Search...

Debian DSA-2906-1 : linux-2.6 - privilege escalation/denial of service/information leak

2014-04-27T00:00:00

ID DEBIAN_DSA-2906.NASL
Type nessus
Reporter This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2014-04-27T00:00:00

Description

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems :

CVE-2013-0343 George Kargiotakis reported an issue in the temporary address handling of the IPv6 privacy extensions. Users on the same LAN can cause a denial of service or obtain access to sensitive information by sending router advertisement messages that cause temporary address generation to be disabled.

CVE-2013-2147 Dan Carpenter reported issues in the cpqarray driver for Compaq Smart2 Controllers and the cciss driver for HP Smart Array controllers allowing users to gain access to sensitive kernel memory.

CVE-2013-2889 Kees Cook discovered missing input sanitization in the HID driver for Zeroplus game pads that could lead to a local denial of service.

CVE-2013-2893 Kees Cook discovered that missing input sanitization in the HID driver for various Logitech force feedback devices could lead to a local denial of service.

CVE-2013-2929 Vasily Kulikov discovered that a flaw in the get_dumpable() function of the ptrace subsytsem could lead to information disclosure. Only systems with the fs.suid_dumpable sysctl set to a non-default value of '2' are vulnerable.

CVE-2013-4162 Hannes Frederic Sowa discovered that incorrect handling of IPv6 sockets using the UDP_CORK option could result in denial of service.

CVE-2013-4299 Fujitsu reported an issue in the device-mapper subsystem. Local users could gain access to sensitive kernel memory.

CVE-2013-4345 Stephan Mueller found in bug in the ANSI pseudo random number generator which could lead to the use of less entropy than expected.

CVE-2013-4512 Nico Golde and Fabian Yamaguchi reported an issue in the user mode linux port. A buffer overflow condition exists in the write method for the /proc/exitcode file. Local users with sufficient privileges allowing them to write to this file could gain further elevated privileges.

CVE-2013-4587 Andrew Honig of Google reported an issue in the KVM virtualization subsystem. A local user could gain elevated privileges by passing a large vcpu_id parameter.

CVE-2013-6367 Andrew Honig of Google reported an issue in the KVM virtualization subsystem. A divide-by-zero condition could allow a guest user to cause a denial of service on the host (crash).

CVE-2013-6380 Mahesh Rajashekhara reported an issue in the aacraid driver for storage products from various vendors. Local users with CAP_SYS_ADMIN privileges could gain further elevated privileges.

CVE-2013-6381 Nico Golde and Fabian Yamaguchi reported an issue in the Gigabit Ethernet device support for s390 systems. Local users could cause a denial of service or gain elevated privileges via the SIOC_QETH_ADP_SET_SNMP_CONTROL ioctl.

CVE-2013-6382 Nico Golde and Fabian Yamaguchi reported an issue in the XFS filesystem. Local users with CAP_SYS_ADMIN privileges could gain further elevated privileges.

CVE-2013-6383 Dan Carpenter reported an issue in the aacraid driver for storage devices from various vendors. A local user could gain elevated privileges due to a missing privilege level check in the aac_compat_ioctl function.

CVE-2013-7263 CVE-2013-7264 CVE-2013-7265 mpb reported an information leak in the recvfrom, recvmmsg and recvmsg system calls. A local user could obtain access to sensitive kernel memory.

CVE-2013-7339 Sasha Levin reported an issue in the RDS network protocol over Infiniband. A local user could cause a denial of service condition.

CVE-2014-0101 Nokia Siemens Networks reported an issue in the SCTP network protocol subsystem. Remote users could cause a denial of service (NULL pointer dereference).

CVE-2014-1444 Salva Peiro reported an issue in the FarSync WAN driver. Local users with the CAP_NET_ADMIN capability could gain access to sensitive kernel memory.

CVE-2014-1445 Salva Peiro reported an issue in the wanXL serial card driver. Local users could gain access to sensitive kernel memory.

CVE-2014-1446 Salva Peiro reported an issue in the YAM radio modem driver. Local users with the CAP_NET_ADMIN capability could gain access to sensitive kernel memory.

CVE-2014-1874 Matthew Thode reported an issue in the SELinux subsystem. A local user with CAP_MAC_ADMIN privileges could cause a denial of service by setting an empty security context on a file.

CVE-2014-2039 Martin Schwidefsky reported an issue on s390 systems. A local user could cause a denial of service (kernel oops) by executing an application with a linkage stack instruction.

CVE-2014-2523 Daniel Borkmann provided a fix for an issue in the nf_conntrack_dccp module. Remote users could cause a denial of service (system crash) or potentially gain elevated privileges.

                                        
                                            #%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-2906. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(73713);
  script_version("1.10");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2013-0343", "CVE-2013-2147", "CVE-2013-2889", "CVE-2013-2893", "CVE-2013-2929", "CVE-2013-4162", "CVE-2013-4299", "CVE-2013-4345", "CVE-2013-4512", "CVE-2013-4587", "CVE-2013-6367", "CVE-2013-6380", "CVE-2013-6381", "CVE-2013-6382", "CVE-2013-6383", "CVE-2013-7263", "CVE-2013-7264", "CVE-2013-7265", "CVE-2013-7339", "CVE-2014-0101", "CVE-2014-1444", "CVE-2014-1445", "CVE-2014-1446", "CVE-2014-1874", "CVE-2014-2039", "CVE-2014-2523");
  script_bugtraq_id(58795, 60280, 61411, 62042, 62050, 62740, 63183, 63510, 63887, 63888, 63889, 63890, 64270, 64328, 64677, 64685, 64686, 64952, 64953, 64954, 65459, 65700, 65943, 66279, 66351);
  script_xref(name:"DSA", value:"2906");

  script_name(english:"Debian DSA-2906-1 : linux-2.6 - privilege escalation/denial of service/information leak");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service, information leak or privilege
escalation. The Common Vulnerabilities and Exposures project
identifies the following problems :

  - CVE-2013-0343
    George Kargiotakis reported an issue in the temporary
    address handling of the IPv6 privacy extensions. Users
    on the same LAN can cause a denial of service or obtain
    access to sensitive information by sending router
    advertisement messages that cause temporary address
    generation to be disabled.

  - CVE-2013-2147
    Dan Carpenter reported issues in the cpqarray driver for
    Compaq Smart2 Controllers and the cciss driver for HP
    Smart Array controllers allowing users to gain access to
    sensitive kernel memory.

  - CVE-2013-2889
    Kees Cook discovered missing input sanitization in the
    HID driver for Zeroplus game pads that could lead to a
    local denial of service.

  - CVE-2013-2893
    Kees Cook discovered that missing input sanitization in
    the HID driver for various Logitech force feedback
    devices could lead to a local denial of service.

  - CVE-2013-2929
    Vasily Kulikov discovered that a flaw in the
    get_dumpable() function of the ptrace subsytsem could
    lead to information disclosure. Only systems with the
    fs.suid_dumpable sysctl set to a non-default value of
    '2' are vulnerable.

  - CVE-2013-4162
    Hannes Frederic Sowa discovered that incorrect handling
    of IPv6 sockets using the UDP_CORK option could result
    in denial of service.

  - CVE-2013-4299
    Fujitsu reported an issue in the device-mapper
    subsystem. Local users could gain access to sensitive
    kernel memory.

  - CVE-2013-4345
    Stephan Mueller found in bug in the ANSI pseudo random
    number generator which could lead to the use of less
    entropy than expected.

  - CVE-2013-4512
    Nico Golde and Fabian Yamaguchi reported an issue in the
    user mode linux port. A buffer overflow condition exists
    in the write method for the /proc/exitcode file. Local
    users with sufficient privileges allowing them to write
    to this file could gain further elevated privileges.

  - CVE-2013-4587
    Andrew Honig of Google reported an issue in the KVM
    virtualization subsystem. A local user could gain
    elevated privileges by passing a large vcpu_id
    parameter.

  - CVE-2013-6367
    Andrew Honig of Google reported an issue in the KVM
    virtualization subsystem. A divide-by-zero condition
    could allow a guest user to cause a denial of service on
    the host (crash).

  - CVE-2013-6380
    Mahesh Rajashekhara reported an issue in the aacraid
    driver for storage products from various vendors. Local
    users with CAP_SYS_ADMIN privileges could gain further
    elevated privileges.

  - CVE-2013-6381
    Nico Golde and Fabian Yamaguchi reported an issue in the
    Gigabit Ethernet device support for s390 systems. Local
    users could cause a denial of service or gain elevated
    privileges via the SIOC_QETH_ADP_SET_SNMP_CONTROL ioctl.

  - CVE-2013-6382
    Nico Golde and Fabian Yamaguchi reported an issue in the
    XFS filesystem. Local users with CAP_SYS_ADMIN
    privileges could gain further elevated privileges.

  - CVE-2013-6383
    Dan Carpenter reported an issue in the aacraid driver
    for storage devices from various vendors. A local user
    could gain elevated privileges due to a missing
    privilege level check in the aac_compat_ioctl function.

  - CVE-2013-7263 CVE-2013-7264 CVE-2013-7265
    mpb reported an information leak in the recvfrom,
    recvmmsg and recvmsg system calls. A local user could
    obtain access to sensitive kernel memory.

  - CVE-2013-7339
    Sasha Levin reported an issue in the RDS network
    protocol over Infiniband. A local user could cause a
    denial of service condition.

  - CVE-2014-0101
    Nokia Siemens Networks reported an issue in the SCTP
    network protocol subsystem. Remote users could cause a
    denial of service (NULL pointer dereference).

  - CVE-2014-1444
    Salva Peiro reported an issue in the FarSync WAN driver.
    Local users with the CAP_NET_ADMIN capability could gain
    access to sensitive kernel memory.

  - CVE-2014-1445
    Salva Peiro reported an issue in the wanXL serial card
    driver. Local users could gain access to sensitive
    kernel memory.

  - CVE-2014-1446
    Salva Peiro reported an issue in the YAM radio modem
    driver. Local users with the CAP_NET_ADMIN capability
    could gain access to sensitive kernel memory.

  - CVE-2014-1874
    Matthew Thode reported an issue in the SELinux
    subsystem. A local user with CAP_MAC_ADMIN privileges
    could cause a denial of service by setting an empty
    security context on a file.

  - CVE-2014-2039
    Martin Schwidefsky reported an issue on s390 systems. A
    local user could cause a denial of service (kernel oops)
    by executing an application with a linkage stack
    instruction.

  - CVE-2014-2523
    Daniel Borkmann provided a fix for an issue in the
    nf_conntrack_dccp module. Remote users could cause a
    denial of service (system crash) or potentially gain
    elevated privileges."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-0343"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-2147"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-2889"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-2893"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-2929"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-4162"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-4299"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-4345"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-4512"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-4587"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-6367"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-6380"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-6381"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-6382"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-6383"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-7263"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-7264"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-7265"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-7339"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2014-0101"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2014-1444"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2014-1445"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2014-1446"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2014-1874"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2014-2039"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2014-2523"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://packages.debian.org/source/squeeze/linux-2.6"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.debian.org/security/2014/dsa-2906"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the linux-2.6 and user-mode-linux packages.

For the oldstable distribution (squeeze), this problem has been fixed
in version 2.6.32-48squeeze5.

The following matrix lists additional source packages that were
rebuilt for compatibility with or to take advantage of this update :

                          Debian 6.0 (squeeze)     
  user-mode-linux          2.6.32-1um-4+48squeeze5  
Note: Debian carefully tracks all known security issues across every
linux kernel package in all releases under active security support.
However, given the high frequency at which low-severity security
issues are discovered in the kernel and the resource requirements of
doing an update, updates for lower priority issues will normally not
be released for all kernels at the same time. Rather, they will be
released in a staggered or 'leap-frog' fashion."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-2.6");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/02/28");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/04/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/04/27");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"6.0", prefix:"firmware-linux-free", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-base", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-doc-2.6.32", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-486", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-4kc-malta", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-5kc-malta", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-686", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-686-bigmem", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-all", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-all-amd64", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-all-armel", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-all-i386", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-all-ia64", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-all-mips", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-all-mipsel", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-all-powerpc", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-all-s390", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-all-sparc", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-amd64", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-common", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-common-openvz", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-common-vserver", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-common-xen", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-iop32x", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-itanium", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-ixp4xx", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-kirkwood", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-mckinley", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-openvz-686", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-openvz-amd64", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-orion5x", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-powerpc", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-powerpc-smp", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-powerpc64", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-r4k-ip22", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-r5k-cobalt", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-r5k-ip32", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-s390x", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-sb1-bcm91250a", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-sb1a-bcm91480b", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-sparc64", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-sparc64-smp", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-versatile", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-vserver-686", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-vserver-686-bigmem", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-vserver-amd64", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-vserver-itanium", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-vserver-mckinley", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-vserver-powerpc", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-vserver-powerpc64", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-vserver-s390x", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-vserver-sparc64", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-xen-686", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-xen-amd64", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-486", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-4kc-malta", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-5kc-malta", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-686", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-686-bigmem", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-686-bigmem-dbg", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-amd64", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-amd64-dbg", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-iop32x", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-itanium", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-ixp4xx", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-kirkwood", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-mckinley", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-openvz-686", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-openvz-686-dbg", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-openvz-amd64", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-openvz-amd64-dbg", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-orion5x", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-powerpc", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-powerpc-smp", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-powerpc64", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-r4k-ip22", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-r5k-cobalt", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-r5k-ip32", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-s390x", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-s390x-tape", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-sb1-bcm91250a", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-sb1a-bcm91480b", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-sparc64", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-sparc64-smp", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-versatile", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-vserver-686", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-vserver-686-bigmem", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-vserver-686-bigmem-dbg", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-vserver-amd64", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-vserver-amd64-dbg", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-vserver-itanium", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-vserver-mckinley", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-vserver-powerpc", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-vserver-powerpc64", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-vserver-s390x", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-vserver-sparc64", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-xen-686", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-xen-686-dbg", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-xen-amd64", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-xen-amd64-dbg", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-libc-dev", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-manual-2.6.32", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-patch-debian-2.6.32", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-source-2.6.32", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-support-2.6.32-5", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"linux-tools-2.6.32", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"xen-linux-system-2.6.32-5-xen-686", reference:"2.6.32-48squeeze5")) flag++;
if (deb_check(release:"6.0", prefix:"xen-linux-system-2.6.32-5-xen-amd64", reference:"2.6.32-48squeeze5")) flag++;

if (flag)
{
  if (report_verbosity &gt; 0) security_hole(port:0, extra:deb_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

