ID FEDORA:34AB1210A6 Type fedora Reporter Fedora Modified 2012-11-22T03:52:25
Description
The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.
{"openvas": [{"lastseen": "2018-01-06T13:07:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2390", "CVE-2011-4131", "CVE-2012-4508", "CVE-2012-4461", "CVE-2012-3520", "CVE-2012-4565", "CVE-2012-0957", "CVE-2012-3412", "CVE-2012-2372"], "description": "Check for the Version of kernel", "modified": "2018-01-05T00:00:00", "published": "2012-11-23T00:00:00", "id": "OPENVAS:864878", "href": "http://plugins.openvas.org/nasl.php?oid=864878", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2012-18684", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2012-18684\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 17\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092610.html\");\n script_id(864878);\n script_version(\"$Revision: 8295 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 07:29:18 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-23 11:34:33 +0530 (Fri, 23 Nov 2012)\");\n script_cve_id(\"CVE-2012-4461\", \"CVE-2012-4565\", \"CVE-2012-4508\", \"CVE-2012-0957\",\n \"CVE-2012-3520\", \"CVE-2012-3412\", \"CVE-2012-2390\", \"CVE-2012-2372\",\n \"CVE-2011-4131\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"FEDORA\", value: \"2012-18684\");\n script_name(\"Fedora Update for kernel FEDORA-2012-18684\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.6.7~4.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2390", "CVE-2011-4131", "CVE-2012-4508", "CVE-2012-4461", "CVE-2012-3520", "CVE-2012-4565", "CVE-2012-0957", "CVE-2012-3412", "CVE-2012-2372"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-11-23T00:00:00", "id": "OPENVAS:1361412562310864878", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864878", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2012-18684", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2012-18684\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092610.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864878\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-23 11:34:33 +0530 (Fri, 23 Nov 2012)\");\n script_cve_id(\"CVE-2012-4461\", \"CVE-2012-4565\", \"CVE-2012-4508\", \"CVE-2012-0957\",\n \"CVE-2012-3520\", \"CVE-2012-3412\", \"CVE-2012-2390\", \"CVE-2012-2372\",\n \"CVE-2011-4131\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"FEDORA\", value:\"2012-18684\");\n script_name(\"Fedora Update for kernel FEDORA-2012-18684\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.6.7~4.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-01-06T13:07:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2390", "CVE-2011-4131", "CVE-2012-4508", "CVE-2012-3520", "CVE-2012-4565", "CVE-2012-0957", "CVE-2012-3412", "CVE-2012-2372"], "description": "Check for the Version of kernel", "modified": "2018-01-04T00:00:00", "published": "2012-11-06T00:00:00", "id": "OPENVAS:864847", "href": "http://plugins.openvas.org/nasl.php?oid=864847", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2012-17462", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2012-17462\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 17\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091147.html\");\n script_id(864847);\n script_version(\"$Revision: 8285 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 07:29:16 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-06 17:47:11 +0530 (Tue, 06 Nov 2012)\");\n script_cve_id(\"CVE-2012-4565\", \"CVE-2012-4508\", \"CVE-2012-0957\", \"CVE-2012-3520\",\n \"CVE-2012-3412\", \"CVE-2012-2390\", \"CVE-2012-2372\", \"CVE-2011-4131\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"FEDORA\", value: \"2012-17462\");\n script_name(\"Fedora Update for kernel FEDORA-2012-17462\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.6.5~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2390", "CVE-2011-4131", "CVE-2012-4508", "CVE-2012-3520", "CVE-2012-4565", "CVE-2012-0957", "CVE-2012-3412", "CVE-2012-2372"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-11-06T00:00:00", "id": "OPENVAS:1361412562310864847", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864847", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2012-17462", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2012-17462\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091147.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864847\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-06 17:47:11 +0530 (Tue, 06 Nov 2012)\");\n script_cve_id(\"CVE-2012-4565\", \"CVE-2012-4508\", \"CVE-2012-0957\", \"CVE-2012-3520\",\n \"CVE-2012-3412\", \"CVE-2012-2390\", \"CVE-2012-2372\", \"CVE-2011-4131\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"FEDORA\", value:\"2012-17462\");\n script_name(\"Fedora Update for kernel FEDORA-2012-17462\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.6.5~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:39:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2390", "CVE-2011-4131", "CVE-2012-4508", "CVE-2012-4461", "CVE-2012-3520", "CVE-2012-4565", "CVE-2012-0957", "CVE-2012-3412", "CVE-2012-4530", "CVE-2012-2372"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-12-04T00:00:00", "id": "OPENVAS:1361412562310864908", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864908", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2012-19337", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2012-19337\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-December/093587.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864908\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-12-04 09:40:44 +0530 (Tue, 04 Dec 2012)\");\n script_cve_id(\"CVE-2012-4530\", \"CVE-2012-4461\", \"CVE-2012-4565\", \"CVE-2012-4508\", \"CVE-2012-0957\", \"CVE-2012-3520\", \"CVE-2012-3412\", \"CVE-2012-2390\", \"CVE-2012-2372\", \"CVE-2011-4131\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"FEDORA\", value:\"2012-19337\");\n script_name(\"Fedora Update for kernel FEDORA-2012-19337\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.6.8~2.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-01-02T10:56:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2390", "CVE-2011-4131", "CVE-2012-4508", "CVE-2012-4461", "CVE-2012-3520", "CVE-2012-4565", "CVE-2012-0957", "CVE-2012-3412", "CVE-2012-4530", "CVE-2012-2372"], "description": "Check for the Version of kernel", "modified": "2017-12-26T00:00:00", "published": "2012-12-04T00:00:00", "id": "OPENVAS:864908", "href": "http://plugins.openvas.org/nasl.php?oid=864908", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2012-19337", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2012-19337\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 17\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-December/093587.html\");\n script_id(864908);\n script_version(\"$Revision: 8245 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 07:29:59 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-12-04 09:40:44 +0530 (Tue, 04 Dec 2012)\");\n script_cve_id(\"CVE-2012-4530\", \"CVE-2012-4461\", \"CVE-2012-4565\", \"CVE-2012-4508\", \"CVE-2012-0957\", \"CVE-2012-3520\", \"CVE-2012-3412\", \"CVE-2012-2390\", \"CVE-2012-2372\", \"CVE-2011-4131\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"FEDORA\", value: \"2012-19337\");\n script_name(\"Fedora Update for kernel FEDORA-2012-19337\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.6.8~2.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:53", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2390", "CVE-2011-4131", "CVE-2012-3520", "CVE-2012-0957", "CVE-2012-3412", "CVE-2012-2372"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-10-29T00:00:00", "id": "OPENVAS:1361412562310864823", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864823", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2012-16669", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2012-16669\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090823.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864823\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-29 11:02:13 +0530 (Mon, 29 Oct 2012)\");\n script_cve_id(\"CVE-2012-0957\", \"CVE-2012-3520\", \"CVE-2012-3412\", \"CVE-2012-2390\", \"CVE-2012-2372\", \"CVE-2011-4131\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"FEDORA\", value:\"2012-16669\");\n script_name(\"Fedora Update for kernel FEDORA-2012-16669\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.6.3~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-01-06T13:06:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2390", "CVE-2011-4131", "CVE-2012-3520", "CVE-2012-0957", "CVE-2012-3412", "CVE-2012-2372"], "description": "Check for the Version of kernel", "modified": "2018-01-04T00:00:00", "published": "2012-10-29T00:00:00", "id": "OPENVAS:864823", "href": "http://plugins.openvas.org/nasl.php?oid=864823", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2012-16669", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2012-16669\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 17\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090823.html\");\n script_id(864823);\n script_version(\"$Revision: 8285 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 07:29:16 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-29 11:02:13 +0530 (Mon, 29 Oct 2012)\");\n script_cve_id(\"CVE-2012-0957\", \"CVE-2012-3520\", \"CVE-2012-3412\", \"CVE-2012-2390\", \"CVE-2012-2372\", \"CVE-2011-4131\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"FEDORA\", value: \"2012-16669\");\n script_name(\"Fedora Update for kernel FEDORA-2012-16669\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.6.3~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:51:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2390", "CVE-2011-4131", "CVE-2012-4508", "CVE-2013-0190", "CVE-2012-4461", "CVE-2012-3520", "CVE-2012-4565", "CVE-2012-0957", "CVE-2012-3412", "CVE-2012-4530", "CVE-2012-2372"], "description": "Check for the Version of kernel", "modified": "2017-07-10T00:00:00", "published": "2013-01-28T00:00:00", "id": "OPENVAS:865251", "href": "http://plugins.openvas.org/nasl.php?oid=865251", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2013-1025", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2013-1025\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_solution = \"Please Install the Updated Packages.\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_affected = \"kernel on Fedora 17\";\n\n\n\n\nif(description)\n{\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097479.html\");\n script_id(865251);\n script_version(\"$Revision: 6628 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:32:47 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-28 09:34:27 +0530 (Mon, 28 Jan 2013)\");\n script_cve_id(\"CVE-2013-0190\", \"CVE-2012-4530\", \"CVE-2012-4461\", \"CVE-2012-4565\",\n \"CVE-2012-4508\", \"CVE-2012-0957\", \"CVE-2012-3520\", \"CVE-2012-3412\",\n \"CVE-2012-2390\", \"CVE-2012-2372\", \"CVE-2011-4131\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-1025\");\n script_name(\"Fedora Update for kernel FEDORA-2013-1025\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.7.3~101.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2390", "CVE-2011-4131", "CVE-2012-4508", "CVE-2013-0190", "CVE-2012-4461", "CVE-2012-3520", "CVE-2012-4565", "CVE-2012-0957", "CVE-2012-3412", "CVE-2012-4530", "CVE-2012-2372"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-01-28T00:00:00", "id": "OPENVAS:1361412562310865251", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865251", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2013-1025", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2013-1025\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_tag(name:\"affected\", value:\"kernel on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097479.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865251\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-28 09:34:27 +0530 (Mon, 28 Jan 2013)\");\n script_cve_id(\"CVE-2013-0190\", \"CVE-2012-4530\", \"CVE-2012-4461\", \"CVE-2012-4565\",\n \"CVE-2012-4508\", \"CVE-2012-0957\", \"CVE-2012-3520\", \"CVE-2012-3412\",\n \"CVE-2012-2390\", \"CVE-2012-2372\", \"CVE-2011-4131\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2013-1025\");\n script_name(\"Fedora Update for kernel FEDORA-2013-1025\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.7.3~101.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4131", "CVE-2012-0957", "CVE-2012-2372", "CVE-2012-2390", "CVE-2012-3412", "CVE-2012-3520", "CVE-2012-4508", "CVE-2012-4565"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2012-11-06T08:01:47", "published": "2012-11-06T08:01:47", "id": "FEDORA:F1C4B20B8E", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: kernel-3.6.5-1.fc17", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4131", "CVE-2012-0957", "CVE-2012-2372", "CVE-2012-2390", "CVE-2012-3412", "CVE-2012-3520", "CVE-2012-4461", "CVE-2012-4508", "CVE-2012-4530", "CVE-2012-4565"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2012-12-01T08:28:13", "published": "2012-12-01T08:28:13", "id": "FEDORA:E151A20D2B", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: kernel-3.6.8-2.fc17", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4131", "CVE-2012-0957", "CVE-2012-2372", "CVE-2012-2390", "CVE-2012-3412", "CVE-2012-3520"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2012-10-28T00:51:48", "published": "2012-10-28T00:51:48", "id": "FEDORA:5669020A81", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: kernel-3.6.3-1.fc17", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4131", "CVE-2012-0957", "CVE-2012-2372", "CVE-2012-2390", "CVE-2012-3412", "CVE-2012-3520", "CVE-2012-4461", "CVE-2012-4508", "CVE-2012-4530", "CVE-2012-4565", "CVE-2013-0190"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2013-01-24T22:39:27", "published": "2013-01-24T22:39:27", "id": "FEDORA:B1FE020917", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: kernel-3.7.3-101.fc17", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4131", "CVE-2012-2372", "CVE-2012-2390", "CVE-2012-3412", "CVE-2012-3520"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2012-08-22T21:02:48", "published": "2012-08-22T21:02:48", "id": "FEDORA:160AA20F9C", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: kernel-3.5.2-3.fc17", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4131", "CVE-2012-0957", "CVE-2012-2372", "CVE-2012-2390", "CVE-2012-3412", "CVE-2012-3520", "CVE-2012-4461", "CVE-2012-4508", "CVE-2012-4530", "CVE-2012-4565", "CVE-2013-0190", "CVE-2013-0216", "CVE-2013-0228", "CVE-2013-0290"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2013-02-24T08:37:26", "published": "2013-02-24T08:37:26", "id": "FEDORA:EF8E120C87", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: kernel-3.7.9-101.fc17", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4131", "CVE-2012-0957", "CVE-2012-2372", "CVE-2012-2390", "CVE-2012-3412", "CVE-2012-3520", "CVE-2012-4461", "CVE-2012-4508", "CVE-2012-4530", "CVE-2012-4565", "CVE-2013-0190", "CVE-2013-0216", "CVE-2013-0228", "CVE-2013-0290", "CVE-2013-1763"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2013-03-02T20:02:58", "published": "2013-03-02T20:02:58", "id": "FEDORA:8F36120DDE", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: kernel-3.7.9-104.fc17", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4131", "CVE-2012-2372", "CVE-2012-2373", "CVE-2012-2390"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2012-06-07T02:34:03", "published": "2012-06-07T02:34:03", "id": "FEDORA:D2ED120A95", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: kernel-3.4.0-1.fc17", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4131", "CVE-2012-0957", "CVE-2012-2372", "CVE-2012-2390", "CVE-2012-3412", "CVE-2012-3520", "CVE-2012-4461", "CVE-2012-4508", "CVE-2012-4530", "CVE-2012-4565", "CVE-2013-0190", "CVE-2013-0216", "CVE-2013-0228", "CVE-2013-0290", "CVE-2013-0913", "CVE-2013-0914", "CVE-2013-1763", "CVE-2013-1767", "CVE-2013-1792", "CVE-2013-1819", "CVE-2013-1828", "CVE-2013-1860"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2013-03-22T00:20:31", "published": "2013-03-22T00:20:31", "id": "FEDORA:813C021894", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: kernel-3.8.3-103.fc17", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4086", "CVE-2011-4127", "CVE-2011-4131", "CVE-2011-4132", "CVE-2011-4347", "CVE-2011-4622", "CVE-2012-0045", "CVE-2012-0056", "CVE-2012-0957", "CVE-2012-1090", "CVE-2012-1097", "CVE-2012-1146", "CVE-2012-1179", "CVE-2012-1568", "CVE-2012-1601", "CVE-2012-2119", "CVE-2012-2123", "CVE-2012-2372", "CVE-2012-2390", "CVE-2012-3412", "CVE-2012-3520", "CVE-2012-4461", "CVE-2012-4508", "CVE-2012-4565"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2012-11-28T11:31:44", "published": "2012-11-28T11:31:44", "id": "FEDORA:7885D20A4C", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: kernel-3.6.7-4.fc16", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "cve": [{"lastseen": "2020-12-09T19:47:21", "description": "The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that lack SCM_CREDENTIALS data, which might allow local users to spoof Netlink communication via a crafted message, as demonstrated by a message to (1) Avahi or (2) NetworkManager.", "edition": 5, "cvss3": {}, "published": "2012-10-03T11:02:00", "title": "CVE-2012-3520", "type": "cve", "cwe": ["CWE-287"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3520"], "modified": "2016-10-12T01:59:00", "cpe": ["cpe:/o:linux:linux_kernel:2.3.20", "cpe:/o:linux:linux_kernel:3.2.14", "cpe:/o:linux:linux_kernel:3.2.7", "cpe:/o:linux:linux_kernel:3.2.24", "cpe:/o:linux:linux_kernel:3.2.25", "cpe:/o:linux:linux_kernel:3.2.8", "cpe:/o:linux:linux_kernel:2.6.23.2", "cpe:/o:linux:linux_kernel:2.3.21", "cpe:/o:linux:linux_kernel:3.2.29", "cpe:/o:linux:linux_kernel:3.2.18", "cpe:/o:linux:linux_kernel:2.3.2", "cpe:/o:linux:linux_kernel:3.2.23", "cpe:/o:linux:linux_kernel:2.6.33.2", "cpe:/o:linux:linux_kernel:2.3.28", "cpe:/o:linux:linux_kernel:3.2.13", "cpe:/o:linux:linux_kernel:2.3.25", "cpe:/o:linux:linux_kernel:3.2.27", "cpe:/o:linux:linux_kernel:3.2.28", "cpe:/o:linux:linux_kernel:3.2.3", "cpe:/o:linux:linux_kernel:3.2.17", "cpe:/o:linux:linux_kernel:3.2.6", "cpe:/o:linux:linux_kernel:2.3.22", "cpe:/o:linux:linux_kernel:3.2.1", "cpe:/o:linux:linux_kernel:3.3.2", "cpe:/o:linux:linux_kernel:3.2.19", "cpe:/o:linux:linux_kernel:3.2.16", "cpe:/o:linux:linux_kernel:2.3.23", "cpe:/o:linux:linux_kernel:3.2.5", "cpe:/o:linux:linux_kernel:3.2.2", "cpe:/o:linux:linux_kernel:2.4.33.2", "cpe:/o:linux:linux_kernel:2.6.13.2", "cpe:/o:linux:linux_kernel:3.2.4", "cpe:/o:linux:linux_kernel:3.2.15", "cpe:/o:linux:linux_kernel:2.3.29", "cpe:/o:linux:linux_kernel:3.2.20", "cpe:/o:linux:linux_kernel:3.2.12", "cpe:/o:linux:linux_kernel:3.2.21", "cpe:/o:linux:linux_kernel:3.2.11", "cpe:/o:linux:linux_kernel:3.2.22", "cpe:/o:linux:linux_kernel:3.2.9", "cpe:/o:linux:linux_kernel:2.3.26", "cpe:/o:linux:linux_kernel:3.2", "cpe:/o:linux:linux_kernel:2.3.24", "cpe:/o:linux:linux_kernel:2.3.27", "cpe:/o:linux:linux_kernel:3.2.26", "cpe:/o:linux:linux_kernel:2.6.33.20", "cpe:/o:linux:linux_kernel:3.2.10"], "id": "CVE-2012-3520", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3520", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:2.3.