{"openvas": [{"lastseen": "2019-05-29T18:35:35", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8787", "CVE-2016-0723", "CVE-2015-7513", "CVE-2016-0728", "CVE-2015-8767", "CVE-2013-4312", "CVE-2015-7566", "CVE-2015-8575", "CVE-2015-8569", "CVE-2015-8709"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-02-05T00:00:00", "id": "OPENVAS:1361412562310807219", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807219", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2016-5", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2016-5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807219\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-02-05 13:14:35 +0530 (Fri, 05 Feb 2016)\");\n\n script_cve_id(\"CVE-2013-4312\", \"CVE-2016-0723\", \"CVE-2015-8787\", \"CVE-2015-8569\",\n \"CVE-2015-8575\", \"CVE-2015-8709\", \"CVE-2015-7513\", \"CVE-2015-7566\",\n \"CVE-2015-8767\", \"CVE-2016-0728\");\n\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2016-5\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-5\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.3.4~200.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0723", "CVE-2016-0728", "CVE-2015-8767", "CVE-2013-4312", "CVE-2015-7566"], "description": "Several vulnerabilities have been\ndiscovered in the Linux kernel that may lead to a privilege escalation or\ndenial-of-service.\n\nCVE-2013-4312\nTetsuo Handa discovered that it is possible for a process to open\nfar more files than the process", "modified": "2019-05-24T00:00:00", "published": "2016-01-19T00:00:00", "id": "OPENVAS:1361412562310703448", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703448", "type": "openvas", "title": "Debian Security Advisory DSA 3448-1 (linux - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# Auto-generated from advisory DSA 3448-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703448\");\n script_version(\"2019-05-24T11:20:30+0000\");\n script_cve_id(\"CVE-2013-4312\", \"CVE-2015-7566\", \"CVE-2015-8767\", \"CVE-2016-0723\",\n \"CVE-2016-0728\");\n script_name(\"Debian Security Advisory DSA 3448-1 (linux - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-05-24 11:20:30 +0000 (Fri, 24 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-01-19 00:00:00 +0100 (Tue, 19 Jan 2016)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3448.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"linux on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie),\nthese problems have been fixed in version 3.16.7-ckt20-1+deb8u3.\n\nWe recommend that you upgrade your linux packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been\ndiscovered in the Linux kernel that may lead to a privilege escalation or\ndenial-of-service.\n\nCVE-2013-4312\nTetsuo Handa discovered that it is possible for a process to open\nfar more files than the process's limit leading to denial-of-service\nconditions.\n\nCVE-2015-7566\nRalf Spenneberg of OpenSource Security reported that the visor\ndriver crashes when a specially crafted USB device without bulk-out\nendpoint is detected.\n\nCVE-2015-8767\nAn SCTP denial-of-service was discovered which can be triggered by a\nlocal attacker during a heartbeat timeout event after the 4-way\nhandshake.\n\nCVE-2016-0723\nA use-after-free vulnerability was discovered in the TIOCGETD ioctl.\nA local attacker could use this flaw for denial-of-service.\n\nCVE-2016-0728\nThe Perception Point research team discovered a use-after-free\nvulnerability in the keyring facility, possibly leading to local\nprivilege escalation.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-arm\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-s390\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-x86\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-doc-3.16\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-4kc-malta\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-586\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-5kc-malta\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-686-pae\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-amd64\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-arm64\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-armel\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-armhf\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-i386\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-mips\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-mipsel\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-powerpc\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-ppc64el\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-s390x\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-amd64\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-arm64\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-armmp\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-armmp-lpae\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-common\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-ixp4xx\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-kirkwood\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-loongson-2e\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-loongson-2f\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-loongson-3\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-octeon\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-orion5x\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc-smp\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc64\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc64le\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-r4k-ip22\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-r5k-ip32\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-s390x\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-sb1-bcm91250a\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-versatile\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-4kc-malta\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-5kc-malta\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mips\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mipsel\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-loongson-2f\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-octeon\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r4k-ip22\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-cobalt\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-ip32\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1-bcm91250a\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-4kc-malta\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-586\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-5kc-malta\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-686-pae\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-686-pae-dbg\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-amd64\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-amd64-dbg\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-arm64\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-arm64-dbg\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-armmp\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-armmp-lpae\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-ixp4xx\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-kirkwood\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-loongson-2e\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-loongson-2f\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-loongson-3\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-octeon\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-orion5x\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc-smp\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc64\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc64le\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-r4k-ip22\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-r5k-ip32\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-s390x\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-s390x-dbg\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-sb1-bcm91250a\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-versatile\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-4kc-malta\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-5kc-malta\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-loongson-2f\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-octeon\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r4k-ip22\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-cobalt\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-ip32\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1-bcm91250a\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1a-bcm91480b\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-libc-dev:amd64\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-libc-dev:i386\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-manual-3.16\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-source-3.16\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-support-3.16.0-4\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xen-linux-system-3.16.0-4-amd64\", ver:\"3.16.7-ckt20-1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:55:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0723", "CVE-2016-0728", "CVE-2015-8767", "CVE-2013-4312", "CVE-2015-7566"], "description": "Several vulnerabilities have been\ndiscovered in the Linux kernel that may lead to a privilege escalation or\ndenial-of-service.\n\nCVE-2013-4312 \nTetsuo Handa discovered that it is possible for a process to open\nfar more files than the process", "modified": "2017-07-07T00:00:00", "published": "2016-01-19T00:00:00", "id": "OPENVAS:703448", "href": "http://plugins.openvas.org/nasl.php?oid=703448", "type": "openvas", "title": "Debian Security Advisory DSA 3448-1 (linux - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3448.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3448-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703448);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2013-4312\", \"CVE-2015-7566\", \"CVE-2015-8767\", \"CVE-2016-0723\",\n \"CVE-2016-0728\");\n script_name(\"Debian Security Advisory DSA 3448-1 (linux - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-01-19 00:00:00 +0100 (Tue, 19 Jan 2016)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3448.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"linux on Debian Linux\");\n script_tag(name: \"insight\", value: \"The Linux kernel is the core\nof the Linux operating system.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthese problems have been fixed in version 3.16.7-ckt20-1+deb8u3.\n\nWe recommend that you upgrade your linux packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities have been\ndiscovered in the Linux kernel that may lead to a privilege escalation or\ndenial-of-service.\n\nCVE-2013-4312 \nTetsuo Handa discovered that it is possible for a process to open\nfar more files than the process' limit leading to denial-of-service\nconditions.\n\nCVE-2015-7566 \nRalf Spenneberg of OpenSource Security reported that the visor\ndriver crashes when a specially crafted USB device without bulk-out\nendpoint is detected.\n\nCVE-2015-8767 \nAn SCTP denial-of-service was discovered which can be triggered by a\nlocal attacker during a heartbeat timeout event after the 4-way\nhandshake.\n\nCVE-2016-0723 \nA use-after-free vulnerability was discovered in the TIOCGETD ioctl.\nA local attacker could use this flaw for denial-of-service.\n\nCVE-2016-0728 \nThe Perception Point research team discovered a use-after-free\nvulnerability in the keyring facility, possibly leading to local\nprivilege escalation.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-arm\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-s390\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-x86\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-3.16\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-4kc-malta\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-586\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-5kc-malta\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-686-pae\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-amd64\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-arm64\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-armel\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-armhf\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-i386\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-mips\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-mipsel\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-powerpc\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-ppc64el\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-s390x\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-amd64\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-arm64\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-armmp\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-armmp-lpae\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-common\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-ixp4xx\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-kirkwood\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-loongson-2e\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-loongson-2f\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-loongson-3\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-octeon\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-orion5x\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc-smp\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc64\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc64le\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-r4k-ip22\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-r5k-ip32\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-s390x\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-sb1-bcm91250a\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-versatile\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-4kc-malta\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-5kc-malta\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mips\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mipsel\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-loongson-2f\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-octeon\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r4k-ip22\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-cobalt\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-ip32\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1-bcm91250a\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-4kc-malta\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-586\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-5kc-malta\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-686-pae\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-686-pae-dbg\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-amd64\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-amd64-dbg\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-arm64\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-arm64-dbg\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-armmp\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-armmp-lpae\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-ixp4xx\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-kirkwood\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-loongson-2e\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-loongson-2f\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-loongson-3\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-octeon\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-orion5x\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc-smp\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc64\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc64le\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-r4k-ip22\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-r5k-ip32\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-s390x\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-s390x-dbg\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-sb1-bcm91250a\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-versatile\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-4kc-malta\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-5kc-malta\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-loongson-2f\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-octeon\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r4k-ip22\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-cobalt\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-ip32\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1-bcm91250a\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1a-bcm91480b\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev:amd64\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev:i386\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-3.16\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-3.16\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-3.16.0-4\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.16.0-4-amd64\", ver:\"3.16.7-ckt20-1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-03-17T22:56:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0723", "CVE-2015-8767", "CVE-2013-4312", "CVE-2015-8709"], "description": "The remote host is missing an update announced via the referenced Security Advisory.", "modified": "2020-03-13T00:00:00", "published": "2016-02-11T00:00:00", "id": "OPENVAS:1361412562310120638", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120638", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2016-648)", "sourceData": "# Copyright (C) 2016 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120638\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2016-02-11 07:16:46 +0200 (Thu, 11 Feb 2016)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2016-648)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in the Linux kernel. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum clean all followed by yum update kernel to update your system. You will need to reboot your system in order for the new kernel to be running.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2016-648.html\");\n script_cve_id(\"CVE-2013-4312\", \"CVE-2016-0723\", \"CVE-2015-8709\", \"CVE-2015-8767\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2016 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-debuginfo\", rpm:\"kernel-tools-debuginfo~4.1.17~22.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.1.17~22.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.1.17~22.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~4.1.17~22.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.1.17~22.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.1.17~22.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~4.1.17~22.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~4.1.17~22.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.1.17~22.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-devel\", rpm:\"kernel-tools-devel~4.1.17~22.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~4.1.17~22.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~4.1.17~22.