JSON Vulners Source

Initial Source

{"id": "DEBIAN_DSA-2906.NASL", "bulletinFamily": "scanner", "title": "Debian DSA-2906-1 : linux-2.6 - privilege escalation/denial of service/information leak", "description": "Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, information leak or privilege\nescalation. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2013-0343\n George Kargiotakis reported an issue in the temporary\n address handling of the IPv6 privacy extensions. Users\n on the same LAN can cause a denial of service or obtain\n access to sensitive information by sending router\n advertisement messages that cause temporary address\n generation to be disabled.\n\n - CVE-2013-2147\n Dan Carpenter reported issues in the cpqarray driver for\n Compaq Smart2 Controllers and the cciss driver for HP\n Smart Array controllers allowing users to gain access to\n sensitive kernel memory.\n\n - CVE-2013-2889\n Kees Cook discovered missing input sanitization in the\n HID driver for Zeroplus game pads that could lead to a\n local denial of service.\n\n - CVE-2013-2893\n Kees Cook discovered that missing input sanitization in\n the HID driver for various Logitech force feedback\n devices could lead to a local denial of service.\n\n - CVE-2013-2929\n Vasily Kulikov discovered that a flaw in the\n get_dumpable() function of the ptrace subsytsem could\n lead to information disclosure. Only systems with the\n fs.suid_dumpable sysctl set to a non-default value of\n '2' are vulnerable.\n\n - CVE-2013-4162\n Hannes Frederic Sowa discovered that incorrect handling\n of IPv6 sockets using the UDP_CORK option could result\n in denial of service.\n\n - CVE-2013-4299\n Fujitsu reported an issue in the device-mapper\n subsystem. Local users could gain access to sensitive\n kernel memory.\n\n - CVE-2013-4345\n Stephan Mueller found in bug in the ANSI pseudo random\n number generator which could lead to the use of less\n entropy than expected.\n\n - CVE-2013-4512\n Nico Golde and Fabian Yamaguchi reported an issue in the\n user mode linux port. A buffer overflow condition exists\n in the write method for the /proc/exitcode file. Local\n users with sufficient privileges allowing them to write\n to this file could gain further elevated privileges.\n\n - CVE-2013-4587\n Andrew Honig of Google reported an issue in the KVM\n virtualization subsystem. A local user could gain\n elevated privileges by passing a large vcpu_id\n parameter.\n\n - CVE-2013-6367\n Andrew Honig of Google reported an issue in the KVM\n virtualization subsystem. A divide-by-zero condition\n could allow a guest user to cause a denial of service on\n the host (crash).\n\n - CVE-2013-6380\n Mahesh Rajashekhara reported an issue in the aacraid\n driver for storage products from various vendors. Local\n users with CAP_SYS_ADMIN privileges could gain further\n elevated privileges.\n\n - CVE-2013-6381\n Nico Golde and Fabian Yamaguchi reported an issue in the\n Gigabit Ethernet device support for s390 systems. Local\n users could cause a denial of service or gain elevated\n privileges via the SIOC_QETH_ADP_SET_SNMP_CONTROL ioctl.\n\n - CVE-2013-6382\n Nico Golde and Fabian Yamaguchi reported an issue in the\n XFS filesystem. Local users with CAP_SYS_ADMIN\n privileges could gain further elevated privileges.\n\n - CVE-2013-6383\n Dan Carpenter reported an issue in the aacraid driver\n for storage devices from various vendors. A local user\n could gain elevated privileges due to a missing\n privilege level check in the aac_compat_ioctl function.\n\n - CVE-2013-7263 CVE-2013-7264 CVE-2013-7265\n mpb reported an information leak in the recvfrom,\n recvmmsg and recvmsg system calls. A local user could\n obtain access to sensitive kernel memory.\n\n - CVE-2013-7339\n Sasha Levin reported an issue in the RDS network\n protocol over Infiniband. A local user could cause a\n denial of service condition.\n\n - CVE-2014-0101\n Nokia Siemens Networks reported an issue in the SCTP\n network protocol subsystem. Remote users could cause a\n denial of service (NULL pointer dereference).\n\n - CVE-2014-1444\n Salva Peiro reported an issue in the FarSync WAN driver.\n Local users with the CAP_NET_ADMIN capability could gain\n access to sensitive kernel memory.\n\n - CVE-2014-1445\n Salva Peiro reported an issue in the wanXL serial card\n driver. Local users could gain access to sensitive\n kernel memory.\n\n - CVE-2014-1446\n Salva Peiro reported an issue in the YAM radio modem\n driver. Local users with the CAP_NET_ADMIN capability\n could gain access to sensitive kernel memory.\n\n - CVE-2014-1874\n Matthew Thode reported an issue in the SELinux\n subsystem. A local user with CAP_MAC_ADMIN privileges\n could cause a denial of service by setting an empty\n security context on a file.\n\n - CVE-2014-2039\n Martin Schwidefsky reported an issue on s390 systems. A\n local user could cause a denial of service (kernel oops)\n by executing an application with a linkage stack\n instruction.\n\n - CVE-2014-2523\n Daniel Borkmann provided a fix for an issue in the\n nf_conntrack_dccp module. Remote users could cause a\n denial of service (system crash) or potentially gain\n elevated privileges.", "published": "2014-04-27T00:00:00", "modified": "2014-04-27T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://www.tenable.com/plugins/nessus/73713", "reporter": "This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://security-tracker.debian.org/tracker/CVE-2013-2889", "https://security-tracker.debian.org/tracker/CVE-2013-7263", "https://www.debian.org/security/2014/dsa-2906", "https://security-tracker.debian.org/tracker/CVE-2014-2039", "https://security-tracker.debian.org/tracker/CVE-2014-1446", "https://security-tracker.debian.org/tracker/CVE-2013-6380", "https://security-tracker.debian.org/tracker/CVE-2013-6382", "https://security-tracker.debian.org/tracker/CVE-2013-6383", "https://security-tracker.debian.org/tracker/CVE-2013-0343", "https://security-tracker.debian.org/tracker/CVE-2013-2893", "https://security-tracker.debian.org/tracker/CVE-2013-6381", "https://security-tracker.debian.org/tracker/CVE-2014-2523", "https://security-tracker.debian.org/tracker/CVE-2014-1445", "https://security-tracker.debian.org/tracker/CVE-2013-7339", "https://packages.debian.org/source/squeeze/linux-2.6", "https://security-tracker.debian.org/tracker/CVE-2013-4345", "https://security-tracker.debian.org/tracker/CVE-2013-4299", "https://security-tracker.debian.org/tracker/CVE-2014-0101", "https://security-tracker.debian.org/tracker/CVE-2013-4512", "https://security-tracker.debian.org/tracker/CVE-2013-4587", "https://security-tracker.debian.org/tracker/CVE-2013-7264", "https://security-tracker.debian.org/tracker/CVE-2013-2929", "https://security-tracker.debian.org/tracker/CVE-2014-1444", "https://security-tracker.debian.org/tracker/CVE-2013-6367", "https://security-tracker.debian.org/tracker/CVE-2013-2147", "https://security-tracker.debian.org/tracker/CVE-2014-1874", "https://security-tracker.debian.org/tracker/CVE-2013-7265", "https://security-tracker.debian.org/tracker/CVE-2013-4162"], "cvelist": ["CVE-2013-4345", "CVE-2013-4512", "CVE-2013-7265", "CVE-2013-6383", "CVE-2013-2929", "CVE-2014-1874", "CVE-2013-2147", "CVE-2013-4162", "CVE-2013-7264", "CVE-2014-1446", "CVE-2013-7339", "CVE-2013-6382", "CVE-2014-2039", "CVE-2013-6367", "CVE-2013-7263", "CVE-2014-1444", "CVE-2013-6380", "CVE-2013-0343", "CVE-2013-4587", "CVE-2013-6381", "CVE-2014-1445", "CVE-2014-2523", "CVE-2014-0101", "CVE-2013-4299", "CVE-2013-2889", "CVE-2013-2893"], "type": "nessus", "lastseen": "2021-01-12T09:48:27", "edition": 17, "viewCount": 6, "enchantments": {"dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:1361412562310871125", "OPENVAS:1361412562310702906", "OPENVAS:1361412562310841724", "OPENVAS:702906", "OPENVAS:1361412562310881879", "OPENVAS:841713", "OPENVAS:1361412562310851057", "OPENVAS:881879", "OPENVAS:1361412562310123469", "OPENVAS:871125"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2906-1:5B9FC"]}, {"type": "cve", "idList": ["CVE-2013-7263", "CVE-2013-7339", "CVE-2013-7265", "CVE-2013-6380", "CVE-2013-6382", "CVE-2013-6381", "CVE-2013-6367", "CVE-2013-7264", "CVE-2013-6383", "CVE-2013-4512"]}, {"type": "suse", "idList": ["SUSE-SU-2014:0696-1"]}, {"type": "nessus", "idList": ["FEDORA_2013-22695.NASL", "FEDORA_2013-22669.NASL", "FEDORA_2013-23653.NASL", "CENTOS_RHSA-2014-0159.NASL", "FEDORA_2013-23445.NASL", "REDHAT-RHSA-2014-0159.NASL", "ORACLELINUX_ELSA-2014-0159.NASL", "SL_20140211_KERNEL_ON_SL6_X.NASL", "ALA_ALAS-2013-258.NASL", "SUSE_SU-2014-0832-1.NASL"]}, {"type": "redhat", "idList": ["RHSA-2014:0159"]}, {"type": "centos", "idList": ["CESA-2014:0159"]}, {"type": "ubuntu", "idList": ["USN-2016-1", "USN-2108-1", "USN-2015-1", "USN-2107-1", "USN-2129-1", "USN-2109-1", "USN-2110-1", "USN-2128-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29993"]}, {"type": "f5", "idList": ["SOL15983", "SOL15984", "F5:K15317"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-3010", "ELSA-2014-3009", "ELSA-2014-3011", "ELSA-2014-0285"]}], "modified": "2021-01-12T09:48:27", "rev": 2}, "score": {"value": 7.6, "vector": "NONE", "modified": "2021-01-12T09:48:27", "rev": 2}, "vulnersScore": 7.6}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2906. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(73713);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-0343\", \"CVE-2013-2147\", \"CVE-2013-2889\", \"CVE-2013-2893\", \"CVE-2013-2929\", \"CVE-2013-4162\", \"CVE-2013-4299\", \"CVE-2013-4345\", \"CVE-2013-4512\", \"CVE-2013-4587\", \"CVE-2013-6367\", \"CVE-2013-6380\", \"CVE-2013-6381\", \"CVE-2013-6382\", \"CVE-2013-6383\", \"CVE-2013-7263\", \"CVE-2013-7264\", \"CVE-2013-7265\", \"CVE-2013-7339\", \"CVE-2014-0101\", \"CVE-2014-1444\", \"CVE-2014-1445\", \"CVE-2014-1446\", \"CVE-2014-1874\", \"CVE-2014-2039\", \"CVE-2014-2523\");\n script_bugtraq_id(58795, 60280, 61411, 62042, 62050, 62740, 63183, 63510, 63887, 63888, 63889, 63890, 64270, 64328, 64677, 64685, 64686, 64952, 64953, 64954, 65459, 65700, 65943, 66279, 66351);\n script_xref(name:\"DSA\", value:\"2906\");\n\n script_name(english:\"Debian DSA-2906-1 : linux-2.6 - privilege escalation/denial of service/information leak\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, information leak or privilege\nescalation. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2013-0343\n George Kargiotakis reported an issue in the temporary\n address handling of the IPv6 privacy extensions. Users\n on the same LAN can cause a denial of service or obtain\n access to sensitive information by sending router\n advertisement messages that cause temporary address\n generation to be disabled.\n\n - CVE-2013-2147\n Dan Carpenter reported issues in the cpqarray driver for\n Compaq Smart2 Controllers and the cciss driver for HP\n Smart Array controllers allowing users to gain access to\n sensitive kernel memory.\n\n - CVE-2013-2889\n Kees Cook discovered missing input sanitization in the\n HID driver for Zeroplus game pads that could lead to a\n local denial of service.\n\n - CVE-2013-2893\n Kees Cook discovered that missing input sanitization in\n the HID driver for various Logitech force feedback\n devices could lead to a local denial of service.\n\n - CVE-2013-2929\n Vasily Kulikov discovered that a flaw in the\n get_dumpable() function of the ptrace subsytsem could\n lead to information disclosure. Only systems with the\n fs.suid_dumpable sysctl set to a non-default value of\n '2' are vulnerable.\n\n - CVE-2013-4162\n Hannes Frederic Sowa discovered that incorrect handling\n of IPv6 sockets using the UDP_CORK option could result\n in denial of service.\n\n - CVE-2013-4299\n Fujitsu reported an issue in the device-mapper\n subsystem. Local users could gain access to sensitive\n kernel memory.\n\n - CVE-2013-4345\n Stephan Mueller found in bug in the ANSI pseudo random\n number generator which could lead to the use of less\n entropy than expected.\n\n - CVE-2013-4512\n Nico Golde and Fabian Yamaguchi reported an issue in the\n user mode linux port. A buffer overflow condition exists\n in the write method for the /proc/exitcode file. Local\n users with sufficient privileges allowing them to write\n to this file could gain further elevated privileges.\n\n - CVE-2013-4587\n Andrew Honig of Google reported an issue in the KVM\n virtualization subsystem. A local user could gain\n elevated privileges by passing a large vcpu_id\n parameter.\n\n - CVE-2013-6367\n Andrew Honig of Google reported an issue in the KVM\n virtualization subsystem. A divide-by-zero condition\n could allow a guest user to cause a denial of service on\n the host (crash).\n\n - CVE-2013-6380\n Mahesh Rajashekhara reported an issue in the aacraid\n driver for storage products from various vendors. Local\n users with CAP_SYS_ADMIN privileges could gain further\n elevated privileges.\n\n - CVE-2013-6381\n Nico Golde and Fabian Yamaguchi reported an issue in the\n Gigabit Ethernet device support for s390 systems. Local\n users could cause a denial of service or gain elevated\n privileges via the SIOC_QETH_ADP_SET_SNMP_CONTROL ioctl.\n\n - CVE-2013-6382\n Nico Golde and Fabian Yamaguchi reported an issue in the\n XFS filesystem. Local users with CAP_SYS_ADMIN\n privileges could gain further elevated privileges.\n\n - CVE-2013-6383\n Dan Carpenter reported an issue in the aacraid driver\n for storage devices from various vendors. A local user\n could gain elevated privileges due to a missing\n privilege level check in the aac_compat_ioctl function.\n\n - CVE-2013-7263 CVE-2013-7264 CVE-2013-7265\n mpb reported an information leak in the recvfrom,\n recvmmsg and recvmsg system calls. A local user could\n obtain access to sensitive kernel memory.\n\n - CVE-2013-7339\n Sasha Levin reported an issue in the RDS network\n protocol over Infiniband. A local user could cause a\n denial of service condition.\n\n - CVE-2014-0101\n Nokia Siemens Networks reported an issue in the SCTP\n network protocol subsystem. Remote users could cause a\n denial of service (NULL pointer dereference).\n\n - CVE-2014-1444\n Salva Peiro reported an issue in the FarSync WAN driver.\n Local users with the CAP_NET_ADMIN capability could gain\n access to sensitive kernel memory.\n\n - CVE-2014-1445\n Salva Peiro reported an issue in the wanXL serial card\n driver. Local users could gain access to sensitive\n kernel memory.\n\n - CVE-2014-1446\n Salva Peiro reported an issue in the YAM radio modem\n driver. Local users with the CAP_NET_ADMIN capability\n could gain access to sensitive kernel memory.\n\n - CVE-2014-1874\n Matthew Thode reported an issue in the SELinux\n subsystem. A local user with CAP_MAC_ADMIN privileges\n could cause a denial of service by setting an empty\n security context on a file.\n\n - CVE-2014-2039\n Martin Schwidefsky reported an issue on s390 systems. A\n local user could cause a denial of service (kernel oops)\n by executing an application with a linkage stack\n instruction.\n\n - CVE-2014-2523\n Daniel Borkmann provided a fix for an issue in the\n nf_conntrack_dccp module. Remote users could cause a\n denial of service (system crash) or potentially gain\n elevated privileges.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-0343\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2147\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2889\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2893\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2929\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-4162\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-4299\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-4345\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-4512\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-4587\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6367\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6380\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6381\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6382\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6383\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-7263\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-7264\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-7265\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-7339\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-0101\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-1444\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-1445\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-1446\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-1874\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-2039\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-2523\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/linux-2.6\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2014/dsa-2906\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux-2.6 and user-mode-linux packages.\n\nFor the oldstable distribution (squeeze), this problem has been fixed\nin version 2.6.32-48squeeze5.\n\nThe following matrix lists additional source packages that were\nrebuilt for compatibility with or to take advantage of this update :\n\n Debian 6.0 (squeeze) \n user-mode-linux 2.6.32-1um-4+48squeeze5 \nNote: Debian carefully tracks all known security issues across every\nlinux kernel package in all releases under active security support.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, updates for lower priority issues will normally not\nbe released for all kernels at the same time. Rather, they will be\nreleased in a staggered or 'leap-frog' fashion.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/04/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"firmware-linux-free\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-base\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-doc-2.6.32\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-486\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-4kc-malta\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-5kc-malta\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-686\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-686-bigmem\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all-amd64\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all-armel\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all-i386\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all-ia64\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all-mips\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all-mipsel\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all-powerpc\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all-s390\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all-sparc\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-amd64\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-common\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-common-openvz\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-common-vserver\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-common-xen\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-iop32x\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-itanium\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-ixp4xx\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-kirkwood\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-mckinley\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-openvz-686\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-openvz-amd64\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-orion5x\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-powerpc\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-powerpc-smp\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-powerpc64\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-r4k-ip22\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-r5k-cobalt\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-r5k-ip32\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-s390x\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-sb1-bcm91250a\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-sb1a-bcm91480b\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-sparc64\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-sparc64-smp\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-versatile\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-686\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-686-bigmem\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-amd64\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-itanium\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-mckinley\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-powerpc\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-powerpc64\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-s390x\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-sparc64\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-xen-686\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-xen-amd64\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-486\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-4kc-malta\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-5kc-malta\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-686\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-686-bigmem\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-686-bigmem-dbg\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-amd64\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-amd64-dbg\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-iop32x\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-itanium\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-ixp4xx\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-kirkwood\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-mckinley\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-openvz-686\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-openvz-686-dbg\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-openvz-amd64\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-openvz-amd64-dbg\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-orion5x\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-powerpc\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-powerpc-smp\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-powerpc64\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-r4k-ip22\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-r5k-cobalt\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-r5k-ip32\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-s390x\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-s390x-tape\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-sb1-bcm91250a\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-sb1a-bcm91480b\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-sparc64\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-sparc64-smp\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-versatile\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-686\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-686-bigmem\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-686-bigmem-dbg\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-amd64\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-amd64-dbg\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-itanium\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-mckinley\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-powerpc\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-powerpc64\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-s390x\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-sparc64\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-xen-686\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-xen-686-dbg\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-xen-amd64\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-xen-amd64-dbg\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-libc-dev\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-manual-2.6.32\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-patch-debian-2.6.32\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-source-2.6.32\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-support-2.6.32-5\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-tools-2.6.32\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"xen-linux-system-2.6.32-5-xen-686\", reference:\"2.6.32-48squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"xen-linux-system-2.6.32-5-xen-amd64\", reference:\"2.6.32-48squeeze5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "pluginID": "73713", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:linux-2.6"], "scheme": null}