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.3.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.3.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.33.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.3.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.3.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.3.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.3.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.3.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.3.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.3.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:23", "description": "The KVM subsystem in the Linux kernel before 3.6.9, when running on hosts that use qemu userspace without XSAVE, allows local users to cause a denial of service (kernel OOPS) by using the KVM_SET_SREGS ioctl to set the X86_CR4_OSXSAVE bit in the guest cr4 register, then calling the KVM_RUN ioctl.", "edition": 5, "cvss3": {}, "published": "2013-01-22T23:55:00", "title": "CVE-2012-4461", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4461"], "modified": "2013-06-21T03:13:00", "cpe": ["cpe:/o:linux:linux_kernel:3.6.5", "cpe:/o:linux:linux_kernel:3.6", "cpe:/o:linux:linux_kernel:3.6.3", "cpe:/o:linux:linux_kernel:3.6.1", "cpe:/o:linux:linux_kernel:3.6.6", "cpe:/o:linux:linux_kernel:3.6.7", "cpe:/o:linux:linux_kernel:3.6.4", "cpe:/o:linux:linux_kernel:3.6.2", "cpe:/o:linux:linux_kernel:3.6.8"], "id": "CVE-2012-4461", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4461", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.6:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:39:33", "description": "The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words.", "edition": 3, "cvss3": {}, "published": "2012-05-17T11:00:00", "title": "CVE-2011-4131", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.2, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.6, "vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4131"], "modified": "2017-12-29T02:29:00", "cpe": ["cpe:/o:linux:linux_kernel:3.2.1", "cpe:/o:linux:linux_kernel:3.2"], "id": "CVE-2011-4131", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4131", "cvss": {"score": 4.6, "vector": "AV:A/AC:H/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:24", "description": "Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized.", "edition": 5, "cvss3": {}, "published": "2012-12-21T11:47:00", "title": "CVE-2012-4508", "type": "cve", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4508"], "modified": "2014-01-08T04:32:00", "cpe": ["cpe:/o:linux:linux_kernel:3.0.36", "cpe:/o:linux:linux_kernel:3.4.4", "cpe:/o:linux:linux_kernel:3.1.4", "cpe:/o:linux:linux_kernel:3.1.7", "cpe:/o:linux:linux_kernel:3.0.30", "cpe:/o:linux:linux_kernel:3.4.10", "cpe:/o:linux:linux_kernel:3.2.14", "cpe:/o:linux:linux_kernel:3.0.27", "cpe:/o:linux:linux_kernel:3.2.7", "cpe:/o:linux:linux_kernel:3.2.24", "cpe:/o:linux:linux_kernel:3.2.25", "cpe:/o:linux:linux_kernel:3.0.33", "cpe:/o:linux:linux_kernel:3.3.6", "cpe:/o:linux:linux_kernel:3.2.8", "cpe:/o:linux:linux_kernel:3.0.9", "cpe:/o:linux:linux_kernel:3.4.2", "cpe:/o:linux:linux_kernel:3.4.13", "cpe:/o:linux:linux_kernel:3.2.29", "cpe:/o:linux:linux_kernel:3.2.18", "cpe:/o:linux:linux_kernel:3.0.6", "cpe:/o:linux:linux_kernel:3.0.17", "cpe:/o:linux:linux_kernel:3.2.23", "cpe:/o:linux:linux_kernel:3.0.10", "cpe:/o:linux:linux_kernel:3.0.40", "cpe:/o:linux:linux_kernel:3.1.3", "cpe:/o:linux:linux_kernel:3.0.7", "cpe:/o:linux:linux_kernel:3.3", "cpe:/o:linux:linux_kernel:3.0.20", "cpe:/o:linux:linux_kernel:3.2.30", "cpe:/o:linux:linux_kernel:3.0.31", "cpe:/o:linux:linux_kernel:3.2.13", "cpe:/o:linux:linux_kernel:3.0.12", "cpe:/o:linux:linux_kernel:3.0.41", "cpe:/o:linux:linux_kernel:3.0.15", "cpe:/o:linux:linux_kernel:3.2.27", "cpe:/o:linux:linux_kernel:3.0.23", "cpe:/o:linux:linux_kernel:3.0.44", "cpe:/o:linux:linux_kernel:3.1.10", "cpe:/o:linux:linux_kernel:3.0.13", "cpe:/o:linux:linux_kernel:3.0.5", "cpe:/o:linux:linux_kernel:3.0.39", "cpe:/o:linux:linux_kernel:3.0.3", "cpe:/o:linux:linux_kernel:3.2.28", "cpe:/o:linux:linux_kernel:3.3.4", "cpe:/o:linux:linux_kernel:3.3.7", "cpe:/o:linux:linux_kernel:3.0.14", "cpe:/o:linux:linux_kernel:3.0.28", "cpe:/o:linux:linux_kernel:3.0.25", "cpe:/o:linux:linux_kernel:3.0.1", "cpe:/o:linux:linux_kernel:3.2.3", "cpe:/o:linux:linux_kernel:3.0.8", "cpe:/o:linux:linux_kernel:3.2.17", "cpe:/o:linux:linux_kernel:3.2.6", "cpe:/o:linux:linux_kernel:3.2.1", "cpe:/o:linux:linux_kernel:3.4.3", "cpe:/o:linux:linux_kernel:3.3.2", "cpe:/o:linux:linux_kernel:3.3.3", "cpe:/o:linux:linux_kernel:3.2.19", "cpe:/o:linux:linux_kernel:3.2.16", "cpe:/o:linux:linux_kernel:3.1.1", "cpe:/o:linux:linux_kernel:3.2.5", "cpe:/o:linux:linux_kernel:3.2.2", "cpe:/o:linux:linux_kernel:3.0.18", "cpe:/o:linux:linux_kernel:3.0.19", "cpe:/o:linux:linux_kernel:3.1.5", "cpe:/o:linux:linux_kernel:3.0.26", "cpe:/o:linux:linux_kernel:3.4", "cpe:/o:linux:linux_kernel:3.0.37", "cpe:/o:linux:linux_kernel:3.0.34", "cpe:/o:linux:linux_kernel:3.0", "cpe:/o:linux:linux_kernel:3.0.32", "cpe:/o:linux:linux_kernel:3.3.8", "cpe:/o:linux:linux_kernel:3.0.16", "cpe:/o:linux:linux_kernel:3.0.38", "cpe:/o:linux:linux_kernel:3.2.4", "cpe:/o:linux:linux_kernel:3.4.15", "cpe:/o:linux:linux_kernel:3.2.15", "cpe:/o:linux:linux_kernel:3.1.9", "cpe:/o:linux:linux_kernel:3.2.20", "cpe:/o:linux:linux_kernel:3.2.12", "cpe:/o:linux:linux_kernel:3.2.21", "cpe:/o:linux:linux_kernel:3.0.2", "cpe:/o:linux:linux_kernel:3.2.11", "cpe:/o:linux:linux_kernel:3.2.22", "cpe:/o:linux:linux_kernel:3.0.4", "cpe:/o:linux:linux_kernel:3.0.42", "cpe:/o:linux:linux_kernel:3.0.21", "cpe:/o:linux:linux_kernel:3.2.9", "cpe:/o:linux:linux_kernel:3.0.29", "cpe:/o:linux:linux_kernel:3.2", "cpe:/o:linux:linux_kernel:3.3.5", "cpe:/o:linux:linux_kernel:3.4.14", "cpe:/o:linux:linux_kernel:3.0.43", "cpe:/o:linux:linux_kernel:3.0.11", "cpe:/o:linux:linux_kernel:3.0.35", "cpe:/o:linux:linux_kernel:3.1", "cpe:/o:linux:linux_kernel:3.4.12", "cpe:/o:linux:linux_kernel:3.1.6", "cpe:/o:linux:linux_kernel:3.0.22", "cpe:/o:linux:linux_kernel:3.0.24", "cpe:/o:linux:linux_kernel:3.1.8", "cpe:/o:linux:linux_kernel:3.1.2", "cpe:/o:linux:linux_kernel:3.3.1", "cpe:/o:linux:linux_kernel:3.2.26", "cpe:/o:linux:linux_kernel:3.4.5", "cpe:/o:linux:linux_kernel:3.4.1", "cpe:/o:linux:linux_kernel:3.2.10", "cpe:/o:linux:linux_kernel:3.4.11"], "id": "CVE-2012-4508", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4508", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.0.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.39:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.43:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.44:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.42:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.0.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.40:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.0.41:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.2.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc7:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:19", "description": "Memory leak in mm/hugetlb.c in the Linux kernel before 3.4.2 allows local users to cause a denial of service (memory consumption or system crash) via invalid MAP_HUGETLB mmap operations.", "edition": 5, "cvss3": {}, "published": "2012-06-13T10:24:00", "title": "CVE-2012-2390", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2390"], "modified": "2012-11-06T05:11:00", "cpe": ["cpe:/o:linux:linux_kernel:3.4", "cpe:/o:linux:linux_kernel:3.4.1"], "id": "CVE-2012-2390", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2390", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:21", "description": "The sfc (aka Solarflare Solarstorm) driver in the Linux kernel before 3.2.30 allows remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafted TCP packets that trigger a small MSS value.", "edition": 5, "cvss3": {}, "published": "2012-10-03T11:02:00", "title": "CVE-2012-3412", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3412"], "modified": "2013-08-17T06:46:00", "cpe": ["cpe:/o:linux:linux_kernel:3.2.14", "cpe:/o:linux:linux_kernel:3.2.7", "cpe:/o:linux:linux_kernel:3.2.24", "cpe:/o:linux:linux_kernel:3.2.25", "cpe:/o:linux:linux_kernel:3.2.8", "cpe:/o:linux:linux_kernel:3.2.29", "cpe:/o:linux:linux_kernel:3.2.18", "cpe:/o:linux:linux_kernel:3.2.23", "cpe:/o:linux:linux_kernel:3.2.13", "cpe:/o:linux:linux_kernel:3.2.27", "cpe:/o:linux:linux_kernel:3.2.28", "cpe:/o:linux:linux_kernel:3.2.3", "cpe:/o:linux:linux_kernel:3.2.17", "cpe:/o:linux:linux_kernel:3.2.6", "cpe:/o:linux:linux_kernel:3.2.1", "cpe:/o:linux:linux_kernel:3.2.19", "cpe:/o:linux:linux_kernel:3.2.16", "cpe:/o:linux:linux_kernel:3.2.5", "cpe:/o:linux:linux_kernel:3.2.4", "cpe:/o:linux:linux_kernel:3.2.15", "cpe:/o:linux:linux_kernel:3.2.20", "cpe:/o:linux:linux_kernel:3.2.12", "cpe:/o:linux:linux_kernel:3.2.21", "cpe:/o:linux:linux_kernel:3.2.11", "cpe:/o:linux:linux_kernel:3.2.22", "cpe:/o:linux:linux_kernel:3.2.9", "cpe:/o:linux:linux_kernel:3.2", "cpe:/o:linux:linux_kernel:3.2.26", "cpe:/o:linux:linux_kernel:3.2.10"], "id": "CVE-2012-3412", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3412", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:17", "description": "The override_release function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with a UNAME26 personality.", "edition": 5, "cvss3": {}, "published": "2012-12-21T11:47:00", "title": "CVE-2012-0957", "type": "cve", "cwe": ["CWE-16"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0957"], "modified": "2013-08-22T03:51:00", "cpe": ["cpe:/o:linux:linux_kernel:3.0.36", "cpe:/o:linux:linux_kernel:3.4.4", "cpe:/o:linux:linux_kernel:3.1.4", "cpe:/o:linux:linux_kernel:3.1.7", "cpe:/o:linux:linux_kernel:3.0.30", "cpe:/o:linux:linux_kernel:3.4.10", "cpe:/o:linux:linux_kernel:3.2.14", "cpe:/o:linux:linux_kernel:3.0.27", "cpe:/o:linux:linux_kernel:3.2.7", "cpe:/o:linux:linux_kernel:3.2.24", "cpe:/o:linux:linux_kernel:3.2.25", "cpe:/o:linux:linux_kernel:3.0.33", "cpe:/o:linux:linux_kernel:3.3.6", "cpe:/o:linux:linux_kernel:3.2.8", "cpe:/o:linux:linux_kernel:3.0.9", "cpe:/o:linux:linux_kernel:3.4.2", "cpe:/o:linux:linux_kernel:3.4.13", "cpe:/o:linux:linux_kernel:3.2.29", "cpe:/o:linux:linux_kernel:3.2.18", "cpe:/o:linux:linux_kernel:3.0.6", "cpe:/o:linux:linux_kernel:3.0.17", "cpe:/o:linux:linux_kernel:3.2.23", "cpe:/o:linux:linux_kernel:3.0.10", "cpe:/o:linux:linux_kernel:3.0.40", "cpe:/o:linux:linux_kernel:3.1.3", "cpe:/o:linux:linux_kernel:3.0.7", "cpe:/o:linux:linux_kernel:3.3", "cpe:/o:linux:linux_kernel:3.0.20", "cpe:/o:linux:linux_kernel:3.2.30", "cpe:/o:linux:linux_kernel:3.0.31", "cpe:/o:linux:linux_kernel:3.2.13", "cpe:/o:linux:linux_kernel:3.0.12", "cpe:/o:linux:linux_kernel:3.0.41", "cpe:/o:linux:linux_kernel:3.0.15", "cpe:/o:linux:linux_kernel:3.2.27", "cpe:/o:linux:linux_kernel:3.0.23", "cpe:/o:linux:linux_kernel:3.0.44", "cpe:/o:linux:linux_kernel:3.1.10", "cpe:/o:linux:linux_kernel:3.0.13", "cpe:/o:linux:linux_kernel:3.0.5", "cpe:/o:linux:linux_kernel:3.0.39", "cpe:/o:linux:linux_kernel:3.0.3", "cpe:/o:linux:linux_kernel:3.2.28", "cpe:/o:linux:linux_kernel:3.3.4", "cpe:/o:linux:linux_kernel:3.3.7", "cpe:/o:linux:linux_kernel:3.0.14", "cpe:/o:linux:linux_kernel:3.0.28", "cpe:/o:linux:linux_kernel:3.0.25", "cpe:/o:linux:linux_kernel:3.0.1", "cpe:/o:linux:linux_kernel:3.2.3", "cpe:/o:linux:linux_kernel:3.0.8", "cpe:/o:linux:linux_kernel:3.2.17", "cpe:/o:linux:linux_kernel:3.2.6", "cpe:/o:linux:linux_kernel:3.2.1", "cpe:/o:linux:linux_kernel:3.4.3", "cpe:/o:linux:linux_kernel:3.3.2", "cpe:/o:linux:linux_kernel:3.3.3", "cpe:/o:linux:linux_kernel:3.2.19", "cpe:/o:linux:linux_kernel:3.2.16", "cpe:/o:linux:linux_kernel:3.1.1", "cpe:/o:linux:linux_kernel:3.2.5", "cpe:/o:linux:linux_kernel:3.2.2", "cpe:/o:linux:linux_kernel:3.0.18", "cpe:/o:linux:linux_kernel:3.0.19", "cpe:/o:linux:linux_kernel:3.1.5", "cpe:/o:linux:linux_kernel:3.0.26", "cpe:/o:linux:linux_kernel:3.4", "cpe:/o:linux:linux_kernel:3.0.37", "cpe:/o:linux:linux_kernel:3.0.34", "cpe:/o:linux:linux_kernel:3.0", "cpe:/o:linux:linux_kernel:3.0.32", "cpe:/o:linux:linux_kernel:3.3.8", "cpe:/o:linux:linux_kernel:3.0.16", "cpe:/o:linux:linux_kernel:3.0.38", "cpe:/o:linux:linux_kernel:3.2.4", "cpe:/o:linux:linux_kernel:3.4.15", "cpe:/o:linux:linux_kernel:3.2.15", "cpe:/o:linux:linux_kernel:3.1.9", "cpe:/o:linux:linux_kernel:3.2.20", "cpe:/o:linux:linux_kernel:3.2.12", "cpe:/o:linux:linux_kernel:3.2.21", "cpe:/o:linux:linux_kernel:3.0.2", "cpe:/o:linux:linux_kernel:3.2.11", "cpe:/o:linux:linux_kernel:3.2.22", "cpe:/o:linux:linux_kernel:3.0.4", "cpe:/o:linux:linux_kernel:3.0.42", "cpe:/o:linux:linux_kernel:3.0.21", "cpe:/o:linux:linux_kernel:3.2.9", "cpe:/o:linux:linux_kernel:3.0.29", "cpe:/o:linux:linux_kernel:3.2", "cpe:/o:linux:linux_kernel:3.3.5", "cpe:/o:linux:linux_kernel:3.4.14", "cpe:/o:linux:linux_kernel:3.0.43", "cpe:/o:linux:linux_kernel:3.0.11", "cpe:/o:linux:linux_kernel:3.0.35", "cpe:/o:linux:linux_kernel:3.1", "cpe:/o:linux:linux_kernel:3.4.12", "cpe:/o:linux:linux_kernel:3.1.6", "cpe:/o:linux:linux_kernel:3.0.22", "cpe:/o:linux:linux_kernel:3.0.24", "cpe:/o:linux:linux_kernel:3.1.8", "cpe:/o:linux:linux_kernel:3.1.2", "cpe:/o:linux:linux_kernel:3.3.1", "cpe:/o:linux:linux_kernel:3.2.26", "cpe:/o:linux:linux_kernel:3.4.5", "cpe:/o:linux:linux_kernel:3.4.1", "cpe:/o:linux:linux_kernel:3.2.10", "cpe:/o:linux:linux_kernel:3.4.11"], "id": "CVE-2012-0957", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0957", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.0.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.39:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.43:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.44:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.42:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.0.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.40:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.0.41:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.2.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc7:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:19", "description": "The rds_ib_xmit function in net/rds/ib_send.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel 3.7.4 and earlier allows local users to cause a denial of service (BUG_ON and kernel panic) by establishing an RDS connection with the source IP address equal to the IPoIB interface's own IP address, as demonstrated by rds-ping.", "edition": 5, "cvss3": {}, "published": "2013-01-22T23:55:00", "title": "CVE-2012-2372", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 2.7, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:S/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2372"], "modified": "2016-08-23T02:05:00", "cpe": ["cpe:/o:linux:linux_kernel:3.7", "cpe:/o:linux:linux_kernel:3.7.3", "cpe:/o:linux:linux_kernel:3.7.2", "cpe:/o:linux:linux_kernel:3.7.4", "cpe:/o:linux:linux_kernel:3.7.1"], "id": "CVE-2012-2372", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2372", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:S/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.7.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.1:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:24", "description": "The tcp_illinois_info function in net/ipv4/tcp_illinois.c in the Linux kernel before 3.4.19, when the net.ipv4.tcp_congestion_control illinois setting is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) by reading TCP stats.", "edition": 5, "cvss3": {}, "published": "2012-12-21T11:47:00", "title": "CVE-2012-4565", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4565"], "modified": "2013-08-22T03:58:00", "cpe": ["cpe:/o:linux:linux_kernel:3.4.4", "cpe:/o:linux:linux_kernel:3.4.10", "cpe:/o:linux:linux_kernel:3.4.2", "cpe:/o:linux:linux_kernel:3.4.13", "cpe:/o:linux:linux_kernel:3.4.9", "cpe:/o:linux:linux_kernel:3.4.6", "cpe:/o:linux:linux_kernel:3.4.3", "cpe:/o:linux:linux_kernel:3.4.17", "cpe:/o:linux:linux_kernel:3.4.15", "cpe:/o:linux:linux_kernel:3.4.18", "cpe:/o:linux:linux_kernel:3.4.8", "cpe:/o:linux:linux_kernel:3.4.7", "cpe:/o:linux:linux_kernel:3.4.14", "cpe:/o:linux:linux_kernel:3.4.16", "cpe:/o:linux:linux_kernel:3.4.12", "cpe:/o:linux:linux_kernel:3.4.5", "cpe:/o:linux:linux_kernel:3.4.1", "cpe:/o:linux:linux_kernel:3.4.11"], "id": "CVE-2012-4565", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4565", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.4.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:*:*"]}], "f5": [{"lastseen": "2016-09-26T17:23:12", "bulletinFamily": "software", "cvelist": ["CVE-2012-4461"], "edition": 1, "description": "Recommended Action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x)\n * SOL9502: BIG-IP hotfix matrix\n", "modified": "2014-11-05T00:00:00", "published": "2014-11-05T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/700/sol15797.html", "id": "SOL15797", "title": "SOL15797 - Linux kernel vulnerability CVE-2012-4461", "type": "f5", "cvss": {"score": 1.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-12T10:10:11", "description": "This Linux 3.6.5 stable update contains a large number of important\nbugfixes and security fixes.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2012-11-07T00:00:00", "title": "Fedora 16 : kernel-3.6.5-2.fc16 (2012-17479)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4508", "CVE-2012-4565", "CVE-2012-0957"], "modified": "2012-11-07T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2012-17479.NASL", "href": "https://www.tenable.com/plugins/nessus/62831", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-17479.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62831);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0957\", \"CVE-2012-4508\", \"CVE-2012-4565\");\n script_bugtraq_id(55855, 56238, 56346);\n script_xref(name:\"FEDORA\", value:\"2012-17479\");\n\n script_name(english:\"Fedora 16 : kernel-3.6.5-2.fc16 (2012-17479)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This Linux 3.6.5 stable update contains a large number of important\nbugfixes and security fixes.