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:32", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8575", "CVE-2015-8569", "CVE-2015-8709"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-01-13T00:00:00", "id": "OPENVAS:1361412562310807102", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807102", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2016-6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2016-6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807102\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-01-13 06:14:00 +0100 (Wed, 13 Jan 2016)\");\n script_cve_id(\"CVE-2015-8569\", \"CVE-2015-8575\", \"CVE-2015-8709\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2016-6\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-6\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2016-January/175386.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.3.3~300.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8787", "CVE-2016-0723", "CVE-2013-4312"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-02-05T00:00:00", "id": "OPENVAS:1361412562310807225", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807225", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2016-2", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2016-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807225\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-02-05 13:14:28 +0530 (Fri, 05 Feb 2016)\");\n script_cve_id(\"CVE-2013-4312\", \"CVE-2016-0723\", \"CVE-2015-8787\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2016-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-2\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2016-February/176464.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.3.4~300.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-7513", "CVE-2015-7566"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-01-21T00:00:00", "id": "OPENVAS:1361412562310806985", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806985", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2016-26", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2016-26\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806985\");\n script_version(\"$Revision: 14225 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 15:32:03 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-01-21 06:13:59 +0100 (Thu, 21 Jan 2016)\");\n script_cve_id(\"CVE-2015-7566\", \"CVE-2015-7513\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2016-26\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-26\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2016-January/175792.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.3.3~301.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8787", "CVE-2015-7550", "CVE-2015-7513", "CVE-2015-8543", "CVE-2015-8374", "CVE-2015-7990", "CVE-2015-8575", "CVE-2013-7446", "CVE-2015-8569"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2016-02-05T00:00:00", "id": "OPENVAS:1361412562310842622", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842622", "type": "openvas", "title": "Ubuntu Update for linux USN-2890-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux USN-2890-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842622\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-02-05 13:14:10 +0530 (Fri, 05 Feb 2016)\");\n script_cve_id(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7550\", \"CVE-2015-7990\",\n \"CVE-2015-8374\", \"CVE-2015-8543\", \"CVE-2015-8569\", \"CVE-2015-8575\",\n \"CVE-2015-8787\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux USN-2890-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that a use-after-free\n vulnerability existed in the AF_UNIX implementation in the Linux kernel. A\n local attacker could use crafted epoll_ctl calls to cause a denial of service\n (system crash) or expose sensitive information. (CVE-2013-7446)\n\n It was discovered that the KVM implementation in the Linux kernel did not\n properly restore the values of the Programmable Interrupt Timer (PIT). A\n user-assisted attacker in a KVM guest could cause a denial of service in\n the host (system crash). (CVE-2015-7513)\n\n It was discovered that the Linux kernel keyring subsystem contained a race\n between read and revoke operations. A local attacker could use this to\n cause a denial of service (system crash). (CVE-2015-7550)\n\n Sasha Levin discovered that the Reliable Datagram Sockets (RDS)\n implementation in the Linux kernel had a race condition when checking\n whether a socket was bound or not. A local attacker could use this to cause\n a denial of service (system crash). (CVE-2015-7990)\n\n It was discovered that the Btrfs implementation in the Linux kernel\n incorrectly handled compressed inline extants on truncation. A local\n attacker could use this to expose sensitive information. (CVE-2015-8374)\n\n It was discovered that the Linux kernel networking implementation did\n not validate protocol identifiers for certain protocol families, A local\n attacker could use this to cause a denial of service (system crash) or\n possibly gain administrative privileges. (CVE-2015-8543)\n\n Dmitry Vyukov discovered that the pptp implementation in the Linux kernel\n did not verify an address length when setting up a socket. A local attacker\n could use this to craft an application that exposed sensitive information\n from kernel memory. (CVE-2015-8569)\n\n David Miller discovered that the Bluetooth implementation in the Linux\n kernel did not properly validate the socket address length for Synchronous\n Connection-Oriented (SCO) sockets. A local attacker could use this to\n expose sensitive information. (CVE-2015-8575)\n\n It was discovered that the netfilter Network Address Translation (NAT)\n implementation did not ensure that data structures were initialized when\n handling IPv4 addresses. An attacker could use this to cause a denial of\n service (system crash). (CVE-2015-8787)\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 15.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"2890-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2890-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU15\\.10\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU15.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-27-generic\", ver:\"4.2.0-27.32\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-27-generic-lpae\", ver:\"4.2.0-27.32\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-27-lowlatency\", ver:\"4.2.0-27.32\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-27-powerpc-e500mc\", ver:\"4.2.0-27.32\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-27-powerpc-smp\", ver:\"4.2.0-27.32\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-27-powerpc64-emb\", ver:\"4.2.0-27.32\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-27-powerpc64-smp\", ver:\"4.2.0-27.32\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:38", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8787", "CVE-2015-7550", "CVE-2015-7513", "CVE-2015-8543", "CVE-2015-8374", "CVE-2015-7990", "CVE-2015-8575", "CVE-2013-7446", "CVE-2015-8569"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2016-02-05T00:00:00", "id": "OPENVAS:1361412562310842631", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842631", "type": "openvas", "title": "Ubuntu Update for linux-lts-wily USN-2890-2", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-lts-wily USN-2890-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842631\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-02-05 13:14:21 +0530 (Fri, 05 Feb 2016)\");\n script_cve_id(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7550\", \"CVE-2015-7990\",\n \"CVE-2015-8374\", \"CVE-2015-8543\", \"CVE-2015-8569\", \"CVE-2015-8575\",\n \"CVE-2015-8787\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-lts-wily USN-2890-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-wily'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that a use-after-free\n vulnerability existed in the AF_UNIX implementation in the Linux kernel. A\n local attacker could use crafted epoll_ctl calls to cause a denial of service\n (system crash) or expose sensitive information. (CVE-2013-7446)\n\n It was discovered that the KVM implementation in the Linux kernel did not\n properly restore the values of the Programmable Interrupt Timer (PIT). A\n user-assisted attacker in a KVM guest could cause a denial of service in\n the host (system crash). (CVE-2015-7513)\n\n It was discovered that the Linux kernel keyring subsystem contained a race\n between read and revoke operations. A local attacker could use this to\n cause a denial of service (system crash). (CVE-2015-7550)\n\n Sasha Levin discovered that the Reliable Datagram Sockets (RDS)\n implementation in the Linux kernel had a race condition when checking\n whether a socket was bound or not. A local attacker could use this to cause\n a denial of service (system crash). (CVE-2015-7990)\n\n It was discovered that the Btrfs implementation in the Linux kernel\n incorrectly handled compressed inline extants on truncation. A local\n attacker could use this to expose sensitive information. (CVE-2015-8374)\n\n It was discovered that the Linux kernel networking implementation did\n not validate protocol identifiers for certain protocol families, A local\n attacker could use this to cause a denial of service (system crash) or\n possibly gain administrative privileges. (CVE-2015-8543)\n\n Dmitry Vyukov discovered that the pptp implementation in the Linux kernel\n did not verify an address length when setting up a socket. A local attacker\n could use this to craft an application that exposed sensitive information\n from kernel memory. (CVE-2015-8569)\n\n David Miller discovered that the Bluetooth implementation in the Linux\n kernel did not properly validate the socket address length for Synchronous\n Connection-Oriented (SCO) sockets. A local attacker could use this to\n expose sensitive information. (CVE-2015-8575)\n\n It was discovered that the netfilter Network Address Translation (NAT)\n implementation did not ensure that data structures were initialized when\n handling IPv4 addresses. An attacker could use this to cause a denial of\n service (system crash). (CVE-2015-8787)\");\n script_tag(name:\"affected\", value:\"linux-lts-wily on Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"2890-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2890-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-27-generic\", ver:\"4.2.0-27.32~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-27-generic-lpae\", ver:\"4.2.0-27.32~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-27-lowlatency\", ver:\"4.2.0-27.32~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-27-powerpc-e500mc\", ver:\"4.2.0-27.32~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-27-powerpc-smp\", ver:\"4.2.0-27.32~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-27-powerpc64-emb\", ver:\"4.2.0-27.32~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-27-powerpc64-smp\", ver:\"4.2.0-27.32~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8787", "CVE-2015-7550", "CVE-2015-7513", "CVE-2015-8543", "CVE-2015-8374", "CVE-2015-7990", "CVE-2015-8575", "CVE-2013-7446", "CVE-2015-8569"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2016-02-05T00:00:00", "id": "OPENVAS:1361412562310842624", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842624", "type": "openvas", "title": "Ubuntu Update for linux-raspi2 USN-2890-3", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-raspi2 USN-2890-3\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842624\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-02-05 13:14:19 +0530 (Fri, 05 Feb 2016)\");\n script_cve_id(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7550\", \"CVE-2015-7990\",\n \"CVE-2015-8374\", \"CVE-2015-8543\", \"CVE-2015-8569\", \"CVE-2015-8575\",\n \"CVE-2015-8787\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-raspi2 USN-2890-3\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-raspi2'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that a use-after-free\n vulnerability existed in the AF_UNIX implementation in the Linux kernel. A\n local attacker could use crafted epoll_ctl calls to cause a denial of service\n (system crash) or expose sensitive information. (CVE-2013-7446)\n\n It was discovered that the KVM implementation in the Linux kernel did not\n properly restore the values of the Programmable Interrupt Timer (PIT). A\n user-assisted attacker in a KVM guest could cause a denial of service in\n the host (system crash). (CVE-2015-7513)\n\n It was discovered that the Linux kernel keyring subsystem contained a race\n between read and revoke operations. A local attacker could use this to\n cause a denial of service (system crash). (CVE-2015-7550)\n\n Sasha Levin discovered that the Reliable Datagram Sockets (RDS)\n implementation in the Linux kernel had a race condition when checking\n whether a socket was bound or not. A local attacker could use this to cause\n a denial of service (system crash). (CVE-2015-7990)\n\n It was discovered that the Btrfs implementation in the Linux kernel\n incorrectly handled compressed inline extants on truncation. A local\n attacker could use this to expose sensitive information. (CVE-2015-8374)\n\n It was discovered that the Linux kernel networking implementation did\n not validate protocol identifiers for certain protocol families, A local\n attacker could use this to cause a denial of service (system crash) or\n possibly gain administrative privileges. (CVE-2015-8543)\n\n Dmitry Vyukov discovered that the pptp implementation in the Linux kernel\n did not verify an address length when setting up a socket. A local attacker\n could use this to craft an application that exposed sensitive information\n from kernel memory. (CVE-2015-8569)\n\n David Miller discovered that the Bluetooth implementation in the Linux\n kernel did not properly validate the socket address length for Synchronous\n Connection-Oriented (SCO) sockets. A local attacker could use this to\n expose sensitive information. (CVE-2015-8575)\n\n It was discovered that the netfilter Network Address Translation (NAT)\n implementation did not ensure that data structures were initialized when\n handling IPv4 addresses. An attacker could use this to cause a denial of\n service (system crash). (CVE-2015-8787)\");\n\n script_tag(name:\"affected\", value:\"linux-raspi2 on Ubuntu 15.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"2890-3\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2890-3/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU15\\.10\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU15.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-1022-raspi2\", ver:\"4.2.0-1022.29\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-12T10:14:16", "description": "Update to latest upstream stable release, Linux v4.3.4. Elan touchpad\nfixes. ---- Update to 4.3.y stable series. Fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 20, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-04T00:00:00", "title": "Fedora 22 : kernel-4.3.4-200.fc22 (2016-5d43766e33)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8787", "CVE-2016-0723", "CVE-2015-7513", "CVE-2016-0728", "CVE-2015-8767", "CVE-2013-4312", "CVE-2015-7566", "CVE-2015-8575", "CVE-2015-8569", "CVE-2015-8709"], "modified": "2016-03-04T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2016-5D43766E33.NASL", "href": "https://www.tenable.com/plugins/nessus/89554", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-5d43766e33.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89554);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-4312\", \"CVE-2015-7513\", \"CVE-2015-7566\", \"CVE-2015-8569\", \"CVE-2015-8575\", \"CVE-2015-8709\", \"CVE-2015-8767\", \"CVE-2015-8787\", \"CVE-2016-0723\", \"CVE-2016-0728\");\n script_xref(name:\"FEDORA\", value:\"2016-5d43766e33\");\n\n script_name(english:\"Fedora 22 : kernel-4.3.4-200.fc22 (2016-5d43766e33)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to latest upstream stable release, Linux v4.3.4. Elan touchpad\nfixes. ---- Update to 4.3.y stable series. Fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1284847\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1292045\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1292840\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1295287\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1296253\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1296466\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1297389\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1297475\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1297813\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1300731\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?44a7add4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"kernel-4.3.4-200.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T09:49:22", "description": "Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation or denial-of-service.\n\n - CVE-2013-4312\n Tetsuo Handa discovered that it is possible for a\n process to open far more files than the process' limit\n leading to denial-of-service conditions.\n\n - CVE-2015-7566\n Ralf Spenneberg of OpenSource Security reported that the\n visor driver crashes when a specially crafted USB device\n without bulk-out endpoint is detected.\n\n - CVE-2015-8767\n An SCTP denial-of-service was discovered which can be\n triggered by a local attacker during a heartbeat timeout\n event after the 4-way handshake.\n\n - CVE-2016-0723\n A use-after-free vulnerability was discovered in the\n TIOCGETD ioctl. A local attacker could use this flaw for\n denial-of-service.\n\n - CVE-2016-0728\n The Perception Point research team discovered a\n use-after-free vulnerability in the keyring facility,\n possibly leading to local privilege escalation.", "edition": 25, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-01-20T00:00:00", "title": "Debian DSA-3448-1 : linux - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0723", "CVE-2016-0728", "CVE-2015-8767", "CVE-2013-4312", "CVE-2015-7566"], "modified": "2016-01-20T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:linux"], "id": "DEBIAN_DSA-3448.NASL", "href": "https://www.tenable.com/plugins/nessus/87995", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3448. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87995);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-4312\", \"CVE-2015-7566\", \"CVE-2015-8767\", \"CVE-2016-0723\", \"CVE-2016-0728\");\n script_xref(name:\"DSA\", value:\"3448\");\n\n script_name(english:\"Debian DSA-3448-1 : linux - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation or denial-of-service.\n\n - CVE-2013-4312\n Tetsuo Handa discovered that it is possible for a\n process to open far more files than the process' limit\n leading to denial-of-service conditions.\n\n - CVE-2015-7566\n Ralf Spenneberg of OpenSource Security reported that the\n visor driver crashes when a specially crafted USB device\n without bulk-out endpoint is detected.\n\n - CVE-2015-8767\n An SCTP denial-of-service was discovered which can be\n triggered by a local attacker during a heartbeat timeout\n event after the 4-way handshake.\n\n - CVE-2016-0723\n A use-after-free vulnerability was discovered in the\n TIOCGETD ioctl. A local attacker could use this flaw for\n denial-of-service.