{"openvas": [{"lastseen": "2018-03-20T16:40:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4345", "CVE-2013-4512", "CVE-2013-7265", "CVE-2013-6383", "CVE-2013-2929", "CVE-2014-1874", "CVE-2013-2147", "CVE-2013-4162", "CVE-2013-7264", "CVE-2014-1446", "CVE-2013-7339", "CVE-2013-6382", "CVE-2014-2039", "CVE-2013-6367", "CVE-2013-7263", "CVE-2014-1444", "CVE-2013-6380", "CVE-2013-0343", "CVE-2013-4587", "CVE-2013-6381", "CVE-2014-1445", "CVE-2014-2523", "CVE-2014-0101", "CVE-2013-4299", "CVE-2013-2889", "CVE-2013-2893"], "description": "Several vulnerabilities have been\ndiscovered in the Linux kernel that may lead to a denial of service,\ninformation leak or privilege escalation. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2013-0343\nGeorge Kargiotakis reported an issue in the temporary address handling\nof the IPv6 privacy extensions. Users on the same LAN can cause a denial\nof service or obtain access to sensitive information by sending router\nadvertisement messages that cause temporary address generation to be\ndisabled.\n\nCVE-2013-2147\nDan Carpenter reported issues in the cpqarray driver for Compaq\nSmart2 Controllers and the cciss driver for HP Smart Array controllers\nallowing users to gain access to sensitive kernel memory.\n\nCVE-2013-2889\nKees Cook discovered missing input sanitization in the HID driver for\nZeroplus game pads that could lead to a local denial of service.\n\nCVE-2013-2893\nKees Cook discovered that missing input sanitization in the HID driver\nfor various Logitech force feedback devices could lead to a local denial\nof service.\n\nCVE-2013-2929Vasily Kulikov discovered that a flaw in the get_dumpable() function of\nthe ptrace subsytsem could lead to information disclosure. Only systems\nwith the fs.suid_dumpable sysctl set to a non-default value of 2 \nare\nvulnerable.\n\nCVE-2013-4162\nHannes Frederic Sowa discovered that incorrect handling of IPv6 sockets\nusing the UDP_CORK option could result in denial of service.\n\nCVE-2013-4299\nFujitsu reported an issue in the device-mapper subsystem. Local users\ncould gain access to sensitive kernel memory.\n\nCVE-2013-4345\nStephan Mueller found in bug in the ANSI pseudo random number generator\nwhich could lead to the use of less entropy than expected.\n\nCVE-2013-4512\nNico Golde and Fabian Yamaguchi reported an issue in the user mode\nlinux port. A buffer overflow condition exists in the write method\nfor the /proc/exitcode file. Local users with sufficient privileges\nallowing them to write to this file could gain further elevated\nprivileges.\n\nCVE-2013-4587\nAndrew Honig of Google reported an issue in the KVM virtualization\nsubsystem. A local user could gain elevated privileges by passing\na large vcpu_id parameter.\n\nCVE-2013-6367\nAndrew Honig of Google reported an issue in the KVM virtualization\nsubsystem. A divide-by-zero condition could allow a guest user to\ncause a denial of service on the host (crash).\n\nCVE-2013-6380\nMahesh Rajashekhara reported an issue in the aacraid driver for storage\nproducts from various vendors. Local users with CAP_SYS_ADMIN privileges\ncould gain further elevated privileges.\n\nCVE-2013-6381\nNico Golde and Fabian Yamaguchi reported an issue in the Gigabit Ethernet\ndevice support for s390 systems. Local users could cause a denial of\nservice or gain elevated privileges via the SIOC_QETH_ADP_SET_SNMP_CONTROL\nioctl.\n\nCVE-2013-6382\nNico Golde and Fabian Yamaguchi reported an issue in the XFS filesystem.\nLocal users with CAP_SYS_ADMIN privileges could gain further elevated\nprivileges.\n\nCVE-2013-6383\nDan Carpenter reported an issue in the aacraid driver for storage devices\nfrom various vendors. A local user could gain elevated privileges due to\na missing privilege level check in the aac_compat_ioctl function.\n\nCVE-2013-7263 CVE-2013-7264 CVE-2013-7265\nmpb reported an information leak in the recvfrom, recvmmsg and recvmsg\nsystem calls. A local user could obtain access to sensitive kernel memory.\n\nCVE-2013-7339\nSasha Levin reported an issue in the RDS network protocol over Infiniband.\nA local user could cause a denial of service condition.\n\nCVE-2014-0101\nNokia Siemens Networks reported an issue in the SCTP network protocol\nsubsystem. Remote users could cause a denial of service (NULL pointer\ndereference).\n\nCVE-2014-1444\nSalva Peiro reported an issue in the FarSync WAN driver. Local users\nwith the CAP_NET_ADMIN capability could gain access to sensitive kernel\nmemory.\n\nCVE-2014-1445\nSalva Peiro reported an issue in the wanXL serial card driver. Local\nusers could gain access to sensitive kernel memory.\n\nCVE-2014-1446\nSalva Peiro reported an issue in the YAM radio modem driver. Local users\nwith the CAP_NET_ADMIN capability could gain access to sensitive kernel\nmemory.\n\nCVE-2014-1874\nMatthew Thode reported an issue in the SELinux subsystem. A local user\nwith CAP_MAC_ADMIN privileges could cause a denial of service by setting\nan empty security context on a file.\n\nCVE-2014-2039\nMartin Schwidefsky reported an issue on s390 systems. A local user\ncould cause a denial of service (kernel oops) by executing an application\nwith a linkage stack instruction.\n\nCVE-2014-2523\nDaniel Borkmann provided a fix for an issue in the nf_conntrack_dccp\nmodule. Remote users could cause a denial of service (system crash)\nor potentially gain elevated privileges.", "modified": "2018-03-19T00:00:00", "published": "2014-04-24T00:00:00", "id": "OPENVAS:702906", "href": "http://plugins.openvas.org/nasl.php?oid=702906", "type": "openvas", "title": "Debian Security Advisory DSA 2906-1 (linux-2.6 - privilege escalation/denial of service/information leak)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2906.nasl 9136 2018-03-19 13:08:02Z cfischer $\n# Auto-generated from advisory DSA 2906-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(702906);\n script_version(\"$Revision: 9136 $\");\n script_cve_id(\"CVE-2013-0343\", \"CVE-2013-2147\", \"CVE-2013-2889\", \"CVE-2013-2893\",\n \"CVE-2013-2929\", \"CVE-2013-4162\", \"CVE-2013-4299\", \"CVE-2013-4345\",\n \"CVE-2013-4512\", \"CVE-2013-4587\", \"CVE-2013-6367\", \"CVE-2013-6380\",\n \"CVE-2013-6381\", \"CVE-2013-6382\", \"CVE-2013-6383\", \"CVE-2013-7263\",\n \"CVE-2013-7264\", \"CVE-2013-7265\", \"CVE-2013-7339\", \"CVE-2014-0101\",\n \"CVE-2014-1444\", \"CVE-2014-1445\", \"CVE-2014-1446\", \"CVE-2014-1874\",\n \"CVE-2014-2039\", \"CVE-2014-2523\");\n script_name(\"Debian Security Advisory DSA 2906-1 (linux-2.6 - privilege escalation/denial of service/information leak)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2018-03-19 14:08:02 +0100 (Mon, 19 Mar 2018) $\");\n script_tag(name: \"creation_date\", value: \"2014-04-24 00:00:00 +0200 (Thu, 24 Apr 2014)\");\n script_tag(name: \"cvss_base\", value: \"10.0\");\n script_tag(name: \"cvss_base_vector\", value: \"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-2906.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"linux-2.6 on Debian Linux\");\n script_tag(name: \"insight\", value: \"The Linux kernel is the core of the Linux operating system.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (squeeze), this problem has been fixed in\nversion 2.6.32-48squeeze5.\n\nThe following matrix lists additional source packages that were rebuilt for\ncompatibility with or to take advantage of this update:\n\n?Debian 6.0 (squeeze)user-mode-linux2.6.32-1um-4+48squeeze5 \nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages.\n\nNote: Debian carefully tracks all known security issues across every\nlinux kernel package in all releases under active security support.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, updates for lower priority issues will normally not\nbe released for all kernels at the same time. Rather, they will be\nreleased in a staggered or leap-frog fashion.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities have been\ndiscovered in the Linux kernel that may lead to a denial of service,\ninformation leak or privilege escalation. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2013-0343\nGeorge Kargiotakis reported an issue in the temporary address handling\nof the IPv6 privacy extensions. Users on the same LAN can cause a denial\nof service or obtain access to sensitive information by sending router\nadvertisement messages that cause temporary address generation to be\ndisabled.\n\nCVE-2013-2147\nDan Carpenter reported issues in the cpqarray driver for Compaq\nSmart2 Controllers and the cciss driver for HP Smart Array controllers\nallowing users to gain access to sensitive kernel memory.\n\nCVE-2013-2889\nKees Cook discovered missing input sanitization in the HID driver for\nZeroplus game pads that could lead to a local denial of service.\n\nCVE-2013-2893\nKees Cook discovered that missing input sanitization in the HID driver\nfor various Logitech force feedback devices could lead to a local denial\nof service.\n\nCVE-2013-2929Vasily Kulikov discovered that a flaw in the get_dumpable() function of\nthe ptrace subsytsem could lead to information disclosure. Only systems\nwith the fs.suid_dumpable sysctl set to a non-default value of 2 \nare\nvulnerable.\n\nCVE-2013-4162\nHannes Frederic Sowa discovered that incorrect handling of IPv6 sockets\nusing the UDP_CORK option could result in denial of service.\n\nCVE-2013-4299\nFujitsu reported an issue in the device-mapper subsystem. Local users\ncould gain access to sensitive kernel memory.\n\nCVE-2013-4345\nStephan Mueller found in bug in the ANSI pseudo random number generator\nwhich could lead to the use of less entropy than expected.\n\nCVE-2013-4512\nNico Golde and Fabian Yamaguchi reported an issue in the user mode\nlinux port. A buffer overflow condition exists in the write method\nfor the /proc/exitcode file. Local users with sufficient privileges\nallowing them to write to this file could gain further elevated\nprivileges.\n\nCVE-2013-4587\nAndrew Honig of Google reported an issue in the KVM virtualization\nsubsystem. A local user could gain elevated privileges by passing\na large vcpu_id parameter.\n\nCVE-2013-6367\nAndrew Honig of Google reported an issue in the KVM virtualization\nsubsystem. A divide-by-zero condition could allow a guest user to\ncause a denial of service on the host (crash).\n\nCVE-2013-6380\nMahesh Rajashekhara reported an issue in the aacraid driver for storage\nproducts from various vendors. Local users with CAP_SYS_ADMIN privileges\ncould gain further elevated privileges.\n\nCVE-2013-6381\nNico Golde and Fabian Yamaguchi reported an issue in the Gigabit Ethernet\ndevice support for s390 systems. Local users could cause a denial of\nservice or gain elevated privileges via the SIOC_QETH_ADP_SET_SNMP_CONTROL\nioctl.\n\nCVE-2013-6382\nNico Golde and Fabian Yamaguchi reported an issue in the XFS filesystem.\nLocal users with CAP_SYS_ADMIN privileges could gain further elevated\nprivileges.\n\nCVE-2013-6383\nDan Carpenter reported an issue in the aacraid driver for storage devices\nfrom various vendors. A local user could gain elevated privileges due to\na missing privilege level check in the aac_compat_ioctl function.\n\nCVE-2013-7263 CVE-2013-7264 CVE-2013-7265\nmpb reported an information leak in the recvfrom, recvmmsg and recvmsg\nsystem calls. A local user could obtain access to sensitive kernel memory.\n\nCVE-2013-7339\nSasha Levin reported an issue in the RDS network protocol over Infiniband.\nA local user could cause a denial of service condition.\n\nCVE-2014-0101\nNokia Siemens Networks reported an issue in the SCTP network protocol\nsubsystem. Remote users could cause a denial of service (NULL pointer\ndereference).\n\nCVE-2014-1444\nSalva Peiro reported an issue in the FarSync WAN driver. Local users\nwith the CAP_NET_ADMIN capability could gain access to sensitive kernel\nmemory.\n\nCVE-2014-1445\nSalva Peiro reported an issue in the wanXL serial card driver. Local\nusers could gain access to sensitive kernel memory.\n\nCVE-2014-1446\nSalva Peiro reported an issue in the YAM radio modem driver. Local users\nwith the CAP_NET_ADMIN capability could gain access to sensitive kernel\nmemory.\n\nCVE-2014-1874\nMatthew Thode reported an issue in the SELinux subsystem. A local user\nwith CAP_MAC_ADMIN privileges could cause a denial of service by setting\nan empty security context on a file.\n\nCVE-2014-2039\nMartin Schwidefsky reported an issue on s390 systems. A local user\ncould cause a denial of service (kernel oops) by executing an application\nwith a linkage stack instruction.\n\nCVE-2014-2523\nDaniel Borkmann provided a fix for an issue in the nf_conntrack_dccp\nmodule. Remote users could cause a denial of service (system crash)\nor potentially gain elevated privileges.