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=862877\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=869904\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=871848\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-November/091110.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b2349ac4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"kernel-3.6.5-2.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2021-01-20T14:40:35", "description": "The SUSE Linux Enterprise 11 SP2 kernel has been updated to 3.0.51\nwhich fixes various bugs and security issues.\n\nIt contains the following feature enhancements :\n\n - The cachefiles framework is now supported (FATE#312793,\n bnc#782369). The userland utilities were published\n seperately to support this feature.\n\n - The ipset netfilter modules are now supported\n (FATE#313309) The ipset userland utility will be\n published seperately to support this feature.\n\n - The tipc kernel module is now externally supported\n (FATE#305033).\n\n - Hyper-V KVP IP injection was implemented (FATE#314441).\n A seperate hyper-v package will be published to support\n this feature.\n\n - Intel Lynx Point PCH chipset support was added.\n (FATE#313409)\n\n - Enable various md/raid10 and DASD enhancements.\n (FATE#311379) These make it possible for RAID10 to cope\n with DASD devices being slow for various reasons - the\n affected device will be temporarily removed from the\n array.\n\n Also added support for reshaping of RAID10 arrays.\n\n mdadm changes will be published to support this feature.\n\nThe following security issues have been fixed :\n\n - A race condition on hot adding memory could be used by\n local attackers to crash the system during hot adding\n new memory. (CVE-2012-5517)\n\n - A flaw has been found in the way Linux kernels KVM\n subsystem handled vcpu->arch.cr4 X86_CR4_OSXSAVE bit set\n upon guest enter. On hosts without the XSAVE feature and\n using qemu userspace an unprivileged local user could\n have used this flaw to crash the system. (CVE-2012-4461)\n\n - The KVM implementation in the Linux kernel allowed host\n OS users to cause a denial of service (NULL pointer\n dereference and host OS crash) by making a\n KVM_CREATE_IRQCHIP ioctl call after a virtual CPU\n already exists. (CVE-2012-1601)\n\n - Attempting an rds connection from the IP address of an\n IPoIB interface to itself causes a kernel panic due to a\n BUG_ON() being triggered. Making the test less strict\n allows rds-ping to work without crashing the machine. A\n local unprivileged user could use this flaw to crash the\n sytem. (CVE-2012-2372)\n\n - Dimitry Monakhov, one of the ext4 developers, has\n discovered a race involving asynchronous I/O and\n fallocate which can lead to the exposure of stale data\n --- that is, an extent which should have had the\n 'uninitialized' bit set indicating that its blocks have\n not yet been written and thus contain data from a\n deleted file will get exposed to anyone with read access\n to the file. (CVE-2012-4508)\n\n - The rds_recvmsg function in net/rds/recv.c in the Linux\n kernel did not initialize a certain structure member,\n which allows local users to obtain potentially sensitive\n information from kernel stack memory via a (1) recvfrom\n or (2) recvmsg system call on an RDS socket.\n (CVE-2012-3430)\n\n - The sfc (aka Solarflare Solarstorm) driver in the Linux\n kernel allowed remote attackers to cause a denial of\n service (DMA descriptor consumption and\n network-controller outage) via crafted TCP packets that\n trigger a small MSS value. (CVE-2012-3412)\n\nThe following non-security issues have been fixed :\n\nBTRFS :\n\n - btrfs: fix double mntput() in mount_subvol().\n\n - btrfs: use common work instead of delayed work\n\n - btrfs: limit fallocate extent reservation to 256MB\n\n - btrfs: fix a double free on pending snapshots in error\n handling\n\n - btrfs: Do not trust the superblock label and simply\n printk('%s') it\n\n - patches.suse/btrfs-update-message-levels.patch: Refresh.\n\n - patches.suse/btrfs-enospc-debugging-messages.patch:\n Minor updates.\n\n - patches.suse/btrfs-update-message-levels.patch: Minor\n updates.\n\n - btrfs: continue after abort during snapshot drop.\n (bnc#752067)\n\n - btrfs: Return EINVAL when length to trim is less than\n FSB.\n\n - btrfs: fix unnecessary while loop when search the free\n space, cache.\n\n - btrfs: Use btrfs_update_inode_fallback when creating a\n snapshot.\n\n - btrfs: do not bug when we fail to commit the\n transaction.\n\n - btrfs: fill the global reserve when unpinning space.\n\n - btrfs: do not allow degraded mount if too many devices\n are missing.\n\n -\n patches.suse/btrfs-8112-resume-balance-on-rw-re-mounts-p\n roperly.patch: fix mismerge.\n\n - btrfs: do not allocate chunks as agressively.\n\n - btrfs: btrfs_drop_extent_cache should never fail.\n\n - btrfs: fix full backref problem when inserting shared\n block reference.\n\n - btrfs: wait on async pages when shrinking delalloc.\n\n - btrfs: remove bytes argument from do_chunk_alloc.\n\n - btrfs: cleanup of error processing in\n btree_get_extent().\n\n - btrfs: remove unnecessary code in btree_get_extent().\n\n - btrfs: kill obsolete arguments in\n btrfs_wait_ordered_extents.\n\n - btrfs: do not do anything in our ->freeze_fs and\n ->unfreeze_fs.\n\n - btrfs: do not async metadata csumming in certain\n situations.\n\n - btrfs: do not hold the file extent leaf locked when\n adding extent item.\n\n - btrfs: cache extent state when writing out dirty\n metadata pages.\n\n - btrfs: do not lookup csums for prealloc extents.\n\n - btrfs: be smarter about dropping things from the tree\n log.\n\n - btrfs: confirmation of value is added before\n trace_btrfs_get_extent() is called.\n\n - btrfs: make filesystem read-only when submitting barrier\n fails.\n\n - btrfs: cleanup pages properly when ENOMEM in\n compression.\n\n - btrfs: do not bug on enomem in readpage.\n\n - btrfs: do not warn_on when we cannot alloc a page for an\n extent buffer.\n\n - btrfs: enospc debugging messages. S/390 :\n\n - smsgiucv: reestablish IUCV path after resume\n (bnc#786976,LTC#86245).\n\n - dasd: move wake_up call (bnc#786976,LTC#86252).\n\n - kernel: fix get_user_pages_fast() page table walk\n (bnc#786976,LTC#86307).\n\n - qeth: Fix IPA_CMD_QIPASSIST return code handling\n (bnc#785851,LTC#86101).\n\n - mm: Fix XFS oops due to dirty pages without buffers on\n s390. (bnc#762259)\n\n - zfcp: only access zfcp_scsi_dev for valid scsi_device\n (bnc#781484,LTC#85285).\n\n - dasd: check count address during online setting\n (bnc#781484,LTC#85346).\n\n - hugetlbfs: fix deadlock in unmap_hugepage_range()\n (bnc#781484,LTC#85449).\n\n - kernel: make user-access pagetable walk code huge page\n aware (bnc#781484,LTC#85455).\n\n - hugetlbfs: add missing TLB invalidation\n (bnc#781484,LTC#85463).\n\n - zfcp: fix adapter (re)open recovery while link to SAN is\n down (bnc#789010,LTC#86283).\n\n - qeth: set new mac even if old mac is gone\n (bnc#789010,LTC#86643).\n\n - qdio: fix kernel panic for zfcp 31-bit\n (bnc#789010,LTC#86623).\n\n - crypto: msgType50 (RSA-CRT) Fix (bnc#789010,LTC#86378).\n DRM :\n\n - drm/915: Update references, fixed a missing patch chunk.\n (bnc#725355)\n\n - drm/dp: Document DP spec versions for various DPCD\n registers. (bnc#780461)\n\n - drm/dp: Make sink count DP 1.2 aware. (bnc#780461)\n\n - DRM/i915: Restore sdvo_flags after dtd->mode->dtd\n Roundrtrip. (bnc#775577)\n\n - DRM/i915: Do not clone SDVO LVDS with analog.\n (bnc#766410)\n\n - DRM/radeon: For single CRTC GPUs move handling of\n CRTC_CRT_ON to crtc_dpms(). (bnc#725152)\n\n - DRM/Radeon: Fix TV DAC Load Detection for single CRTC\n chips. (bnc#725152)\n\n - DRM/Radeon: Clean up code in TV DAC load detection.\n (bnc#725152)\n\n - DRM/Radeon: On DVI-I use Load Detection when EDID is\n bogus. (bnc#725152)\n\n - DRM/Radeon: Fix primary DAC Load Detection for RV100\n chips. (bnc#725152)\n\n - DRM/Radeon: Fix Load Detection on legacy primary DAC.\n (bnc#725152)\n\n - drm/i915: enable plain RC6 on Sandy Bridge by default\n (bnc#725355). Hyper-V :\n\n - Hyper-V KVP IP injection (fate#31441) :\n\n - drivers: net: Remove casts to same type.\n\n - drivers: hv: remove IRQF_SAMPLE_RANDOM which is now a\n no-op.\n\n - hyperv: Move wait completion msg code into\n rndis_filter_halt_device().\n\n - hyperv: Add comments for the extended buffer after RNDIS\n message.\n\n - Drivers: hv: Cleanup the guest ID computation.\n\n - Drivers: hv: vmbus: Use the standard format string to\n format GUIDs.\n\n - Drivers: hv: Add KVP definitions for IP address\n injection.\n\n - Drivers: hv: kvp: Cleanup error handling in KVP.\n\n - Drivers: hv: kvp: Support the new IP injection messages.\n\n - Tools: hv: Prepare to expand kvp_get_ip_address()\n functionality.\n\n - Tools: hv: Further refactor kvp_get_ip_address().\n\n - Tools: hv: Gather address family information.\n\n - Tools: hv: Gather subnet information.\n\n - Tools: hv: Represent the ipv6 mask using CIDR notation.\n\n - Tools: hv: Gather ipv[4,6] gateway information.\n\n - hv: fail the probing immediately when we are not in\n hyperv platform.\n\n - hv: vmbus_drv: detect hyperv through x86_hyper.\n\n - Tools: hv: Get rid of some unused variables.\n\n - Tools: hv: Correctly type string variables.\n\n - Tools: hv: Add an example script to retrieve DNS\n entries.\n\n - Tools: hv: Gather DNS information.\n\n - Drivers: hv: kvp: Copy the address family information.\n\n - Tools: hv: Add an example script to retrieve dhcp state.\n\n - Tools: hv: Gather DHCP information.\n\n - Tools: hv: Add an example script to configure an\n interface.\n\n - Tools: hv: Implement the KVP verb - KVP_OP_SET_IP_INFO.\n\n - Tools: hv: Rename the function kvp_get_ip_address().\n\n - Tools: hv: Implement the KVP verb - KVP_OP_GET_IP_INFO.\n\n - tools/hv: Fix file handle leak.\n\n - tools/hv: Fix exit() error code.\n\n - tools/hv: Check for read/write errors.\n\n - tools/hv: Parse /etc/os-release.\n\n - hyperv: Fix the max_xfer_size in RNDIS initialization.\n\n - hyperv: Fix the missing return value in\n rndis_filter_set_packet_filter().\n\n - hyperv: Fix page buffer handling in\n rndis_filter_send_request().\n\n - hyperv: Remove extra allocated space for recv_pkt_list\n elements.\n\n - hyperv: Report actual status in receive completion\n packet.\n\n - hyperv: Add buffer for extended info after the RNDIS\n response message. Other :\n\n - net: prevent NULL dereference in check_peer_redir().\n (bnc#776044 / bnc#784576)\n\n -\n patches.fixes/mm-hotplug-correctly-add-zone-to-other-nod\n es-list.patch: Refresh.\n\n - igb: fix recent VLAN changes that would leave VLANs\n disabled after reset. (bnc#787168)\n\n - md: Change goto target to avoid pointless bug messages\n in normal error cases. (bnc#787848)\n\n - intel_idle: IVB support (fate#313719).\n\n - x86 cpufreq: Do not complain on missing cpufreq tables\n on ProLiants. (bnc#787202)\n\n - hpilo: remove pci_disable_device. (bnc#752544)\n\n - ixgbe: Address fact that RSC was not setting GSO size\n for incoming frames. (bnc#776144)\n\n - hv: Cleanup error handling in vmbus_open().\n\n - [SCSI] storvsc: Account for in-transit packets in the\n RESET path.\n\n - sg: remove sg_mutex. (bnc#785496)\n\n - perf: Do no try to schedule task events if there are\n none. (bnc#781574)\n\n - perf: Do not set task_ctx pointer in cpuctx if there are\n no events in the context. (bnc#781574)\n\n - mm: swap: Implement generic handlers for swap-related\n address ops fix. (bnc#778334)\n\n - hpwdt: Only BYTE reads/writes to WD Timer port 0x72.\n\n - xenbus: fix overflow check in xenbus_dev_write().\n\n - xen/x86: do not corrupt %eip when returning from a\n signal handler.\n\n - Update Xen patches to 3.0.46.\n\n - Update Xen patches to 3.0.51.\n\n - mm: Check if PTE is already allocated during page fault.\n\n - rpm/kernel-binary.spec.in: Revert f266e647f to allow\n building with icecream again, as\n patches.rpmify/kbuild-fix-gcc-x-syntax.patch is a real\n fix now.\n\n - ipmi: decrease the IPMI message transaction time in\n interrupt mode. (bnc#763654)\n\n - ipmi: simplify locking. (bnc#763654)\n\n - ipmi: use a tasklet for handling received messages.\n (bnc#763654)\n\n - cxgb3: Set vlan_feature on net_device (bnc#776127,\n LTC#84260).\n\n - qlge: Add offload features to vlan interfaces\n (bnc#776081,LTC#84322).\n\n - mlx4_en: Added missing iounmap upon releasing a device\n (bnc#774964,LTC#82768).\n\n - mlx4: allow device removal by fixing dma unmap size\n (bnc#774964,LTC#82768).\n\n - qeth: fix deadlock between recovery and bonding driver\n (bnc#785100,LTC#85905).\n\n - SCSI st: add st_nowait_eof param to module. (bnc#775394)\n\n -\n patches.fixes/sched-fix-migration-thread-accounting-woes\n .patch: Update references. (bnc#773699, bnc#769251)\n\n - memcg: oom: fix totalpages calculation for\n swappiness==0. (bnc#783965)\n\n - fs: cachefiles: add support for large files in\n filesystem caching (FATE#312793, bnc#782369).\n\n - mm/mempolicy.c: use enum value MPOL_REBIND_ONCE in\n mpol_rebind_policy().\n\n - mm, mempolicy: fix mbind() to do synchronous migration.\n\n - revert 'mm: mempolicy: Let vma_merge and vma_split\n handle vma->vm_policy linkages'.\n\n - mempolicy: fix a race in shared_policy_replace().\n\n - mempolicy: fix refcount leak in\n mpol_set_shared_policy().\n\n - mempolicy: fix a memory corruption by refcount imbalance\n in alloc_pages_vma().\n\n - mempolicy: remove mempolicy sharing. Memory policy\n enhancements for robustness against fuzz attacks and\n force mbind to use synchronous migration.\n\n - Update scsi_dh_alua to mainline version (bnc#708296,\n bnc#784334) :\n\n - scsi_dh_alua: Enable STPG for unavailable ports\n\n - scsi_dh_alua: Re-enable STPG for unavailable ports\n\n - scsi_dh_alua: backoff alua rtpg retry linearly vs.\n geometrically\n\n - scsi_dh_alua: implement implied transition timeout\n\n - scsi_dh_alua: retry alua rtpg extended header for\n illegal request response\n\n - Revert removal of ACPI procfs entries. (bnc#777283)\n\n - x86: Clear HPET configuration registers on startup.\n (bnc#748896)\n\n - mlx4: Fixed build warning, update references\n (bnc#774500,LTC#83966).\n\n - xen/frontends: handle backend CLOSED without CLOSING.\n\n - xen/pciback: properly clean up after calling\n pcistub_device_find().\n\n - xen/netfront: add netconsole support (bnc#763858\n fate#313830).\n\n - netfilter: nf_conntrack_ipv6: fix tracking of ICMPv6\n error messages containing fragments. (bnc#779750)\n\n - ipv6, xfrm: use conntrack-reassembled packet for policy\n lookup. (bnc#780216)\n\n - inetpeer: add namespace support for inetpeer.\n (bnc#779969)\n\n - inetpeer: add parameter net for inet_getpeer_v4,v6.\n (bnc#779969)\n\n - inetpeer: make unused_peers list per-netns. (bnc#779969)\n\n - kABI: use net_generic to protect struct netns_ipv{4,6}.\n (bnc#779969)\n\n - patches.rpmify/kbuild-fix-gcc-x-syntax.patch: kbuild:\n Fix gcc -x syntax. (bnc#773831)\n\n - patches.suse/supported-flag: Re-enabled warning on\n unsupported module loading.\n\n - nbd: clear waiting_queue on shutdown. (bnc#778630)\n\n - nohz: fix idle ticks in cpu summary line of /proc/stat\n (follow up fix for bnc#767469, bnc#705551).\n\n - fix TAINT_NO_SUPPORT handling on module load.\n\n - NFS: Fix Oopses in nfs_lookup_revalidate and\n nfs4_lookup_revalidate. (bnc#780008)\n\n - svcrpc: fix svc_xprt_enqueue/svc_recv busy-looping\n (bnc@779462).\n\n - net: do not disable sg for packets requiring no\n checksum. (bnc#774859)\n\n - sfc: prevent extreme TSO parameters from stalling TX\n queues. (bnc#774523 / CVE-2012-3412)\n\n - X86 MCE: Fix correct ring/severity identification in V86\n case. (bnc#773267)\n\n - scsi_dh_rdac: Add a new netapp vendor/product string.\n (bnc#772483)\n\n - scsi_dh_rdac : Consolidate rdac strings together.\n (bnc#772483)\n\n - scsi_dh_rdac : minor return fix for rdac. (bnc#772483)\n\n - dh_rdac: Associate HBA and storage in rdac_controller to\n support partitions in storage. (bnc#772454)\n\n - scsi_dh_rdac: Fix error path. (bnc#772454)\n\n - scsi_dh_rdac: Fix for unbalanced reference count.\n (bnc#772454)\n\n - sd: Ensure we correctly disable devices with unknown\n protection type. (bnc#780876)\n\n - netfilter: ipset: timeout can be modified for already\n added elements. (bnc#790457)\n\n - netfilter: ipset: fix adding ranges to hash types.\n (bnc#790498)\n\n - workqueue: exit rescuer_thread() as TASK_RUNNING.\n (bnc#789993)\n\n - xhci: Add Lynx Point LP to list of Intel switchable\n hosts. (bnc#791853)\n\n - tg3: Introduce separate functions to allocate/free RX/TX\n rings. (bnc#785554)\n\n - net-next: Add netif_get_num_default_rss_queues.\n (bnc#785554)\n\n - tg3: set maximal number of default RSS queues.\n (bnc#785554)\n\n - tg3: Allow number of rx and tx rings to be set\n independently. (bnc#785554)\n\n - tg3: Separate coalescing setup for rx and tx.\n (bnc#785554)\n\n - tg3: Refactor tg3_open(). (bnc#785554)\n\n - tg3: Refactor tg3_close(). (bnc#785554)\n\n - tg3: Add support for ethtool -L|-l to get/set the number\n of rings. (bnc#785554)\n\n - tg3: Disable multiple TX rings by default due to\n hardware flaw. (bnc#785554)\n\n - x86, microcode, AMD: Add support for family 16h\n processors (bnc#791498,fate#314145).\n\n - scsi_remove_target: fix softlockup regression on hot\n remove. (bnc#789836)\n\n - autofs4: allow autofs to work outside the initial PID\n namespace. (bnc#779294)\n\n - autofs4: translate pids to the right namespace for the\n daemon. (bnc#779294)\n\n - vfs: dont chain pipe/anon/socket on superblock s_inodes\n list. (bnc#789703)\n\n - reiserfs: fix problems with chowning setuid file w/\n xattrs. (bnc#790920)\n\n - reiserfs: fix double-lock while chowning setuid file w/\n xattrs. (bnc#790920)\n\n - ALSA: hda - Fix SSYNC register value for non-Intel\n controllers (fate#313409,bnc#760833).\n\n - ALSA: hda: option to enable arbitrary buffer/period\n sizes (fate#313409,bnc#760833).\n\n - ALSA: hda - Fix buffer-alignment regression with Nvidia\n HDMI (fate#313409,bnc#760833).\n\n - ALSA: hda - explicitly set buffer-align flag for Nvidia\n controllers (fate#313409,bnc#760833).\n\n - ALSA: hda - Add Lynx Point HD Audio Controller DeviceIDs\n (fate#313409,bnc#760833).\n\n - ALSA: hda_intel: Add Device IDs for Intel Lynx Point-LP\n PCH (fate#313409,bnc#760833).\n\n - USB: OHCI: workaround for hardware bug: retired TDs not\n added to the Done Queue. (bnc#762158)\n\n - watchdog: iTCO_wdt: clean-up PCI device IDs\n (fate#313409, bnc#760833).