "Security update for the Linux Kernel (important)", "type": "suse", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:08:02", "bulletinFamily": "unix", "description": "The openSUSE 13.2 kernel was updated to receive various security and\n bugfixes.\n\n Following security bugs were fixed:\n - CVE-2016-0728: A reference leak in keyring handling with\n join_session_keyring() could lead to local attackers gain root\n privileges. (bsc#962075).\n - CVE-2015-7550: A local user could have triggered a race between read and\n revoke in keyctl (bnc#958951).\n - CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in\n drivers/net/ppp/pptp.c in the Linux kernel did not verify an address\n length, which allowed local users to obtain sensitive information from\n kernel memory and bypass the KASLR protection mechanism via a crafted\n application (bnc#959190).\n - CVE-2015-8543: The networking implementation in the Linux kernel did not\n validate protocol identifiers for certain protocol families, which\n allowed local users to cause a denial of service (NULL function pointer\n dereference and system crash) or possibly gain privileges by leveraging\n CLONE_NEWUSER support to execute a crafted SOCK_RAW application\n (bnc#958886).\n - CVE-2014-8989: The Linux kernel did not properly restrict dropping\n of supplemental group memberships in certain namespace scenarios, which\n allowed local users to bypass intended file permissions by leveraging a\n POSIX ACL containing an entry for the group category that is more\n restrictive than the entry for the other category, aka a "negative\n groups" issue, related to kernel/groups.c, kernel/uid16.c, and\n kernel/user_namespace.c (bnc#906545).\n - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel on the\n x86_64 platform mishandles IRET faults in processing NMIs that\n occurred during userspace execution, which might allow local users to\n gain privileges by triggering an NMI (bnc#937969).\n - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the\n Linux kernel through 4.2.3 did not ensure that certain slot numbers are\n valid, which allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl\n call (bnc#949936).\n - CVE-2015-8104: The KVM subsystem in the Linux kernel through 4.2.6, and\n Xen 4.3.x through 4.6.x, allowed guest OS users to cause a denial\n of service (host OS panic or hang) by triggering many #DB (aka Debug)\n exceptions, related to svm.c (bnc#954404).\n - CVE-2015-5307: The KVM subsystem in the Linux kernel through 4.2.6, and\n Xen 4.3.x through 4.6.x, allowed guest OS users to cause a denial\n of service (host OS panic or hang) by triggering many #AC (aka Alignment\n Check) exceptions, related to svm.c and vmx.c (bnc#953527).\n - CVE-2014-9529: Race condition in the key_gc_unused_keys function in\n security/keys/gc.c in the Linux kernel allowed local users to cause a\n denial of service (memory corruption or panic) or possibly have\n unspecified other impact via keyctl commands that trigger access to a\n key structure member during garbage collection of a key (bnc#912202).\n - CVE-2015-7990: Race condition in the rds_sendmsg function in\n net/rds/sendmsg.c in the Linux kernel allowed local users to cause a\n denial of service (NULL pointer dereference and system crash) or\n possibly have unspecified other impact by using a socket that was not\n properly bound. NOTE: this vulnerability exists because of an\n incomplete fix for CVE-2015-6937 (bnc#952384 953052).\n - CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in\n the Linux kernel allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) or possibly have unspecified\n other impact by using a socket that was not properly bound (bnc#945825).\n - CVE-2015-7885: The dgnc_mgmt_ioctl function in\n drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 did\n not initialize a certain structure member, which allowed local users to\n obtain sensitive information from kernel memory via a crafted\n application (bnc#951627).\n - CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel\n did not validate attempted changes to the MTU value, which allowed\n context-dependent attackers to cause a denial of service (packet loss)\n via a value that is (1) smaller than the minimum compliant value or (2)\n larger than the MTU of an interface, as demonstrated by a Router\n Advertisement (RA) message that is not validated by a daemon, a\n different vulnerability than CVE-2015-0272. NOTE: the scope of\n CVE-2015-0272 is limited to the NetworkManager product (bnc#955354).