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"firmware-linux-free\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-base\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-2.6.32\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-486\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-4kc-malta\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-5kc-malta\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-686\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-686-bigmem\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-amd64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-armel\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-i386\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-ia64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-mips\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-mipsel\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-powerpc\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-s390\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-sparc\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-amd64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-common\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-common-openvz\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-common-vserver\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-common-xen\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-iop32x\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-itanium\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-ixp4xx\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-kirkwood\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-mckinley\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-openvz-686\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-openvz-amd64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-orion5x\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-powerpc\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-powerpc-smp\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-powerpc64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-r4k-ip22\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-r5k-cobalt\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-r5k-ip32\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-s390x\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-sb1-bcm91250a\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-sb1a-bcm91480b\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-sparc64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-sparc64-smp\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-versatile\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-686\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-686-bigmem\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-amd64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-itanium\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-mckinley\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-powerpc\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-powerpc64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-s390x\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-sparc64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-xen-686\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-xen-amd64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-486\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-4kc-malta\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-5kc-malta\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-686\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-686-bigmem\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-686-bigmem-dbg\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-amd64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-amd64-dbg\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-iop32x\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-itanium\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-ixp4xx\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-kirkwood\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-mckinley\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-openvz-686\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-openvz-686-dbg\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-openvz-amd64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-openvz-amd64-dbg\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-orion5x\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-powerpc\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-powerpc-smp\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-powerpc64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-r4k-ip22\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-r5k-cobalt\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-r5k-ip32\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-s390x\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-s390x-tape\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-sb1-bcm91250a\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-sb1a-bcm91480b\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-sparc64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-sparc64-smp\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-versatile\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-686\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-686-bigmem\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-686-bigmem-dbg\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-amd64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-amd64-dbg\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-itanium\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-mckinley\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-powerpc\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-powerpc64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-s390x\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-sparc64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-xen-686\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-xen-686-dbg\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-xen-amd64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-xen-amd64-dbg\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-2.6.32\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-patch-debian-2.6.32\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-2.6.32\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-2.6.32-5\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-tools-2.6.32\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.32-5-xen-686\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.32-5-xen-amd64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4345", "CVE-2013-4512", "CVE-2013-7265", "CVE-2013-6383", "CVE-2013-2929", "CVE-2014-1874", "CVE-2013-2147", "CVE-2013-4162", "CVE-2013-7264", "CVE-2014-1446", "CVE-2013-7339", "CVE-2013-6382", "CVE-2014-2039", "CVE-2013-6367", "CVE-2013-7263", "CVE-2014-1444", "CVE-2013-6380", "CVE-2013-0343", "CVE-2013-4587", "CVE-2013-6381", "CVE-2014-1445", "CVE-2014-2523", "CVE-2014-0101", "CVE-2013-4299", "CVE-2013-2889", "CVE-2013-2893"], "description": "Several vulnerabilities have been\ndiscovered in the Linux kernel that may lead to a denial of service,\ninformation leak or privilege escalation. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2013-0343\nGeorge Kargiotakis reported an issue in the temporary address handling\nof the IPv6 privacy extensions. Users on the same LAN can cause a denial\nof service or obtain access to sensitive information by sending router\nadvertisement messages that cause temporary address generation to be\ndisabled.\n\nCVE-2013-2147\nDan Carpenter reported issues in the cpqarray driver for Compaq\nSmart2 Controllers and the cciss driver for HP Smart Array controllers\nallowing users to gain access to sensitive kernel memory.\n\nCVE-2013-2889\nKees Cook discovered missing input sanitization in the HID driver for\nZeroplus game pads that could lead to a local denial of service.\n\nCVE-2013-2893\nKees Cook discovered that missing input sanitization in the HID driver\nfor various Logitech force feedback devices could lead to a local denial\nof service.\n\nDescription truncated. Please see the references for more information.", "modified": "2019-03-18T00:00:00", "published": "2014-04-24T00:00:00", "id": "OPENVAS:1361412562310702906", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310702906", "type": "openvas", "title": "Debian Security Advisory DSA 2906-1 (linux-2.6 - privilege escalation/denial of service/information leak)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2906.nasl 14277 2019-03-18 14:45:38Z cfischer $\n# Auto-generated from advisory DSA 2906-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.702906\");\n script_version(\"$Revision: 14277 $\");\n script_cve_id(\"CVE-2013-0343\", \"CVE-2013-2147\", \"CVE-2013-2889\", \"CVE-2013-2893\",\n \"CVE-2013-2929\", \"CVE-2013-4162\", \"CVE-2013-4299\", \"CVE-2013-4345\",\n \"CVE-2013-4512\", \"CVE-2013-4587\", \"CVE-2013-6367\", \"CVE-2013-6380\",\n \"CVE-2013-6381\", \"CVE-2013-6382\", \"CVE-2013-6383\", \"CVE-2013-7263\",\n \"CVE-2013-7264\", \"CVE-2013-7265\", \"CVE-2013-7339\", \"CVE-2014-0101\",\n \"CVE-2014-1444\", \"CVE-2014-1445\", \"CVE-2014-1446\", \"CVE-2014-1874\",\n \"CVE-2014-2039\", \"CVE-2014-2523\");\n script_name(\"Debian Security Advisory DSA 2906-1 (linux-2.6 - privilege escalation/denial of service/information leak)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:45:38 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-24 00:00:00 +0200 (Thu, 24 Apr 2014)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2014/dsa-2906.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_tag(name:\"affected\", value:\"linux-2.6 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (squeeze), this problem has been fixed in\nversion 2.6.32-48squeeze5.\n\nThe following matrix lists additional source packages that were rebuilt for\ncompatibility with or to take advantage of this update:\n\n?Debian 6.0 (squeeze)user-mode-linux2.6.32-1um-4+48squeeze5\nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages.\n\nNote: Debian carefully tracks all known security issues across every\nlinux kernel package in all releases under active security support.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, updates for lower priority issues will normally not\nbe released for all kernels at the same time. Rather, they will be\nreleased in a staggered or leap-frog fashion.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been\ndiscovered in the Linux kernel that may lead to a denial of service,\ninformation leak or privilege escalation. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2013-0343\nGeorge Kargiotakis reported an issue in the temporary address handling\nof the IPv6 privacy extensions. Users on the same LAN can cause a denial\nof service or obtain access to sensitive information by sending router\nadvertisement messages that cause temporary address generation to be\ndisabled.\n\nCVE-2013-2147\nDan Carpenter reported issues in the cpqarray driver for Compaq\nSmart2 Controllers and the cciss driver for HP Smart Array controllers\nallowing users to gain access to sensitive kernel memory.\n\nCVE-2013-2889\nKees Cook discovered missing input sanitization in the HID driver for\nZeroplus game pads that could lead to a local denial of service.\n\nCVE-2013-2893\nKees Cook discovered that missing input sanitization in the HID driver\nfor various Logitech force feedback devices could lead to a local denial\nof service.\n\nDescription truncated. Please see the references for more information.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"firmware-linux-free\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-base\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-doc-2.6.32\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-486\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-4kc-malta\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-5kc-malta\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-686\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-686-bigmem\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-amd64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-armel\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-i386\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-ia64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-mips\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-mipsel\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-powerpc\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-s390\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-sparc\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-amd64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-common\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-common-openvz\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-common-vserver\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-common-xen\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-iop32x\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-itanium\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-ixp4xx\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-kirkwood\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-mckinley\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-openvz-686\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-openvz-amd64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-orion5x\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-powerpc\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-powerpc-smp\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-powerpc64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-r4k-ip22\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-r5k-cobalt\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-r5k-ip32\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-s390x\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-sb1-bcm91250a\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-sb1a-bcm91480b\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-sparc64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-sparc64-smp\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-versatile\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-686\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-686-bigmem\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-amd64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-itanium\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-mckinley\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-powerpc\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-powerpc64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-s390x\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-sparc64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-xen-686\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-xen-amd64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-486\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-4kc-malta\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-5kc-malta\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