\n\n - CVE-2016-0728\n The Perception Point research team discovered a\n use-after-free vulnerability in the keyring facility,\n possibly leading to local privilege escalation.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-4312\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-7566\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-8767\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-0723\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-0728\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/linux\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3448\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 3.16.7-ckt20-1+deb8u3.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.8-arm\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.8-x86\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.9-x86\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-doc-3.16\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-586\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-686-pae\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-amd64\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-armel\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-armhf\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-i386\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-amd64\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-armmp\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-armmp-lpae\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-common\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-ixp4xx\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-kirkwood\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-orion5x\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-versatile\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-586\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-686-pae\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-686-pae-dbg\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-amd64\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-amd64-dbg\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-armmp\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-armmp-lpae\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-ixp4xx\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-kirkwood\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-orion5x\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-versatile\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-libc-dev\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-manual-3.16\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-source-3.16\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-support-3.16.0-9\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xen-linux-system-3.16.0-9-amd64\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T01:19:15", "description": "The Linux kernel before 4.4.1 allows local users to bypass\nfile-descriptor limits and cause a denial of service (memory\nconsumption) by sending each descriptor over a UNIX socket before\nclosing it, related to net/unix/af_unix.c and net/unix/garbage.c.\n(CVE-2013-4312)\n\nA race condition in the tty_ioctl function in drivers/tty/tty_io.c in\nthe Linux kernel through 4.4.1 was found that allows local users to\nobtain sensitive information from kernel memory or cause a denial of\nservice (use-after-free and system crash) by making a TIOCGETD ioctl\ncall during processing of a TIOCSETD ioctl call. (CVE-2016-0723)\n\nA privilege-escalation vulnerability was discovered in the Linux\nkernel built with User Namespace (CONFIG_USER_NS) support. The flaw\noccurred when the ptrace() system call was used on a root-owned\nprocess to enter a user namespace. A privileged namespace user could\nexploit this flaw to potentially escalate their privileges on the\nsystem, outside the original namespace. (CVE-2015-8709)\n\nnet/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not\nproperly manage the relationship between a lock and a socket, which\nallows local users to cause a denial of service (deadlock) via a\ncrafted sctp_accept call. (CVE-2015-8767)", "edition": 25, "cvss3": {"score": 7.0, "vector": "AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-02-10T00:00:00", "title": "Amazon Linux AMI : kernel (ALAS-2016-648)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0723", "CVE-2015-8767", "CVE-2013-4312", "CVE-2015-8709"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-doc", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:kernel-headers", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2016-648.NASL", "href": "https://www.tenable.com/plugins/nessus/88660", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2016-648.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(88660);\n script_version(\"2.6\");\n script_cvs_date(\"Date: 2018/09/04 13:20:07\");\n\n script_cve_id(\"CVE-2013-4312\", \"CVE-2015-8709\", \"CVE-2015-8767\", \"CVE-2016-0723\");\n script_xref(name:\"ALAS\", value:\"2016-648\");\n\n script_name(english:\"Amazon Linux AMI : kernel (ALAS-2016-648)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Linux kernel before 4.4.1 allows local users to bypass\nfile-descriptor limits and cause a denial of service (memory\nconsumption) by sending each descriptor over a UNIX socket before\nclosing it, related to net/unix/af_unix.c and net/unix/garbage.c.\n(CVE-2013-4312)\n\nA race condition in the tty_ioctl function in drivers/tty/tty_io.c in\nthe Linux kernel through 4.4.1 was found that allows local users to\nobtain sensitive information from kernel memory or cause a denial of\nservice (use-after-free and system crash) by making a TIOCGETD ioctl\ncall during processing of a TIOCSETD ioctl call. (CVE-2016-0723)\n\nA privilege-escalation vulnerability was discovered in the Linux\nkernel built with User Namespace (CONFIG_USER_NS) support. The flaw\noccurred when the ptrace() system call was used on a root-owned\nprocess to enter a user namespace. A privileged namespace user could\nexploit this flaw to potentially escalate their privileges on the\nsystem, outside the original namespace. (CVE-2015-8709)\n\nnet/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not\nproperly manage the relationship between a lock and a socket, which\nallows local users to cause a denial of service (deadlock) via a\ncrafted sctp_accept call. (CVE-2015-8767)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2016-648.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Run 'yum clean all' followed by 'yum update kernel' to update your\nsystem. You will need to reboot your system in order for the new\nkernel to be running.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"kernel-4.1.17-22.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-debuginfo-4.1.17-22.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-4.1.17-22.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-4.1.17-22.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-devel-4.1.17-22.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-doc-4.1.17-22.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-headers-4.1.17-22.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-4.1.17-22.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-debuginfo-4.1.17-22.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-devel-4.1.17-22.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-4.1.17-22.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-debuginfo-4.1.17-22.30.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-i686 / etc\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:14:22", "description": "Update to latest upstream stable release, 4.3.3. This is a major\nkernel version rebase and testers should take care to ensure things\nare working as expected.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 18, "cvss3": {"score": 7.0, "vector": "AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-04T00:00:00", "title": "Fedora 23 : kernel-4.3.3-300.fc23 (2016-6ce812a1e0)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8575", "CVE-2015-8569", "CVE-2015-8709"], "modified": "2016-03-04T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-6CE812A1E0.NASL", "href": "https://www.tenable.com/plugins/nessus/89563", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-6ce812a1e0.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89563);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-8569\", \"CVE-2015-8575\", \"CVE-2015-8709\");\n script_xref(name:\"FEDORA\", value:\"2016-6ce812a1e0\");\n\n script_name(english:\"Fedora 23 : kernel-4.3.3-300.fc23 (2016-6ce812a1e0)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to latest upstream stable release, 4.3.3. This is a major\nkernel version rebase and testers should take care to ensure things\nare working as expected.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1292045\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1292840\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1295287\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-January/175386.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bb51bb29\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"kernel-4.3.3-300.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:14:05", "description": "Update to latest upstream stable release, Linux v4.3.4. Fixes for Elan\ntouchpads.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 18, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-04T00:00:00", "title": "Fedora 23 : kernel-4.3.4-300.fc23 (2016-2f25d12c51)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8787", "CVE-2016-0723", "CVE-2013-4312"], "modified": "2016-03-04T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-2F25D12C51.NASL", "href": "https://www.tenable.com/plugins/nessus/89507", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-2f25d12c51.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89507);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-4312\", \"CVE-2015-8787\", \"CVE-2016-0723\");\n script_xref(name:\"FEDORA\", value:\"2016-2f25d12c51\");\n\n script_name(english:\"Fedora 23 : kernel-4.3.4-300.fc23 (2016-2f25d12c51)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to latest upstream stable release, Linux v4.3.4. Fixes for Elan\ntouchpads.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1296253\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1297813\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1300731\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-February/176464.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8d44ecb9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"kernel-4.3.4-300.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:14:42", "description": "Backported i915, networking, and nouveau fixes tagged for stable from\n4.4 upstream. Assorted fixes elsewhere. ---- A few bug fixes and\nbackports of all the i915 patches queued for stable from 4.4. ---- A\nnumber of fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 19, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-04T00:00:00", "title": "Fedora 23 : kernel-4.3.3-303.fc23 (2016-b59fd603be)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-7513", "CVE-2016-0728", "CVE-2015-7566"], "modified": "2016-03-04T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-B59FD603BE.NASL", "href": "https://www.tenable.com/plugins/nessus/89600", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-b59fd603be.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89600);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7513\", \"CVE-2015-7566\", \"CVE-2016-0728\");\n script_xref(name:\"FEDORA\", value:\"2016-b59fd603be\");\n\n script_name(english:\"Fedora 23 : kernel-4.3.3-303.fc23 (2016-b59fd603be)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Backported i915, networking, and nouveau fixes tagged for stable from\n4.4 upstream. Assorted fixes elsewhere. ---- A few bug fixes and\nbackports of all the i915 patches queued for stable from 4.4. ---- A\nnumber of fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1284847\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1296466\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1297475\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-January/176194.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6c84e8fb\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"kernel-4.3.3-303.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:14:03", "description": "A number of fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 18, "cvss3": {"score": 6.5, "vector": "AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"}, "published": "2016-03-04T00:00:00", "title": "Fedora 23 : kernel-4.3.3-301.fc23 (2016-26e19f042a)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-7513", "CVE-2015-7566"], "modified": "2016-03-04T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-26E19F042A.NASL", "href": "https://www.tenable.com/plugins/nessus/89497", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-26e19f042a.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89497);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7513\", \"CVE-2015-7566\");\n script_xref(name:\"FEDORA\", value:\"2016-26e19f042a\");\n\n script_name(english:\"Fedora 23 : kernel-4.3.3-301.fc23 (2016-26e19f042a)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1284847\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1296466\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-January/175792.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bb4335ff\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"kernel-4.3.3-301.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-09-23T18:55:35", "description": "It was discovered that a use-after-free vulnerability existed in the\nAF_UNIX implementation in the Linux kernel. A local attacker could use\ncrafted epoll_ctl calls to cause a denial of service (system crash) or\nexpose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did\nnot properly restore the values of the Programmable Interrupt Timer\n(PIT). A user-assisted attacker in a KVM guest could cause a denial of\nservice in the host (system crash). (CVE-2015-7513)\n\nIt was discovered that the Linux kernel keyring subsystem contained a\nrace between read and revoke operations. A local attacker could use\nthis to cause a denial of service (system crash). (CVE-2015-7550)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS)\nimplementation in the Linux kernel had a race condition when checking\nwhether a socket was bound or not. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel\nincorrectly handled compressed inline extants on truncation. A local\nattacker could use this to expose sensitive information.\n(CVE-2015-8374)\n\nGuoyong Gang discovered that the Linux kernel networking\nimplementation did not validate protocol identifiers for certain\nprotocol families, A local attacker could use this to cause a denial\nof service (system crash) or possibly gain administrative privileges.\n(CVE-2015-8543)\n\nDmitry Vyukov discovered that the pptp implementation in the Linux\nkernel did not verify an address length when setting up a socket. A\nlocal attacker could use this to craft an application that exposed\nsensitive information from kernel memory. (CVE-2015-8569)\n\nDavid Miller discovered that the Bluetooth implementation in the Linux\nkernel did not properly validate the socket address length for\nSynchronous Connection-Oriented (SCO) sockets. A local attacker could\nuse this to expose sensitive information. (CVE-2015-8575)\n\nIt was discovered that the netfilter Network Address Translation (NAT)\nimplementation did not ensure that data structures were initialized\nwhen handling IPv4 addresses. An attacker could use this to cause a\ndenial of service (system crash). (CVE-2015-8787).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-02-02T00:00:00", "title": "Ubuntu 15.10 : linux vulnerabilities (USN-2890-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8787", "CVE-2015-7550", "CVE-2015-7513", "CVE-2015-8543", "CVE-2015-8374", "CVE-2015-7990", "CVE-2015-8575", "CVE-2013-7446", "CVE-2015-8569"], "modified": "2016-02-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic", "cpe:/o:canonical:ubuntu_linux:15.10", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency"], "id": "UBUNTU_USN-2890-1.NASL", "href": "https://www.tenable.com/plugins/nessus/88524", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2890-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(88524);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/22\");\n\n script_cve_id(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7550\", \"CVE-2015-7990\", \"CVE-2015-8374\", \"CVE-2015-8543\", \"CVE-2015-8569\", \"CVE-2015-8575\", \"CVE-2015-8787\");\n script_xref(name:\"USN\", value:\"2890-1\");\n\n script_name(english:\"Ubuntu 15.10 : linux vulnerabilities (USN-2890-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that a use-after-free vulnerability existed in the\nAF_UNIX implementation in the Linux kernel. A local attacker could use\ncrafted epoll_ctl calls to cause a denial of service (system crash) or\nexpose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did\nnot properly restore the values of the Programmable Interrupt Timer\n(PIT). A user-assisted attacker in a KVM guest could cause a denial of\nservice in the host (system crash). (CVE-2015-7513)\n\nIt was discovered that the Linux kernel keyring subsystem contained a\nrace between read and revoke operations. A local attacker could use\nthis to cause a denial of service (system crash). (CVE-2015-7550)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS)\nimplementation in the Linux kernel had a race condition when checking\nwhether a socket was bound or not. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel\nincorrectly handled compressed inline extants on truncation. A local\nattacker could use this to expose sensitive information.\n(CVE-2015-8374)\n\nGuoyong Gang discovered that the Linux kernel networking\nimplementation did not validate protocol identifiers for certain\nprotocol families, A local attacker could use this to cause a denial\nof service (system crash) or possibly gain administrative privileges.\n(CVE-2015-8543)\n\nDmitry Vyukov discovered that the pptp implementation in the Linux\nkernel did not verify an address length when setting up a socket. A\nlocal attacker could use this to craft an application that exposed\nsensitive information from kernel memory. (CVE-2015-8569)\n\nDavid Miller discovered that the Bluetooth implementation in the Linux\nkernel did not properly validate the socket address length for\nSynchronous Connection-Oriented (SCO) sockets. A local attacker could\nuse this to expose sensitive information. (CVE-2015-8575)\n\nIt was discovered that the netfilter Network Address Translation (NAT)\nimplementation did not ensure that data structures were initialized\nwhen handling IPv4 addresses. An attacker could use this to cause a\ndenial of service (system crash). (CVE-2015-8787).