\n\n - watchdog: iTCO_wdt: add Intel Lynx Point DeviceIDs\n (fate#313409, bnc#760833).\n\n - ahci: AHCI-mode SATA patch for Intel Lynx Point\n DeviceIDs (fate#313409, bnc#760833).\n\n - ata_piix: IDE-mode SATA patch for Intel Lynx Point\n DeviceIDs (fate#313409, bnc#760833).\n\n - i2c-i801: Add device IDs for Intel Lynx Point\n (fate#313409, bnc#760833).\n\n - jbd: Fix lock ordering bug in journal_unmap_buffer().\n (bnc#790935)\n\n - usb: host: xhci: Fix Compliance Mode on SN65LVPE502CP\n Hardware. (bnc#788277)\n\n - usb: host: xhci: Fix NULL pointer dereferencing with\n 71c731a for non-x86 systems. (bnc#788277)\n\n - Do not remove fillup from the buildsystem. (bnc#781327)\n\n - ibmvfc: Fix double completion on abort timeout.\n (bnc#788452)\n\n - ibmvfc: Ignore fabric RSCNs when link is dead.\n (bnc#788452)\n\n - fs: only send IPI to invalidate LRU BH when needed.\n (bnc#763628 / bnc#744692)\n\n - smp: add func to IPI cpus based on parameter func.\n (bnc#763628 / bnc#744692)\n\n - smp: introduce a generic on_each_cpu_mask() function.\n (bnc#763628 / bnc#744692)", "edition": 18, "published": "2013-01-25T00:00:00", "title": "SuSE 11.2 Security Update : Linux kernel (SAT Patch Numbers 7123 / 7127)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4508", "CVE-2012-4461", "CVE-2012-1601", "CVE-2012-3412", "CVE-2012-5517", "CVE-2012-2372", "CVE-2012-3430"], "modified": "2013-01-25T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:kernel-trace-devel", "p-cpe:/a:novell:suse_linux:11:kernel-pae-devel", "p-cpe:/a:novell:suse_linux:11:kernel-source", "p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel", "p-cpe:/a:novell:suse_linux:11:kernel-ec2", "p-cpe:/a:novell:suse_linux:11:kernel-trace-base", "p-cpe:/a:novell:suse_linux:11:kernel-default-base", "p-cpe:/a:novell:suse_linux:11:kernel-pae-base", "p-cpe:/a:novell:suse_linux:11:kernel-pae", "p-cpe:/a:novell:suse_linux:11:kernel-xen-base", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:kernel-xen", "p-cpe:/a:novell:suse_linux:11:kernel-trace", "p-cpe:/a:novell:suse_linux:11:kernel-syms", "p-cpe:/a:novell:suse_linux:11:kernel-ec2-base", "p-cpe:/a:novell:suse_linux:11:kernel-trace-extra", "p-cpe:/a:novell:suse_linux:11:kernel-pae-extra", "p-cpe:/a:novell:suse_linux:11:kernel-xen-extra", "p-cpe:/a:novell:suse_linux:11:kernel-default-devel", "p-cpe:/a:novell:suse_linux:11:kernel-default-extra", "p-cpe:/a:novell:suse_linux:11:kernel-default", "p-cpe:/a:novell:suse_linux:11:kernel-xen-devel"], "id": "SUSE_11_KERNEL-121203.NASL", "href": "https://www.tenable.com/plugins/nessus/64180", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64180);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-1601\", \"CVE-2012-2372\", \"CVE-2012-3412\", \"CVE-2012-3430\", \"CVE-2012-4461\", \"CVE-2012-4508\", \"CVE-2012-5517\");\n\n script_name(english:\"SuSE 11.2 Security Update : Linux kernel (SAT Patch Numbers 7123 / 7127)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 11 SP2 kernel has been updated to 3.0.51\nwhich fixes various bugs and security issues.\n\nIt contains the following feature enhancements :\n\n - The cachefiles framework is now supported (FATE#312793,\n bnc#782369). The userland utilities were published\n seperately to support this feature.\n\n - The ipset netfilter modules are now supported\n (FATE#313309) The ipset userland utility will be\n published seperately to support this feature.\n\n - The tipc kernel module is now externally supported\n (FATE#305033).\n\n - Hyper-V KVP IP injection was implemented (FATE#314441).\n A seperate hyper-v package will be published to support\n this feature.\n\n - Intel Lynx Point PCH chipset support was added.\n (FATE#313409)\n\n - Enable various md/raid10 and DASD enhancements.\n (FATE#311379) These make it possible for RAID10 to cope\n with DASD devices being slow for various reasons - the\n affected device will be temporarily removed from the\n array.\n\n Also added support for reshaping of RAID10 arrays.\n\n mdadm changes will be published to support this feature.\n\nThe following security issues have been fixed :\n\n - A race condition on hot adding memory could be used by\n local attackers to crash the system during hot adding\n new memory. (CVE-2012-5517)\n\n - A flaw has been found in the way Linux kernels KVM\n subsystem handled vcpu->arch.cr4 X86_CR4_OSXSAVE bit set\n upon guest enter. On hosts without the XSAVE feature and\n using qemu userspace an unprivileged local user could\n have used this flaw to crash the system. (CVE-2012-4461)\n\n - The KVM implementation in the Linux kernel allowed host\n OS users to cause a denial of service (NULL pointer\n dereference and host OS crash) by making a\n KVM_CREATE_IRQCHIP ioctl call after a virtual CPU\n already exists. (CVE-2012-1601)\n\n - Attempting an rds connection from the IP address of an\n IPoIB interface to itself causes a kernel panic due to a\n BUG_ON() being triggered. Making the test less strict\n allows rds-ping to work without crashing the machine. A\n local unprivileged user could use this flaw to crash the\n sytem. (CVE-2012-2372)\n\n - Dimitry Monakhov, one of the ext4 developers, has\n discovered a race involving asynchronous I/O and\n fallocate which can lead to the exposure of stale data\n --- that is, an extent which should have had the\n 'uninitialized' bit set indicating that its blocks have\n not yet been written and thus contain data from a\n deleted file will get exposed to anyone with read access\n to the file. (CVE-2012-4508)\n\n - The rds_recvmsg function in net/rds/recv.c in the Linux\n kernel did not initialize a certain structure member,\n which allows local users to obtain potentially sensitive\n information from kernel stack memory via a (1) recvfrom\n or (2) recvmsg system call on an RDS socket.\n (CVE-2012-3430)\n\n - The sfc (aka Solarflare Solarstorm) driver in the Linux\n kernel allowed remote attackers to cause a denial of\n service (DMA descriptor consumption and\n network-controller outage) via crafted TCP packets that\n trigger a small MSS value. (CVE-2012-3412)\n\nThe following non-security issues have been fixed :\n\nBTRFS :\n\n - btrfs: fix double mntput() in mount_subvol().\n\n - btrfs: use common work instead of delayed work\n\n - btrfs: limit fallocate extent reservation to 256MB\n\n - btrfs: fix a double free on pending snapshots in error\n handling\n\n - btrfs: Do not trust the superblock label and simply\n printk('%s') it\n\n - patches.suse/btrfs-update-message-levels.patch: Refresh.\n\n - patches.suse/btrfs-enospc-debugging-messages.patch:\n Minor updates.\n\n - patches.suse/btrfs-update-message-levels.patch: Minor\n updates.\n\n - btrfs: continue after abort during snapshot drop.\n (bnc#752067)\n\n - btrfs: Return EINVAL when length to trim is less than\n FSB.\n\n - btrfs: fix unnecessary while loop when search the free\n space, cache.\n\n - btrfs: Use btrfs_update_inode_fallback when creating a\n snapshot.\n\n - btrfs: do not bug when we fail to commit the\n transaction.\n\n - btrfs: fill the global reserve when unpinning space.\n\n - btrfs: do not allow degraded mount if too many devices\n are missing.\n\n -\n patches.suse/btrfs-8112-resume-balance-on-rw-re-mounts-p\n roperly.patch: fix mismerge.\n\n - btrfs: do not allocate chunks as agressively.\n\n - btrfs: btrfs_drop_extent_cache should never fail.\n\n - btrfs: fix full backref problem when inserting shared\n block reference.\n\n - btrfs: wait on async pages when shrinking delalloc.\n\n - btrfs: remove bytes argument from do_chunk_alloc.\n\n - btrfs: cleanup of error processing in\n btree_get_extent().\n\n - btrfs: remove unnecessary code in btree_get_extent().\n\n - btrfs: kill obsolete arguments in\n btrfs_wait_ordered_extents.\n\n - btrfs: do not do anything in our ->freeze_fs and\n ->unfreeze_fs.\n\n - btrfs: do not async metadata csumming in certain\n situations.\n\n - btrfs: do not hold the file extent leaf locked when\n adding extent item.\n\n - btrfs: cache extent state when writing out dirty\n metadata pages.\n\n - btrfs: do not lookup csums for prealloc extents.\n\n - btrfs: be smarter about dropping things from the tree\n log.\n\n - btrfs: confirmation of value is added before\n trace_btrfs_get_extent() is called.\n\n - btrfs: make filesystem read-only when submitting barrier\n fails.\n\n - btrfs: cleanup pages properly when ENOMEM in\n compression.\n\n - btrfs: do not bug on enomem in readpage.\n\n - btrfs: do not warn_on when we cannot alloc a page for an\n extent buffer.\n\n - btrfs: enospc debugging messages. S/390 :\n\n - smsgiucv: reestablish IUCV path after resume\n (bnc#786976,LTC#86245).\n\n - dasd: move wake_up call (bnc#786976,LTC#86252).\n\n - kernel: fix get_user_pages_fast() page table walk\n (bnc#786976,LTC#86307).\n\n - qeth: Fix IPA_CMD_QIPASSIST return code handling\n (bnc#785851,LTC#86101).\n\n - mm: Fix XFS oops due to dirty pages without buffers on\n s390. (bnc#762259)\n\n - zfcp: only access zfcp_scsi_dev for valid scsi_device\n (bnc#781484,LTC#85285).\n\n - dasd: check count address during online setting\n (bnc#781484,LTC#85346).\n\n - hugetlbfs: fix deadlock in unmap_hugepage_range()\n (bnc#781484,LTC#85449).\n\n - kernel: make user-access pagetable walk code huge page\n aware (bnc#781484,LTC#85455).\n\n - hugetlbfs: add missing TLB invalidation\n (bnc#781484,LTC#85463).\n\n - zfcp: fix adapter (re)open recovery while link to SAN is\n down (bnc#789010,LTC#86283).\n\n - qeth: set new mac even if old mac is gone\n (bnc#789010,LTC#86643).\n\n - qdio: fix kernel panic for zfcp 31-bit\n (bnc#789010,LTC#86623).\n\n - crypto: msgType50 (RSA-CRT) Fix (bnc#789010,LTC#86378).\n DRM :\n\n - drm/915: Update references, fixed a missing patch chunk.\n (bnc#725355)\n\n - drm/dp: Document DP spec versions for various DPCD\n registers. (bnc#780461)\n\n - drm/dp: Make sink count DP 1.2 aware. (bnc#780461)\n\n - DRM/i915: Restore sdvo_flags after dtd->mode->dtd\n Roundrtrip. (bnc#775577)\n\n - DRM/i915: Do not clone SDVO LVDS with analog.\n (bnc#766410)\n\n - DRM/radeon: For single CRTC GPUs move handling of\n CRTC_CRT_ON to crtc_dpms(). (bnc#725152)\n\n - DRM/Radeon: Fix TV DAC Load Detection for single CRTC\n chips. (bnc#725152)\n\n - DRM/Radeon: Clean up code in TV DAC load detection.\n (bnc#725152)\n\n - DRM/Radeon: On DVI-I use Load Detection when EDID is\n bogus. (bnc#725152)\n\n - DRM/Radeon: Fix primary DAC Load Detection for RV100\n chips. (bnc#725152)\n\n - DRM/Radeon: Fix Load Detection on legacy primary DAC.\n (bnc#725152)\n\n - drm/i915: enable plain RC6 on Sandy Bridge by default\n (bnc#725355). Hyper-V :\n\n - Hyper-V KVP IP injection (fate#31441) :\n\n - drivers: net: Remove casts to same type.\n\n - drivers: hv: remove IRQF_SAMPLE_RANDOM which is now a\n no-op.\n\n - hyperv: Move wait completion msg code into\n rndis_filter_halt_device().\n\n - hyperv: Add comments for the extended buffer after RNDIS\n message.\n\n - Drivers: hv: Cleanup the guest ID computation.\n\n - Drivers: hv: vmbus: Use the standard format string to\n format GUIDs.\n\n - Drivers: hv: Add KVP definitions for IP address\n injection.\n\n - Drivers: hv: kvp: Cleanup error handling in KVP.\n\n - Drivers: hv: kvp: Support the new IP injection messages.\n\n - Tools: hv: Prepare to expand kvp_get_ip_address()\n functionality.\n\n - Tools: hv: Further refactor kvp_get_ip_address().\n\n - Tools: hv: Gather address family information.\n\n - Tools: hv: Gather subnet information.\n\n - Tools: hv: Represent the ipv6 mask using CIDR notation.\n\n - Tools: hv: Gather ipv[4,6] gateway information.\n\n - hv: fail the probing immediately when we are not in\n hyperv platform.\n\n - hv: vmbus_drv: detect hyperv through x86_hyper.\n\n - Tools: hv: Get rid of some unused variables.\n\n - Tools: hv: Correctly type string variables.\n\n - Tools: hv: Add an example script to retrieve DNS\n entries.\n\n - Tools: hv: Gather DNS information.\n\n - Drivers: hv: kvp: Copy the address family information.\n\n - Tools: hv: Add an example script to retrieve dhcp state.\n\n - Tools: hv: Gather DHCP information.\n\n - Tools: hv: Add an example script to configure an\n interface.\n\n - Tools: hv: Implement the KVP verb - KVP_OP_SET_IP_INFO.\n\n - Tools: hv: Rename the function kvp_get_ip_address().\n\n - Tools: hv: Implement the KVP verb - KVP_OP_GET_IP_INFO.\n\n - tools/hv: Fix file handle leak.\n\n - tools/hv: Fix exit() error code.\n\n - tools/hv: Check for read/write errors.\n\n - tools/hv: Parse /etc/os-release.\n\n - hyperv: Fix the max_xfer_size in RNDIS initialization.\n\n - hyperv: Fix the missing return value in\n rndis_filter_set_packet_filter().\n\n - hyperv: Fix page buffer handling in\n rndis_filter_send_request().\n\n - hyperv: Remove extra allocated space for recv_pkt_list\n elements.\n\n - hyperv: Report actual status in receive completion\n packet.\n\n - hyperv: Add buffer for extended info after the RNDIS\n response message. Other :\n\n - net: prevent NULL dereference in check_peer_redir().\n (bnc#776044 / bnc#784576)\n\n -\n patches.fixes/mm-hotplug-correctly-add-zone-to-other-nod\n es-list.patch: Refresh.\n\n - igb: fix recent VLAN changes that would leave VLANs\n disabled after reset. (bnc#787168)\n\n - md: Change goto target to avoid pointless bug messages\n in normal error cases. (bnc#787848)\n\n - intel_idle: IVB support (fate#313719).\n\n - x86 cpufreq: Do not complain on missing cpufreq tables\n on ProLiants. (bnc#787202)\n\n - hpilo: remove pci_disable_device. (bnc#752544)\n\n - ixgbe: Address fact that RSC was not setting GSO size\n for incoming frames. (bnc#776144)\n\n - hv: Cleanup error handling in vmbus_open().\n\n - [SCSI] storvsc: Account for in-transit packets in the\n RESET path.\n\n - sg: remove sg_mutex. (bnc#785496)\n\n - perf: Do no try to schedule task events if there are\n none. (bnc#781574)\n\n - perf: Do not set task_ctx pointer in cpuctx if there are\n no events in the context. (bnc#781574)\n\n - mm: swap: Implement generic handlers for swap-related\n address ops fix. (bnc#778334)\n\n - hpwdt: Only BYTE reads/writes to WD Timer port 0x72.\n\n - xenbus: fix overflow check in xenbus_dev_write().\n\n - xen/x86: do not corrupt %eip when returning from a\n signal handler.\n\n - Update Xen patches to 3.0.46.\n\n - Update Xen patches to 3.0.51.\n\n - mm: Check if PTE is already allocated during page fault.\n\n - rpm/kernel-binary.spec.in: Revert f266e647f to allow\n building with icecream again, as\n patches.rpmify/kbuild-fix-gcc-x-syntax.patch is a real\n fix now.\n\n - ipmi: decrease the IPMI message transaction time in\n interrupt mode. (bnc#763654)\n\n - ipmi: simplify locking. (bnc#763654)\n\n - ipmi: use a tasklet for handling received messages.\n (bnc#763654)\n\n - cxgb3: Set vlan_feature on net_device (bnc#776127,\n LTC#84260).\n\n - qlge: Add offload features to vlan interfaces\n (bnc#776081,LTC#84322).\n\n - mlx4_en: Added missing iounmap upon releasing a device\n (bnc#774964,LTC#82768).\n\n - mlx4: allow device removal by fixing dma unmap size\n (bnc#774964,LTC#82768).\n\n - qeth: fix deadlock between recovery and bonding driver\n (bnc#785100,LTC#85905).\n\n - SCSI st: add st_nowait_eof param to module. (bnc#775394)\n\n -\n patches.fixes/sched-fix-migration-thread-accounting-woes\n .patch: Update references. (bnc#773699, bnc#769251)\n\n - memcg: oom: fix totalpages calculation for\n swappiness==0. (bnc#783965)\n\n - fs: cachefiles: add support for large files in\n filesystem caching (FATE#312793, bnc#782369).\n\n - mm/mempolicy.c: use enum value MPOL_REBIND_ONCE in\n mpol_rebind_policy().\n\n - mm, mempolicy: fix mbind() to do synchronous migration.\n\n - revert 'mm: mempolicy: Let vma_merge and vma_split\n handle vma->vm_policy linkages'.\n\n - mempolicy: fix a race in shared_policy_replace().\n\n - mempolicy: fix refcount leak in\n mpol_set_shared_policy().\n\n - mempolicy: fix a memory corruption by refcount imbalance\n in alloc_pages_vma().\n\n - mempolicy: remove mempolicy sharing. Memory policy\n enhancements for robustness against fuzz attacks and\n force mbind to use synchronous migration.\n\n - Update scsi_dh_alua to mainline version (bnc#708296,\n bnc#784334) :\n\n - scsi_dh_alua: Enable STPG for unavailable ports\n\n - scsi_dh_alua: Re-enable STPG for unavailable ports\n\n - scsi_dh_alua: backoff alua rtpg retry linearly vs.\n geometrically\n\n - scsi_dh_alua: implement implied transition timeout\n\n - scsi_dh_alua: retry alua rtpg extended header for\n illegal request response\n\n - Revert removal of ACPI procfs entries. (bnc#777283)\n\n - x86: Clear HPET configuration registers on startup.\n (bnc#748896)\n\n - mlx4: Fixed build warning, update references\n (bnc#774500,LTC#83966).\n\n - xen/frontends: handle backend CLOSED without CLOSING.\n\n - xen/pciback: properly clean up after calling\n pcistub_device_find().\n\n - xen/netfront: add netconsole support (bnc#763858\n fate#313830).\n\n - netfilter: nf_conntrack_ipv6: fix tracking of ICMPv6\n error messages containing fragments. (bnc#779750)\n\n - ipv6, xfrm: use conntrack-reassembled packet for policy\n lookup. (bnc#780216)\n\n - inetpeer: add namespace support for inetpeer.\n (bnc#779969)\n\n - inetpeer: add parameter net for inet_getpeer_v4,v6.\n (bnc#779969)\n\n - inetpeer: make unused_peers list per-netns. (bnc#779969)\n\n - kABI: use net_generic to protect struct netns_ipv{4,6}.\n (bnc#779969)\n\n - patches.rpmify/kbuild-fix-gcc-x-syntax.patch: kbuild:\n Fix gcc -x syntax. (bnc#773831)\n\n - patches.suse/supported-flag: Re-enabled warning on\n unsupported module loading.\n\n - nbd: clear waiting_queue on shutdown. (bnc#778630)\n\n - nohz: fix idle ticks in cpu summary line of /proc/stat\n (follow up fix for bnc#767469, bnc#705551).\n\n - fix TAINT_NO_SUPPORT handling on module load.\n\n - NFS: Fix Oopses in nfs_lookup_revalidate and\n nfs4_lookup_revalidate. (bnc#780008)\n\n - svcrpc: fix svc_xprt_enqueue/svc_recv busy-looping\n (bnc@779462).\n\n - net: do not disable sg for packets requiring no\n checksum. (bnc#774859)\n\n - sfc: prevent extreme TSO parameters from stalling TX\n queues. (bnc#774523 / CVE-2012-3412)\n\n - X86 MCE: Fix correct ring/severity identification in V86\n case. (bnc#773267)\n\n - scsi_dh_rdac: Add a new netapp vendor/product string.\n (bnc#772483)\n\n - scsi_dh_rdac : Consolidate rdac strings together.\n (bnc#772483)\n\n - scsi_dh_rdac : minor return fix for rdac. (bnc#772483)\n\n - dh_rdac: Associate HBA and storage in rdac_controller to\n support partitions in storage. (bnc#772454)\n\n - scsi_dh_rdac: Fix error path. (bnc#772454)\n\n - scsi_dh_rdac: Fix for unbalanced reference count.\n (bnc#772454)\n\n - sd: Ensure we correctly disable devices with unknown\n protection type. (bnc#780876)\n\n - netfilter: ipset: timeout can be modified for already\n added elements. (bnc#790457)\n\n - netfilter: ipset: fix adding ranges to hash types.