-686\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-686-bigmem\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-686-bigmem-dbg\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-amd64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-amd64-dbg\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-iop32x\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-itanium\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-ixp4xx\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-kirkwood\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-mckinley\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-openvz-686\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-openvz-686-dbg\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-openvz-amd64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-openvz-amd64-dbg\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-orion5x\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-powerpc\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-powerpc-smp\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-powerpc64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-r4k-ip22\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-r5k-cobalt\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-r5k-ip32\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-s390x\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-s390x-tape\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-sb1-bcm91250a\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-sb1a-bcm91480b\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-sparc64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-sparc64-smp\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-versatile\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-686\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-686-bigmem\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-686-bigmem-dbg\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-amd64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-amd64-dbg\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-itanium\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-mckinley\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-powerpc\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-powerpc64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-s390x\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-sparc64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-xen-686\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-xen-686-dbg\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-xen-amd64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-xen-amd64-dbg\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-manual-2.6.32\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-patch-debian-2.6.32\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-source-2.6.32\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-support-2.6.32-5\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-tools-2.6.32\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.32-5-xen-686\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.32-5-xen-amd64\", ver:\"2.6.32-48squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:37:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3122", "CVE-2013-7265", "CVE-2014-1737", "CVE-2014-1874", "CVE-2014-1738", "CVE-2013-7264", "CVE-2014-1446", "CVE-2013-7339", "CVE-2014-0196", "CVE-2014-2678", "CVE-2013-6382", "CVE-2014-2039", "CVE-2013-4579", "CVE-2013-7263", "CVE-2014-1444", "CVE-2013-6885", "CVE-2014-1445", "CVE-2013-4470", "CVE-2014-2523", "CVE-2014-0101", "CVE-2014-0069"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2015-10-16T00:00:00", "id": "OPENVAS:1361412562310851057", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851057", "type": "openvas", "title": "SUSE: Security Advisory for Linux (SUSE-SU-2014:0696-1)", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851057\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-16 19:07:12 +0200 (Fri, 16 Oct 2015)\");\n script_cve_id(\"CVE-2013-4470\", \"CVE-2013-4579\", \"CVE-2013-6382\", \"CVE-2013-6885\", \"CVE-2013-7263\", \"CVE-2013-7264\", \"CVE-2013-7265\", \"CVE-2013-7339\", \"CVE-2014-0069\", \"CVE-2014-0101\", \"CVE-2014-0196\", \"CVE-2014-1444\", \"CVE-2014-1445\", \"CVE-2014-1446\", \"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-1874\", \"CVE-2014-2039\", \"CVE-2014-2523\", \"CVE-2014-2678\", \"CVE-2014-3122\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for Linux (SUSE-SU-2014:0696-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Linux'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The SUSE Linux Enterprise Server 11 SP2 LTSS kernel received a roll-up\n update to fix security and non-security issues.\n\n The following security bugs have been fixed:\n\n *\n\n CVE-2013-4470: The Linux kernel before 3.12, when UDP Fragmentation\n Offload (UFO) is enabled, does not properly initialize certain data\n structures, which allows local users to cause a denial of service (memory\n corruption and system crash) or possibly gain privileges via a crafted\n application that uses the UDP_CORK option in a setsockopt system call and\n sends both short and long packets, related to the ip_ufo_append_data\n function in net/ipv4/ip_output.c and the ip6_ufo_append_data function in\n net/ipv6/ip6_output.c. (bnc#847672)\n\n *\n\n CVE-2013-4579: The ath9k_htc_set_bssid_mask function in\n drivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel through\n 3.12 uses a BSSID masking approach to determine the set of MAC addresses\n on which a Wi-Fi device is listening, which allows remote attackers to\n discover the original MAC address after spoofing by sending a series of\n packets to MAC addresses with certain bit manipulations. (bnc#851426)\n\n *\n\n CVE-2013-6382: Multiple buffer underflows in the XFS implementation\n in the Linux kernel through 3.12.1 allow local users to cause a denial of\n service (memory corruption) or possibly have unspecified\n other impact by leveraging the CAP_SYS_ADMIN capability for a (1)\n XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call\n with a crafted length value, related to the xfs_attrlist_by_handle\n function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle\n function in fs/xfs/xfs_ioctl32.c. (bnc#852553)\n\n *\n\n CVE-2013-6885: The microcode on AMD 16h 00h through 0Fh processors\n does not properly handle the interaction between locked instructions and\n write-combined memory types, which allows local users to cause a denial of\n service (system hang) via a crafted application, aka the errata 793 issue.\n (bnc#852967)\n\n *\n\n CVE-2013-7263: The Linux kernel before 3.12.4 updates certain length\n values before ensuring that associated data structures have been\n initialized, which allows local users to obtain sensitive information from\n kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg\n system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c,\n net/ipv6/raw.c, and net/ipv6/udp.c. (bnc#857643)\n\n *\n\n CVE-2013-7264: The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in\n the Linux kernel before 3.12.4 updates a certain length value before\n ensuring that an ass ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"affected\", value:\"Linux on SUSE Linux Enterprise Server 11 SP2 LTSS\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2014:0696-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLES11\\.0SP2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLES11.0SP2\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-devel\", rpm:\"kernel-trace-devel~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2\", rpm:\"kernel-ec2~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-base\", rpm:\"kernel-ec2-base~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-devel\", rpm:\"kernel-ec2-devel~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-man\", rpm:\"kernel-default-man~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-devel\", rpm:\"kernel-pae-devel~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:38", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-7265", "CVE-2013-2929", "CVE-2013-7263", "CVE-2013-6381"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-02-13T00:00:00", "id": "OPENVAS:1361412562310881879", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881879", "type": "openvas", "title": "CentOS Update for kernel CESA-2014:0159 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2014:0159 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881879\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-02-13 11:41:41 +0530 (Thu, 13 Feb 2014)\");\n script_cve_id(\"CVE-2013-2929\", \"CVE-2013-6381\", \"CVE-2013-7263\", \"CVE-2013-7265\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Update for kernel CESA-2014:0159 centos6\");\n\n script_tag(name:\"affected\", value:\"kernel on CentOS 6\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n * A buffer overflow flaw was found in the way the qeth_snmp_command()\nfunction in the Linux kernel's QETH network device driver implementation\nhandled SNMP IOCTL requests with an out-of-bounds length. A local,\nunprivileged user could use this flaw to crash the system or, potentially,\nescalate their privileges on the system. (CVE-2013-6381, Important)\n\n * A flaw was found in the way the get_dumpable() function return value was\ninterpreted in the ptrace subsystem of the Linux kernel. When\n'fs.suid_dumpable' was set to 2, a local, unprivileged local user could\nuse this flaw to bypass intended ptrace restrictions and obtain\npotentially sensitive information. (CVE-2013-2929, Low)\n\n * It was found that certain protocol handlers in the Linux kernel's\nnetworking implementation could set the addr_len value without initializing\nthe associated data structure. A local, unprivileged user could use this\nflaw to leak kernel stack memory to user space using the recvmsg, recvfrom,\nand recvmmsg system calls (CVE-2013-7263, CVE-2013-7265, Low).\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"CESA\", value:\"2014:0159\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-February/020150.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~431.5.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~431.5.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~431.5.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~431.5.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~431.5.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~431.5.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~431.5.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~431.5.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~431.5.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~2.6.32~431.5.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:48:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-7265", "CVE-2013-2929", "CVE-2013-7263", "CVE-2013-6381"], "description": "Check for the Version of kernel", "modified": "2017-07-10T00:00:00", "published": "2014-02-13T00:00:00", "id": "OPENVAS:881879", "href": "http://plugins.openvas.org/nasl.php?oid=881879", "type": "openvas", "title": "CentOS Update for kernel CESA-2014:0159 centos6 ", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2014:0159 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(881879);\n script_version(\"$Revision: 6656 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:49:38 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-02-13 11:41:41 +0530 (Thu, 13 Feb 2014)\");\n script_cve_id(\"CVE-2013-2929\", \"CVE-2013-6381\", \"CVE-2013-7263\", \"CVE-2013-7265\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Update for kernel CESA-2014:0159 centos6 \");\n\n tag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A buffer overflow flaw was found in the way the qeth_snmp_command()\nfunction in the Linux kernel's QETH network device driver implementation\nhandled SNMP IOCTL requests with an out-of-bounds length. A local,\nunprivileged user could use this flaw to crash the system or, potentially,\nescalate their privileges on the system. (CVE-2013-6381, Important)\n\n* A flaw was found in the way the get_dumpable() function return value was\ninterpreted in the ptrace subsystem of the Linux kernel. When\n'fs.suid_dumpable' was set to 2, a local, unprivileged local user could\nuse this flaw to bypass intended ptrace restrictions and obtain\npotentially sensitive information. (CVE-2013-2929, Low)\n\n* It was found that certain protocol handlers in the Linux kernel's\nnetworking implementation could set the addr_len value without initializing\nthe associated data structure. A local, unprivileged user could use this\nflaw to leak kernel stack memory to user space using the recvmsg, recvfrom,\nand recvmmsg system calls (CVE-2013-7263, CVE-2013-7265, Low).\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\";\n\n tag_affected = \"kernel on CentOS 6\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"CESA\", value: \"2014:0159\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2014-February/020150.html\");\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~431.5.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~431.5.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~431.5.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~431.5.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~431.5.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~431.5.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~431.5.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~431.5.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~431.5.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~2.6.32~431.5.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-7265", "CVE-2013-2929", "CVE-2013-7263", "CVE-2013-6381"], "description": "Oracle Linux Local Security Checks ELSA-2014-0159", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123469", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123469", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-0159", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-0159.