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2890-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-4.2-generic,\nlinux-image-4.2-generic-lpae and / or linux-image-4.2-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7550\", \"CVE-2015-7990\", \"CVE-2015-8374\", \"CVE-2015-8543\", \"CVE-2015-8569\", \"CVE-2015-8575\", \"CVE-2015-8787\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2890-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-27-generic\", pkgver:\"4.2.0-27.32\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-27-generic-lpae\", pkgver:\"4.2.0-27.32\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-27-lowlatency\", pkgver:\"4.2.0-27.32\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.2-generic / linux-image-4.2-generic-lpae / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-09-23T18:55:36", "description": "It was discovered that a use-after-free vulnerability existed in the\nAF_UNIX implementation in the Linux kernel. A local attacker could use\ncrafted epoll_ctl calls to cause a denial of service (system crash) or\nexpose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did\nnot properly restore the values of the Programmable Interrupt Timer\n(PIT). A user-assisted attacker in a KVM guest could cause a denial of\nservice in the host (system crash). (CVE-2015-7513)\n\nIt was discovered that the Linux kernel keyring subsystem contained a\nrace between read and revoke operations. A local attacker could use\nthis to cause a denial of service (system crash). (CVE-2015-7550)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS)\nimplementation in the Linux kernel had a race condition when checking\nwhether a socket was bound or not. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel\nincorrectly handled compressed inline extants on truncation. A local\nattacker could use this to expose sensitive information.\n(CVE-2015-8374)\n\nGuoyong Gang discovered that the Linux kernel networking\nimplementation did not validate protocol identifiers for certain\nprotocol families, A local attacker could use this to cause a denial\nof service (system crash) or possibly gain administrative privileges.\n(CVE-2015-8543)\n\nDmitry Vyukov discovered that the pptp implementation in the Linux\nkernel did not verify an address length when setting up a socket. A\nlocal attacker could use this to craft an application that exposed\nsensitive information from kernel memory. (CVE-2015-8569)\n\nDavid Miller discovered that the Bluetooth implementation in the Linux\nkernel did not properly validate the socket address length for\nSynchronous Connection-Oriented (SCO) sockets. A local attacker could\nuse this to expose sensitive information. (CVE-2015-8575)\n\nIt was discovered that the netfilter Network Address Translation (NAT)\nimplementation did not ensure that data structures were initialized\nwhen handling IPv4 addresses. An attacker could use this to cause a\ndenial of service (system crash). (CVE-2015-8787).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-02-02T00:00:00", "title": "Ubuntu 14.04 LTS : linux-lts-wily vulnerabilities (USN-2890-2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8787", "CVE-2015-7550", "CVE-2015-7513", "CVE-2015-8543", "CVE-2015-8374", "CVE-2015-7990", "CVE-2015-8575", "CVE-2013-7446", "CVE-2015-8569"], "modified": "2016-02-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2890-2.NASL", "href": "https://www.tenable.com/plugins/nessus/88525", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2890-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(88525);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/22\");\n\n script_cve_id(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7550\", \"CVE-2015-7990\", \"CVE-2015-8374\", \"CVE-2015-8543\", \"CVE-2015-8569\", \"CVE-2015-8575\", \"CVE-2015-8787\");\n script_xref(name:\"USN\", value:\"2890-2\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-wily vulnerabilities (USN-2890-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that a use-after-free vulnerability existed in the\nAF_UNIX implementation in the Linux kernel. A local attacker could use\ncrafted epoll_ctl calls to cause a denial of service (system crash) or\nexpose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did\nnot properly restore the values of the Programmable Interrupt Timer\n(PIT). A user-assisted attacker in a KVM guest could cause a denial of\nservice in the host (system crash). (CVE-2015-7513)\n\nIt was discovered that the Linux kernel keyring subsystem contained a\nrace between read and revoke operations. A local attacker could use\nthis to cause a denial of service (system crash). (CVE-2015-7550)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS)\nimplementation in the Linux kernel had a race condition when checking\nwhether a socket was bound or not. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel\nincorrectly handled compressed inline extants on truncation. A local\nattacker could use this to expose sensitive information.\n(CVE-2015-8374)\n\nGuoyong Gang discovered that the Linux kernel networking\nimplementation did not validate protocol identifiers for certain\nprotocol families, A local attacker could use this to cause a denial\nof service (system crash) or possibly gain administrative privileges.\n(CVE-2015-8543)\n\nDmitry Vyukov discovered that the pptp implementation in the Linux\nkernel did not verify an address length when setting up a socket. A\nlocal attacker could use this to craft an application that exposed\nsensitive information from kernel memory. (CVE-2015-8569)\n\nDavid Miller discovered that the Bluetooth implementation in the Linux\nkernel did not properly validate the socket address length for\nSynchronous Connection-Oriented (SCO) sockets. A local attacker could\nuse this to expose sensitive information. (CVE-2015-8575)\n\nIt was discovered that the netfilter Network Address Translation (NAT)\nimplementation did not ensure that data structures were initialized\nwhen handling IPv4 addresses. An attacker could use this to cause a\ndenial of service (system crash). (CVE-2015-8787).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2890-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-4.2-generic,\nlinux-image-4.2-generic-lpae and / or linux-image-4.2-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7550\", \"CVE-2015-7990\", \"CVE-2015-8374\", \"CVE-2015-8543\", \"CVE-2015-8569\", \"CVE-2015-8575\", \"CVE-2015-8787\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2890-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.2.0-27-generic\", pkgver:\"4.2.0-27.32~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.2.0-27-generic-lpae\", pkgver:\"4.2.0-27.32~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.2.0-27-lowlatency\", pkgver:\"4.2.0-27.32~14.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.2-generic / linux-image-4.2-generic-lpae / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-09-23T18:55:36", "description": "It was discovered that a use-after-free vulnerability existed in the\nAF_UNIX implementation in the Linux kernel. A local attacker could use\ncrafted epoll_ctl calls to cause a denial of service (system crash) or\nexpose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did\nnot properly restore the values of the Programmable Interrupt Timer\n(PIT). A user-assisted attacker in a KVM guest could cause a denial of\nservice in the host (system crash). (CVE-2015-7513)\n\nIt was discovered that the Linux kernel keyring subsystem contained a\nrace between read and revoke operations. A local attacker could use\nthis to cause a denial of service (system crash). (CVE-2015-7550)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS)\nimplementation in the Linux kernel had a race condition when checking\nwhether a socket was bound or not. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel\nincorrectly handled compressed inline extants on truncation. A local\nattacker could use this to expose sensitive information.\n(CVE-2015-8374)\n\nGuoyong Gang discovered that the Linux kernel networking\nimplementation did not validate protocol identifiers for certain\nprotocol families, A local attacker could use this to cause a denial\nof service (system crash) or possibly gain administrative privileges.\n(CVE-2015-8543)\n\nDmitry Vyukov discovered that the pptp implementation in the Linux\nkernel did not verify an address length when setting up a socket. A\nlocal attacker could use this to craft an application that exposed\nsensitive information from kernel memory. (CVE-2015-8569)\n\nDavid Miller discovered that the Bluetooth implementation in the Linux\nkernel did not properly validate the socket address length for\nSynchronous Connection-Oriented (SCO) sockets. A local attacker could\nuse this to expose sensitive information. (CVE-2015-8575)\n\nIt was discovered that the netfilter Network Address Translation (NAT)\nimplementation did not ensure that data structures were initialized\nwhen handling IPv4 addresses. An attacker could use this to cause a\ndenial of service (system crash). (CVE-2015-8787).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-02-02T00:00:00", "title": "Ubuntu 15.10 : linux-raspi2 vulnerabilities (USN-2890-3)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8787", "CVE-2015-7550", "CVE-2015-7513", "CVE-2015-8543", "CVE-2015-8374", "CVE-2015-7990", "CVE-2015-8575", "CVE-2013-7446", "CVE-2015-8569"], "modified": "2016-02-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:15.10", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-raspi2"], "id": "UBUNTU_USN-2890-3.NASL", "href": "https://www.tenable.com/plugins/nessus/88526", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2890-3. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(88526);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/22\");\n\n script_cve_id(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7550\", \"CVE-2015-7990\", \"CVE-2015-8374\", \"CVE-2015-8543\", \"CVE-2015-8569\", \"CVE-2015-8575\", \"CVE-2015-8787\");\n script_xref(name:\"USN\", value:\"2890-3\");\n\n script_name(english:\"Ubuntu 15.10 : linux-raspi2 vulnerabilities (USN-2890-3)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that a use-after-free vulnerability existed in the\nAF_UNIX implementation in the Linux kernel. A local attacker could use\ncrafted epoll_ctl calls to cause a denial of service (system crash) or\nexpose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did\nnot properly restore the values of the Programmable Interrupt Timer\n(PIT). A user-assisted attacker in a KVM guest could cause a denial of\nservice in the host (system crash). (CVE-2015-7513)\n\nIt was discovered that the Linux kernel keyring subsystem contained a\nrace between read and revoke operations. A local attacker could use\nthis to cause a denial of service (system crash). (CVE-2015-7550)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS)\nimplementation in the Linux kernel had a race condition when checking\nwhether a socket was bound or not. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel\nincorrectly handled compressed inline extants on truncation. A local\nattacker could use this to expose sensitive information.\n(CVE-2015-8374)\n\nGuoyong Gang discovered that the Linux kernel networking\nimplementation did not validate protocol identifiers for certain\nprotocol families, A local attacker could use this to cause a denial\nof service (system crash) or possibly gain administrative privileges.\n(CVE-2015-8543)\n\nDmitry Vyukov discovered that the pptp implementation in the Linux\nkernel did not verify an address length when setting up a socket. A\nlocal attacker could use this to craft an application that exposed\nsensitive information from kernel memory. (CVE-2015-8569)\n\nDavid Miller discovered that the Bluetooth implementation in the Linux\nkernel did not properly validate the socket address length for\nSynchronous Connection-Oriented (SCO) sockets. A local attacker could\nuse this to expose sensitive information. (CVE-2015-8575)\n\nIt was discovered that the netfilter Network Address Translation (NAT)\nimplementation did not ensure that data structures were initialized\nwhen handling IPv4 addresses. An attacker could use this to cause a\ndenial of service (system crash). (CVE-2015-8787).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2890-3/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-4.2-raspi2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7550\", \"CVE-2015-7990\", \"CVE-2015-8374\", \"CVE-2015-8543\", \"CVE-2015-8569\", \"CVE-2015-8575\", \"CVE-2015-8787\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2890-3\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-1022-raspi2\", pkgver:\"4.2.0-1022.29\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.2-raspi2\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2020-08-12T01:09:26", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0723", "CVE-2016-0728", "CVE-2015-8767", "CVE-2013-4312", "CVE-2015-7566"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3448-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nJanuary 19, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : linux\nCVE ID : CVE-2013-4312 CVE-2015-7566 CVE-2015-8767 CVE-2016-0723\n CVE-2016-0728\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation or denial-of-service.\n\nCVE-2013-4312\n\n Tetsuo Handa discovered that it is possible for a process to open\n far more files than the process' limit leading to denial-of-service\n conditions.\n\nCVE-2015-7566\n\n Ralf Spenneberg of OpenSource Security reported that the visor\n driver crashes when a specially crafted USB device without bulk-out\n endpoint is detected.\n\nCVE-2015-8767\n\n An SCTP denial-of-service was discovered which can be triggered by a\n local attacker during a heartbeat timeout event after the 4-way\n handshake.\n\nCVE-2016-0723\n\n A use-after-free vulnerability was discovered in the TIOCGETD ioctl.\n A local attacker could use this flaw for denial-of-service.\n\nCVE-2016-0728\n\n The Perception Point research team discovered a use-after-free\n vulnerability in the keyring facility, possibly leading to local\n privilege escalation.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 3.16.7-ckt20-1+deb8u3.\n\nWe recommend that you upgrade your linux packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 18, "modified": "2016-01-19T12:40:28", "published": "2016-01-19T12:40:28", "id": "DEBIAN:DSA-3448-1:C7742", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2016/msg00018.html", "title": "[SECURITY] [DSA 3448-1] linux security update", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-11T13:25:25", "bulletinFamily": "unix", "cvelist": ["CVE-2016-2069", "CVE-2016-0723", "CVE-2015-8767", "CVE-2015-7566", "CVE-2015-8785"], "description": "Package\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0: linux-2.6\nVersion\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0: 2.6.32-48squeeze19\nCVE ID\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0: CVE-2015-7566 CVE-2015-8767 CVE-2015-8785 CVE-2016-0723\u00a0\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0CVE-2016-2069\n\nThis update fixes the CVEs described below.\n\nCVE-2015-7566\n\n\u00a0\u00a0\u00a0\u00a0Ralf Spenneberg of OpenSource Security reported that the visor\n\u00a0\u00a0\u00a0\u00a0driver crashes when a specially crafted USB device without bulk-out\n\u00a0\u00a0\u00a0\u00a0endpoint is detected.\n\nCVE-2015-8767\n\n\u00a0\u00a0\u00a0\u00a0An SCTP denial-of-service was discovered which can be triggered by a\n\u00a0\u00a0\u00a0\u00a0local attacker during a heartbeat timeout event after the 4-way\n\u00a0\u00a0\u00a0\u00a0handshake.\n\nCVE-2015-8785\n\n\u00a0\u00a0\u00a0\u00a0It was discovered that local users permitted to write to a file on\n\u00a0\u00a0\u00a0\u00a0a FUSE filesystem could cause a denial of service (unkillable loop\n\u00a0\u00a0\u00a0\u00a0in the kernel).\n\nCVE-2016-0723\n\n\u00a0\u00a0\u00a0\u00a0A use-after-free vulnerability was discovered in the TIOCGETD ioctl.\n\u00a0\u00a0\u00a0\u00a0A local attacker could use this flaw for denial-of-service.\n\nCVE-2016-2069\n\n\u00a0\u00a0\u00a0\u00a0Andy Lutomirski discovered a race condition in flushing of the TLB\n\u00a0\u00a0\u00a0\u00a0when switching tasks.\u00a0\u00a0On an SMP system this could possibly lead to\n\u00a0\u00a0\u00a0\u00a0a crash, information leak or privilege escalation.\n\nFor the oldoldstable distribution (squeeze), these problems have been\nfixed in version 2.6.32-48squeeze19.\u00a0\u00a0Additionally, this version\nincludes upstream stable update 2.6.32.70.\u00a0\u00a0This is the final update\nto the linux-2.6 package for squeeze.\n\nFor the oldstable distribution (wheezy), these problems will be fixed\nsoon.\n\nFor the stable distribution (jessie), CVE-2015-7566, CVE-2015-8767 and\nCVE-2016-0723 were fixed in linux version 3.16.7-ckt20-1+deb8u3 and\nthe remaining problems will be fixed soon.\n\n-- \nBen Hutchings - Debian developer, member of Linux kernel and LTS teams\n\n\n", "edition": 11, "modified": "2016-02-06T15:28:33", "published": "2016-02-06T15:28:33", "id": "DEBIAN:DLA-412-1:99076", "href": "https://lists.debian.org/debian-lts-announce/2016/debian-lts-announce-201602/msg00003.html", "title": "[SECURITY] [DLA 412-1] linux-2.6 security update", "type": "debian", "cvss": {"score": 5.6, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:C"}}, {"lastseen": "2020-08-12T01:09:36", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8551", "CVE-2015-7550", "CVE-2015-8550", "CVE-2015-7513", "CVE-2015-8543", "CVE-2015-8575", "CVE-2015-8552", "CVE-2015-8569", "CVE-2015-8709"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3434-1 security@debian.org\nhttps://www.debian.org/security/ Ben Hutchings\nJanuary 05, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : linux\nCVE ID : CVE-2015-7513 CVE-2015-7550 CVE-2015-8543 CVE-2015-8550\n CVE-2015-8551 CVE-2015-8552 CVE-2015-8569 CVE-2015-8575\n CVE-2015-8709\nDebian Bug : 808293 808602 808953 808973\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleak.\n\nCVE-2015-7513\n\n It was discovered that a local user permitted to use the x86 KVM\n subsystem could configure the PIT emulation to cause a denial of\n service (crash).\n\nCVE-2015-7550\n\n Dmitry Vyukov discovered a race condition in the keyring subsystem\n that allows a local user to cause a denial of service (crash).\n\nCVE-2015-8543\n\n It was discovered that a local user permitted to create raw sockets\n could cause a denial-of-service by specifying an invalid protocol\n number for the socket. The attacker must have the CAP_NET_RAW\n capability.\n\nCVE-2015-8550\n\n Felix Wilhelm of ERNW discovered that the Xen PV backend drivers\n may read critical data from shared memory multiple times. This\n flaw can be used by a guest kernel to cause a denial of service\n (crash) on the host, or possibly for privilege escalation.\n\nCVE-2015-8551 / CVE-2015-8552\n\n Konrad Rzeszutek Wilk of Oracle discovered that the Xen PCI\n backend driver does not adequately validate the device state when\n a guest configures MSIs. This flaw can be used by a guest kernel\n to cause a denial of service (crash or disk space exhaustion) on\n the host.\n\nCVE-2015-8569\n\n Dmitry Vyukov discovered a flaw in the PPTP sockets implementation\n that leads to an information leak to local users.\n\nCVE-2015-8575\n\n David Miller discovered a flaw in the Bluetooth SCO sockets\n implementation that leads to an information leak to local users.