\n (bnc#790498)\n\n - workqueue: exit rescuer_thread() as TASK_RUNNING.\n (bnc#789993)\n\n - xhci: Add Lynx Point LP to list of Intel switchable\n hosts. (bnc#791853)\n\n - tg3: Introduce separate functions to allocate/free RX/TX\n rings. (bnc#785554)\n\n - net-next: Add netif_get_num_default_rss_queues.\n (bnc#785554)\n\n - tg3: set maximal number of default RSS queues.\n (bnc#785554)\n\n - tg3: Allow number of rx and tx rings to be set\n independently. (bnc#785554)\n\n - tg3: Separate coalescing setup for rx and tx.\n (bnc#785554)\n\n - tg3: Refactor tg3_open(). (bnc#785554)\n\n - tg3: Refactor tg3_close(). (bnc#785554)\n\n - tg3: Add support for ethtool -L|-l to get/set the number\n of rings. (bnc#785554)\n\n - tg3: Disable multiple TX rings by default due to\n hardware flaw. (bnc#785554)\n\n - x86, microcode, AMD: Add support for family 16h\n processors (bnc#791498,fate#314145).\n\n - scsi_remove_target: fix softlockup regression on hot\n remove. (bnc#789836)\n\n - autofs4: allow autofs to work outside the initial PID\n namespace. (bnc#779294)\n\n - autofs4: translate pids to the right namespace for the\n daemon. (bnc#779294)\n\n - vfs: dont chain pipe/anon/socket on superblock s_inodes\n list. (bnc#789703)\n\n - reiserfs: fix problems with chowning setuid file w/\n xattrs. (bnc#790920)\n\n - reiserfs: fix double-lock while chowning setuid file w/\n xattrs. (bnc#790920)\n\n - ALSA: hda - Fix SSYNC register value for non-Intel\n controllers (fate#313409,bnc#760833).\n\n - ALSA: hda: option to enable arbitrary buffer/period\n sizes (fate#313409,bnc#760833).\n\n - ALSA: hda - Fix buffer-alignment regression with Nvidia\n HDMI (fate#313409,bnc#760833).\n\n - ALSA: hda - explicitly set buffer-align flag for Nvidia\n controllers (fate#313409,bnc#760833).\n\n - ALSA: hda - Add Lynx Point HD Audio Controller DeviceIDs\n (fate#313409,bnc#760833).\n\n - ALSA: hda_intel: Add Device IDs for Intel Lynx Point-LP\n PCH (fate#313409,bnc#760833).\n\n - USB: OHCI: workaround for hardware bug: retired TDs not\n added to the Done Queue. (bnc#762158)\n\n - watchdog: iTCO_wdt: clean-up PCI device IDs\n (fate#313409, bnc#760833).\n\n - watchdog: iTCO_wdt: add Intel Lynx Point DeviceIDs\n (fate#313409, bnc#760833).\n\n - ahci: AHCI-mode SATA patch for Intel Lynx Point\n DeviceIDs (fate#313409, bnc#760833).\n\n - ata_piix: IDE-mode SATA patch for Intel Lynx Point\n DeviceIDs (fate#313409, bnc#760833).\n\n - i2c-i801: Add device IDs for Intel Lynx Point\n (fate#313409, bnc#760833).\n\n - jbd: Fix lock ordering bug in journal_unmap_buffer().\n (bnc#790935)\n\n - usb: host: xhci: Fix Compliance Mode on SN65LVPE502CP\n Hardware. (bnc#788277)\n\n - usb: host: xhci: Fix NULL pointer dereferencing with\n 71c731a for non-x86 systems. (bnc#788277)\n\n - Do not remove fillup from the buildsystem. (bnc#781327)\n\n - ibmvfc: Fix double completion on abort timeout.\n (bnc#788452)\n\n - ibmvfc: Ignore fabric RSCNs when link is dead.\n (bnc#788452)\n\n - fs: only send IPI to invalidate LRU BH when needed.\n (bnc#763628 / bnc#744692)\n\n - smp: add func to IPI cpus based on parameter func.\n (bnc#763628 / bnc#744692)\n\n - smp: introduce a generic on_each_cpu_mask() function.\n (bnc#763628 / bnc#744692)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=705551\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=708296\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=722560\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=723776\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=725152\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=725355\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=730660\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=731739\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=739728\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=741814\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=744692\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=748896\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=752067\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=752544\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=754898\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=760833\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=762158\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=762214\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=762259\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=763628\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=763654\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=763858\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=763954\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=766410\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=766654\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=767469\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=767610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=769251\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=772427\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=772454\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=772483\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=773267\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=773383\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=773699\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=773831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=774500\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=774523\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=774612\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=774859\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=774964\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=775394\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=775577\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=776044\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=776081\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=776127\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=776144\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=777024\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=777283\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=778334\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=778630\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=779294\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=779462\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=779699\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=779750\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=779969\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=780008\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=780012\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=780216\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=780461\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=780876\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=781018\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=781327\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=781484\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=781574\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=782369\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=783965\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=784192\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=784334\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=784576\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=785100\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=785496\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=785554\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=785851\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=786976\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=787168\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=787202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=787821\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=787848\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=788277\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=788452\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=789010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=789235\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=789703\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=789836\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=789993\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=790457\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=790498\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=790920\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=790935\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=791498\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=791853\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-1601.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-2372.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-3412.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-3430.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-4461.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-4508.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5517.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Apply SAT patch number 7123 / 7127 as appropriate.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/12/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, \"SuSE 11.2\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-default-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-default-base-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-default-devel-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-default-extra-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-base-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-devel-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-extra-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-source-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-syms-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-trace-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-trace-base-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-trace-devel-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-trace-extra-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-base-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-devel-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-extra-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-base-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-devel-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-extra-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-trace-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-trace-base-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-trace-devel-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-trace-extra-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-extra-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-default-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-default-base-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-default-devel-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-ec2-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-ec2-base-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-ec2-devel-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-base-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-devel-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-source-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-syms-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-trace-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-trace-base-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-trace-devel-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-base-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-devel-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-base-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-devel-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-ec2-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-ec2-base-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-ec2-devel-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-trace-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-trace-base-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-trace-devel-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.51-0.7.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.51-0.7.9.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T06:39:08", "description": "USN-1704-1 fixed vulnerabilities in the Linux kernel. Due to an\nunrelated regression inotify/fanotify stopped working after upgrading.\nThis update fixes the problem.\n\nWe apologize for the inconvenience.\n\nBrad Spengler discovered a flaw in the Linux kernel's uname system\ncall. An unprivileged user could exploit this flaw to read kernel\nstack memory. (CVE-2012-0957)\n\nJon Howell reported a flaw in the Linux kernel's KVM\n(Kernel-based virtual machine) subsystem's handling of the\nXSAVE feature. On hosts, using qemu userspace, without the\nXSAVE feature an unprivileged local attacker could exploit\nthis flaw to crash the system. (CVE-2012-4461)\n\nDmitry Monakhov reported a race condition flaw the Linux\next4 filesystem that can expose stale data. An unprivileged\nuser could exploit this flaw to cause an information leak.\n(CVE-2012-4508)\n\nA flaw was discovered in the Linux kernel's handling of\nscript execution when module loading is enabled. A local\nattacker could exploit this flaw to cause a leak of kernel\nstack contents. (CVE-2012-4530)\n\nRodrigo Freire discovered a flaw in the Linux kernel's TCP\nillinois congestion control algorithm. A local attacker\ncould use this to cause a denial of service. (CVE-2012-4565)\n\nA flaw was discovered in the Linux kernel's handling of new\nhot-plugged memory. An unprivileged local user could exploit\nthis flaw to cause a denial of service by crashing the\nsystem. (CVE-2012-5517)\n\nFlorian Weimer discovered that hypervkvpd, which is\ndistributed in the Linux kernel, was not correctly\nvalidating source addresses of netlink packets. An untrusted\nlocal user can cause a denial of service by causing\nhypervkvpd to exit. (CVE-2012-5532).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2013-02-04T00:00:00", "title": "Ubuntu 12.04 LTS : linux-lts-quantal - Linux kernel hardware enablement from Quantal regression (USN-1704-2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5532", "CVE-2012-4508", "CVE-2012-4461", "CVE-2012-4565", "CVE-2012-0957", "CVE-2012-5517", "CVE-2012-4530"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-1704-2.NASL", "href": "https://www.tenable.com/plugins/nessus/64436", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1704-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64436);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-0957\", \"CVE-2012-4461\", \"CVE-2012-4508\", \"CVE-2012-4530\", \"CVE-2012-4565\", \"CVE-2012-5517\", \"CVE-2012-5532\");\n script_xref(name:\"USN\", value:\"1704-2\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-quantal - Linux kernel hardware enablement from Quantal regression (USN-1704-2)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-1704-1 fixed vulnerabilities in the Linux kernel. Due to an\nunrelated regression inotify/fanotify stopped working after upgrading.\nThis update fixes the problem.\n\nWe apologize for the inconvenience.\n\nBrad Spengler discovered a flaw in the Linux kernel's uname system\ncall. An unprivileged user could exploit this flaw to read kernel\nstack memory. (CVE-2012-0957)\n\nJon Howell reported a flaw in the Linux kernel's KVM\n(Kernel-based virtual machine) subsystem's handling of the\nXSAVE feature. On hosts, using qemu userspace, without the\nXSAVE feature an unprivileged local attacker could exploit\nthis flaw to crash the system. (CVE-2012-4461)\n\nDmitry Monakhov reported a race condition flaw the Linux\next4 filesystem that can expose stale data. An unprivileged\nuser could exploit this flaw to cause an information leak.\n(CVE-2012-4508)\n\nA flaw was discovered in the Linux kernel's handling of\nscript execution when module loading is enabled. A local\nattacker could exploit this flaw to cause a leak of kernel\nstack contents. (CVE-2012-4530)\n\nRodrigo Freire discovered a flaw in the Linux kernel's TCP\nillinois congestion control algorithm. A local attacker\ncould use this to cause a denial of service. (CVE-2012-4565)\n\nA flaw was discovered in the Linux kernel's handling of new\nhot-plugged memory. An unprivileged local user could exploit\nthis flaw to cause a denial of service by crashing the\nsystem. (CVE-2012-5517)\n\nFlorian Weimer discovered that hypervkvpd, which is\ndistributed in the Linux kernel, was not correctly\nvalidating source addresses of netlink packets. An untrusted\nlocal user can cause a denial of service by causing\nhypervkvpd to exit. (CVE-2012-5532).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1704-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-3.5-generic package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/12/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2012-0957\", \"CVE-2012-4461\", \"CVE-2012-4508\", \"CVE-2012-4530\", \"CVE-2012-4565\", \"CVE-2012-5517\", \"CVE-2012-5532\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1704-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.5.0-23-generic\", pkgver:\"3.5.0-23.35~precise1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.5-generic\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2021-01-01T06:39:08", "description": "Brad Spengler discovered a flaw in the Linux kernel's uname system\ncall. An unprivileged user could exploit this flaw to read kernel\nstack memory. (CVE-2012-0957)\n\nJon Howell reported a flaw in the Linux kernel's KVM (Kernel-based\nvirtual machine) subsystem's handling of the XSAVE feature. On hosts,\nusing qemu userspace, without the XSAVE feature an unprivileged local\nattacker could exploit this flaw to crash the system. (CVE-2012-4461)\n\nDmitry Monakhov reported a race condition flaw the Linux ext4\nfilesystem that can expose stale data. An unprivileged user could\nexploit this flaw to cause an information leak. (CVE-2012-4508)\n\nA flaw was discovered in the Linux kernel's handling of script\nexecution when module loading is enabled. A local attacker could\nexploit this flaw to cause a leak of kernel stack contents.