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123469\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:04:13 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-0159\");\n script_tag(name:\"insight\", value:\"ELSA-2014-0159 - kernel security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-0159\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-0159.html\");\n script_cve_id(\"CVE-2013-2929\", \"CVE-2013-6381\", \"CVE-2013-7263\", \"CVE-2013-7265\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~431.5.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~431.5.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~431.5.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~431.5.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~431.5.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~431.5.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~431.5.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~431.5.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~431.5.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~2.6.32~431.5.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-27T10:48:51", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-7265", "CVE-2013-2929", "CVE-2013-7263", "CVE-2013-6381"], "description": "Check for the Version of kernel", "modified": "2017-07-12T00:00:00", "published": "2014-02-13T00:00:00", "id": "OPENVAS:871125", "href": "http://plugins.openvas.org/nasl.php?oid=871125", "type": "openvas", "title": "RedHat Update for kernel RHSA-2014:0159-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2014:0159-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(871125);\n script_version(\"$Revision: 6688 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:49:31 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-02-13 11:43:35 +0530 (Thu, 13 Feb 2014)\");\n script_cve_id(\"CVE-2013-2929\", \"CVE-2013-6381\", \"CVE-2013-7263\", \"CVE-2013-7265\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Update for kernel RHSA-2014:0159-01\");\n\n tag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A buffer overflow flaw was found in the way the qeth_snmp_command()\nfunction in the Linux kernel's QETH network device driver implementation\nhandled SNMP IOCTL requests with an out-of-bounds length. A local,\nunprivileged user could use this flaw to crash the system or, potentially,\nescalate their privileges on the system. (CVE-2013-6381, Important)\n\n* A flaw was found in the way the get_dumpable() function return value was\ninterpreted in the ptrace subsystem of the Linux kernel. When\n'fs.suid_dumpable' was set to 2, a local, unprivileged local user could\nuse this flaw to bypass intended ptrace restrictions and obtain\npotentially sensitive information. (CVE-2013-2929, Low)\n\n* It was found that certain protocol handlers in the Linux kernel's\nnetworking implementation could set the addr_len value without initializing\nthe associated data structure. A local, unprivileged user could use this\nflaw to leak kernel stack memory to user space using the recvmsg, recvfrom,\nand recvmmsg system calls (CVE-2013-7263, CVE-2013-7265, Low).\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\";\n\n tag_affected = \"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"RHSA\", value: \"2014:0159-01\");\n script_xref(name: \"URL\" , value: \"https://www.redhat.com/archives/rhsa-announce/2014-February/msg00015.html\");\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-7265", "CVE-2013-2929", "CVE-2013-7263", "CVE-2013-6381"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2014-02-13T00:00:00", "id": "OPENVAS:1361412562310871125", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871125", "type": "openvas", "title": "RedHat Update for kernel RHSA-2014:0159-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2014:0159-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871125\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-02-13 11:43:35 +0530 (Thu, 13 Feb 2014)\");\n script_cve_id(\"CVE-2013-2929\", \"CVE-2013-6381\", \"CVE-2013-7263\", \"CVE-2013-7265\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Update for kernel RHSA-2014:0159-01\");\n\n\n script_tag(name:\"affected\", value:\"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n * A buffer overflow flaw was found in the way the qeth_snmp_command()\nfunction in the Linux kernel's QETH network device driver implementation\nhandled SNMP IOCTL requests with an out-of-bounds length. A local,\nunprivileged user could use this flaw to crash the system or, potentially,\nescalate their privileges on the system. (CVE-2013-6381, Important)\n\n * A flaw was found in the way the get_dumpable() function return value was\ninterpreted in the ptrace subsystem of the Linux kernel. When\n'fs.suid_dumpable' was set to 2, a local, unprivileged local user could\nuse this flaw to bypass intended ptrace restrictions and obtain\npotentially sensitive information. (CVE-2013-2929, Low)\n\n * It was found that certain protocol handlers in the Linux kernel's\nnetworking implementation could set the addr_len value without initializing\nthe associated data structure. A local, unprivileged user could use this\nflaw to leak kernel stack memory to user space using the recvmsg, recvfrom,\nand recvmmsg system calls (CVE-2013-7263, CVE-2013-7265, Low).\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"RHSA\", value:\"2014:0159-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2014-February/msg00015.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~431.5.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:45", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4345", "CVE-2013-7270", "CVE-2013-7265", "CVE-2013-2929", "CVE-2013-7267", "CVE-2013-7266", "CVE-2013-7264", "CVE-2013-6382", "CVE-2013-6367", "CVE-2013-7263", "CVE-2013-7269", "CVE-2013-7271", "CVE-2013-6380", "CVE-2013-7268", "CVE-2013-7281", "CVE-2013-4587"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2014-02-20T00:00:00", "id": "OPENVAS:1361412562310841724", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841724", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-2110-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2110_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-ti-omap4 USN-2110-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841724\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-02-20 15:20:52 +0530 (Thu, 20 Feb 2014)\");\n script_cve_id(\"CVE-2013-2929\", \"CVE-2013-4345\", \"CVE-2013-4587\", \"CVE-2013-6367\",\n \"CVE-2013-6380\", \"CVE-2013-6382\", \"CVE-2013-7263\", \"CVE-2013-7264\",\n \"CVE-2013-7265\", \"CVE-2013-7266\", \"CVE-2013-7267\", \"CVE-2013-7268\",\n \"CVE-2013-7269\", \"CVE-2013-7270\", \"CVE-2013-7271\", \"CVE-2013-7281\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-2110-1\");\n\n script_tag(name:\"affected\", value:\"linux-ti-omap4 on Ubuntu 12.04 LTS\");\n script_tag(name:\"insight\", value:\"Vasily Kulikov reported a flaw in the Linux kernel's implementation of\nptrace. An unprivileged local user could exploit this flaw to obtain\nsensitive information from kernel memory. (CVE-2013-2929)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random\nnumber generator. This flaw makes it easier for a local attacker to break\ncryptographic protections. (CVE-2013-4345)\n\nAndrew Honig reported a flaw in the Linux Kernel's kvm_vm_ioctl_create_vcpu\nfunction of the Kernel Virtual Machine (KVM) subsystem. A local user could\nexploit this flaw to gain privileges on the host machine. (CVE-2013-4587)\n\nAndrew Honig reported a flaw in the apic_get_tmcct function of the Kernel\nVirtual Machine (KVM) subsystem if the Linux kernel. A guest OS user could\nexploit this flaw to cause a denial of service or host OS system crash.\n(CVE-2013-6367)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the driver for Adaptec\nAACRAID scsi raid devices in the Linux kernel. A local user could use this\nflaw to cause a denial of service or possibly other unspecified impact.\n(CVE-2013-6380)\n\nNico Golde and Fabian Yamaguchi reported buffer underflow errors in the\nimplementation of the XFS filesystem in the Linux kernel. A local user with\nCAP_SYS_ADMIN could exploit these flaw to cause a denial of service (memory\ncorruption) or possibly other unspecified issues. (CVE-2013-6382)\n\nmpd reported an information leak in the recvfrom, recvmmsg, and recvmsg\nsystem calls in the Linux kernel. An unprivileged local user could exploit\nthis flaw to obtain sensitive information from kernel stack memory.\n(CVE-2013-7263)\n\nmpb reported an information leak in the Layer Two Tunneling Protocol (l2tp)\nof the Linux kernel. A local user could exploit this flaw to obtain\nsensitive information from kernel stack memory. (CVE-2013-7264)\n\nmpb reported an information leak in the Phone Network protocol (phonet) in\nthe Linux kernel. A local user could exploit this flaw to obtain sensitive\ninformation from kernel stack memory. (CVE-2013-7265)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg\nsystemcalls when used with ISDN sockets in the Linux kernel. A local user\ncould exploit this leak to obtain potentially sensitive information from\nkernel memory. (CVE-2013-7266)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg\nsystemcalls when used with apple talk sockets in the Linux kernel. A local\nuser could exploit this leak to obtain potentially sensitive information\nfrom kernel memory. (CVE-2013-7267)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg\nsystemcalls ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2110-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2110-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-ti-omap4'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-1443-omap4\", ver:\"3.2.0-1443.62\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:16:46", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4345", "CVE-2013-7270", "CVE-2013-7265", "CVE-2013-2929", "CVE-2013-7267", "CVE-2013-7266", "CVE-2013-7264", "CVE-2013-6382", "CVE-2013-6367", "CVE-2013-7263", "CVE-2013-7269", "CVE-2013-7271", "CVE-2013-6380", "CVE-2013-7268", "CVE-2013-7281", "CVE-2013-4587"], "description": "Check for the Version of linux", "modified": "2017-12-01T00:00:00", "published": "2014-02-20T00:00:00", "id": "OPENVAS:841713", "href": "http://plugins.openvas.org/nasl.php?oid=841713", "type": "openvas", "title": "Ubuntu Update for linux USN-2109-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2109_1.nasl 7957 2017-12-01 06:40:08Z santu $\n#\n# Ubuntu Update for linux USN-2109-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(841713);\n script_version(\"$Revision: 7957 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:40:08 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-02-20 15:13:24 +0530 (Thu, 20 Feb 2014)\");\n script_cve_id(\"CVE-2013-2929\", \"CVE-2013-4345\", \"CVE-2013-4587\", \"CVE-2013-6367\",\n \"CVE-2013-6380\", \"CVE-2013-6382\", \"CVE-2013-7263\", \"CVE-2013-7264\",\n \"CVE-2013-7265\", \"CVE-2013-7266\", \"CVE-2013-7267\", \"CVE-2013-7268\",\n \"CVE-2013-7269\", \"CVE-2013-7270\", \"CVE-2013-7271\", \"CVE-2013-7281\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux USN-2109-1\");\n\n tag_insight = \"Vasily Kulikov reported a flaw in the Linux kernel's implementation of\nptrace. An unprivileged local user could exploit this flaw to obtain\nsensitive information from kernel memory. (CVE-2013-2929)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random\nnumber generator. This flaw makes it easier for a local attacker to break\ncryptographic protections. (CVE-2013-4345)\n\nAndrew Honig reported a flaw in the Linux Kernel's kvm_vm_ioctl_create_vcpu\nfunction of the Kernel Virtual Machine (KVM) subsystem. A local user could\nexploit this flaw to gain privileges on the host machine. (CVE-2013-4587)\n\nAndrew Honig reported a flaw in the apic_get_tmcct function of the Kernel\nVirtual Machine (KVM) subsystem if the Linux kernel. A guest OS user could\nexploit this flaw to cause a denial of service or host OS system crash.\n(CVE-2013-6367)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the driver for Adaptec\nAACRAID scsi raid devices in the Linux kernel. A local user could use this\nflaw to cause a denial of service or possibly other unspecified impact.\n(CVE-2013-6380)\n\nNico Golde and Fabian Yamaguchi reported buffer underflow errors in the\nimplementation of the XFS filesystem in the Linux kernel. A local user with\nCAP_SYS_ADMIN could exploit these flaw to cause a denial of service (memory\ncorruption) or possibly other unspecified issues. (CVE-2013-6382)\n\nmpd reported an information leak in the recvfrom, recvmmsg, and recvmsg\nsystem calls in the Linux kernel. An unprivileged local user could exploit\nthis flaw to obtain sensitive information from kernel stack memory.