\n\nCVE-2015-8709\n\n Jann Horn discovered a flaw in the permission checks for use of\n the ptrace feature. A local user who has the CAP_SYS_PTRACE\n capability within their own user namespace could use this flaw for\n privilege escalation if a more privileged process ever enters that\n user namespace. This affects at least the LXC system.\n\nIn addition, this update fixes some regressions in the previous update:\n\n#808293\n\n A regression in the UDP implementation prevented freeradius and\n some other applications from receiving data.\n\n#808602 / #808953\n\n A regression in the USB XHCI driver prevented use of some devices\n in USB 3 SuperSpeed ports.\n\n#808973\n\n A fix to the radeon driver interacted with an existing bug to\n cause a crash at boot when using some AMD/ATI graphics cards.\n This issue only affects wheezy.\n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 3.2.73-2+deb7u2. The oldstable distribution (wheezy) is not\naffected by CVE-2015-8709.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 3.16.7-ckt20-1+deb8u2. CVE-2015-8543 was already fixed in\nversion 3.16.7-ckt20-1+deb8u1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 4.3.3-3 or earlier.\n\nWe recommend that you upgrade your linux packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 19, "modified": "2016-01-05T19:19:00", "published": "2016-01-05T19:19:00", "id": "DEBIAN:DSA-3434-1:98A31", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2016/msg00003.html", "title": "[SECURITY] [DSA 3434-1] linux security update", "type": "debian", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2020-12-09T20:03:09", "description": "The nf_nat_redirect_ipv4 function in net/netfilter/nf_nat_redirect.c in the Linux kernel before 4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by sending certain IPv4 packets to an incompletely configured interface, a related issue to CVE-2003-1604.\n<a href=\"http://cwe.mitre.org/data/definitions/476.html\">CWE-476: NULL Pointer Dereference</a>", "edition": 5, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-02-08T03:59:00", "title": "CVE-2015-8787", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8787"], "modified": "2016-12-06T03:04:00", "cpe": ["cpe:/o:linux:linux_kernel:4.4"], "id": "CVE-2015-8787", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8787", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.4:rc8:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:03:07", "description": "arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the PIT counter values during state restoration, which allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions.\n<a href=\"https://cwe.mitre.org/data/definitions/369.html\">CWE-369: Divide By Zero</a>", "edition": 5, "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.0}, "published": "2016-02-08T03:59:00", "title": "CVE-2015-7513", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7513"], "modified": "2017-11-04T01:29:00", "cpe": ["cpe:/o:linux:linux_kernel:4.4"], "id": "CVE-2015-7513", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7513", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.4:rc8:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:03:08", "description": "The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.", "edition": 5, "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.3, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2015-12-28T11:59:00", "title": "CVE-2015-8569", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8569"], "modified": "2017-11-04T01:29:00", "cpe": ["cpe:/o:linux:linux_kernel:4.3.2"], "id": "CVE-2015-8569", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8569", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.3.2:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:03:09", "description": "net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call.", "edition": 10, "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.2, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-02-08T03:59:00", "title": "CVE-2015-8767", "type": "cve", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8767"], "modified": "2018-08-30T16:53:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:canonical:ubuntu_linux:15.10", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "CVE-2015-8767", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8767", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2020-12-09T20:03:08", "description": "The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.", "edition": 5, "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-02-08T03:59:00", "title": "CVE-2015-8575", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8575"], "modified": "2017-11-04T01:29:00", "cpe": ["cpe:/o:linux:linux_kernel:4.3.3"], "id": "CVE-2015-8575", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8575", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.3.3:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:03:09", "description": "** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \"there is no kernel bug here.\"", "edition": 5, "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.0, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-02-08T03:59:00", "title": "CVE-2015-8709", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8709"], "modified": "2017-11-04T01:29:00", "cpe": ["cpe:/o:linux:linux_kernel:4.4.1"], "id": "CVE-2015-8709", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8709", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.4.1:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:03:07", "description": "The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoint.\n<a href=\"http://cwe.mitre.org/data/definitions/476.html\">CWE-476: NULL Pointer Dereference</a>", "edition": 5, "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 4.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-02-08T03:59:00", "title": "CVE-2015-7566", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7566"], "modified": "2018-10-09T19:58:00", "cpe": ["cpe:/o:linux:linux_kernel:4.4.1", "cpe:/a:novell:suse_linux_enterprise_software_development_kit:11", "cpe:/o:novell:suse_linux_enterprise_real_time_extension:11", "cpe:/o:novell:suse_linux_enterprise_server:11", "cpe:/o:novell:suse_linux_enterprise_debuginfo:11", "cpe:/o:novell:suse_linux_enterprise_real_time_extension:12"], "id": "CVE-2015-7566", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7566", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:11:sp4:*:*:*:*:*:*", "cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_server:11:sp4:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_server:11:extra:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:12:sp1:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:52:44", "description": "The Linux kernel before 4.4.1 allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c.", "edition": 6, "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.2, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-02-08T03:59:00", "title": "CVE-2013-4312", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4312"], "modified": "2019-12-27T16:08:00", "cpe": ["cpe:/o:oracle:linux:6", "cpe:/o:linux:linux_kernel:4.4", "cpe:/o:oracle:linux:7", "cpe:/o:oracle:linux:5.0"], "id": "CVE-2013-4312", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4312", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.4:*:*:*:*:*:*:*", "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:07:32", "description": "The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands.\n<a href=\"http://cwe.mitre.org/data/definitions/190.html\">CWE-190: Integer Overflow or Wraparound</a> <br />\n\n<a href=\"http://cwe.mitre.org/data/definitions/416.html\">CWE-416: Use After Free</a>", "edition": 5, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-02-08T03:59:00", "title": "CVE-2016-0728", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0728"], "modified": "2017-11-10T02:29:00", "cpe": ["cpe:/o:google:android:6.0", "cpe:/o:google:android:5.1.0", "cpe:/o:google:android:4.2", "cpe:/o:google:android:4.1", "cpe:/o:google:android:5.0.2", "cpe:/a:hp:server_migration_pack:7.5", "cpe:/o:google:android:4.4.2", "cpe:/o:google:android:4.0", "cpe:/o:google:android:4.4.1", "cpe:/o:google:android:4.0.3", "cpe:/o:google:android:4.3", "cpe:/o:google:android:4.0.4", "cpe:/o:google:android:5.0", "cpe:/o:linux:linux_kernel:4.4", "cpe:/o:google:android:4.2.1", "cpe:/o:google:android:5.1.1", "cpe:/o:google:android:4.2.2", "cpe:/o:google:android:5.1", "cpe:/o:google:android:4.3.1", "cpe:/o:google:android:6.0.1", "cpe:/o:google:android:4.1.2", "cpe:/o:google:android:4.0.2", "cpe:/o:google:android:4.4.3", "cpe:/o:google:android:5.0.1", "cpe:/o:google:android:4.0.1", "cpe:/o:google:android:4.4"], "id": "CVE-2016-0728", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0728", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.4:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:hp:server_migration_pack:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:07:32", "description": "Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call.\n<a href=\"http://cwe.mitre.org/data/definitions/416.html\">CWE-416: Use After Free</a>", "edition": 6, "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.2}, "published": "2016-02-08T03:59:00", "title": "CVE-2016-0723", "type": "cve", "cwe": ["CWE-362", "CWE-200", "NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 5.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 7.8, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0723"], "modified": "2016-12-06T03:05:00", "cpe": ["cpe:/o:linux:linux_kernel:4.4.1"], "id": "CVE-2016-0723", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0723", "cvss": {"score": 5.6, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.4.1:*:*:*:*:*:*:*"]}], "amazon": [{"lastseen": "2020-11-10T12:36:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0723", "CVE-2015-8767", "CVE-2013-4312", "CVE-2015-8709"], "description": "**Issue Overview:**\n\nThe Linux kernel before 4.4.1 allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c. ([CVE-2013-4312 __](<https://access.redhat.com/security/cve/CVE-2013-4312>))\n\nA race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel through 4.4.1 was found that allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call. ([CVE-2016-0723 __](<https://access.redhat.com/security/cve/CVE-2016-0723>))\n\nA privilege-escalation vulnerability was discovered in the Linux kernel built with User Namespace (CONFIG_USER_NS) support. The flaw occurred when the ptrace() system call was used on a root-owned process to enter a user namespace. A privileged namespace user could exploit this flaw to potentially escalate their privileges on the system, outside the original namespace. ([CVE-2015-8709 __](<https://access.redhat.com/security/cve/CVE-2015-8709>))\n\nnet/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call. ([CVE-2015-8767 __](<https://access.redhat.com/security/cve/CVE-2015-8767>))\n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum clean all_ followed by _yum update kernel_ to update your system. You will need to reboot your system in order for the new kernel to be running.\n\n \n\n\n**New Packages:**\n \n \n i686: \n kernel-tools-debuginfo-4.1.17-22.30.amzn1.i686 \n kernel-devel-4.1.17-22.30.amzn1.i686 \n perf-4.1.17-22.30.amzn1.i686 \n perf-debuginfo-4.1.17-22.30.amzn1.i686 \n kernel-tools-4.1.17-22.30.amzn1.i686 \n kernel-headers-4.1.17-22.30.amzn1.i686 \n kernel-debuginfo-common-i686-4.1.17-22.30.amzn1.i686 \n kernel-debuginfo-4.1.17-22.30.amzn1.i686 \n kernel-4.1.17-22.30.amzn1.i686 \n kernel-tools-devel-4.1.17-22.30.amzn1.i686 \n \n noarch: \n kernel-doc-4.1.17-22.30.amzn1.noarch \n \n src: \n kernel-4.1.17-22.30.amzn1.src \n \n x86_64: \n kernel-debuginfo-4.1.17-22.30.amzn1.x86_64 \n kernel-devel-4.1.17-22.30.amzn1.x86_64 \n kernel-4.1.17-22.30.amzn1.x86_64 \n kernel-tools-4.1.17-22.30.amzn1.x86_64 \n perf-debuginfo-4.1.17-22.30.amzn1.x86_64 \n kernel-tools-devel-4.1.17-22.30.amzn1.x86_64 \n kernel-debuginfo-common-x86_64-4.1.17-22.30.amzn1.x86_64 \n kernel-tools-debuginfo-4.1.17-22.30.amzn1.x86_64 \n perf-4.1.17-22.30.amzn1.x86_64 \n kernel-headers-4.1.17-22.30.amzn1.x86_64 \n \n \n", "edition": 3, "modified": "2016-02-09T13:30:00", "published": "2016-02-09T13:30:00", "id": "ALAS-2016-648", "href": "https://alas.aws.amazon.com/ALAS-2016-648.html", "title": "Medium: kernel", "type": "amazon", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "android": [{"lastseen": "2020-12-24T13:21:13", "bulletinFamily": "software", "cvelist": ["CVE-2016-0728"], "description": "The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands.", "edition": 2, "modified": "2019-07-29T00:00:00", "published": "2016-03-01T00:00:00", "id": "ANDROID:CVE-2016-0728", "href": "http://www.androidvulnerabilities.org/vulnerabilities/CVE-2016-0728.html", "title": "CVE-2016-0728", "type": "android", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8569", "CVE-2015-8575", "CVE-2015-8709"], "description": "The kernel meta package ", "modified": "2016-01-12T08:03:52", "published": "2016-01-12T08:03:52", "id": "FEDORA:E8A1B605F1FB", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: kernel-4.3.3-300.fc23", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4312", "CVE-2015-8787", "CVE-2016-0723"], "description": "The kernel meta package ", "modified": "2016-02-01T02:25:01", "published": "2016-02-01T02:25:01", "id": "FEDORA:B9F6A606511F", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: kernel-4.3.4-300.fc23", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-7513", "CVE-2015-7566", "CVE-2016-0728"], "description": "The kernel meta package ", "modified": "2016-01-26T18:29:15", "published": "2016-01-26T18:29:15", "id": "FEDORA:A5C89601FC0F", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: kernel-4.3.3-303.fc23", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-7513", "CVE-2015-7566"], "description": "The kernel meta package ", "modified": "2016-01-20T21:57:28", "published": "2016-01-20T21:57:28", "id": "FEDORA:1CCEF6087EB7", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: kernel-4.3.3-301.fc23", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "f5": [{"lastseen": "2017-06-08T00:16:05", "bulletinFamily": "software", "cvelist": ["CVE-2015-8787", "CVE-2003-1604"], "edition": 1, "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 \n11.4.0 - 11.6.0| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 \n11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 \n11.0.0 - 11.6.0| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 \n11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP PSM| None| 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nARX| None| 6.0.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.0.0 - 3.1.1| Not vulnerable| None \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1| Not vulnerable| None\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "modified": "2017-03-14T00:54:00", "published": "2016-03-21T23:45:00", "href": "https://support.f5.com/csp/article/K10164113", "id": "F5:K10164113", "type": "f5", "title": "Linux kernel vulnerability CVE-2015-8787", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-04-06T22:40:01", "bulletinFamily": "software", "cvelist": ["CVE-2016-0728"], "description": "\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | None | 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 | Not vulnerable | None \nBIG-IP AAM | None | 12.0.0 \n11.4.0 - 11.6.0 | Not vulnerable | None \nBIG-IP AFM | None | 12.0.0 \n11.3.0 - 11.6.0 | Not vulnerable | None \nBIG-IP Analytics | None | 12.0.0 \n11.0.0 - 11.6.0 | Not vulnerable | None \nBIG-IP APM | None | 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 | Not vulnerable | None \nBIG-IP ASM | None | 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 | Not vulnerable | None \nBIG-IP DNS | None | 12.0.0 | Not vulnerable | None \nBIG-IP Edge Gateway | None | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | Not vulnerable | None \nBIG-IP GTM | None | 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 | Not vulnerable | None \nBIG-IP Link Controller | None | 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 | Not vulnerable | None \nBIG-IP PEM | None | 12.0.0 \n11.3.0 - 11.6.0 | Not vulnerable | None \nBIG-IP PSM | None | 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4 | Not vulnerable | None \nBIG-IP WebAccelerator | None | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | Not vulnerable | None \nBIG-IP WOM | None | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | Not vulnerable | None \nARX | None | 6.0.0 - 6.4.0 | Not vulnerable | None \nEnterprise Manager | None | 3.0.0 - 3.1.1 | Not vulnerable | None \nFirePass | None | 7.0.0 \n6.0.0 - 6.1.0 | Not vulnerable | None \nBIG-IQ Cloud | None | 4.0.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Device | None | 4.2.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Security | None | 4.0.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ ADC | None | 4.5.0 | Not vulnerable | None \nBIG-IQ Centralized Management | None | 4.6.0 | Not vulnerable | None \nBIG-IQ Cloud and Orchestration | None | 1.0.0 | Not vulnerable | None \nLineRate | None | 2.5.0 - 2.6.1 | Not vulnerable | None \nF5 WebSafe* | None | 1.0.0 | Not vulnerable | None \nTraffix SDC | None | 4.0.0 \n3.3.2 - 3.5.1 | Not vulnerable | None \n \n*F5 WebSafe software is not affected by this vulnerability because the Linux kernel does not form part of the product. F5 recommends that customers upgrade the operating system used with the F5 WebSafe Dashboard using the standard OS tools to address CVE-2016-0728.