\n(CVE-2012-4530)\n\nRodrigo Freire discovered a flaw in the Linux kernel's TCP illinois\ncongestion control algorithm. A local attacker could use this to cause\na denial of service. (CVE-2012-4565)\n\nA flaw was discovered in the Linux kernel's handling of new\nhot-plugged memory. An unprivileged local user could exploit this flaw\nto cause a denial of service by crashing the system. (CVE-2012-5517)\n\nFlorian Weimer discovered that hypervkvpd, which is distributed in the\nLinux kernel, was not correctly validating source addresses of netlink\npackets. An untrusted local user can cause a denial of service by\ncausing hypervkvpd to exit. (CVE-2012-5532).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2013-01-23T00:00:00", "title": "Ubuntu 12.04 LTS : linux-lts-quantal - Linux kernel hardware enablement from Quantal vulnerabilities (USN-1704-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5532", "CVE-2012-4508", "CVE-2012-4461", "CVE-2012-4565", "CVE-2012-0957", "CVE-2012-5517", "CVE-2012-4530"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-1704-1.NASL", "href": "https://www.tenable.com/plugins/nessus/63669", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1704-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63669);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-0957\", \"CVE-2012-4461\", \"CVE-2012-4508\", \"CVE-2012-4530\", \"CVE-2012-4565\", \"CVE-2012-5517\", \"CVE-2012-5532\");\n script_bugtraq_id(55855, 55878, 56238, 56346, 56414, 56527, 56710);\n script_xref(name:\"USN\", value:\"1704-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-quantal - Linux kernel hardware enablement from Quantal vulnerabilities (USN-1704-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Brad Spengler discovered a flaw in the Linux kernel's uname system\ncall. An unprivileged user could exploit this flaw to read kernel\nstack memory. (CVE-2012-0957)\n\nJon Howell reported a flaw in the Linux kernel's KVM (Kernel-based\nvirtual machine) subsystem's handling of the XSAVE feature. On hosts,\nusing qemu userspace, without the XSAVE feature an unprivileged local\nattacker could exploit this flaw to crash the system. (CVE-2012-4461)\n\nDmitry Monakhov reported a race condition flaw the Linux ext4\nfilesystem that can expose stale data. An unprivileged user could\nexploit this flaw to cause an information leak. (CVE-2012-4508)\n\nA flaw was discovered in the Linux kernel's handling of script\nexecution when module loading is enabled. A local attacker could\nexploit this flaw to cause a leak of kernel stack contents.\n(CVE-2012-4530)\n\nRodrigo Freire discovered a flaw in the Linux kernel's TCP illinois\ncongestion control algorithm. A local attacker could use this to cause\na denial of service. (CVE-2012-4565)\n\nA flaw was discovered in the Linux kernel's handling of new\nhot-plugged memory. An unprivileged local user could exploit this flaw\nto cause a denial of service by crashing the system. (CVE-2012-5517)\n\nFlorian Weimer discovered that hypervkvpd, which is distributed in the\nLinux kernel, was not correctly validating source addresses of netlink\npackets. An untrusted local user can cause a denial of service by\ncausing hypervkvpd to exit. (CVE-2012-5532).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1704-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-3.5-generic package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/12/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2012-0957\", \"CVE-2012-4461\", \"CVE-2012-4508\", \"CVE-2012-4530\", \"CVE-2012-4565\", \"CVE-2012-5517\", \"CVE-2012-5532\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1704-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.5.0-22-generic\", pkgver:\"3.5.0-22.34~precise1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.5-generic\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2021-01-20T12:25:34", "description": "This kernel update to 3.4.11 fixes various bugs and security issues.\n\nThe changes up to 3.4.11 contain both security and bugfixes and are\nnot explicitly listed here.\n\nFollowing security issues were fixed: CVE-2012-3520: Force passing\ncredentials, otherwise local services could be fooled to assume\nrequests coming from root.\n\nCVE-2012-3412: Do not allow extreme TSO parameters in the sfc driver\nand tcp stack.\n\nFollowing non-security bugs were fixed :\n\n - nbd: clear waiting_queue on shutdown (bnc#778630).\n\n - NFS: avoid warning from nfs_drop_nlink (bnc#780624).\n\n - net: do not disable sg for packets requiring no checksum\n (bnc#774859).\n\n - sfc: Fix maximum number of TSO segments and minimum TX\n queue size (bnc#774523 CVE-2012-3412).\n\n - net: Allow driver to limit number of GSO segments per\n skb (bnc#774523 CVE-2012-3412).\n\n - drm/nouveau: fix booting with plymouth + dumb support\n (bnc#771392).\n\n - memcg: warn on deeper hierarchies with use_hierarchy==0\n (bnc#781134).\n\n - Linux 3.4.11.\n\n - Update config files.\n\n - Refresh patches.suse/scsi-error-test-unit-ready-timeout.\n\n - Btrfs: fix tree log remove space corner case\n (bnc#779432)\n\n - irq_remap: disable IRQ remapping if any IOAPIC lacks an\n IOMMU.\n\n - Linux 3.4.10.\n\n - Linux 3.4.9.\n\n - kABI: protect struct irq_desc.\n\n - Linux 3.4.8.\n\n - kABI: sdhci, remove inclusion.\n\n - reiserfs: fix deadlock with nfs racing on create/lookup\n (bnc#762693).\n\n - Properly update Xen patches to 3.4.7.\n\n - Refresh other Xen patches (bnc#772831).\n\n - config: enable various ARM errata workarounds to improve\n stability\n\n - Import kabi files for 12.2\n\n - rpm/config.sh: Build the KOTD against 12.2\n\n - ASoC: omap: Add missing modules aliases to get sound\n working on omap devices.\n\n - Update config files to fix build\n\n - rt2800: add chipset revision RT5390R support\n (bnc#772566).\n\n - reiserfs: fix deadlocks with quotas\n\n - ACPI, APEI: Fixup common access width firmware bug\n (bnc#765230).\n\n - i2c/busses: Fix build error if\n CONFIG_I2C_DESIGNWARE_PLATFORM=y and CONFIG_I2C_DESIGN.\n\n - Update ARM configs to match kernel 3.4.7\n\n - Update ARM omap2plus config to match kernel 3.4.7 and\n add Smartreflex support (auto voltage)\n\n - ALSA: hda - Fix mute-LED GPIO initialization for IDT\n codecs (bnc#772923).\n\n - ALSA: hda - Fix polarity of mute LED on HP Mini 210\n (bnc#772923).\n\n - Linux 3.4.7.\n\n - Refresh patches.suse/dm-raid45-26-Nov-2009.patch.\n\n - Enable RTL8150 for omap2plus Generic USB Network device\n that also works fine on ARM, so enable it\n\n - update RNDIS_OID_GEN_RNDIS_CONFIG_PARAMETER patch name\n\n - Drivers: hv: Cleanup the guest ID computation.\n\n - hyperv: Add a check for ring_size value.\n\n - hyperv: Add error handling to rndis_filter_device_add().\n\n - Drivers: hv: Change the hex constant to a decimal\n constant.\n\n - hyperv: Add support for setting MAC from within guests.\n\n - net/hyperv: Use wait_event on outstanding sends during\n device removal.\n\n - hv: add RNDIS_OID_GEN_RNDIS_CONFIG_PARAMETER.\n\n - Refresh patches.suse/SUSE-bootsplash. Fix wrong vfree()\n (bnc#773406)", "edition": 18, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : kernel (openSUSE-SU-2012:1330-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3520", "CVE-2012-3412"], "modified": "2014-06-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:kernel-ec2-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pae-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-trace", "p-cpe:/a:novell:opensuse:kernel-ec2-base", "p-cpe:/a:novell:opensuse:kernel-ec2", "p-cpe:/a:novell:opensuse:kernel-trace-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pae-debugsource", "p-cpe:/a:novell:opensuse:kernel-xen-devel", "p-cpe:/a:novell:opensuse:kernel-trace-base", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo", "p-cpe:/a:novell:opensuse:kernel-desktop-debuginfo", "p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-desktop-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-desktop-base", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-xen-base", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-ec2-debugsource", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-ec2-extra-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pae-devel", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pae-base", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-xen-debugsource", "p-cpe:/a:novell:opensuse:kernel-trace-devel", "p-cpe:/a:novell:opensuse:kernel-trace-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:kernel-desktop-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-ec2-devel", "p-cpe:/a:novell:opensuse:kernel-ec2-extra", "p-cpe:/a:novell:opensuse:kernel-trace-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pae-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-desktop-devel", "p-cpe:/a:novell:opensuse:kernel-xen-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-xen-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-desktop", "p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-trace-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-base", "cpe:/o:novell:opensuse:12.2", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-desktop-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo"], "id": "OPENSUSE-2012-700.NASL", "href": "https://www.tenable.com/plugins/nessus/74778", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2012-700.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74778);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-3412\", \"CVE-2012-3520\");\n\n script_name(english:\"openSUSE Security Update : kernel (openSUSE-SU-2012:1330-1)\");\n script_summary(english:\"Check for the openSUSE-2012-700 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This kernel update to 3.4.11 fixes various bugs and security issues.\n\nThe changes up to 3.4.11 contain both security and bugfixes and are\nnot explicitly listed here.\n\nFollowing security issues were fixed: CVE-2012-3520: Force passing\ncredentials, otherwise local services could be fooled to assume\nrequests coming from root.\n\nCVE-2012-3412: Do not allow extreme TSO parameters in the sfc driver\nand tcp stack.\n\nFollowing non-security bugs were fixed :\n\n - nbd: clear waiting_queue on shutdown (bnc#778630).\n\n - NFS: avoid warning from nfs_drop_nlink (bnc#780624).\n\n - net: do not disable sg for packets requiring no checksum\n (bnc#774859).\n\n - sfc: Fix maximum number of TSO segments and minimum TX\n queue size (bnc#774523 CVE-2012-3412).\n\n - net: Allow driver to limit number of GSO segments per\n skb (bnc#774523 CVE-2012-3412).\n\n - drm/nouveau: fix booting with plymouth + dumb support\n (bnc#771392).\n\n - memcg: warn on deeper hierarchies with use_hierarchy==0\n (bnc#781134).\n\n - Linux 3.4.11.\n\n - Update config files.\n\n - Refresh patches.suse/scsi-error-test-unit-ready-timeout.\n\n - Btrfs: fix tree log remove space corner case\n (bnc#779432)\n\n - irq_remap: disable IRQ remapping if any IOAPIC lacks an\n IOMMU.\n\n - Linux 3.4.10.\n\n - Linux 3.4.9.\n\n - kABI: protect struct irq_desc.\n\n - Linux 3.4.8.\n\n - kABI: sdhci, remove inclusion.\n\n - reiserfs: fix deadlock with nfs racing on create/lookup\n (bnc#762693).\n\n - Properly update Xen patches to 3.4.7.\n\n - Refresh other Xen patches (bnc#772831).\n\n - config: enable various ARM errata workarounds to improve\n stability\n\n - Import kabi files for 12.2\n\n - rpm/config.sh: Build the KOTD against 12.2\n\n - ASoC: omap: Add missing modules aliases to get sound\n working on omap devices.\n\n - Update config files to fix build\n\n - rt2800: add chipset revision RT5390R support\n (bnc#772566).\n\n - reiserfs: fix deadlocks with quotas\n\n - ACPI, APEI: Fixup common access width firmware bug\n (bnc#765230).\n\n - i2c/busses: Fix build error if\n CONFIG_I2C_DESIGNWARE_PLATFORM=y and CONFIG_I2C_DESIGN.\n\n - Update ARM configs to match kernel 3.4.7\n\n - Update ARM omap2plus config to match kernel 3.4.7 and\n add Smartreflex support (auto voltage)\n\n - ALSA: hda - Fix mute-LED GPIO initialization for IDT\n codecs (bnc#772923).\n\n - ALSA: hda - Fix polarity of mute LED on HP Mini 210\n (bnc#772923).\n\n - Linux 3.4.7.\n\n - Refresh patches.suse/dm-raid45-26-Nov-2009.patch.\n\n - Enable RTL8150 for omap2plus Generic USB Network device\n that also works fine on ARM, so enable it\n\n - update RNDIS_OID_GEN_RNDIS_CONFIG_PARAMETER patch name\n\n - Drivers: hv: Cleanup the guest ID computation.\n\n - hyperv: Add a check for ring_size value.\n\n - hyperv: Add error handling to rndis_filter_device_add().\n\n - Drivers: hv: Change the hex constant to a decimal\n constant.\n\n - hyperv: Add support for setting MAC from within guests.\n\n - net/hyperv: Use wait_event on outstanding sends during\n device removal.\n\n - hv: add RNDIS_OID_GEN_RNDIS_CONFIG_PARAMETER.\n\n - Refresh patches.suse/SUSE-bootsplash. Fix wrong vfree()\n (bnc#773406)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=762693\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=765230\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=771392\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=772566\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=772831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=772923\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=773406\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=774523\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=774859\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=776925\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=778630\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=779432\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=780624\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=781134\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-10/msg00045.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.2\", reference:\"kernel-default-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"kernel-default-base-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"kernel-default-base-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"kernel-default-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"kernel-default-debugsource-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"kernel-default-devel-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"kernel-default-devel-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"kernel-devel-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"kernel-source-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"kernel-source-vanilla-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"kernel-syms-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-debug-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-debug-base-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-debug-base-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-debug-debugsource-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-debug-devel-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-debug-devel-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-desktop-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-desktop-base-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-desktop-base-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-desktop-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-desktop-debugsource-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-desktop-devel-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-desktop-devel-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-ec2-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-ec2-base-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-ec2-base-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-ec2-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-ec2-debugsource-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-ec2-devel-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-ec2-devel-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-ec2-extra-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-ec2-extra-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-pae-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-pae-base-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-pae-base-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-pae-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-pae-debugsource-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-pae-devel-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-pae-devel-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-trace-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-trace-base-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-trace-base-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-trace-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-trace-debugsource-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-trace-devel-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-trace-devel-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-vanilla-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-vanilla-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-vanilla-debugsource-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-vanilla-devel-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-vanilla-devel-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-xen-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-xen-base-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-xen-base-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-xen-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-xen-debugsource-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-xen-devel-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"i686\", reference:\"kernel-xen-devel-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-debug-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-debug-base-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-debug-base-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-debug-debugsource-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-debug-devel-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-desktop-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-desktop-base-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-desktop-base-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-desktop-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-desktop-debugsource-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-desktop-devel-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-desktop-devel-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-ec2-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-ec2-base-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-ec2-base-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-ec2-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-ec2-debugsource-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-ec2-devel-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-ec2-devel-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-ec2-extra-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-ec2-extra-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-pae-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-pae-base-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-pae-base-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-pae-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-pae-debugsource-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-pae-devel-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-pae-devel-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-trace-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-trace-base-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-trace-base-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-trace-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-trace-debugsource-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-trace-devel-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-trace-devel-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-vanilla-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-vanilla-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-vanilla-debugsource-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-vanilla-devel-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-vanilla-devel-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-xen-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-xen-base-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.4.11-2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"kernel-xen-devel-debuginfo-3.4.11-2.16.