\n - CVE-2015-8767: A case can occur when sctp_accept() is called by the user\n during a heartbeat timeout event after the 4-way handshake. Since\n sctp_assoc_migrate() changes both assoc->base.sk and assoc->ep, the\n bh_sock_lock in sctp_generate_heartbeat_event() will be taken with the\n listening socket but released with the new association socket. The\n result is a deadlock on any future attempts to take the listening socket\n lock. (bsc#961509)\n - CVE-2015-8575: Validate socket address length in sco_sock_bind() to\n prevent information leak (bsc#959399).\n - CVE-2015-8551, CVE-2015-8552: xen/pciback: For\n XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled\n (bsc#957990).\n - CVE-2015-8550: Compiler optimizations in the XEN PV backend drivers\n could have lead to double fetch vulnerabilities, causing denial of\n service or arbitrary code execution (depending on the configuration)\n (bsc#957988).\n\n The following non-security bugs were fixed:\n - ALSA: hda - Disable 64bit address for Creative HDA controllers\n (bnc#814440).\n - ALSA: hda - Fix noise problems on Thinkpad T440s (boo#958504).\n - Input: aiptek - fix crash on detecting device without endpoints\n (bnc#956708).\n - KEYS: Make /proc/keys unconditional if CONFIG_KEYS=y (boo#956934).\n - KVM: x86: update masterclock values on TSC writes (bsc#961739).\n - NFS: Fix a NULL pointer dereference of migration recovery ops for v4.2\n client (bsc#960839).\n - apparmor: allow SYS_CAP_RESOURCE to be sufficient to prlimit another\n task (bsc#921949).\n - blktap: also call blkif_disconnect() when frontend switched to closed\n (bsc#952976).\n - blktap: refine mm tracking (bsc#952976).\n - cdrom: Random writing support for BD-RE media (bnc#959568).\n - genksyms: Handle string literals with spaces in reference files\n (bsc#958510).\n - ipv4: Do not increase PMTU with Datagram Too Big message (bsc#955224).\n - ipv6: distinguish frag queues by device for multicast and link-local\n packets (bsc#955422).\n - ipv6: fix tunnel error handling (bsc#952579).\n - route: Use ipv4_mtu instead of raw rt_pmtu (bsc#955224).\n - uas: Add response iu handling (bnc#954138).\n - usbvision fix overflow of interfaces array (bnc#950998).\n - x86/evtchn: make use of PHYSDEVOP_map_pirq.\n - xen/pciback: Do not allow MSI-X ops if PCI_COMMAND_MEMORY is not set\n (bsc#957990 XSA-157).\n\n", "modified": "2016-02-03T15:11:57", "published": "2016-02-03T15:11:57", "id": "OPENSUSE-SU-2016:0318-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00005.html", "type": "suse", "title": "Security update for the Linux Kernel (important)", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:56:09", "bulletinFamily": "unix", "description": "The openSUSE 13.1 kernel was updated to receive various security and\n bugfixes.\n\n Following security bugs were fixed:\n - CVE-2016-0728: A reference leak in keyring handling with\n join_session_keyring() could lead to local attackers gain root\n privileges. (bsc#962075).\n - CVE-2015-7550: A local user could have triggered a race between read and\n revoke in keyctl (bnc#958951).\n - CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in\n drivers/net/ppp/pptp.c in the Linux kernel did not verify an address\n length, which allowed local users to obtain sensitive information from\n kernel memory and bypass the KASLR protection mechanism via a crafted\n application (bnc#959190).\n - CVE-2015-8543: The networking implementation in the Linux kernel did not\n validate protocol identifiers for certain protocol families, which\n allowed local users to cause a denial of service (NULL function pointer\n dereference and system crash) or possibly gain privileges by leveraging\n CLONE_NEWUSER support to execute a crafted SOCK_RAW application\n (bnc#958886).\n - CVE-2014-8989: The Linux kernel did not properly restrict dropping\n of supplemental group memberships in certain namespace scenarios, which\n allowed local users to bypass intended file permissions by leveraging a\n POSIX ACL containing an entry for the group category that is more\n restrictive than the entry for the other category, aka a "negative\n groups" issue, related to kernel/groups.c, kernel/uid16.c, and\n kernel/user_namespace.c (bnc#906545).\n - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel on the\n x86_64 platform mishandles IRET faults in processing NMIs that\n occurred during userspace execution, which might allow local users to\n gain privileges by triggering an NMI (bnc#937969).\n - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the\n Linux kernel through 4.2.3 did not ensure that certain slot numbers are\n valid, which allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl\n call (bnc#949936).\n - CVE-2015-8104: The KVM subsystem in the Linux kernel through 4.2.6, and\n Xen 4.3.x through 4.6.x, allowed guest OS users to cause a denial\n of service (host OS panic or hang) by triggering many #DB (aka Debug)\n exceptions, related to svm.c (bnc#954404).