\n\nNone\n\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "edition": 1, "modified": "2019-05-08T22:08:00", "published": "2016-01-23T02:26:00", "id": "F5:K01948202", "href": "https://support.f5.com/csp/article/K01948202", "title": "Linux kernel vulnerability CVE-2016-0728", "type": "f5", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2016-11-09T00:09:30", "bulletinFamily": "software", "cvelist": ["CVE-2015-8787", "CVE-2003-1604"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "modified": "2016-03-21T00:00:00", "published": "2016-03-21T00:00:00", "id": "SOL10164113", "href": "http://support.f5.com/kb/en-us/solutions/public/k/10/sol10164113.html", "type": "f5", "title": "SOL10164113 - Linux kernel vulnerability CVE-2015-8787", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-04-06T22:40:46", "bulletinFamily": "software", "cvelist": ["CVE-2016-0723"], "description": "\nF5 Product Development has assigned ID 601271 (BIG-IP), ID 601289 (BIG-IQ), ID 601289-1 (F5 iWorkflow), ID 601291 (Enterprise Manager), and INSTALLER-2518 (Traffix SDC) to this vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | 15.0.0 - 15.0.1 \n14.0.0 - 14.1.2 \n13.0.0 - 13.1.3 \n12.0.0 - 12.1.5 \n11.4.0 - 11.6.5 \n11.2.1 \n10.2.1 - 10.2.4 | None | Medium | Linux kernel \nBIG-IP AAM | 15.0.0 - 15.0.1 \n14.0.0 - 14.1.2 \n13.0.0 - 13.1.3 \n12.0.0 - 12.1.5 \n11.4.0 - 11.6.5 | None | Medium | Linux kernel \nBIG-IP AFM | 15.0.0 - 15.0.1 \n14.0.0 - 14.1.2 \n13.0.0 - 13.1.3 \n12.0.0 - 12.1.5 \n11.4.0 - 11.6.5 | None | Medium | Linux kernel \nBIG-IP Analytics | 15.0.0 - 15.0.1 \n14.0.0 - 14.1.2 \n13.0.0 - 13.1.3 \n12.0.0 - 12.1.5 \n11.4.0 - 11.6.5 \n11.2.1 | None | Medium | Linux kernel \nBIG-IP APM | 15.0.0 - 15.0.1 \n14.0.0 - 14.1.2 \n13.0.0 - 13.1.3 \n12.0.0 - 12.1.5 \n11.4.0 - 11.6.5 \n11.2.1 \n10.2.1 - 10.2.4 | None | Medium | Linux kernel \nBIG-IP ASM | 15.0.0 - 15.0.1 \n14.0.0 - 14.1.2 \n13.0.0 - 13.1.3 \n12.0.0 - 12.1.5 \n11.4.0 - 11.6.5 \n11.2.1 \n10.2.1 - 10.2.4 | None | Medium | Linux kernel \nBIG-IP DNS | 15.0.0 - 15.0.1 \n14.0.0 - 14.1.2 \n\u200b\u200b\u200b\u200b\u200b\u200b\u200b13.0.0 - 13.1.3 \n12.0.0 - 12.1.5 | None | Medium | Linux kernel \nBIG-IP Edge Gateway | 11.2.1 \n10.2.1 - 10.2.4 | None | Medium | Linux kernel \nBIG-IP GTM | 11.4.0 - 11.6.5 \n11.2.1 \n10.2.1 - 10.2.4 | None | Medium | Linux kernel \nBIG-IP Link Controller | 15.0.0 - 15.0.1 \n14.0.0 - 14.1.2 \n\u200b\u200b\u200b\u200b\u200b\u200b\u200b13.0.0 - 13.1.3 \n12.0.0 - 12.1.5 \n11.4.0 - 11.6.5 \n11.2.1 \n10.2.1 - 10.2.4 | None | Medium | Linux kernel \nBIG-IP PEM | 15.0.0 - 15.0.1 \n14.0.0 - 14.1.2 \n\u200b\u200b\u200b\u200b\u200b\u200b\u200b13.0.0 - 13.1.3 \n12.0.0 - 12.1.5 \n11.4.0 - 11.6.5 | None | Medium | Linux kernel \nBIG-IP PSM | 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4 | None | Medium | Linux kernel \nBIG-IP WebAccelerator | 11.2.1 \n10.2.1 - 10.2.4 | None | Medium | Linux kernel \nBIG-IP WOM | 11.2.1 \n10.2.1 - 10.2.4 | None | Medium | Linux kernel \nARX | None | 6.2.0 - 6.4.0 | Not vulnerable | None \nEnterprise Manager | 3.1.1 | None | Medium | Linux kernel \nFirePass | None | 7.0.0 | Not vulnerable | None \nBIG-IQ Cloud | 4.0.0 - 4.5.0 | None | Medium | Linux kernel \nBIG-IQ Device | 4.2.0 - 4.5.0 | None | Medium | Linux kernel \nBIG-IQ Security | 4.0.0 - 4.5.0 | None | Medium | Linux kernel \nBIG-IQ ADC | 4.5.0 | None | Medium | Linux kernel \nBIG-IQ Centralized Management | 5.0.0 - 6.1.0 \n4.6.0 | None | Medium | Linux kernel \nBIG-IQ Cloud and Orchestration | 1.0.0 | None | Medium | Linux kernel \nF5 iWorkflow | 2.0.0 - 2.3.0 | None | Medium | Linux kernel \nLineRate | None | 2.5.0 - 2.6.1 | Not vulnerable | None \nF5 MobileSafe | 1.0.0 | None | Medium | Linux kernel \nF5 WebSafe | 1.0.0 | None | Medium | Linux kernel \nTraffix SDC | 5.0.0 - 5.1.0 \n4.0.0 - 4.4.0 | None | Low* | Linux kernel \n \n*The severity for Traffix SDC systems is Low because a local console connection is required to exploit this vulnerability.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "edition": 1, "modified": "2019-10-17T17:21:00", "published": "2016-07-29T22:02:00", "id": "F5:K43650115", "href": "https://support.f5.com/csp/article/K43650115", "title": "Linux kernel vulnerability CVE-2016-0723", "type": "f5", "cvss": {"score": 5.6, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:C"}}, {"lastseen": "2016-09-26T17:23:22", "bulletinFamily": "software", "cvelist": ["CVE-2016-0728"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nNone\n\nSupplemental Information\n\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n", "modified": "2016-04-26T00:00:00", "published": "2016-01-22T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/k/01/sol01948202.html", "id": "SOL01948202", "title": "SOL01948202 - Linux kernel vulnerability CVE-2016-0728", "type": "f5", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-06-08T00:16:22", "bulletinFamily": "software", "cvelist": ["CVE-2015-7884", "CVE-2015-8543", "CVE-2015-8660", "CVE-2015-8569", "CVE-2015-7885"], "edition": 1, "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 \n11.4.0 - 11.6.0| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 \n11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 \n11.0.0 - 11.6.0| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 \n11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP PSM| None| 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nARX| None| 6.0.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.0.0 - 3.1.1| Not vulnerable| None \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1| Not vulnerable| None\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "modified": "2017-04-06T16:51:00", "published": "2016-01-29T10:40:00", "href": "https://support.f5.com/csp/article/K07560020", "id": "F5:K07560020", "type": "f5", "title": "Linux kernel vulnerabilities CVE-2015-7884, CVE-2015-7885, CVE-2015-8543, CVE-2015-8569, and CVE-2015-8660", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-26T17:23:20", "bulletinFamily": "software", "cvelist": ["CVE-2015-7884", "CVE-2015-8543", "CVE-2015-8660", "CVE-2015-8569", "CVE-2015-7885"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "modified": "2016-01-28T00:00:00", "published": "2016-01-28T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/k/07/sol07560020.html", "id": "SOL07560020", "title": "SOL07560020 - Linux kernel vulnerabilities CVE-2015-7884, CVE-2015-7885, CVE-2015-8543, CVE-2015-8569, and CVE-2015-8660", "type": "f5", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2020-07-09T01:46:49", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8787", "CVE-2015-7550", "CVE-2015-7513", "CVE-2015-8543", "CVE-2015-8374", "CVE-2015-7990", "CVE-2015-8575", "CVE-2013-7446", "CVE-2015-8569"], "description": "It was discovered that a use-after-free vulnerability existed in the \nAF_UNIX implementation in the Linux kernel. A local attacker could use \ncrafted epoll_ctl calls to cause a denial of service (system crash) or \nexpose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did not \nproperly restore the values of the Programmable Interrupt Timer (PIT). A \nuser-assisted attacker in a KVM guest could cause a denial of service in \nthe host (system crash). (CVE-2015-7513)\n\nIt was discovered that the Linux kernel keyring subsystem contained a race \nbetween read and revoke operations. A local attacker could use this to \ncause a denial of service (system crash). (CVE-2015-7550)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS) \nimplementation in the Linux kernel had a race condition when checking \nwhether a socket was bound or not. A local attacker could use this to cause \na denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel \nincorrectly handled compressed inline extants on truncation. A local \nattacker could use this to expose sensitive information. (CVE-2015-8374)\n\n\u90ed\u6c38\u521a discovered that the Linux kernel networking implementation did \nnot validate protocol identifiers for certain protocol families, A local \nattacker could use this to cause a denial of service (system crash) or \npossibly gain administrative privileges. (CVE-2015-8543)\n\nDmitry Vyukov discovered that the pptp implementation in the Linux kernel \ndid not verify an address length when setting up a socket. A local attacker \ncould use this to craft an application that exposed sensitive information \nfrom kernel memory. (CVE-2015-8569)\n\nDavid Miller discovered that the Bluetooth implementation in the Linux \nkernel did not properly validate the socket address length for Synchronous \nConnection-Oriented (SCO) sockets. A local attacker could use this to \nexpose sensitive information. (CVE-2015-8575)\n\nIt was discovered that the netfilter Network Address Translation (NAT) \nimplementation did not ensure that data structures were initialized when \nhandling IPv4 addresses. An attacker could use this to cause a denial of \nservice (system crash). (CVE-2015-8787)", "edition": 5, "modified": "2016-02-02T00:00:00", "published": "2016-02-02T00:00:00", "id": "USN-2890-1", "href": "https://ubuntu.com/security/notices/USN-2890-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T01:34:18", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8787", "CVE-2015-7550", "CVE-2015-7513", "CVE-2015-8543", "CVE-2015-8374", "CVE-2015-7990", "CVE-2015-8575", "CVE-2013-7446", "CVE-2015-8569"], "description": "It was discovered that a use-after-free vulnerability existed in the \nAF_UNIX implementation in the Linux kernel. A local attacker could use \ncrafted epoll_ctl calls to cause a denial of service (system crash) or \nexpose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did not \nproperly restore the values of the Programmable Interrupt Timer (PIT). A \nuser-assisted attacker in a KVM guest could cause a denial of service in \nthe host (system crash). (CVE-2015-7513)\n\nIt was discovered that the Linux kernel keyring subsystem contained a race \nbetween read and revoke operations. A local attacker could use this to \ncause a denial of service (system crash). (CVE-2015-7550)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS) \nimplementation in the Linux kernel had a race condition when checking \nwhether a socket was bound or not. A local attacker could use this to cause \na denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel \nincorrectly handled compressed inline extants on truncation. A local \nattacker could use this to expose sensitive information. (CVE-2015-8374)\n\n\u90ed\u6c38\u521a discovered that the Linux kernel networking implementation did \nnot validate protocol identifiers for certain protocol families, A local \nattacker could use this to cause a denial of service (system crash) or \npossibly gain administrative privileges. (CVE-2015-8543)\n\nDmitry Vyukov discovered that the pptp implementation in the Linux kernel \ndid not verify an address length when setting up a socket. A local attacker \ncould use this to craft an application that exposed sensitive information \nfrom kernel memory. (CVE-2015-8569)\n\nDavid Miller discovered that the Bluetooth implementation in the Linux \nkernel did not properly validate the socket address length for Synchronous \nConnection-Oriented (SCO) sockets. A local attacker could use this to \nexpose sensitive information. (CVE-2015-8575)\n\nIt was discovered that the netfilter Network Address Translation (NAT) \nimplementation did not ensure that data structures were initialized when \nhandling IPv4 addresses. An attacker could use this to cause a denial of \nservice (system crash). (CVE-2015-8787)", "edition": 5, "modified": "2016-02-02T00:00:00", "published": "2016-02-02T00:00:00", "id": "USN-2890-3", "href": "https://ubuntu.com/security/notices/USN-2890-3", "title": "Linux kernel (Raspberry Pi 2) vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-18T01:33:50", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8787", "CVE-2015-7550", "CVE-2015-7513", "CVE-2015-8543", "CVE-2015-8374", "CVE-2015-7990", "CVE-2015-8575", "CVE-2013-7446", "CVE-2015-8569"], "description": "It was discovered that a use-after-free vulnerability existed in the \nAF_UNIX implementation in the Linux kernel. A local attacker could use \ncrafted epoll_ctl calls to cause a denial of service (system crash) or \nexpose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did not \nproperly restore the values of the Programmable Interrupt Timer (PIT). A \nuser-assisted attacker in a KVM guest could cause a denial of service in \nthe host (system crash). (CVE-2015-7513)\n\nIt was discovered that the Linux kernel keyring subsystem contained a race \nbetween read and revoke operations. A local attacker could use this to \ncause a denial of service (system crash). (CVE-2015-7550)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS) \nimplementation in the Linux kernel had a race condition when checking \nwhether a socket was bound or not. A local attacker could use this to cause \na denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel \nincorrectly handled compressed inline extants on truncation. A local \nattacker could use this to expose sensitive information. (CVE-2015-8374)\n\n\u90ed\u6c38\u521a discovered that the Linux kernel networking implementation did \nnot validate protocol identifiers for certain protocol families, A local \nattacker could use this to cause a denial of service (system crash) or \npossibly gain administrative privileges. (CVE-2015-8543)\n\nDmitry Vyukov discovered that the pptp implementation in the Linux kernel \ndid not verify an address length when setting up a socket. A local attacker \ncould use this to craft an application that exposed sensitive information \nfrom kernel memory. (CVE-2015-8569)\n\nDavid Miller discovered that the Bluetooth implementation in the Linux \nkernel did not properly validate the socket address length for Synchronous \nConnection-Oriented (SCO) sockets. A local attacker could use this to \nexpose sensitive information. (CVE-2015-8575)\n\nIt was discovered that the netfilter Network Address Translation (NAT) \nimplementation did not ensure that data structures were initialized when \nhandling IPv4 addresses. An attacker could use this to cause a denial of \nservice (system crash). (CVE-2015-8787)", "edition": 6, "modified": "2016-02-02T00:00:00", "published": "2016-02-02T00:00:00", "id": "USN-2890-2", "href": "https://ubuntu.com/security/notices/USN-2890-2", "title": "Linux kernel (Wily HWE) vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-18T01:44:41", "bulletinFamily": "unix", "cvelist": ["CVE-2015-7550", "CVE-2015-7513", "CVE-2015-8543", "CVE-2015-8374", "CVE-2015-7990", "CVE-2015-8575", "CVE-2013-7446", "CVE-2015-8569"], "description": "It was discovered that a use-after-free vulnerability existed in the \nAF_UNIX implementation in the Linux kernel. A local attacker could use \ncrafted epoll_ctl calls to cause a denial of service (system crash) or \nexpose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did not \nproperly restore the values of the Programmable Interrupt Timer (PIT). A \nuser-assisted attacker in a KVM guest could cause a denial of service in \nthe host (system crash). (CVE-2015-7513)\n\nIt was discovered that the Linux kernel keyring subsystem contained a race \nbetween read and revoke operations. A local attacker could use this to \ncause a denial of service (system crash). (CVE-2015-7550)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS) \nimplementation in the Linux kernel had a race condition when checking \nwhether a socket was bound or not. A local attacker could use this to cause \na denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel \nincorrectly handled compressed inline extants on truncation. A local \nattacker could use this to expose sensitive information. (CVE-2015-8374)\n\n\u90ed\u6c38\u521a discovered that the Linux kernel networking implementation did \nnot validate protocol identifiers for certain protocol families, A local \nattacker could use this to cause a denial of service (system crash) or \npossibly gain administrative privileges. (CVE-2015-8543)\n\nDmitry Vyukov discovered that the pptp implementation in the Linux kernel \ndid not verify an address length when setting up a socket. A local attacker \ncould use this to craft an application that exposed sensitive information \nfrom kernel memory. (CVE-2015-8569)\n\nDavid Miller discovered that the Bluetooth implementation in the Linux \nkernel did not properly validate the socket address length for Synchronous \nConnection-Oriented (SCO) sockets. A local attacker could use this to \nexpose sensitive information. (CVE-2015-8575)", "edition": 6, "modified": "2016-02-02T00:00:00", "published": "2016-02-02T00:00:00", "id": "USN-2888-1", "href": "https://ubuntu.com/security/notices/USN-2888-1", "title": "Linux kernel (Utopic HWE) vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-02T11:43:52", "bulletinFamily": "unix", "cvelist": ["CVE-2015-7513", "CVE-2015-8543", "CVE-2015-8374", "CVE-2015-7990", "CVE-2015-7799", "CVE-2015-8575", "CVE-2013-7446", "CVE-2015-8569", "CVE-2015-8785"], "description": "It was discovered that a use-after-free vulnerability existed in the \nAF_UNIX implementation in the Linux kernel. A local attacker could use \ncrafted epoll_ctl calls to cause a denial of service (system crash) or \nexpose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did not \nproperly restore the values of the Programmable Interrupt Timer (PIT). A \nuser-assisted attacker in a KVM guest could cause a denial of service in \nthe host (system crash). (CVE-2015-7513)\n\n\u90ed\u6c38\u521a discovered that the ppp implementation in the Linux kernel did \nnot ensure that certain slot numbers are valid. A local attacker with the \nprivilege to call ioctl() on /dev/ppp could cause a denial of service \n(system crash). (CVE-2015-7799)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS) \nimplementation in the Linux kernel had a race condition when checking \nwhether a socket was bound or not. A local attacker could use this to cause \na denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel \nincorrectly handled compressed inline extants on truncation. A local \nattacker could use this to expose sensitive information. (CVE-2015-8374)\n\n\u90ed\u6c38\u521a discovered that the Linux kernel networking implementation did \nnot validate protocol identifiers for certain protocol families, A local \nattacker could use this to cause a denial of service (system crash) or \npossibly gain administrative privileges. (CVE-2015-8543)\n\nDmitry Vyukov discovered that the pptp implementation in the Linux kernel \ndid not verify an address length when setting up a socket. A local attacker \ncould use this to craft an application that exposed sensitive information \nfrom kernel memory. (CVE-2015-8569)\n\nDavid Miller discovered that the Bluetooth implementation in the Linux \nkernel did not properly validate the socket address length for Synchronous \nConnection-Oriented (SCO) sockets. A local attacker could use this to \nexpose sensitive information. (CVE-2015-8575)\n\nIt was discovered that the Linux kernel's Filesystem in Userspace (FUSE) \nimplementation did not handle initial zero length segments properly. A \nlocal attacker could use this to cause a denial of service (unkillable \ntask). (CVE-2015-8785)", "edition": 5, "modified": "2016-02-01T00:00:00", "published": "2016-02-01T00:00:00", "id": "USN-2886-1", "href": "https://ubuntu.com/security/notices/USN-2886-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:23:58", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8787", "CVE-2015-7513", "CVE-2015-8374", "CVE-2015-7990", "CVE-2013-7446"], "description": "It was discovered that a use-after-free vulnerability existed in the \nAF_UNIX implementation in the Linux kernel. A local attacker could use \ncrafted epoll_ctl calls to cause a denial of service (system crash) or \nexpose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did not \nproperly restore the values of the Programmable Interrupt Timer (PIT). A \nuser-assisted attacker in a KVM guest could cause a denial of service in \nthe host (system crash). (CVE-2015-7513)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS) \nimplementation in the Linux kernel had a race condition when checking \nwhether a socket was bound or not. A local attacker could use this to cause \na denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel \nincorrectly handled compressed inline extants on truncation. A local \nattacker could use this to expose sensitive information. (CVE-2015-8374)\n\nIt was discovered that the netfilter Network Address Translation (NAT) \nimplementation did not ensure that data structures were initialized when \nhandling IPv4 addresses. An attacker could use this to cause a denial of \nservice (system crash). (CVE-2015-8787)", "edition": 5, "modified": "2016-02-02T00:00:00", "published": "2016-02-02T00:00:00", "id": "USN-2889-1", "href": "https://ubuntu.com/security/notices/USN-2889-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-18T01:47:52", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8787", "CVE-2015-7513", "CVE-2015-8374", "CVE-2015-7990", "CVE-2013-7446"], "description": "It was discovered that a use-after-free vulnerability existed in the \nAF_UNIX