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T13:11:37", "description": "Updated kernel-rt packages that fix several security issues and\nmultiple bugs are now available for Red Hat Enterprise MRG 2.2.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* A flaw was found in the way Netlink messages without SCM_CREDENTIALS\n(used for authentication) data set were handled. When not explicitly\nset, the data was sent but with all values set to 0, including the\nprocess ID and user ID, causing the Netlink message to appear as if it\nwere sent with root privileges. A local, unprivileged user could use\nthis flaw to send spoofed Netlink messages to an application, possibly\nresulting in the application performing privileged operations if it\nrelied on SCM_CREDENTIALS data for the authentication of Netlink\nmessages. (CVE-2012-3520, Important)\n\n* A race condition was found in the way asynchronous I/O and\nfallocate() interacted when using the ext4 file system. A local,\nunprivileged user could use this flaw to expose random data from an\nextent whose data blocks have not yet been written, and thus contain\ndata from a deleted file. (CVE-2012-4508, Important)\n\n* A use-after-free flaw was found in the Linux kernel's memory\nmanagement subsystem in the way quota handling for huge pages was\nperformed. A local, unprivileged user could use this flaw to cause a\ndenial of service or, potentially, escalate their privileges.\n(CVE-2012-2133, Moderate)\n\n* A use-after-free flaw was found in the madvise() system call\nimplementation in the Linux kernel. A local, unprivileged user could\nuse this flaw to cause a denial of service or, potentially, escalate\ntheir privileges. (CVE-2012-3511, Moderate)\n\n* A divide-by-zero flaw was found in the TCP Illinois congestion\ncontrol algorithm implementation in the Linux kernel. If the TCP\nIllinois congestion control algorithm were in use (the sysctl\nnet.ipv4.tcp_congestion_control variable set to 'illinois'), a local,\nunprivileged user could trigger this flaw and cause a denial of\nservice. (CVE-2012-4565, Moderate)\n\n* An information leak flaw was found in the uname() system call\nimplementation in the Linux kernel. A local, unprivileged user could\nuse this flaw to leak kernel stack memory to user-space by setting the\nUNAME26 personality and then calling the uname() system call.\n(CVE-2012-0957, Low)\n\n* Buffer overflow flaws were found in the udf_load_logicalvol()\nfunction in the Universal Disk Format (UDF) file system implementation\nin the Linux kernel. An attacker with physical access to a system\ncould use these flaws to cause a denial of service or escalate their\nprivileges. (CVE-2012-3400, Low)\n\n* A flaw was found in the way the msg_namelen variable in the\nrds_recvmsg() function of the Linux kernel's Reliable Datagram Sockets\n(RDS) protocol implementation was initialized. A local, unprivileged\nuser could use this flaw to leak kernel stack memory to user-space.\n(CVE-2012-3430, Low)\n\nRed Hat would like to thank Pablo Neira Ayuso for reporting\nCVE-2012-3520; Theodore Ts'o for reporting CVE-2012-4508; Shachar\nRaindel for reporting CVE-2012-2133; and Kees Cook for reporting\nCVE-2012-0957. Upstream acknowledges Dmitry Monakhov as the original\nreporter of CVE-2012-4508. The CVE-2012-4565 issue was discovered by\nRodrigo Freire of Red Hat, and the CVE-2012-3430 issue was discovered\nby the Red Hat InfiniBand team.\n\nThis update also fixes multiple bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nUsers should upgrade to these updated packages, which upgrade the\nkernel-rt kernel to version kernel-rt-3.2.33-rt50, and correct these\nissues. The system must be rebooted for this update to take effect.", "edition": 26, "published": "2014-07-22T00:00:00", "title": "RHEL 6 : MRG (RHSA-2012:1491)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2133", "CVE-2012-4508", "CVE-2012-3520", "CVE-2012-3511", "CVE-2012-4565", "CVE-2012-0957", "CVE-2012-3400", "CVE-2012-3430"], "modified": "2014-07-22T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel", "p-cpe:/a:redhat:enterprise_linux:mrg-rt-release", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-rt", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo"], "id": "REDHAT-RHSA-2012-1491.NASL", "href": "https://www.tenable.com/plugins/nessus/76653", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1491. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76653);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-0957\", \"CVE-2012-2133\", \"CVE-2012-3400\", \"CVE-2012-3430\", \"CVE-2012-3511\", \"CVE-2012-3520\", \"CVE-2012-4508\", \"CVE-2012-4565\");\n script_bugtraq_id(53233, 54279, 54702, 55151, 55152, 55855, 56238, 56346);\n script_xref(name:\"RHSA\", value:\"2012:1491\");\n\n script_name(english:\"RHEL 6 : MRG (RHSA-2012:1491)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel-rt packages that fix several security issues and\nmultiple bugs are now available for Red Hat Enterprise MRG 2.2.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* A flaw was found in the way Netlink messages without SCM_CREDENTIALS\n(used for authentication) data set were handled. When not explicitly\nset, the data was sent but with all values set to 0, including the\nprocess ID and user ID, causing the Netlink message to appear as if it\nwere sent with root privileges. A local, unprivileged user could use\nthis flaw to send spoofed Netlink messages to an application, possibly\nresulting in the application performing privileged operations if it\nrelied on SCM_CREDENTIALS data for the authentication of Netlink\nmessages. (CVE-2012-3520, Important)\n\n* A race condition was found in the way asynchronous I/O and\nfallocate() interacted when using the ext4 file system. A local,\nunprivileged user could use this flaw to expose random data from an\nextent whose data blocks have not yet been written, and thus contain\ndata from a deleted file. (CVE-2012-4508, Important)\n\n* A use-after-free flaw was found in the Linux kernel's memory\nmanagement subsystem in the way quota handling for huge pages was\nperformed. A local, unprivileged user could use this flaw to cause a\ndenial of service or, potentially, escalate their privileges.\n(CVE-2012-2133, Moderate)\n\n* A use-after-free flaw was found in the madvise() system call\nimplementation in the Linux kernel. A local, unprivileged user could\nuse this flaw to cause a denial of service or, potentially, escalate\ntheir privileges. (CVE-2012-3511, Moderate)\n\n* A divide-by-zero flaw was found in the TCP Illinois congestion\ncontrol algorithm implementation in the Linux kernel. If the TCP\nIllinois congestion control algorithm were in use (the sysctl\nnet.ipv4.tcp_congestion_control variable set to 'illinois'), a local,\nunprivileged user could trigger this flaw and cause a denial of\nservice. (CVE-2012-4565, Moderate)\n\n* An information leak flaw was found in the uname() system call\nimplementation in the Linux kernel. A local, unprivileged user could\nuse this flaw to leak kernel stack memory to user-space by setting the\nUNAME26 personality and then calling the uname() system call.\n(CVE-2012-0957, Low)\n\n* Buffer overflow flaws were found in the udf_load_logicalvol()\nfunction in the Universal Disk Format (UDF) file system implementation\nin the Linux kernel. An attacker with physical access to a system\ncould use these flaws to cause a denial of service or escalate their\nprivileges. (CVE-2012-3400, Low)\n\n* A flaw was found in the way the msg_namelen variable in the\nrds_recvmsg() function of the Linux kernel's Reliable Datagram Sockets\n(RDS) protocol implementation was initialized. A local, unprivileged\nuser could use this flaw to leak kernel stack memory to user-space.\n(CVE-2012-3430, Low)\n\nRed Hat would like to thank Pablo Neira Ayuso for reporting\nCVE-2012-3520; Theodore Ts'o for reporting CVE-2012-4508; Shachar\nRaindel for reporting CVE-2012-2133; and Kees Cook for reporting\nCVE-2012-0957. Upstream acknowledges Dmitry Monakhov as the original\nreporter of CVE-2012-4508. The CVE-2012-4565 issue was discovered by\nRodrigo Freire of Red Hat, and the CVE-2012-3430 issue was discovered\nby the Red Hat InfiniBand team.\n\nThis update also fixes multiple bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nUsers should upgrade to these updated packages, which upgrade the\nkernel-rt kernel to version kernel-rt-3.2.33-rt50, and correct these\nissues. The system must be rebooted for this update to take effect.\"\n );\n # https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_MRG/2/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9345c1b9\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1491\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3430\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3511\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2133\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3400\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0957\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4565\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3520\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4508\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mrg-rt-release\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2012-0957\", \"CVE-2012-2133\", \"CVE-2012-3400\", \"CVE-2012-3430\", \"CVE-2012-3511\", \"CVE-2012-3520\", \"CVE-2012-4508\", \"CVE-2012-4565\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2012:1491\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1491\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL6\", rpm:\"mrg-release\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MRG\");\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-3.2.33-rt50.66.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debug-3.2.33-rt50.66.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debug-debuginfo-3.2.33-rt50.66.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debug-devel-3.2.33-rt50.66.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-3.2.33-rt50.66.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-common-x86_64-3.2.33-rt50.66.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-devel-3.2.33-rt50.66.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-rt-doc-3.2.33-rt50.66.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-rt-firmware-3.2.33-rt50.66.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-trace-3.2.33-rt50.66.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-trace-debuginfo-3.2.33-rt50.66.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-trace-devel-3.2.33-rt50.66.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-vanilla-3.2.33-rt50.66.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-vanilla-debuginfo-3.2.33-rt50.66.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-vanilla-devel-3.2.33-rt50.66.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"mrg-rt-release-3.2.33-rt50.66.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-rt / kernel-rt-debug / kernel-rt-debug-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T06:38:50", "description": "Brad Spengler discovered a flaw in the Linux kernel's uname system\ncall. An unprivileged user could exploit this flaw to read kernel\nstack memory. (CVE-2012-0957)\n\nRodrigo Freire discovered a flaw in the Linux kernel's TCP illinois\ncongestion control algorithm. A local attacker could use this to cause\na denial of service. (CVE-2012-4565).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2012-12-02T00:00:00", "title": "Ubuntu 12.04 LTS : linux vulnerabilities (USN-1644-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4565", "CVE-2012-0957"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-1644-1.NASL", "href": "https://www.tenable.com/plugins/nessus/63116", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1644-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63116);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-0957\", \"CVE-2012-4565\");\n script_bugtraq_id(55855, 56346);\n script_xref(name:\"USN\", value:\"1644-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux vulnerabilities (USN-1644-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Brad Spengler discovered a flaw in the Linux kernel's uname system\ncall. An unprivileged user could exploit this flaw to read kernel\nstack memory. (CVE-2012-0957)\n\nRodrigo Freire discovered a flaw in the Linux kernel's TCP illinois\ncongestion control algorithm. A local attacker could use this to cause\na denial of service. (CVE-2012-4565).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1644-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/12/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2012-0957\", \"CVE-2012-4565\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1644-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-34-generic\", pkgver:\"3.2.0-34.53\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-34-generic-pae\", pkgver:\"3.2.0-34.53\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-34-highbank\", pkgver:\"3.2.0-34.53\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-34-virtual\", pkgver:\"3.2.0-34.53\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.2-generic / linux-image-3.2-generic-pae / etc\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2021-01-01T06:38:50", "description": "Brad Spengler discovered a flaw in the Linux kernel's uname system\ncall. An unprivileged user could exploit this flaw to read kernel\nstack memory. (CVE-2012-0957)\n\nRodrigo Freire discovered a flaw in the Linux kernel's TCP illinois\ncongestion control algorithm. A local attacker could use this to\ncause a denial of service. (CVE-2012-4565)", "edition": 24, "published": "2012-12-02T00:00:00", "title": "USN-1647-1 : linux-ti-omap4 vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4565", "CVE-2012-0957"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux"], "id": "UBUNTU_USN-1647-1.NASL", "href": "https://www.tenable.com/plugins/nessus/63119", "sourceData": "# This script was automatically generated from Ubuntu Security\n# Notice USN-1647-1. It is released under the Nessus Script \n# Licence.\n#\n# Ubuntu Security Notices are (C) Canonical, Inc.\n# See http://www.ubuntu.com/usn/\n# Ubuntu(R) is a registered trademark of Canonical, Inc.\n\nif (!defined_func(\"bn_random\")) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63119);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2016/12/01 20:56:51 $\");\n\n script_cve_id(\"CVE-2012-0957\", \"CVE-2012-4565\");\n script_xref(name:\"USN\", value:\"1647-1\");\n\n script_name(english:\"USN-1647-1 : linux-ti-omap4 vulnerabilities\");\n script_summary(english:\"Checks dpkg output for updated package(s)\");\n\n script_set_attribute(attribute:\"synopsis\", value: \n\"The remote Ubuntu host is missing one or more security-related\npatches.\");\n script_set_attribute(attribute:\"description\", value:\n\"Brad Spengler discovered a flaw in the Linux kernel's uname system\ncall. An unprivileged user could exploit this flaw to read kernel\nstack memory. (CVE-2012-0957)\n\nRodrigo Freire discovered a flaw in the Linux kernel's TCP illinois\ncongestion control algorithm. A local attacker could use this to\ncause a denial of service. (CVE-2012-4565)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.ubuntu.com/usn/usn-1647-1/\");\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package(s).\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/30\");\n\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/02\");\n script_end_attributes();\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(\"Ubuntu Security Notice (C) 2012 Canonical, Inc. / NASL script (C) 2012-2016 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude(\"ubuntu.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/Ubuntu/release\")) exit(0, \"The host is not running Ubuntu.\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) exit(1, \"Could not obtain the list of installed packages.\");\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.10\", pkgname:\"linux-image-3.5.0-215-omap4\", pkgver:\"3.5.0-215.22\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:ubuntu_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2021-01-01T06:38:51", "description": "Brad Spengler discovered a flaw in the Linux kernel's uname system\ncall. An unprivileged user could exploit this flaw to read kernel\nstack memory. (CVE-2012-0957)\n\nRodrigo Freire discovered a flaw in the Linux kernel's TCP illinois\ncongestion control algorithm. A local attacker could use this to\ncause a denial of service. (CVE-2012-4565)", "edition": 24, "published": "2012-12-02T00:00:00", "title": "USN-1649-1 : linux-ti-omap4 vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4565", "CVE-2012-0957"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux"], "id": "UBUNTU_USN-1649-1.NASL", "href": "https://www.tenable.com/plugins/nessus/63121", "sourceData": "# This script was automatically generated from Ubuntu Security\n# Notice USN-1649-1. It is released under the Nessus Script \n# Licence.