\n - CVE-2015-5307: The KVM subsystem in the Linux kernel through 4.2.6, and\n Xen 4.3.x through 4.6.x, allowed guest OS users to cause a denial\n of service (host OS panic or hang) by triggering many #AC (aka Alignment\n Check) exceptions, related to svm.c and vmx.c (bnc#953527).\n - CVE-2014-9529: Race condition in the key_gc_unused_keys function in\n security/keys/gc.c in the Linux kernel allowed local users to cause a\n denial of service (memory corruption or panic) or possibly have\n unspecified other impact via keyctl commands that trigger access to a\n key structure member during garbage collection of a key (bnc#912202).\n - CVE-2015-7990: Race condition in the rds_sendmsg function in\n net/rds/sendmsg.c in the Linux kernel allowed local users to cause a\n denial of service (NULL pointer dereference and system crash) or\n possibly have unspecified other impact by using a socket that was not\n properly bound. NOTE: this vulnerability exists because of an\n incomplete fix for CVE-2015-6937 (bnc#952384 953052).\n - CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in\n the Linux kernel allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) or possibly have unspecified\n other impact by using a socket that was not properly bound (bnc#945825).\n - CVE-2015-7885: The dgnc_mgmt_ioctl function in\n drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 did\n not initialize a certain structure member, which allowed local users to\n obtain sensitive information from kernel memory via a crafted\n application (bnc#951627).\n - CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel\n did not validate attempted changes to the MTU value, which allowed\n context-dependent attackers to cause a denial of service (packet loss)\n via a value that is (1) smaller than the minimum compliant value or (2)\n larger than the MTU of an interface, as demonstrated by a Router\n Advertisement (RA) message that is not validated by a daemon, a\n different vulnerability than CVE-2015-0272. NOTE: the scope of\n CVE-2015-0272 is limited to the NetworkManager product (bnc#955354).\n - CVE-2015-8767: A case can occur when sctp_accept() is called by the user\n during a heartbeat timeout event after the 4-way handshake. Since\n sctp_assoc_migrate() changes both assoc->base.sk and assoc->ep, the\n bh_sock_lock in sctp_generate_heartbeat_event() will be taken with the\n listening socket but released with the new association socket. The\n result is a deadlock on any future attempts to take the listening socket\n lock. (bsc#961509)\n - CVE-2015-8575: Validate socket address length in sco_sock_bind() to\n prevent information leak (bsc#959399).\n - CVE-2015-8551, CVE-2015-8552: xen/pciback: For\n XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled\n (bsc#957990).\n - CVE-2015-8550: Compiler optimizations in the XEN PV backend drivers\n could have lead to double fetch vulnerabilities, causing denial of\n service or arbitrary code execution (depending on the configuration)\n (bsc#957988).\n\n The following non-security bugs were fixed:\n - ALSA: hda - Disable 64bit address for Creative HDA controllers\n (bnc#814440).\n - ALSA: hda - Fix noise problems on Thinkpad T440s (boo#958504).\n - Input: aiptek - fix crash on detecting device without endpoints\n (bnc#956708).\n - KEYS: Make /proc/keys unconditional if CONFIG_KEYS=y (boo#956934).\n - KVM: x86: update masterclock values on TSC writes (bsc#961739).\n - NFS: Fix a NULL pointer dereference of migration recovery ops for v4.2\n client (bsc#960839).\n - apparmor: allow SYS_CAP_RESOURCE to be sufficient to prlimit another\n task (bsc#921949).\n - blktap: also call blkif_disconnect() when frontend switched to closed\n (bsc#952976).\n - blktap: refine mm tracking (bsc#952976).\n - cdrom: Random writing support for BD-RE media (bnc#959568).\n - genksyms: Handle string literals with spaces in reference files\n (bsc#958510).\n - ipv4: Do not increase PMTU with Datagram Too Big message (bsc#955224).\n - ipv6: distinguish frag queues by device for multicast and link-local\n packets (bsc#955422).\n - ipv6: fix tunnel error handling (bsc#952579).\n - route: Use ipv4_mtu instead of raw rt_pmtu (bsc#955224).\n - uas: Add response iu handling (bnc#954138).\n - usbvision fix overflow of interfaces array (bnc#950998).\n - x86/evtchn: make use of PHYSDEVOP_map_pirq.\n - xen/pciback: Do not allow MSI-X ops if PCI_COMMAND_MEMORY is not set\n (bsc#957990 XSA-157).\n\n", "modified": "2016-02-01T16:11:19", "published": "2016-02-01T16:11:19", "id": "OPENSUSE-SU-2016:0301-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00000.html", "type": "suse", "title": "Security update for the Linux Kernel (important)", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}