implementation in the Linux kernel. A local attacker could use \ncrafted epoll_ctl calls to cause a denial of service (system crash) or \nexpose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did not \nproperly restore the values of the Programmable Interrupt Timer (PIT). A \nuser-assisted attacker in a KVM guest could cause a denial of service in \nthe host (system crash). (CVE-2015-7513)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS) \nimplementation in the Linux kernel had a race condition when checking \nwhether a socket was bound or not. A local attacker could use this to cause \na denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel \nincorrectly handled compressed inline extants on truncation. A local \nattacker could use this to expose sensitive information. (CVE-2015-8374)\n\nIt was discovered that the netfilter Network Address Translation (NAT) \nimplementation did not ensure that data structures were initialized when \nhandling IPv4 addresses. An attacker could use this to cause a denial of \nservice (system crash). (CVE-2015-8787)", "edition": 6, "modified": "2016-02-02T00:00:00", "published": "2016-02-02T00:00:00", "id": "USN-2889-2", "href": "https://ubuntu.com/security/notices/USN-2889-2", "title": "Linux kernel (Vivid HWE) vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-02T11:36:56", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8550", "CVE-2015-7513", "CVE-2015-8543", "CVE-2015-8374", "CVE-2015-7990", "CVE-2015-7799", "CVE-2015-8575", "CVE-2013-7446", "CVE-2015-8569", "CVE-2015-8785"], "description": "It was discovered that a use-after-free vulnerability existed in the \nAF_UNIX implementation in the Linux kernel. A local attacker could use \ncrafted epoll_ctl calls to cause a denial of service (system crash) or \nexpose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did not \nproperly restore the values of the Programmable Interrupt Timer (PIT). A \nuser-assisted attacker in a KVM guest could cause a denial of service in \nthe host (system crash). (CVE-2015-7513)\n\n\u90ed\u6c38\u521a discovered that the ppp implementation in the Linux kernel did \nnot ensure that certain slot numbers are valid. A local attacker with the \nprivilege to call ioctl() on /dev/ppp could cause a denial of service \n(system crash). (CVE-2015-7799)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS) \nimplementation in the Linux kernel had a race condition when checking \nwhether a socket was bound or not. A local attacker could use this to cause \na denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel \nincorrectly handled compressed inline extants on truncation. A local \nattacker could use this to expose sensitive information. (CVE-2015-8374)\n\n\u90ed\u6c38\u521a discovered that the Linux kernel networking implementation did \nnot validate protocol identifiers for certain protocol families, A local \nattacker could use this to cause a denial of service (system crash) or \npossibly gain administrative privileges. (CVE-2015-8543)\n\nFelix Wilhelm discovered a race condition in the Xen paravirtualized \ndrivers which can cause double fetch vulnerabilities. An attacker in the \nparavirtualized guest could exploit this flaw to cause a denial of service \n(crash the host) or potentially execute arbitrary code on the host. \n(CVE-2015-8550)\n\nDmitry Vyukov discovered that the pptp implementation in the Linux kernel \ndid not verify an address length when setting up a socket. A local attacker \ncould use this to craft an application that exposed sensitive information \nfrom kernel memory. (CVE-2015-8569)\n\nDavid Miller discovered that the Bluetooth implementation in the Linux \nkernel did not properly validate the socket address length for Synchronous \nConnection-Oriented (SCO) sockets. A local attacker could use this to \nexpose sensitive information. (CVE-2015-8575)\n\nIt was discovered that the Linux kernel's Filesystem in Userspace (FUSE) \nimplementation did not handle initial zero length segments properly. A \nlocal attacker could use this to cause a denial of service (unkillable \ntask). (CVE-2015-8785)", "edition": 5, "modified": "2016-02-01T00:00:00", "published": "2016-02-01T00:00:00", "id": "USN-2886-2", "href": "https://ubuntu.com/security/notices/USN-2886-2", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2016-09-04T11:57:33", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8551", "CVE-2015-7550", "CVE-2015-8550", "CVE-2015-8543", "CVE-2016-0728", "CVE-2015-8539", "CVE-2015-8767", "CVE-2015-8575", "CVE-2015-8552", "CVE-2015-8569"], "edition": 1, "description": "The Linux kernel for openSUSE Leap 42.1 was updated to the 4.1.15 stable\n release, and also includes security and bugfixes.\n\n Following security bugs were fixed:\n - CVE-2016-0728: A reference leak in keyring handling with\n join_session_keyring() could lead to local attackers gain root\n privileges. (bsc#962075).\n - CVE-2015-7550: A local user could have triggered a race between read and\n revoke in keyctl (bnc#958951).\n - CVE-2015-8767: A case can occur when sctp_accept() is called by the user\n during a heartbeat timeout event after the 4-way handshake. Since\n sctp_assoc_migrate() changes both assoc->base.sk and assoc->ep, the\n bh_sock_lock in sctp_generate_heartbeat_event() will be taken with the\n listening socket but released with the new association socket. The\n result is a deadlock on any future attempts to take the listening socket\n lock. (bsc#961509)\n - CVE-2015-8539: A negatively instantiated user key could have been used\n by a local user to leverage privileges (bnc#958463).\n - CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in\n drivers/net/ppp/pptp.c in the Linux kernel did not verify an address\n length, which allowed local users to obtain sensitive information from\n kernel memory and bypass the KASLR protection mechanism via a crafted\n application (bnc#959190).\n - CVE-2015-8543: The networking implementation in the Linux kernel did not\n validate protocol identifiers for certain protocol families, which\n allowed local users to cause a denial of service (NULL function pointer\n dereference and system crash) or possibly gain privileges by leveraging\n CLONE_NEWUSER support to execute a crafted SOCK_RAW application\n (bnc#958886).\n - CVE-2015-8575: Validate socket address length in sco_sock_bind() to\n prevent information leak (bsc#959399).\n - CVE-2015-8551, CVE-2015-8552: xen/pciback: For\n XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled\n (bsc#957990).\n - CVE-2015-8550: Compiler optimizations in the XEN PV backend drivers\n could have lead to double fetch vulnerabilities, causing denial of\n service or arbitrary code execution (depending on the configuration)\n (bsc#957988).\n\n The following non-security bugs were fixed:\n - ALSA: hda - Add a fixup for Thinkpad X1 Carbon 2nd (bsc#958439).\n - ALSA: hda - Apply click noise workaround for Thinkpads generically\n (bsc#958439).\n - ALSA: hda - Fix noise problems on Thinkpad T440s (boo#958504).\n - ALSA: hda - Flush the pending probe work at remove (boo#960710).\n - ALSA: hda - Set codec to D3 at reboot/shutdown on Thinkpads (bsc#958439).\n - Add Cavium Thunderx network enhancements\n - Add RHEL to kernel-obs-build\n - Backport amd xgbe fixes and features\n - Backport arm64 patches from SLE12-SP1-ARM.\n - Btrfs: fix the number of transaction units needed to remove a block\n group (bsc#950178).\n - Btrfs: use global reserve when deleting unused block group after ENOSPC\n (bsc#950178).\n - Documentation: nousb is a module parameter (bnc#954324).\n - Driver for IBM System i/p VNIC protocol.\n - Enable CONFIG_PINCTRL_CHERRYVIEW (boo#954532) Needed for recent\n tablets/laptops. CONFIG_PINCTRL_BAYTRAIL is still disabled as it can't\n be built as a module.\n - Fix PCI generic host controller\n - Fix kABI breakage for max_dev_sectors addition to queue_limits\n (boo#961263).\n - HID: multitouch: Fetch feature reports on demand for Win8 devices\n (boo#954532).\n - HID: multitouch: fix input mode switching on some Elan panels\n (boo#954532).\n - Implement enable/disable for Display C6 state (boo#960021).\n - Input: aiptek - fix crash on detecting device without endpoints\n (bnc#956708).\n - Linux 4.1.15 (boo#954647 bsc#955422).\n - Move kabi patch to patches.kabi directory\n - Obsolete compat-wireless, rts5229 and rts_pstor KMPs These are found in\n SLE11-SP3, now replaced with the upstream drivers.\n - PCI: generic: Pass starting bus number to pci_scan_root_bus().\n - Revert "block: remove artifical max_hw_sectors cap" (boo#961263).\n - Set system time through RTC device\n - Update arm64 config files. Enabled DRM_AST in the vanilla kernel since\n it is now enabled in the default kernel.\n - Update config files: CONFIG_IBMVNIC=m\n - block/sd: Fix device-imposed transfer length limits (boo#961263).\n - block: bump BLK_DEF_MAX_SECTORS to 2560 (boo#961263).\n - drm/i915/skl: Add DC5 Trigger Sequence (boo#960021).\n - drm/i915/skl: Add DC6 Trigger sequence (boo#960021).\n - drm/i915/skl: Add support to load SKL CSR firmware (boo#960021).\n - drm/i915/skl: Add the INIT power domain to the MISC I/O power well\n (boo#960021).\n - drm/i915/skl: Deinit/init the display at suspend/resume (boo#960021).\n - drm/i915/skl: Fix DMC API version in firmware file name (boo#960021).\n - drm/i915/skl: Fix WaDisableChickenBitTSGBarrierAckForFFSliceCS\n (boo#960021).\n - drm/i915/skl: Fix stepping check for a couple of W/As (boo#960021).\n - drm/i915/skl: Fix the CTRL typo in the DPLL_CRTL1 defines (boo#960021).\n - drm/i915/skl: Implement WaDisableVFUnitClockGating (boo#960021).\n - drm/i915/skl: Implement enable/disable for Display C5 state (boo#960021).\n - drm/i915/skl: Make the Misc I/O power well part of the PLLS domain\n (boo#960021).\n - drm/i915/skl: add F0 stepping ID (boo#960021).\n - drm/i915/skl: enable WaForceContextSaveRestoreNonCoherent (boo#960021).\n - drm/i915: Clear crtc atomic flags at beginning of transaction\n (boo#960021).\n - drm/i915: Fix CSR MMIO address check (boo#960021).\n - drm/i915: Switch to full atomic helpers for plane updates/disable, take\n two (boo#960021).\n - drm/i915: set CDCLK if DPLL0 enabled during resuming from S3\n (boo#960021).\n - ethernet/atheros/alx: sanitize buffer sizing and padding (boo#952621).\n - genksyms: Handle string literals with spaces in reference files\n (bsc#958510).\n - group-source-files: mark module.lds as devel file ld: cannot open linker\n script file /usr/src/linux-4.2.5-1/arch/arm/kernel/module.lds: No such\n file or directory\n - hwrng: core - sleep interruptible in read (bnc#962597).\n - ipv6: distinguish frag queues by device for multicast and link-local\n packets (bsc#955422).\n - kABI fixes for linux-4.1.15.\n - rpm/compute-PATCHVERSION.sh: Skip stale directories in the package dir\n - rpm/constraints.in: Bump disk space requirements up a bit Require 10GB\n on s390x, 20GB elsewhere.\n - rpm/constraints.in: Require 14GB worth of disk space on POWER The builds\n started to fail randomly due to ENOSPC errors.\n - rpm/kernel-binary.spec.in: Do not explicitly set DEBUG_SECTION_MISMATCH\n CONFIG_DEBUG_SECTION_MISMATCH is a selectable Kconfig option since\n 2.6.39 and is enabled in our configs.\n - rpm/kernel-binary.spec.in: Do not obsolete ocfs2-kmp (bnc#865259)865259\n - rpm/kernel-binary.spec.in: Fix build if no UEFI certs are installed\n - rpm/kernel-binary.spec.in: Install libopenssl-devel for newer sign-file\n - rpm/kernel-binary.spec.in: No scriptlets in kernel-zfcpdump The kernel\n should not be added to the bootloader nor are there any KMPs.\n - rpm/kernel-binary.spec.in: Obsolete the -base package from SLE11\n (bnc#865096)\n - rpm/kernel-binary.spec.in: Use parallel make in all invocations Also,\n remove the lengthy comment, since we are using a standard rpm macro now.\n - thinkpad_acpi: Do not yell on unsupported brightness interfaces\n (boo#957152).\n - usb: make "nousb" a clear module parameter (bnc#954324).\n - usbvision fix overflow of interfaces array (bnc#950998).\n - x86/microcode/amd: Do not overwrite final patch levels (bsc#913996).\n - x86/microcode/amd: Extract current patch level read to a function\n (bsc#913996).\n - xen/pciback: Do not allow MSI-X ops if PCI_COMMAND_MEMORY is not set\n (bsc#957990 XSA-157).\n - xhci: refuse loading if nousb is used (bnc#954324).\n\n", "modified": "2016-01-29T14:11:40", "published": "2016-01-29T14:11:40", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00049.html", "id": "OPENSUSE-SU-2016:0280-1", "type": "suse", "title": "Security update for the Linux Kernel (important)", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:08:27", "bulletinFamily": "unix", "cvelist": ["CVE-2016-2384", "CVE-2016-2069", "CVE-2016-0723", "CVE-2016-0774", "CVE-2015-8812", "CVE-2015-8767", "CVE-2013-7446", "CVE-2015-8709", "CVE-2015-5707", "CVE-2015-8785"], "description": "The SUSE Linux Enterprise 12 kernel was updated to 3.12.55 to receive\n various security and bugfixes.\n\n Features added:\n - A improved XEN blkfront module was added, which allows more I/O\n bandwidth. (FATE#320625) It is called xen-blkfront in PV, and\n xen-vbd-upstream in HVM mode.\n\n The following security bugs were fixed:\n - CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the\n Linux kernel allowed local users to bypass intended AF_UNIX socket\n permissions or cause a denial of service (panic) via crafted epoll_ctl\n calls (bnc#955654).\n - CVE-2015-5707: Integer overflow in the sg_start_req function in\n drivers/scsi/sg.c in the Linux kernel allowed local users to cause a\n denial of service or possibly have unspecified other impact via a large\n iov_count value in a write request (bnc#940338).\n - CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and\n gid mappings, which allowed local users to gain privileges by\n establishing a user namespace, waiting for a root process to enter that\n namespace with an unsafe uid or gid, and then using the ptrace system\n call. NOTE: the vendor states "there is no kernel bug here" (bnc#959709\n bnc#960561).\n - CVE-2015-8767: net/sctp/sm_sideeffect.c in the Linux kernel did not\n properly manage the relationship between a lock and a socket, which\n allowed local users to cause a denial of service (deadlock) via a\n crafted sctp_accept call (bnc#961509).\n - CVE-2015-8785: The fuse_fill_write_pages function in fs/fuse/file.c in\n the Linux kernel allowed local users to cause a denial of service\n (infinite loop) via a writev system call that triggers a zero length for\n the first segment of an iov (bnc#963765).\n - CVE-2015-8812: A use-after-free flaw was found in the CXGB3 kernel\n driver when the network was considered to be congested. This could be\n used by local attackers to cause machine crashes or potentially code\n executuon (bsc#966437).\n - CVE-2016-0723: Race condition in the tty_ioctl function in\n drivers/tty/tty_io.c in the Linux kernel allowed local users to obtain\n sensitive information from kernel memory or cause a denial of service\n (use-after-free and system crash) by making a TIOCGETD ioctl call during\n processing of a TIOCSETD ioctl call (bnc#961500).\n - CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic\n read from pipe was fixed (bsc#964730).\n - CVE-2016-2069: Race conditions in TLB syncing was fixed which could leak\n to information leaks (bnc#963767).\n - CVE-2016-2384: A double-free triggered by invalid USB descriptor in ALSA\n usb-audio was fixed, which could be exploited by physical local\n attackers to crash the kernel or gain code execution (bnc#966693).\n\n The following non-security bugs were fixed:\n - alsa: rawmidi: Make snd_rawmidi_transmit() race-free (bsc#968018).\n - alsa: seq: Fix leak of pool buffer at concurrent writes (bsc#968018).\n - be2net: fix some log messages (bnc#855062 FATE#315961, bnc#867583).\n - block: xen-blkfront: Fix possible NULL ptr dereference (bsc#957986\n fate#320625).\n - btrfs: Add handler for invalidate page (bsc#963193).\n - btrfs: check prepare_uptodate_page() error code earlier (bnc#966910).\n - btrfs: delayed_ref: Add new function to record reserved space into\n delayed ref (bsc#963193).\n - btrfs: delayed_ref: release and free qgroup reserved at proper timing\n (bsc#963193).\n - btrfs: extent_io: Introduce needed structure for recoding set/clear bits\n (bsc#963193).\n - btrfs: extent_io: Introduce new function clear_record_extent_bits()\n (bsc#963193).\n - btrfs: extent_io: Introduce new function set_record_extent_bits\n (bsc#963193).\n - btrfs: extent-tree: Add new version of btrfs_check_data_free_space and\n btrfs_free_reserved_data_space (bsc#963193).\n - btrfs: extent-tree: Add new version of\n btrfs_delalloc_reserve/release_space (bsc#963193).\n - btrfs: extent-tree: Switch to new check_data_free_space and\n free_reserved_data_space (bsc#963193).\n - btrfs: extent-tree: Switch to new delalloc space reserve and release\n (bsc#963193).\n - btrfs: fallocate: Add support to accurate qgroup reserve (bsc#963193).\n - btrfs: fix deadlock between direct IO write and defrag/readpages\n (bnc#965344).\n - btrfs: fix invalid page accesses in extent_same (dedup) ioctl\n (bnc#968230).\n - btrfs: fix page reading in extent_same ioctl leading to csum errors\n (bnc#968230).\n - btrfs: fix warning in backref walking (bnc#966278).\n - btrfs: qgroup: Add handler for NOCOW and inline (bsc#963193).\n - btrfs: qgroup: Add new trace point for qgroup data reserve (bsc#963193).\n - btrfs: qgroup: Avoid calling btrfs_free_reserved_data_space in\n clear_bit_hook (bsc#963193).\n - btrfs: qgroup: Check if qgroup reserved space leaked (bsc#963193).\n - btrfs: qgroup: Cleanup old inaccurate facilities (bsc#963193).\n - btrfs: qgroup: Fix a race in delayed_ref which leads to abort trans\n (bsc#963193).\n - btrfs: qgroup: Fix a rebase bug which will cause qgroup double free\n (bsc#963193).\n - btrfs: qgroup: Introduce btrfs_qgroup_reserve_data function (bsc#963193).\n - btrfs: qgroup: Introduce functions to release/free qgroup reserve data\n space (bsc#963193).\n - btrfs: qgroup: Introduce new functions to reserve/free metadata\n (bsc#963193).\n - btrfs: qgroup: Use new metadata reservation (bsc#963193).\n - btrfs: skip locking when searching commit root (bnc#963825).\n - dcache: use IS_ROOT to decide where dentry is hashed (bsc#949752).\n - documentation: Document kernel.panic_on_io_nmi sysctl (bsc#940946,\n bsc#937444).\n - documentation: Fix build of PDF files in kernel-docs package Double the\n spaces for tex, and fix buildrequires for docbook.\n - doc: Use fop for creating PDF files in kernel-docs package as some files\n still cannot be built with the default backend.\n - driver core: Add BUS_NOTIFY_REMOVED_DEVICE event (bnc#962965).\n - drivers: xen-blkfront: only talk_to_blkback() when in\n XenbusStateInitialising (bsc#957986 fate#320625).\n - driver: xen-blkfront: move talk_to_blkback to a more suitable place\n (bsc#957986 fate#320625).\n - ec2: updated kabi files and start tracking\n - fs: Improve fairness when locking the per-superblock s_anon list\n (bsc#957525, bsc#941363).\n - fs/proc_namespace.c: simplify testing nsp and nsp->mnt_ns (bug#963960).\n - fuse: break infinite loop in fuse_fill_write_pages() (bsc#963765).\n - futex: Drop refcount if requeue_pi() acquired the rtmutex (bug#960174).\n - jbd2: Fix unreclaimed pages after truncate in data=journal mode\n (bsc#961516).\n - kabi: Preserve checksum of kvm_x86_ops (bsc#969112).