\n#\n# Ubuntu Security Notices are (C) Canonical, Inc.\n# See http://www.ubuntu.com/usn/\n# Ubuntu(R) is a registered trademark of Canonical, Inc.\n\nif (!defined_func(\"bn_random\")) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63121);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2016/12/01 20:56:51 $\");\n\n script_cve_id(\"CVE-2012-0957\", \"CVE-2012-4565\");\n script_xref(name:\"USN\", value:\"1649-1\");\n\n script_name(english:\"USN-1649-1 : linux-ti-omap4 vulnerabilities\");\n script_summary(english:\"Checks dpkg output for updated package(s)\");\n\n script_set_attribute(attribute:\"synopsis\", value: \n\"The remote Ubuntu host is missing one or more security-related\npatches.\");\n script_set_attribute(attribute:\"description\", value:\n\"Brad Spengler discovered a flaw in the Linux kernel's uname system\ncall. An unprivileged user could exploit this flaw to read kernel\nstack memory. (CVE-2012-0957)\n\nRodrigo Freire discovered a flaw in the Linux kernel's TCP illinois\ncongestion control algorithm. A local attacker could use this to\ncause a denial of service. (CVE-2012-4565)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.ubuntu.com/usn/usn-1649-1/\");\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package(s).\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/30\");\n\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/02\");\n script_end_attributes();\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(\"Ubuntu Security Notice (C) 2012 Canonical, Inc. / NASL script (C) 2012-2016 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude(\"ubuntu.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/Ubuntu/release\")) exit(0, \"The host is not running Ubuntu.\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) exit(1, \"Could not obtain the list of installed packages.\");\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.10\", pkgname:\"linux-image-3.0.0-1218-omap4\", pkgver:\"3.0.0-1218.31\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:ubuntu_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2021-01-01T06:38:50", "description": "Brad Spengler discovered a flaw in the Linux kernel's uname system\ncall. An unprivileged user could exploit this flaw to read kernel\nstack memory. (CVE-2012-0957)\n\nRodrigo Freire discovered a flaw in the Linux kernel's TCP illinois\ncongestion control algorithm. A local attacker could use this to cause\na denial of service. (CVE-2012-4565).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2012-12-02T00:00:00", "title": "Ubuntu 12.10 : linux vulnerabilities (USN-1646-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4565", "CVE-2012-0957"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-highbank", "cpe:/o:canonical:ubuntu_linux:12.10", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic"], "id": "UBUNTU_USN-1646-1.NASL", "href": "https://www.tenable.com/plugins/nessus/63118", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1646-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63118);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-0957\", \"CVE-2012-4565\");\n script_xref(name:\"USN\", value:\"1646-1\");\n\n script_name(english:\"Ubuntu 12.10 : linux vulnerabilities (USN-1646-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Brad Spengler discovered a flaw in the Linux kernel's uname system\ncall. An unprivileged user could exploit this flaw to read kernel\nstack memory. (CVE-2012-0957)\n\nRodrigo Freire discovered a flaw in the Linux kernel's TCP illinois\ncongestion control algorithm. A local attacker could use this to cause\na denial of service. (CVE-2012-4565).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1646-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.5-generic and / or\nlinux-image-3.5-highbank packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-highbank\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/12/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2012-0957\", \"CVE-2012-4565\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1646-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.10\", pkgname:\"linux-image-3.5.0-19-generic\", pkgver:\"3.5.0-19.30\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"linux-image-3.5.0-19-highbank\", pkgver:\"3.5.0-19.30\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.5-generic / linux-image-3.5-highbank\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}], "ubuntu": [{"lastseen": "2020-07-02T11:44:57", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5532", "CVE-2012-4508", "CVE-2012-4461", "CVE-2012-4565", "CVE-2012-0957", "CVE-2012-5517", "CVE-2012-4530"], "description": "USN-1704-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated \nregression inotify/fanotify stopped working after upgrading. This update \nfixes the problem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nBrad Spengler discovered a flaw in the Linux kernel's uname system call. An \nunprivileged user could exploit this flaw to read kernel stack memory. \n(CVE-2012-0957)\n\nJon Howell reported a flaw in the Linux kernel's KVM (Kernel-based virtual \nmachine) subsystem's handling of the XSAVE feature. On hosts, using qemu \nuserspace, without the XSAVE feature an unprivileged local attacker could \nexploit this flaw to crash the system. (CVE-2012-4461)\n\nDmitry Monakhov reported a race condition flaw the Linux ext4 filesystem \nthat can expose stale data. An unprivileged user could exploit this flaw to \ncause an information leak. (CVE-2012-4508)\n\nA flaw was discovered in the Linux kernel's handling of script execution \nwhen module loading is enabled. A local attacker could exploit this flaw to \ncause a leak of kernel stack contents. (CVE-2012-4530)\n\nRodrigo Freire discovered a flaw in the Linux kernel's TCP illinois \ncongestion control algorithm. A local attacker could use this to cause a \ndenial of service. (CVE-2012-4565)\n\nA flaw was discovered in the Linux kernel's handling of new hot-plugged \nmemory. An unprivileged local user could exploit this flaw to cause a \ndenial of service by crashing the system. (CVE-2012-5517)\n\nFlorian Weimer discovered that hypervkvpd, which is distributed in the \nLinux kernel, was not correctly validating source addresses of netlink \npackets. An untrusted local user can cause a denial of service by causing \nhypervkvpd to exit. (CVE-2012-5532)", "edition": 5, "modified": "2013-02-01T00:00:00", "published": "2013-02-01T00:00:00", "id": "USN-1704-2", "href": "https://ubuntu.com/security/notices/USN-1704-2", "title": "Linux kernel (Quantal HWE) regression", "type": "ubuntu", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2020-07-02T11:37:22", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5532", "CVE-2012-4508", "CVE-2012-4461", "CVE-2012-4565", "CVE-2012-0957", "CVE-2012-5517", "CVE-2012-4530", "CVE-2013-1928"], "description": "Brad Spengler discovered a flaw in the Linux kernel's uname system call. An \nunprivileged user could exploit this flaw to read kernel stack memory. \n(CVE-2012-0957)\n\nJon Howell reported a flaw in the Linux kernel's KVM (Kernel-based virtual \nmachine) subsystem's handling of the XSAVE feature. On hosts, using qemu \nuserspace, without the XSAVE feature an unprivileged local attacker could \nexploit this flaw to crash the system. (CVE-2012-4461)\n\nDmitry Monakhov reported a race condition flaw the Linux ext4 filesystem \nthat can expose stale data. An unprivileged user could exploit this flaw to \ncause an information leak. (CVE-2012-4508)\n\nA flaw was discovered in the Linux kernel's handling of script execution \nwhen module loading is enabled. A local attacker could exploit this flaw to \ncause a leak of kernel stack contents. (CVE-2012-4530)\n\nRodrigo Freire discovered a flaw in the Linux kernel's TCP illinois \ncongestion control algorithm. A local attacker could use this to cause a \ndenial of service. (CVE-2012-4565)\n\nA flaw was discovered in the Linux kernel's handling of new hot-plugged \nmemory. An unprivileged local user could exploit this flaw to cause a \ndenial of service by crashing the system. (CVE-2012-5517)\n\nFlorian Weimer discovered that hypervkvpd, which is distributed in the \nLinux kernel, was not correctly validating source addresses of netlink \npackets. An untrusted local user can cause a denial of service by causing \nhypervkvpd to exit. (CVE-2012-5532)\n\nAn information leak was discovered in the Linux kernel's /dev/dvb device. A \nlocal user could exploit this flaw to obtain sensitive information from the \nkernel's stack memory. (CVE-2013-1928)", "edition": 5, "modified": "2013-01-22T00:00:00", "published": "2013-01-22T00:00:00", "id": "USN-1704-1", "href": "https://ubuntu.com/security/notices/USN-1704-1", "title": "Linux kernel (Quantal HWE) vulnerabilities", "type": "ubuntu", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}], "suse": [{"lastseen": "2016-09-04T11:27:15", "bulletinFamily": "unix", "cvelist": ["CVE-2012-3520", "CVE-2012-3412"], "description": "This kernel update to 3.4.11 fixes various bugs and\n security issues.\n\n The changes up to 3.4.11 contain both security and bugfixes\n and are not explicitly listed here.\n\n Following security issues were fixed: CVE-2012-3520: Force\n passing credentials, otherwise local services could be\n fooled to assume requests coming from root.\n\n CVE-2012-3412: Do not allow extreme TSO parameters in the\n sfc driver and tcp stack.\n\n Following non-security bugs were fixed:\n - nbd: clear waiting_queue on shutdown (bnc#778630).\n - NFS: avoid warning from nfs_drop_nlink (bnc#780624).\n - net: do not disable sg for packets requiring no checksum\n (bnc#774859).\n\n - sfc: Fix maximum number of TSO segments and minimum TX\n queue size (bnc#774523 CVE-2012-3412).\n - net: Allow driver to limit number of GSO segments per skb\n (bnc#774523 CVE-2012-3412).\n\n - drm/nouveau: fix booting with plymouth + dumb support\n (bnc#771392).\n\n - memcg: warn on deeper hierarchies with use_hierarchy==0\n (bnc#781134).\n\n - Linux 3.4.11.\n - Update config files.\n - Refresh patches.suse/scsi-error-test-unit-ready-timeout.\n\n - Btrfs: fix tree log remove space corner case (bnc#779432)\n\n - irq_remap: disable IRQ remapping if any IOAPIC lacks an\n IOMMU.\n\n - Linux 3.4.10.\n\n - Linux 3.4.9.\n - kABI: protect struct irq_desc.\n\n - Linux 3.4.8.\n - kABI: sdhci, remove inclusion.\n\n - reiserfs: fix deadlock with nfs racing on create/lookup\n (bnc#762693).\n\n - Properly update Xen patches to 3.4.7.\n - Refresh other Xen patches (bnc#772831).\n\n - config: enable various ARM errata workarounds to improve\n stability\n\n - Import kabi files for 12.2\n\n - rpm/config.sh: Build the KOTD against 12.2\n\n - ASoC: omap: Add missing modules aliases to get sound\n working on omap devices.\n\n - Update config files to fix build\n\n - rt2800: add chipset revision RT5390R support (bnc#772566).\n\n - reiserfs: fix deadlocks with quotas\n\n - ACPI, APEI: Fixup common access width firmware bug\n (bnc#765230).\n\n - i2c/busses: Fix build error if\n CONFIG_I2C_DESIGNWARE_PLATFORM=y and CONFIG_I2C_DESIGN.\n\n - Update ARM configs to match kernel 3.4.7\n\n - Update ARM omap2plus config to match kernel 3.4.7 and add\n Smartreflex support (auto voltage)\n\n - ALSA: hda - Fix mute-LED GPIO initialization for IDT\n codecs (bnc#772923).\n - ALSA: hda - Fix polarity of mute LED on HP Mini 210\n (bnc#772923).\n\n - Linux 3.4.7.\n - Refresh patches.suse/dm-raid45-26-Nov-2009.patch.\n\n - Enable RTL8150 for omap2plus Generic USB Network device\n that also works fine on ARM, so enable it\n\n - update RNDIS_OID_GEN_RNDIS_CONFIG_PARAMETER patch name\n\n - Drivers: hv: Cleanup the guest ID computation.\n\n - hyperv: Add a check for ring_size value.\n - hyperv: Add error handling to rndis_filter_device_add().\n - Drivers: hv: Change the hex constant to a decimal\n constant.\n - hyperv: Add support for setting MAC from within guests.\n - net/hyperv: Use wait_event on outstanding sends during\n device removal.\n - hv: add RNDIS_OID_GEN_RNDIS_CONFIG_PARAMETER.\n\n - Refresh patches.suse/SUSE-bootsplash. Fix wrong vfree()\n (bnc#773406)\n\n", "edition": 1, "modified": "2012-10-12T16:08:23", "published": "2012-10-12T16:08:23", "id": "OPENSUSE-SU-2012:1330-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00005.html", "type": "suse", "title": "kernel: security and bugfix update (important)", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2019-08-13T18:46:58", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0957", "CVE-2012-2133", "CVE-2012-3400", "CVE-2012-3430", "CVE-2012-3511", "CVE-2012-3520", "CVE-2012-4508", "CVE-2012-4565"], "description": "The kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A flaw was found in the way Netlink messages without SCM_CREDENTIALS\n(used for authentication) data set were handled. When not explicitly set,\nthe data was sent but with all values set to 0, including the process ID\nand user ID, causing the Netlink message to appear as if it were sent with\nroot privileges. A local, unprivileged user could use this flaw to send\nspoofed Netlink messages to an application, possibly resulting in the\napplication performing privileged operations if it relied on\nSCM_CREDENTIALS data for the authentication of Netlink messages.\n(CVE-2012-3520, Important)\n\n* A race condition was found in the way asynchronous I/O and fallocate()\ninteracted when using the ext4 file system. A local, unprivileged user\ncould use this flaw to expose random data from an extent whose data blocks\nhave not yet been written, and thus contain data from a deleted file.\n(CVE-2012-4508, Important)\n\n* A use-after-free flaw was found in the Linux kernel's memory management\nsubsystem in the way quota handling for huge pages was performed. A local,\nunprivileged user could use this flaw to cause a denial of service or,\npotentially, escalate their privileges. (CVE-2012-2133, Moderate)\n\n* A use-after-free flaw was found in the madvise() system call\nimplementation in the Linux kernel. A local, unprivileged user could use\nthis flaw to cause a denial of service or, potentially, escalate their\nprivileges. (CVE-2012-3511, Moderate)\n\n* A divide-by-zero flaw was found in the TCP Illinois congestion control\nalgorithm implementation in the Linux kernel. If the TCP Illinois\ncongestion control algorithm were in use (the sysctl\nnet.ipv4.tcp_congestion_control variable set to \"illinois\"), a local,\nunprivileged user could trigger this flaw and cause a denial of service.\n(CVE-2012-4565, Moderate)\n\n* An information leak flaw was found in the uname() system call\nimplementation in the Linux kernel. A local, unprivileged user could use\nthis flaw to leak kernel stack memory to user-space by setting the UNAME26\npersonality and then calling the uname() system call. (CVE-2012-0957, Low)\n\n* Buffer overflow flaws were found in the udf_load_logicalvol() function in\nthe Universal Disk Format (UDF) file system implementation in the Linux\nkernel. An attacker with physical access to a system could use these flaws\nto cause a denial of service or escalate their privileges. (CVE-2012-3400,\nLow)\n\n* A flaw was found in the way the msg_namelen variable in the rds_recvmsg()\nfunction of the Linux kernel's Reliable Datagram Sockets (RDS) protocol\nimplementation was initialized. A local, unprivileged user could use this\nflaw to leak kernel stack memory to user-space. (CVE-2012-3430, Low)\n\nRed Hat would like to thank Pablo Neira Ayuso for reporting CVE-2012-3520;\nTheodore Ts'o for reporting CVE-2012-4508; Shachar Raindel for reporting\nCVE-2012-2133; and Kees Cook for reporting CVE-2012-0957. Upstream\nacknowledges Dmitry Monakhov as the original reporter of CVE-2012-4508. The\nCVE-2012-4565 issue was discovered by Rodrigo Freire of Red Hat, and the\nCVE-2012-3430 issue was discovered by the Red Hat InfiniBand team.\n\nThis update also fixes multiple bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nUsers should upgrade to these updated packages, which upgrade the kernel-rt\nkernel to version kernel-rt-3.2.33-rt50, and correct these issues. The\nsystem must be rebooted for this update to take effect.\n", "modified": "2018-06-07T08:58:29", "published": "2012-12-04T05:00:00", "id": "RHSA-2012:1491", "href": "https://access.redhat.com/errata/RHSA-2012:1491", "type": "redhat", "title": "(RHSA-2012:1491) Important: kernel-rt security and bug fix update", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:49", "bulletinFamily": "software", "cvelist": ["CVE-2012-4565", "CVE-2012-0957"], "description": "Information leakage, DoS.", "edition": 1, "modified": "2012-12-02T00:00:00", "published": "2012-12-02T00:00:00", "id": "SECURITYVULNS:VULN:12730", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12730", "title": "Linux security vulnerabilities", "type": "securityvulns", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:46", "bulletinFamily": "software", "cvelist": ["CVE-2012-4565", "CVE-2012-0957"], "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-1646-1\r\nNovember 30, 2012\r\n\r\nlinux vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 12.10\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in the kernel.\r\n\r\nSoftware Description:\r\n- linux: Linux kernel\r\n\r\nDetails:\r\n\r\nBrad Spengler discovered a flaw in the Linux kernel's uname system call. An\r\nunprivileged user could exploit this flaw to read kernel stack memory.\r\n(CVE-2012-0957)\r\n\r\nRodrigo Freire discovered a flaw in the Linux kernel's TCP illinois\r\ncongestion control algorithm. A local attacker could use this to cause a\r\ndenial of service. (CVE-2012-4565)\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 12.10:\r\n linux-image-3.5.0-19-generic 3.5.0-19.30\r\n linux-image-3.5.0-19-highbank 3.5.0-19.30\r\n linux-image-3.5.0-19-omap 3.5.0-19.30\r\n linux-image-3.5.0-19-powerpc-smp 3.5.0-19.30\r\n linux-image-3.5.0-19-powerpc64-smp 3.5.0-19.30\r\n\r\nAfter a standard system update you need to reboot your computer to make\r\nall the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-1646-1\r\n CVE-2012-0957, CVE-2012-4565\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/linux/3.5.0-19.30\r\n\r\n\r\nAttached Message Part\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n", "edition": 1, "modified": "2012-12-02T00:00:00", "published": "2012-12-02T00:00:00", "id": "SECURITYVULNS:DOC:28785", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28785", "title": "[USN-1646-1] Linux kernel vulnerabilities", "type": "securityvulns", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}]}