\n - kABI: protect struct af_alg_type.\n - kABI: protect struct crypto_ahash.\n - kABI: reintroduce blk_rq_check_limits.\n - kabi/severities: Fail on changes in kvm_x86_ops, needed by lttng-modules\n - kernel: Change ASSIGN_ONCE(val, x) to WRITE_ONCE(x, val) (bsc#940946,\n bsc#937444).\n - kernel: Provide READ_ONCE and ASSIGN_ONCE (bsc#940946, bsc#937444).\n - kernel/watchdog.c: perform all-CPU backtrace in case of hard lockup\n (bsc#940946, bsc#937444).\n - kexec: Fix race between panic() and crash_kexec() (bsc#940946,\n bsc#937444).\n - kgr: do not print error for !abort_if_missing symbols (bnc#943989).\n - kgr: do not use WQ_MEM_RECLAIM workqueue (bnc#963572).\n - kgr: log when modifying kernel (fate#317827).\n - kgr: mark some more missed kthreads (bnc#962336).\n - kgr: usb/storage: do not emit thread awakened (bnc#899908).\n - kvm: x86: Check dest_map->vector to match eoi signals for rtc\n (bsc#966471).\n - kvm: x86: Convert ioapic->rtc_status.dest_map to a struct (bsc#966471).\n - kvm: x86: store IOAPIC-handled vectors in each VCPU (bsc#966471).\n - kvm: x86: Track irq vectors in ioapic->rtc_status.dest_map (bsc#966471).\n - libceph: fix scatterlist last_piece calculation (bsc#963746).\n - megaraid_sas: Chip reset if driver fails to get IOC ready (bsc#922071).\n Refresh the patch based on the actual upstream commit, and add the\n commit ID.\n - mm/memory_hotplug.c: check for missing sections in\n test_pages_in_a_zone() (VM Functionality, bnc#961588).\n - module: keep percpu symbols in module's symtab (bsc#962788).\n - namespaces: Re-introduce task_nsproxy() helper (bug#963960).\n - namespaces: Use task_lock and not rcu to protect nsproxy (bug#963960).\n - net: core: Correct an over-stringent device loop detection (bsc#945219).\n - nfs: Background flush should not be low priority (bsc#955308).\n - nfsd: Do not start lockd when only NFSv4 is running (fate#316311).\n - nfs: do not use STABLE writes during writeback (bnc#816099).\n - nfs: Fix handling of re-write-before-commit for mmapped NFS pages\n (bsc#964201).\n - nfs: Move nfsd patch to the right section\n - nfsv4: Recovery of recalled read delegations is broken (bsc#956514).\n - nmi: provide the option to issue an NMI back trace to every cpu but\n current (bsc#940946, bsc#937444).\n - nmi: provide the option to issue an NMI back trace to every cpu but\n current (bsc#940946, bsc#937444).\n - panic, x86: Allow CPUs to save registers even if looping in NMI context\n (bsc#940946, bsc#937444).\n - panic, x86: Fix re-entrance problem due to panic on NMI (bsc#940946,\n bsc#937444).\n - pci: allow access to VPD attributes with size 0 (bsc#959146).\n - pciback: Check PF instead of VF for PCI_COMMAND_MEMORY.\n - pciback: Save the number of MSI-X entries to be copied later.\n - pci: Blacklist vpd access for buggy devices (bsc#959146).\n - pci: Determine actual VPD size on first access (bsc#959146).\n - pci: Update VPD definitions (bsc#959146).\n - perf: Do not modify perf bias performance setting by default at boot\n (bnc#812259,bsc#959629).\n - proc: Fix ptrace-based permission checks for accessing task maps.\n - rpm/constraints.in: Bump disk space requirements up a bit Require 10GB\n on s390x, 20GB elsewhere.\n - rpm/kernel-binary.spec.in: Fix build if no UEFI certs are installed\n - rpm/kernel-binary.spec.in: Fix kernel-vanilla-devel dependency\n (bsc#959090)\n - rpm/kernel-binary.spec.in: Fix paths in kernel-vanilla-devel\n (bsc#959090).\n - rpm/kernel-binary.spec.in: Install libopenssl-devel for newer sign-file\n - rpm/kernel-binary.spec.in: Sync the main and -base package dependencies\n (bsc#965830#c51).\n - rpm/kernel-binary.spec.in: Use bzip compression to speed up build\n (bsc#962356)\n - rpm/kernel-module-subpackage: Fix obsoleting dropped flavors (bsc#968253)\n - rpm/kernel-source.spec.in: Install kernel-macros for\n kernel-source-vanilla (bsc#959090)\n - rpm/kernel-spec-macros: Do not modify the release string in PTFs\n (bsc#963449)\n - rpm/package-descriptions: Add kernel-zfcpdump and drop -desktop\n - sched/fair: Disable tg load_avg/runnable_avg update for root_task_group\n (bnc#960227).\n - sched/fair: Move cache hot load_avg/runnable_avg into separate cacheline\n (bnc#960227).\n - sched: Fix race between task_group and sched_task_group (Automatic NUMA\n Balancing (fate#315482))\n - scsi: Add sd_mod to initrd modules For some reason PowerVM backend can't\n work without sd_mod\n - scsi_dh_alua: Do not block request queue if workqueue is active\n (bsc#960458).\n - scsi: fix soft lockup in scsi_remove_target() on module removal\n (bsc#965199).\n - scsi: restart list search after unlock in scsi_remove_target\n (bsc#959257).\n - series.conf: add section comments\n - supported.conf: Add e1000e (emulated by VMware) to -base (bsc#968074)\n - supported.conf: Add Hyper-V modules to -base (bsc#965830)\n - supported.conf: Add more QEMU and VMware drivers to -base (bsc#965840).\n - supported.conf: Add more qemu device driver (bsc#968234)\n - supported.conf: Add mptspi and mptsas to -base (bsc#968206)\n - supported.conf: Add netfilter modules to base (bsc#950292)\n - supported.conf: Add nls_iso8859-1 and nls_cp437 to -base (bsc#950292)\n - supported.conf: Add the qemu scsi driver (sym53c8xx) to -base\n (bsc#967802)\n - supported.conf: Add tulip to -base for Hyper-V (bsc#968234)\n - supported.conf: Add vfat to -base to be able to mount the ESP\n (bsc#950292).\n - supported.conf: Add virtio_{blk,net,scsi} to kernel-default-base\n (bsc#950292)\n - supported.conf: Add virtio-rng (bsc#966026)\n - supported.conf: Add xen-blkfront.\n - supported.conf: Add xfs to -base (bsc#965891)\n - supported.conf: Also add virtio_pci to kernel-default-base (bsc#950292).\n - supported.conf: drop +external from ghash-clmulni-intel It was agreed\n that it does not make sense to maintain "external" for this specific\n module. Furthermore it causes problems in rather ordinary VMware\n environments. (bsc#961971)\n - supported.conf: Fix usb-common path usb-common moved to its own\n subdirectory in kernel v3.16, and we backported that change to SLE12.\n - tcp: Restore RFC5961-compliant behavior for SYN packets (bsc#966864).\n - usb: Quiet down false peer failure messages (bnc#960629).\n - x86/apic: Introduce apic_extnmi command line parameter (bsc#940946,\n bsc#937444).\n - x86/nmi: Save regs in crash dump on external NMI (bsc#940946,\n bsc#937444).\n - x86/nmi: Save regs in crash dump on external NMI (bsc#940946,\n bsc#937444).\n - xen: Add /etc/modprobe.d/50-xen.conf selecting Xen frontend driver\n implementation (bsc#957986, bsc#956084, bsc#961658).\n - xen-blkfront: allow building in our Xen environment (bsc#957986\n fate#320625).\n - xen, blkfront: factor out flush-related checks from do_blkif_request()\n (bsc#957986 fate#320625).\n - xen-blkfront: fix accounting of reqs when migrating (bsc#957986\n fate#320625).\n - xen/blkfront: Fix crash if backend does not follow the right states\n (bsc#957986 fate#320625).\n - xen-blkfront: improve aproximation of required grants per request\n (bsc#957986 fate#320625).\n - xen/blkfront: improve protection against issuing unsupported REQ_FUA\n (bsc#957986 fate#320625).\n - xen/blkfront: remove redundant flush_op (bsc#957986 fate#320625).\n - xen-blkfront: remove type check from blkfront_setup_discard (bsc#957986\n fate#320625).\n - xen-blkfront: Silence pfn maybe-uninitialized warning (bsc#957986\n fate#320625).\n - xen: Linux 3.12.52.\n - xen: Refresh patches.xen/xen3-patch-3.9 (bsc#951155).\n - xen: Refresh patches.xen/xen3-patch-3.9 (do not subvert NX protection\n during 1:1 mapping setup).\n - xen-vscsi-large-requests: Fix resource collision for racing request maps\n and unmaps (bsc#966094).\n - xen: Xen config files updated to enable upstream block frontend.\n - xfs: add a few more verifier tests (bsc#947953).\n - xfs: fix double free in xlog_recover_commit_trans (bsc#947953).\n - xfs: recovery of XLOG_UNMOUNT_TRANS leaks memory (bsc#947953).\n\n", "edition": 1, "modified": "2016-03-16T15:12:30", "published": "2016-03-16T15:12:30", "id": "SUSE-SU-2016:0785-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00054.html", "type": "suse", "title": "Security update for the Linux Kernel (important)", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:46:06", "bulletinFamily": "unix", "cvelist": ["CVE-2016-2384", "CVE-2015-8787", "CVE-2016-2069", "CVE-2015-7884", "CVE-2016-2383", "CVE-2016-0723", "CVE-2015-7872", "CVE-2015-8812", "CVE-2016-2184", "CVE-2015-8767", "CVE-2015-1339", "CVE-2015-7799", "CVE-2015-8709", "CVE-2003-1604", "CVE-2015-8785", "CVE-2015-8104"], "description": "The openSUSE Leap 42.1 kernel was updated to 4.1.20 to receive various\n security and bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2015-1339: A memory leak in cuse could be used to exhaust kernel\n memory. (bsc#969356).\n - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the\n Linux kernel did not ensure that certain slot numbers are valid, which\n allowed local users to cause a denial of service (NULL pointer\n dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call\n (bnc#949936 951638).\n - CVE-2015-7872: The key_gc_unused_keys function in security/keys/gc.c in\n the Linux kernel allowed local users to cause a denial of service (OOPS)\n via crafted keyctl commands (bnc#951440).\n - CVE-2015-7884: The vivid_fb_ioctl function in\n drivers/media/platform/vivid/vivid-osd.c in the Linux kernel did not\n initialize a certain structure member, which allowed local users to\n obtain sensitive information from kernel memory via a crafted\n application (bnc#951626).\n - CVE-2015-8104: The KVM subsystem in the Linux kernel allowed guest OS\n users to cause a denial of service (host OS panic or hang) by triggering\n many #DB (aka Debug) exceptions, related to svm.c (bnc#954404).\n - CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and\n gid mappings, which allowed local users to gain privileges by\n establishing a user namespace, waiting for a root process to enter that\n namespace with an unsafe uid or gid, and then using the ptrace system\n call. NOTE: the vendor states "there is no kernel bug here (bnc#959709).\n - CVE-2015-8767: net/sctp/sm_sideeffect.c in the Linux kernel did not\n properly manage the relationship between a lock and a socket, which\n allowed local users to cause a denial of service (deadlock) via a\n crafted sctp_accept call. (bsc#961509)\n - CVE-2015-8785: The fuse_fill_write_pages function in fs/fuse/file.c in\n the Linux kernel allowed local users to cause a denial of service\n (infinite loop) via a writev system call that triggers a zero length for\n the first segment of an iov (bnc#963765).\n - CVE-2015-8787: The nf_nat_redirect_ipv4 function in\n net/netfilter/nf_nat_redirect.c in the Linux kernel allowed remote\n attackers to cause a denial of service (NULL pointer dereference and\n system crash) or possibly have unspecified other impact by sending\n certain IPv4 packets to an incompletely configured interface, a related\n issue to CVE-2003-1604 (bnc#963931).\n - CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when the\n network was considered congested. The kernel would incorrectly\n misinterpret the congestion as an error condition and incorrectly\n free/clean up the skb. When the device would then send the skb's queued,\n these structures would be referenced and may panic the system\n or allow an attacker to escalate privileges in a use-after-free\n scenario. (bsc#966437).\n - CVE-2016-0723: Race condition in the tty_ioctl function in\n drivers/tty/tty_io.c in the Linux kernel allowed local users to obtain\n sensitive information from kernel memory or cause a denial of service\n (use-after-free and system crash) by making a TIOCGETD ioctl call during\n processing of a TIOCSETD ioctl call (bnc#961500).\n - CVE-2016-2069: When Linux invalidated a paging structure that is not in\n use locally, it could, in principle, race against another CPU that is\n switching to a process that uses the paging structure in question.\n (bsc#963767)\n - CVE-2016-2184: A malicious USB device could cause a kernel crash in the\n alsa usb-audio driver. (bsc#971125)\n - CVE-2016-2383: Incorrect branch fixups for eBPF allow arbitrary read\n of kernel memory. (bsc#966684)\n - CVE-2016-2384: A malicious USB device could cause a kernel crash in the\n alsa usb-audio driver. (bsc#966693)\n\n The following non-security bugs were fixed:\n - alsa: hda - Apply clock gate workaround to Skylake, too (bsc#966137).\n - alsa: hda - disable dynamic clock gating on Broxton before reset\n (bsc#966137).\n - alsa: hda - Fix playback noise with 24/32 bit sample size on BXT\n (bsc#966137).\n - alsa: seq: Fix double port list deletion (bsc#968018).\n - alsa: seq: Fix leak of pool buffer at concurrent writes (bsc#968018).\n - alsa: timer: Fix race between stop and interrupt (bsc#968018).\n - alsa: timer: Fix wrong instance passed to slave callbacks (bsc#968018).\n - arm64: Add workaround for Cavium erratum 27456.\n - arm64: Backport arm64 patches from SLE12-SP1-ARM\n - btrfs: teach backref walking about backrefs with underflowed\n (bsc#966259).\n - cgroup kabi fix for 4.1.19.\n - config: Disable CONFIG_DDR. CONFIG_DDR is selected automatically by\n drivers which need it.\n - config: Disable MFD_TPS65218 The TPS65218 is a power management IC for\n 32-bit ARM systems.\n - config: Modularize NF_REJECT_IPV4/V6 There is no reason why these helper\n modules should be built-in when the rest of netfilter is built as\n modules.\n - config: Update x86 config files: Enable Intel RAPL This driver is useful\n when power caping is needed. It was enabled in the SLE kernel 2 years\n ago.\n - Delete patches.fixes/bridge-module-get-put.patch. As discussed in\n <a rel=\"nofollow\" href=\"http://lists.opensuse.org/opensuse-kernel/2015-11/msg00046.html\">http://lists.opensuse.org/opensuse-kernel/2015-11/msg00046.html</a>\n - drm/i915: Fix double unref in intelfb_alloc failure path (boo#962866,\n boo#966179).\n - drm/i915: Fix failure paths around initial fbdev allocation (boo#962866,\n boo#966179).\n - drm/i915: Pin the ifbdev for the info-&gt;system_base GGTT mmapping\n (boo#962866, boo#966179).\n - e1000e: Avoid divide by zero error (bsc#965125).\n - e1000e: fix division by zero on jumbo MTUs (bsc#965125).\n - e1000e: fix systim issues (bsc#965125).\n - e1000e: Fix tight loop implementation of systime read algorithm\n (bsc#965125).\n - ibmvnic: Fix ibmvnic_capability struct.\n - intel: Disable Skylake support in intel_idle driver again (boo#969582)\n This turned out to bring a regression on some machines, unfortunately.\n It should be addressed in the upstream at first.\n - intel_idle: allow idle states to be freeze-mode specific (boo#969582).\n - intel_idle: Skylake Client Support (boo#969582).\n - intel_idle: Skylake Client Support - updated (boo#969582).\n - libceph: fix scatterlist last_piece calculation (bsc#963746).\n - lio: Add LIO clustered RBD backend (fate#318836)\n - net kabi fixes for 4.1.19.\n - numa patches updated to v15\n - ocfs2: fix dlmglue deadlock issue(bnc#962257)\n - pci: thunder: Add driver for ThunderX-pass{1,2} on-chip devices\n - pci: thunder: Add PCIe host driver for ThunderX processors\n - sd: Optimal I/O size is in bytes, not sectors (boo#961263).\n - sd: Reject optimal transfer length smaller than page size (boo#961263).\n - series.conf: move cxgb3 patch to network drivers section\n\n", "edition": 1, "modified": "2016-04-12T12:09:32", "published": "2016-04-12T12:09:32", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html", "id": "OPENSUSE-SU-2016:1008-1", "title": "Security update for the Linux Kernel (important)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:39:47", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0758", "CVE-2015-8767", "CVE-2013-4312"], "description": "kernel-uek\n[4.1.12-37.3.1]\n- KEYS: Fix ASN.1 indefinite length object parsing This fixes CVE-2016-0758. (David Howells) [Orabug: 23279022] {CVE-2016-0758}\n- uek-rpm: ol6: revert DRM for experimental or OL6-incompatible drivers (Todd Vierling) [Orabug: 23270829] \n- unix: properly account for FDs passed over unix sockets (willy tarreau) [Orabug: 23262277] {CVE-2013-4312} {CVE-2013-4312}\n- sctp: Prevent soft lockup when sctp_accept() is called during a timeout event (Karl Heiss) [Orabug: 23222731] {CVE-2015-8767}", "edition": 4, "modified": "2016-05-16T00:00:00", "published": "2016-05-16T00:00:00", "id": "ELSA-2016-3559", "href": "http://linux.oracle.com/errata/ELSA-2016-3559.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:28", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8767"], "description": "kernel-uek\n[4.1.12-37.2.2]\n- sctp: Prevent soft lockup when sctp_accept() is called during a timeout event (Karl Heiss) [Orabug: 23222731] {CVE-2015-8767}", "edition": 5, "modified": "2016-05-05T00:00:00", "published": "2016-05-05T00:00:00", "id": "ELSA-2016-3554", "href": "http://linux.oracle.com/errata/ELSA-2016-3554.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:24", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8767"], "description": "[2.6.39-400.278.2]\n- sctp: Prevent soft lockup when sctp_accept() is called during a timeout event (Karl Heiss) [Orabug: 23222773] {CVE-2015-8767}", "edition": 5, "modified": "2016-05-05T00:00:00", "published": "2016-05-05T00:00:00", "id": "ELSA-2016-3552", "href": "http://linux.oracle.com/errata/ELSA-2016-3552.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:38:27", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8767"], "description": "kernel-uek\n[2.6.32-400.37.16uek]\n- sctp: Prevent soft lockup when sctp_accept() is called during a timeout event (Karl Heiss) [Orabug: 23222781] {CVE-2015-8767}", "edition": 5, "modified": "2016-05-05T00:00:00", "published": "2016-05-05T00:00:00", "id": "ELSA-2016-3553", "href": "http://linux.oracle.com/errata/ELSA-2016-3553.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:38:03", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8767"], "description": "kernel-uek\n[3.8.13-118.6.1]\n- skbuff: skb_segment: orphan frags before copying (Dongli Zhang) [Orabug: 23018911] \n- RDS/IB: VRPC DELAY / OSS RECONNECT CAUSES 5 MINUTE STALL ON PORT FAILURE (Venkat Venkatsubra) [Orabug: 22888920] \n- mlx4_core: Introduce restrictions for PD update (Ajaykumar Hotchandani) \n- filename should be destroyed via final_putname() instead of __putname() (John Sobecki) [Orabug: 22346320] \n- RDS: Fix the atomicity for congestion map update (Wengang Wang) [Orabug: 23141554] \n- sctp: Prevent soft lockup when sctp_accept() is called during a timeout event (Karl Heiss) [Orabug: 23222753] {CVE-2015-8767}\n[3.8.13-118.5.1]\n- x86_64: expand kernel stack to 16K (Minchan Kim) [Orabug: 21140371] \n- iommu/vt-d: add quirk for broken interrupt remapping on 55XX chipsets (Neil Horman) [Orabug: 22534160] \n- xen: remove unneeded variables and one constant (Daniel Kiper) [Orabug: 22288700] \n- Revert 'x86/xen: delay construction of mfn_list_list' (Daniel Kiper) [Orabug: 22288700] \n- ocfs2/dlm: fix misuse of list_move_tail() in dlm_run_purge_list() (Tariq Saeed) [Orabug: 22898384] \n- ocfs2/dlm: do not purge lockres that is queued for assert master (Xue jiufei) [Orabug: 22898384] ", "edition": 5, "modified": "2016-05-04T00:00:00", "published": "2016-05-04T00:00:00", "id": "ELSA-2016-3551", "href": "http://linux.oracle.com/errata/ELSA-2016-3551.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}]}