\n(CVE-2013-7263)\n\nmpb reported an information leak in the Layer Two Tunneling Protocol (l2tp)\nof the Linux kernel. A local user could exploit this flaw to obtain\nsensitive information from kernel stack memory. (CVE-2013-7264)\n\nmpb reported an information leak in the Phone Network protocol (phonet) in\nthe Linux kernel. A local user could exploit this flaw to obtain sensitive\ninformation from kernel stack memory. (CVE-2013-7265)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg\nsystemcalls when used with ISDN sockets in the Linux kernel. A local user\ncould exploit this leak to obtain potentially sensitive information from\nkernel memory. (CVE-2013-7266)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg\nsystemcalls when used with apple talk sockets in the Linux kernel. A local\nuser could exploit this leak to obtain potentially sensitive information\nfrom kernel memory. (CVE-2013-7267)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg\nsystemcalls when used ... \n\n Description truncated, for more information please check the Reference URL\";\n\n tag_affected = \"linux on Ubuntu 12.04 LTS\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"USN\", value: \"2109-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-2109-1/\");\n script_summary(\"Check for the Version of linux\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-59-generic\", ver:\"3.2.0-59.90\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-59-generic-pae\", ver:\"3.2.0-59.90\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-59-highbank\", ver:\"3.2.0-59.90\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-59-omap\", ver:\"3.2.0-59.90\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-59-powerpc-smp\", ver:\"3.2.0-59.90\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-59-powerpc64-smp\", ver:\"3.2.0-59.90\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-59-virtual\", ver:\"3.2.0-59.90\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2020-11-11T13:28:30", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4345", "CVE-2013-4512", "CVE-2013-7265", "CVE-2013-6383", "CVE-2013-2929", "CVE-2014-1874", "CVE-2103-2929", "CVE-2013-2147", "CVE-2013-4162", "CVE-2013-7264", "CVE-2014-1446", "CVE-2013-7339", "CVE-2013-6382", "CVE-2014-2039", "CVE-2013-6367", "CVE-2013-7263", "CVE-2014-1444", "CVE-2013-6380", "CVE-2013-0343", "CVE-2013-4587", "CVE-2013-6381", "CVE-2014-1445", "CVE-2014-2523", "CVE-2014-0101", "CVE-2013-4299", "CVE-2013-2889", "CVE-2013-2893"], "description": "- ----------------------------------------------------------------------\nDebian Security Advisory DSA-2906-1 security@debian.org\nhttp://www.debian.org/security/ Dann Frazier\nApril 24, 2014 http://www.debian.org/security/faq\n- ----------------------------------------------------------------------\n\nPackage : linux-2.6\nVulnerability : privilege escalation/denial of service/information leak\nProblem type : local/remote\nDebian-specific: no\nCVE Id(s) : CVE-2013-0343 CVE-2013-2147 CVE-2013-2889 CVE-2013-2893\n CVE-2013-4162 CVE-2013-4299 CVE-2013-4345 CVE-2013-4512\n CVE-2013-4587 CVE-2013-6367 CVE-2013-6380 CVE-2013-6381\n CVE-2013-6382 CVE-2013-6383 CVE-2013-7263 CVE-2013-7264\n CVE-2013-7265 CVE-2013-7339 CVE-2014-0101 CVE-2014-1444\n CVE-2014-1445 CVE-2014-1446 CVE-2014-1874 CVE-2014-2039\n CVE-2014-2523 CVE-2103-2929\n\nSeveral vulnerabilities have been discovered in the Linux kernel that may lead\nto a denial of service, information leak or privilege escalation. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2013-0343\n\n George Kargiotakis reported an issue in the temporary address handling\n of the IPv6 privacy extensions. Users on the same LAN can cause a denial\n of service or obtain access to sensitive information by sending router\n advertisement messages that cause temporary address generation to be\n disabled.\n\nCVE-2013-2147\n\n Dan Carpenter reported issues in the cpqarray driver for Compaq\n Smart2 Controllers and the cciss driver for HP Smart Array controllers\n allowing users to gain access to sensitive kernel memory.\n\nCVE-2013-2889\n\n Kees Cook discovered missing input sanitization in the HID driver for\n Zeroplus game pads that could lead to a local denial of service.\n\nCVE-2013-2893\n\n Kees Cook discovered that missing input sanitization in the HID driver\n for various Logitech force feedback devices could lead to a local denial\n of service.\n\nCVE-2013-2929\n\n Vasily Kulikov discovered that a flaw in the get_dumpable() function of\n the ptrace subsytsem could lead to information disclosure. Only systems\n with the fs.suid_dumpable sysctl set to a non-default value of '2' are\n vulnerable.\n\nCVE-2013-4162\n\n Hannes Frederic Sowa discovered that incorrect handling of IPv6 sockets\n using the UDP_CORK option could result in denial of service.\n\nCVE-2013-4299\n\n Fujitsu reported an issue in the device-mapper subsystem. Local users\n could gain access to sensitive kernel memory.\n\nCVE-2013-4345\n\n Stephan Mueller found in bug in the ANSI pseudo random number generator\n which could lead to the use of less entropy than expected.\n\nCVE-2013-4512\n\n Nico Golde and Fabian Yamaguchi reported an issue in the user mode\n linux port. A buffer overflow condition exists in the write method\n for the /proc/exitcode file. Local users with sufficient privileges\n allowing them to write to this file could gain further elevated\n privileges.\n\nCVE-2013-4587\n\n Andrew Honig of Google reported an issue in the KVM virtualization\n subsystem. A local user could gain elevated privileges by passing\n a large vcpu_id parameter.\n\nCVE-2013-6367\n\n Andrew Honig of Google reported an issue in the KVM virtualization\n subsystem. A divide-by-zero condition could allow a guest user to\n cause a denial of service on the host (crash).\n\nCVE-2013-6380\n\n Mahesh Rajashekhara reported an issue in the aacraid driver for storage\n products from various vendors. Local users with CAP_SYS_ADMIN privileges\n could gain further elevated privileges.\n\nCVE-2013-6381\n\n Nico Golde and Fabian Yamaguchi reported an issue in the Gigabit Ethernet\n device support for s390 systems. Local users could cause a denial of\n service or gain elevated privileges via the SIOC_QETH_ADP_SET_SNMP_CONTROL\n ioctl.\n\nCVE-2013-6382\n\n Nico Golde and Fabian Yamaguchi reported an issue in the XFS filesystem.\n Local users with CAP_SYS_ADMIN privileges could gain further elevated\n privileges.\n\nCVE-2013-6383\n\n Dan Carpenter reported an issue in the aacraid driver for storage devices\n from various vendors. A local user could gain elevated privileges due to\n a missing privilege level check in the aac_compat_ioctl function.\n\nCVE-2013-7263 CVE-2013-7264 CVE-2013-7265\n\n mpb reported an information leak in the recvfrom, recvmmsg and recvmsg\n system calls. A local user could obtain access to sensitive kernel memory.\n\nCVE-2013-7339\n\n Sasha Levin reported an issue in the RDS network protocol over Infiniband.\n A local user could cause a denial of service condition.\n\nCVE-2014-0101\n\n Nokia Siemens Networks reported an issue in the SCTP network protocol\n subsystem. Remote users could cause a denial of service (NULL pointer\n dereference).\n\nCVE-2014-1444\n\n Salva Peiro reported an issue in the FarSync WAN driver. Local users\n with the CAP_NET_ADMIN capability could gain access to sensitive kernel\n memory.\n\nCVE-2014-1445\n\n Salva Peiro reported an issue in the wanXL serial card driver. Local\n users could gain access to sensitive kernel memory.\n\nCVE-2014-1446\n\n Salva Peiro reported an issue in the YAM radio modem driver. Local users\n with the CAP_NET_ADMIN capability could gain access to sensitive kernel\n memory.\n\nCVE-2014-1874\n\n Matthew Thode reported an issue in the SELinux subsystem. A local user\n with CAP_MAC_ADMIN privileges could cause a denial of service by setting\n an empty security context on a file.\n \nCVE-2014-2039\n\n Martin Schwidefsky reported an issue on s390 systems. A local user\n could cause a denial of service (kernel oops) by executing an application\n with a linkage stack instruction.\n\nCVE-2014-2523\n\n Daniel Borkmann provided a fix for an issue in the nf_conntrack_dccp\n module. Remote users could cause a denial of service (system crash)\n or potentially gain elevated privileges.\n\nFor the oldstable distribution (squeeze), this problem has been fixed in\nversion 2.6.32-48squeeze5.\n\nThe following matrix lists additional source packages that were rebuilt for\ncompatibility with or to take advantage of this update:\n\n Debian 6.0 (squeeze)\n user-mode-linux 2.6.32-1um-4+48squeeze5\n\nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages.\n\nNote: Debian carefully tracks all known security issues across every\nlinux kernel package in all releases under active security support.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, updates for lower priority issues will normally not\nbe released for all kernels at the same time. Rather, they will be\nreleased in a staggered or "leap-frog" fashion.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2014-04-25T00:19:53", "published": "2014-04-25T00:19:53", "id": "DEBIAN:DSA-2906-1:5B9FC", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2014/msg00092.html", "title": "[SECURITY] [DSA 2906-1] linux-2.6 security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2020-12-09T19:52:49", "description": "The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.", "edition": 5, "cvss3": {}, "published": "2014-01-06T16:55:00", "title": "CVE-2013-7264", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7264"], "modified": "2017-12-16T02:29:00", "cpe": ["cpe:/o:linux:linux_kernel:3.0.57", "cpe:/o:linux:linux_kernel:3.7", "cpe:/o:linux:linux_kernel:3.0.36", "cpe:/o:linux:linux_kernel:3.4.4", "cpe:/o:linux:linux_kernel:3.9", "cpe:/o:linux:linux_kernel:3.11.6", "cpe:/o:linux:linux_kernel:3.4.30", "cpe:/o:linux:linux_kernel:3.1.4", "cpe:/o:linux:linux_kernel:3.1.7", "cpe:/o:linux:linux_kernel:3.0.30", "cpe:/o:linux:linux_kernel:3.0.64", "cpe:/o:linux:linux_kernel:3.4.10", "cpe:/o:linux:linux_kernel:3.2.14", "cpe:/o:linux:linux_kernel:3.10.17", "cpe:/o:linux:linux_kernel:3.4.27", "cpe:/o:linux:linux_kernel:3.0.27", "cpe:/o:linux:linux_kernel:3.2.7", "cpe:/o:linux:linux_kernel:3.8.9", "cpe:/o:linux:linux_kernel:3.8.4", "cpe:/o:linux:linux_kernel:3.0.61", "cpe:/o:linux:linux_kernel:3.10.18", "cpe:/o:linux:linux_kernel:3.4.19", "cpe:/o:linux:linux_kernel:3.4.21", "cpe:/o:linux:linux_kernel:3.2.24", "cpe:/o:linux:linux_kernel:3.2.25", "cpe:/o:linux:linux_kernel:3.5.5", "cpe:/o:linux:linux_kernel:3.0.33", "cpe:/o:linux:linux_kernel:3.10.21", "cpe:/o:linux:linux_kernel:3.3.6", "cpe:/o:linux:linux_kernel:3.2.8", "cpe:/o:linux:linux_kernel:3.0.47", "cpe:/o:linux:linux_kernel:3.10.4", "cpe:/o:linux:linux_kernel:3.0.9", "cpe:/o:linux:linux_kernel:3.12.3", "cpe:/o:linux:linux_kernel:3.4.23", "cpe:/o:linux:linux_kernel:3.4.2", "cpe:/o:linux:linux_kernel:3.4.13", "cpe:/o:linux:linux_kernel:3.2.29", "cpe:/o:linux:linux_kernel:3.2.18", "cpe:/o:linux:linux_kernel:3.0.6", "cpe:/o:linux:linux_kernel:3.10.7", "cpe:/o:linux:linux_kernel:3.6.10", "cpe:/o:linux:linux_kernel:3.6.5", "cpe:/o:linux:linux_kernel:3.10.9", "cpe:/o:linux:linux_kernel:3.0.17", "cpe:/o:linux:linux_kernel:3.6", "cpe:/o:linux:linux_kernel:3.2.23", "cpe:/o:linux:linux_kernel:3.0.10", "cpe:/o:linux:linux_kernel:3.6.3", "cpe:/o:linux:linux_kernel:3.10.14", "cpe:/o:linux:linux_kernel:3.7.3", "cpe:/o:linux:linux_kernel:3.8.10", "cpe:/o:linux:linux_kernel:3.8.12", "cpe:/o:linux:linux_kernel:3.7.8", "cpe:/o:linux:linux_kernel:3.0.40", "cpe:/o:linux:linux_kernel:3.11.3", "cpe:/o:linux:linux_kernel:3.0.67", "cpe:/o:linux:linux_kernel:3.10.10", "cpe:/o:linux:linux_kernel:3.1.3", "cpe:/o:linux:linux_kernel:3.0.45", "cpe:/o:linux:linux_kernel:3.0.7", "cpe:/o:linux:linux_kernel:3.3", "cpe:/o:linux:linux_kernel:3.0.20", "cpe:/o:linux:linux_kernel:3.2.30", "cpe:/o:linux:linux_kernel:3.0.31", "cpe:/o:linux:linux_kernel:3.10.3", "cpe:/o:linux:linux_kernel:3.4.9", "cpe:/o:linux:linux_kernel:3.10.12", "cpe:/o:linux:linux_kernel:3.0.49", "cpe:/o:linux:linux_kernel:3.2.13", "cpe:/o:linux:linux_kernel:3.4.24", "cpe:/o:linux:linux_kernel:3.0.12", "cpe:/o:linux:linux_kernel:3.0.41", "cpe:/o:linux:linux_kernel:3.10.6", "cpe:/o:linux:linux_kernel:3.0.59", "cpe:/o:linux:linux_kernel:3.0.15", "cpe:/o:linux:linux_kernel:3.8.3", "cpe:/o:linux:linux_kernel:3.2.27", "cpe:/o:linux:linux_kernel:3.0.50", "cpe:/o:linux:linux_kernel:3.0.23", "cpe:/o:linux:linux_kernel:3.8.13", "cpe:/o:linux:linux_kernel:3.0.44", "cpe:/o:linux:linux_kernel:3.8.5", "cpe:/o:linux:linux_kernel:3.1.10", "cpe:/o:linux:linux_kernel:3.9.11", "cpe:/o:linux:linux_kernel:3.4.6", "cpe:/o:linux:linux_kernel:3.10.19", "cpe:/o:linux:linux_kernel:3.11", "cpe:/o:linux:linux_kernel:3.0.13", "cpe:/o:linux:linux_kernel:3.9.5", "cpe:/o:linux:linux_kernel:3.6.1", "cpe:/o:linux:linux_kernel:3.0.5", "cpe:/o:linux:linux_kernel:3.0.39", "cpe:/o:linux:linux_kernel:3.5.1", "cpe:/o:linux:linux_kernel:3.10.20", "cpe:/o:linux:linux_kernel:3.0.3", "cpe:/o:linux:linux_kernel:3.11.7", "cpe:/o:linux:linux_kernel:3.0.63", "cpe:/o:linux:linux_kernel:3.2.28", "cpe:/o:linux:linux_kernel:3.3.4", "cpe:/o:linux:linux_kernel:3.3.7", "cpe:/o:linux:linux_kernel:3.0.14", "cpe:/o:linux:linux_kernel:3.0.28", "cpe:/o:linux:linux_kernel:3.0.25", "cpe:/o:linux:linux_kernel:3.9.1", "cpe:/o:linux:linux_kernel:3.0.56", "cpe:/o:linux:linux_kernel:3.0.1", "cpe:/o:linux:linux_kernel:3.2.3", "cpe:/o:linux:linux_kernel:3.7.2", "cpe:/o:linux:linux_kernel:3.0.58", "cpe:/o:linux:linux_kernel:3.0.8", "cpe:/o:linux:linux_kernel:3.0.66", "cpe:/o:linux:linux_kernel:3.2.17", "cpe:/o:linux:linux_kernel:3.0.60", "cpe:/o:linux:linux_kernel:3.2.6", "cpe:/o:linux:linux_kernel:3.7.5", "cpe:/o:linux:linux_kernel:3.2.1", "cpe:/o:linux:linux_kernel:3.4.3", "cpe:/o:linux:linux_kernel:3.4.32", "cpe:/o:linux:linux_kernel:3.3.2", "cpe:/o:linux:linux_kernel:3.0.65", "cpe:/o:linux:linux_kernel:3.4.20", "cpe:/o:linux:linux_kernel:3.12.1", "cpe:/o:linux:linux_kernel:3.3.3", "cpe:/o:linux:linux_kernel:3.2.19", "cpe:/o:linux:linux_kernel:3.7.7", "cpe:/o:linux:linux_kernel:3.11.8", "cpe:/o:linux:linux_kernel:3.2.16", "cpe:/o:linux:linux_kernel:3.0.62", "cpe:/o:linux:linux_kernel:3.0.55", "cpe:/o:linux:linux_kernel:3.1.1", "cpe:/o:linux:linux_kernel:3.2.5", "cpe:/o:linux:linux_kernel:3.9.3", "cpe:/o:linux:linux_kernel:3.0.46", "cpe:/o:linux:linux_kernel:3.11.4", "cpe:/o:linux:linux_kernel:3.6.6", "cpe:/o:linux:linux_kernel:3.2.2", "cpe:/o:linux:linux_kernel:3.11.9", "cpe:/o:linux:linux_kernel:3.10.8", "cpe:/o:linux:linux_kernel:3.7.6", "cpe:/o:linux:linux_kernel:3.11.2", "cpe:/o:linux:linux_kernel:3.5.6", "cpe:/o:linux:linux_kernel:3.4.22", "cpe:/o:linux:linux_kernel:3.9.9", "cpe:/o:linux:linux_kernel:3.0.18", "cpe:/o:linux:linux_kernel:3.4.26", "cpe:/o:linux:linux_kernel:3.0.19", "cpe:/o:linux:linux_kernel:3.1.5", "cpe:/o:linux:linux_kernel:3.0.26", "cpe:/o:linux:linux_kernel:3.8.1", "cpe:/o:linux:linux_kernel:3.4", "cpe:/o:linux:linux_kernel:3.4.17", "cpe:/o:linux:linux_kernel:3.10.16", "cpe:/o:linux:linux_kernel:3.6.9", "cpe:/o:linux:linux_kernel:3.0.68", "cpe:/o:linux:linux_kernel:3.8.7", "cpe:/o:linux:linux_kernel:3.0.37", "cpe:/o:linux:linux_kernel:3.0.34", "cpe:/o:linux:linux_kernel:3.10.1", "cpe:/o:linux:linux_kernel:3.0", "cpe:/o:linux:linux_kernel:3.12.2", "cpe:/o:linux:linux_kernel:3.0.32", "cpe:/o:linux:linux_kernel:3.7.10", "cpe:/o:linux:linux_kernel:3.3.8", "cpe:/o:linux:linux_kernel:3.0.16", "cpe:/o:linux:linux_kernel:3.0.38", "cpe:/o:linux:linux_kernel:3.2.4", "cpe:/o:linux:linux_kernel:3.4.29", "cpe:/o:linux:linux_kernel:3.4.15", "cpe:/o:linux:linux_kernel:3.2.15", "cpe:/o:linux:linux_kernel:3.1.9", "cpe:/o:linux:linux_kernel:3.4.18", "cpe:/o:linux:linux_kernel:3.2.20", "cpe:/o:linux:linux_kernel:3.8.8", "cpe:/o:linux:linux_kernel:3.2.12", "cpe:/o:linux:linux_kernel:3.2.21", "cpe:/o:linux:linux_kernel:3.10.5", "cpe:/o:linux:linux_kernel:3.0.2", "cpe:/o:linux:linux_kernel:3.4.8", "cpe:/o:linux:linux_kernel:3.2.11", "cpe:/o:linux:linux_kernel:3.5.7", "cpe:/o:linux:linux_kernel:3.2.22", "cpe:/o:linux:linux_kernel:3.0.53", "cpe:/o:linux:linux_kernel:3.0.4", "cpe:/o:linux:linux_kernel:3.0.42", "cpe:/o:linux:linux_kernel:3.9.6", "cpe:/o:linux:linux_kernel:3.0.21", "cpe:/o:linux:linux_kernel:3.2.9", "cpe:/o:linux:linux_kernel:3.9.2", "cpe:/o:linux:linux_kernel:3.9.0", "cpe:/o:linux:linux_kernel:3.9.8", "cpe:/o:linux:linux_kernel:3.4.28", "cpe:/o:linux:linux_kernel:3.6.7", "cpe:/o:linux:linux_kernel:3.0.29", "cpe:/o:linux:linux_kernel:3.2", "cpe:/o:linux:linux_kernel:3.4.7", "cpe:/o:linux:linux_kernel:3.5.4", "cpe:/o:linux:linux_kernel:3.8.0", "cpe:/o:linux:linux_kernel:3.4.25", "cpe:/o:linux:linux_kernel:3.3.5", "cpe:/o:linux:linux_kernel:3.5.3", "cpe:/o:linux:linux_kernel:3.4.14", "cpe:/o:linux:linux_kernel:3.0.43", "cpe:/o:linux:linux_kernel:3.0.11", "cpe:/o:linux:linux_kernel:3.7.4", "cpe:/o:linux:linux_kernel:3.5.2", "cpe:/o:linux:linux_kernel:3.10.13", "cpe:/o:linux:linux_kernel:3.0.35", "cpe:/o:linux:linux_kernel:3.4.16", "cpe:/o:linux:linux_kernel:3.0.52", "cpe:/o:linux:linux_kernel:3.12", "cpe:/o:linux:linux_kernel:3.0.51", "cpe:/o:linux:linux_kernel:3.8.6", "cpe:/o:linux:linux_kernel:3.10.23", "cpe:/o:linux:linux_kernel:3.0.48", "cpe:/o:linux:linux_kernel:3.0.54", "cpe:/o:linux:linux_kernel:3.11.5", "cpe:/o:linux:linux_kernel:3.7.9", "cpe:/o:linux:linux_kernel:3.9.4", "cpe:/o:linux:linux_kernel:3.1", "cpe:/o:linux:linux_kernel:3.6.11", "cpe:/o:linux:linux_kernel:3.4.12", "cpe:/o:linux:linux_kernel:3.9.7", "cpe:/o:linux:linux_kernel:3.10.11", "cpe:/o:linux:linux_kernel:3.4.31", "cpe:/o:linux:linux_kernel:3.1.6", "cpe:/o:linux:linux_kernel:3.0.22", "cpe:/o:linux:linux_kernel:3.0.24", "cpe:/o:linux:linux_kernel:3.10.15", "cpe:/o:linux:linux_kernel:3.7.1", "cpe:/o:linux:linux_kernel:3.6.4", "cpe:/o:linux:linux_kernel:3.1.8", "cpe:/o:linux:linux_kernel:3.9.10", "cpe:/o:linux:linux_kernel:3.1.2", "cpe:/o:linux:linux_kernel:3.3.1", "cpe:/o:linux:linux_kernel:3.6.2", "cpe:/o:linux:linux_kernel:3.2.26", "cpe:/o:linux:linux_kernel:3.6.8", "cpe:/o:linux:linux_kernel:3.8.2", "cpe:/o:linux:linux_kernel:3.4.5", "cpe:/o:linux:linux_kernel:3.10.2", "cpe:/o:linux:linux_kernel:3.4.1", "cpe:/o:linux:linux_kernel:3.2.10", "cpe:/o:linux:linux_kernel:3.11.1", "cpe:/o:linux:linux_kernel:3.8.11", "cpe:/o:linux:linux_kernel:3.10.22", "cpe:/o:linux:linux_kernel:3.4.11", "cpe:/o:linux:linux_kernel:3.11.10"], "id": "CVE-2013-7264", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7264", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.53:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.68:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.47:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.39:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.43:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.44:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.59:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.62:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.45:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.66:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.54:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.49:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.64:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.42:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.51:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.61:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.55:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.57:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.40:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.60:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.41:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.56:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.48:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.50:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.63:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.52:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.46:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.65:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.58:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.67:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc7:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:52:50", "description": "The rds_ib_laddr_check function in net/rds/ib.c in the Linux kernel before 3.12.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports.", "edition": 7, "cvss3": {}, "published": "2014-03-24T16:40:00", "title": "CVE-2013-7339", "type": "cve", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7339"], "modified": "2020-08-28T14:35:00", "cpe": [], "id": "CVE-2013-7339", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7339", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": []}, {"lastseen": "2020-12-09T19:52:48", "description": "Buffer overflow in the qeth_snmp_command function in drivers/s390/net/qeth_core_main.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service or possibly have unspecified other impact via an SNMP ioctl call with a length value that is incompatible with the command-buffer size.", "edition": 5, "cvss3": {}, "published": "2013-11-27T04:43:00", "title": "CVE-2013-6381", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6381"], "modified": "2016-12-31T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.0.57", "cpe:/o:linux:linux_kernel:3.7", "cpe:/o:linux:linux_kernel:3.0.36", "cpe:/o:linux:linux_kernel:3.4.4", "cpe:/o:linux:linux_kernel:3.9", "cpe:/o:linux:linux_kernel:3.11.6", "cpe:/o:linux:linux_kernel:3.4.30", "cpe:/o:linux:linux_kernel:3.1.4", "cpe:/o:linux:linux_kernel:3.1.7", "cpe:/o:linux:linux_kernel:3.0.30", "cpe:/o:linux:linux_kernel:3.0.64", "cpe:/o:linux:linux_kernel:3.4.10", "cpe:/o:linux:linux_kernel:3.2.14", "cpe:/o:linux:linux_kernel:3.10.17", "cpe:/o:linux:linux_kernel:3.4.27", "cpe:/o:linux:linux_kernel:3.0.27", "cpe:/o:linux:linux_kernel:3.2.7", "cpe:/o:linux:linux_kernel:3.8.9", "cpe:/o:linux:linux_kernel:3.8.4", "cpe:/o:linux:linux_kernel:3.0.61", "cpe:/o:linux:linux_kernel:3.10.18", "cpe:/o:linux:linux_kernel:3.4.19", "cpe:/o:linux:linux_kernel:3.4.21", "cpe:/o:linux:linux_kernel:3.2.24", "cpe:/o:linux:linux_kernel:3.2.25", "cpe:/o:linux:linux_kernel:3.5.5", "cpe:/o:linux:linux_kernel:3.0.33", "cpe:/o:linux:linux_kernel:3.3.6", "cpe:/o:linux:linux_kernel:3.2.8", "cpe:/o:linux:linux_kernel:3.0.47", "cpe:/o:linux:linux_kernel:3.10.4", "cpe:/o:linux:linux_kernel:3.0.9", "cpe:/o:linux:linux_kernel:3.4.23", "cpe:/o:linux:linux_kernel:3.4.2", "cpe:/o:linux:linux_kernel:3.4.13", "cpe:/o:linux:linux_kernel:3.2.29", "cpe:/o:linux:linux_kernel:3.2.18", "cpe:/o:linux:linux_kernel:3.0.6", "cpe:/o:linux:linux_kernel:3.10.7", "cpe:/o:linux:linux_kernel:3.6.10", "cpe:/o:linux:linux_kernel:3.6.5", "cpe:/o:linux:linux_kernel:3.10.9", "cpe:/o:linux:linux_kernel:3.0.17", "cpe:/o:linux:linux_kernel:3.6", "cpe:/o:linux:linux_kernel:3.2.23", "cpe:/o:linux:linux_kernel:3.0.10", "cpe:/o:linux:linux_kernel:3.6.3", "cpe:/o:linux:linux_kernel:3.10.14", "cpe:/o:linux:linux_kernel:3.7.3", "cpe:/o:linux:linux_kernel:3.8.10", "cpe:/o:linux:linux_kernel:3.8.12", "cpe:/o:linux:linux_kernel:3.7.8", "cpe:/o:linux:linux_kernel:3.0.40", "cpe:/o:linux:linux_kernel:3.11.3", "cpe:/o:linux:linux_kernel:3.0.67", "cpe:/o:linux:linux_kernel:3.10.10", "cpe:/o:linux:linux_kernel:3.1.3", "cpe:/o:linux:linux_kernel:3.0.45", "cpe:/o:linux:linux_kernel:3.0.7", "cpe:/o:linux:linux_kernel:3.3", "cpe:/o:linux:linux_kernel:3.0.20", "cpe:/o:linux:linux_kernel:3.2.30", "cpe:/o:linux:linux_kernel:3.0.31", "cpe:/o:linux:linux_kernel:3.10.3", "cpe:/o:linux:linux_kernel:3.4.9", "cpe:/o:linux:linux_kernel:3.10.12", "cpe:/o:linux:linux_kernel:3.0.49", "cpe:/o:linux:linux_kernel:3.2.13", "cpe:/o:linux:linux_kernel:3.4.24", "cpe:/o:linux:linux_kernel:3.0.12", "cpe:/o:linux:linux_kernel:3.0.41", "cpe:/o:linux:linux_kernel:3.10.6", "cpe:/o:linux:linux_kernel:3.0.59", "cpe:/o:linux:linux_kernel:3.0.15", "cpe:/o:linux:linux_kernel:3.8.3", "cpe:/o:linux:linux_kernel:3.2.27", "cpe:/o:linux:linux_kernel:3.0.50", "cpe:/o:linux:linux_kernel:3.0.23", "cpe:/o:linux:linux_kernel:3.8.13", "cpe:/o:linux:linux_kernel:3.0.44", "cpe:/o:linux:linux_kernel:3.8.5", "cpe:/o:linux:linux_kernel:3.1.10", "cpe:/o:linux:linux_kernel:3.9.11", "cpe:/o:linux:linux_kernel:3.4.6", "cpe:/o:linux:linux_kernel:3.11", "cpe:/o:linux:linux_kernel:3.0.13", "cpe:/o:linux:linux_kernel:3.9.5", "cpe:/o:linux:linux_kernel:3.6.1", "cpe:/o:linux:linux_kernel:3.0.5", "cpe:/o:linux:linux_kernel:3.0.39", "cpe:/o:linux:linux_kernel:3.5.1", "cpe:/o:linux:linux_kernel:3.0.3", "cpe:/o:linux:linux_kernel:3.11.7", "cpe:/o:linux:linux_kernel:3.0.63", "cpe:/o:linux:linux_kernel:3.2.28", "cpe:/o:linux:linux_kernel:3.3.4", "cpe:/o:linux:linux_kernel:3.3.7", "cpe:/o:linux:linux_kernel:3.0.14", "cpe:/o:linux:linux_kernel:3.0.28", "cpe:/o:linux:linux_kernel:3.0.25", "cpe:/o:linux:linux_kernel:3.9.1", "cpe:/o:linux:linux_kernel:3.0.56", "cpe:/o:linux:linux_kernel:3.0.1", "cpe:/o:linux:linux_kernel:3.2.3", "cpe:/o:linux:linux_kernel:3.7.2", "cpe:/o:linux:linux_kernel:3.0.58", "cpe:/o:linux:linux_kernel:3.0.8", "cpe:/o:linux:linux_kernel:3.0.66", "cpe:/o:linux:linux_kernel:3.2.17", "cpe:/o:linux:linux_kernel:3.0.60", "cpe:/o:linux:linux_kernel:3.2.6", "cpe:/o:linux:linux_kernel:3.7.5", "cpe:/o:linux:linux_kernel:3.2.1", "cpe:/o:linux:linux_kernel:3.4.3", "cpe:/o:linux:linux_kernel:3.4.32", "cpe:/o:linux:linux_kernel:3.3.2", "cpe:/o:linux:linux_kernel:3.0.65", "cpe:/o:linux:linux_kernel:3.4.20", "cpe:/o:linux:linux_kernel:3.12.1", "cpe:/o:linux:linux_kernel:3.3.3", "cpe:/o:linux:linux_kernel:3.2.19", "cpe:/o:linux:linux_kernel:3.7.7", "cpe:/o:linux:linux_kernel:3.2.16", "cpe:/o:linux:linux_kernel:3.0.62", "cpe:/o:linux:linux_kernel:3.0.55", "cpe:/o:linux:linux_kernel:3.1.1", "cpe:/o:linux:linux_kernel:3.2.5", "cpe:/o:linux:linux_kernel:3.9.3", "cpe:/o:linux:linux_kernel:3.0.46", "cpe:/o:linux:linux_kernel:3.11.4", "cpe:/o:linux:linux_kernel:3.6.6", "cpe:/o:linux:linux_kernel:3.2.2", "cpe:/o:linux:linux_kernel:3.10.8", "cpe:/o:linux:linux_kernel:3.7.6", "cpe:/o:linux:linux_kernel:3.11.2", "cpe:/o:linux:linux_kernel:3.5.6", "cpe:/o:linux:linux_kernel:3.4.22", "cpe:/o:linux:linux_kernel:3.9.9", "cpe:/o:linux:linux_kernel:3.0.18", "cpe:/o:linux:linux_kernel:3.4.26", "cpe:/o:linux:linux_kernel:3.0.19", "cpe:/o:linux:linux_kernel:3.1.5", "cpe:/o:linux:linux_kernel:3.0.26", "cpe:/o:linux:linux_kernel:3.8.1", "cpe:/o:linux:linux_kernel:3.4", "cpe:/o:linux:linux_kernel:3.4.17", "cpe:/o:linux:linux_kernel:3.10.16", "cpe:/o:linux:linux_kernel:3.6.9", "cpe:/o:linux:linux_kernel:3.0.68", "cpe:/o:linux:linux_kernel:3.8.7", "cpe:/o:linux:linux_kernel:3.0.37", "cpe:/o:linux:linux_kernel:3.0.34", "cpe:/o:linux:linux_kernel:3.10.1", "cpe:/o:linux:linux_kernel:3.0", "cpe:/o:linux:linux_kernel:3.0.32", "cpe:/o:linux:linux_kernel:3.7.10", "cpe:/o:linux:linux_kernel:3.3.8", "cpe:/o:linux:linux_kernel:3.0.16", "cpe:/o:linux:linux_kernel:3.0.38", "cpe:/o:linux:linux_kernel:3.2.4", "cpe:/o:linux:linux_kernel:3.4.29", "cpe:/o:linux:linux_kernel:3.4.15", "cpe:/o:linux:linux_kernel:3.2.15", "cpe:/o:linux:linux_kernel:3.1.9", "cpe:/o:linux:linux_kernel:3.4.18", "cpe:/o:linux:linux_kernel:3.2.20", "cpe:/o:linux:linux_kernel:3.8.8", "cpe:/o:linux:linux_kernel:3.2.12", "cpe:/o:linux:linux_kernel:3.2.21", "cpe:/o:linux:linux_kernel:3.10.5", "cpe:/o:linux:linux_kernel:3.0.2", "cpe:/o:linux:linux_kernel:3.4.8", "cpe:/o:linux:linux_kernel:3.2.11", "cpe:/o:linux:linux_kernel:3.5.7", "cpe:/o:linux:linux_kernel:3.2.22", "cpe:/o:linux:linux_kernel:3.0.53", "cpe:/o:linux:linux_kernel:3.0.4", "cpe:/o:linux:linux_kernel:3.0.42", "cpe:/o:linux:linux_kernel:3.9.6", "cpe:/o:linux:linux_kernel:3.0.21", "cpe:/o:linux:linux_kernel:3.2.9", "cpe:/o:linux:linux_kernel:3.9.2", "cpe:/o:linux:linux_kernel:3.9.0", "cpe:/o:linux:linux_kernel:3.9.8", "cpe:/o:linux:linux_kernel:3.4.28", "cpe:/o:linux:linux_kernel:3.6.7", "cpe:/o:linux:linux_kernel:3.0.29", "cpe:/o:linux:linux_kernel:3.2", "cpe:/o:linux:linux_kernel:3.4.7", "cpe:/o:linux:linux_kernel:3.5.4", "cpe:/o:linux:linux_kernel:3.8.0", "cpe:/o:linux:linux_kernel:3.4.25", "cpe:/o:linux:linux_kernel:3.3.5", "cpe:/o:linux:linux_kernel:3.5.3", "cpe:/o:linux:linux_kernel:3.4.14", "cpe:/o:linux:linux_kernel:3.0.43", "cpe:/o:linux:linux_kernel:3.0.11", "cpe:/o:linux:linux_kernel:3.7.4", "cpe:/o:linux:linux_kernel:3.5.2", "cpe:/o:linux:linux_kernel:3.10.13", "cpe:/o:linux:linux_kernel:3.0.35", "cpe:/o:linux:linux_kernel:3.4.16", "cpe:/o:linux:linux_kernel:3.0.52", "cpe:/o:linux:linux_kernel:3.12", "cpe:/o:linux:linux_kernel:3.0.51", "cpe:/o:linux:linux_kernel:3.8.6", "cpe:/o:linux:linux_kernel:3.0.48", "cpe:/o:linux:linux_kernel:3.0.54", "cpe:/o:linux:linux_kernel:3.11.5", "cpe:/o:linux:linux_kernel:3.7.9", "cpe:/o:linux:linux_kernel:3.9.4", "cpe:/o:linux:linux_kernel:3.1", "cpe:/o:linux:linux_kernel:3.6.11", "cpe:/o:linux:linux_kernel:3.4.12", "cpe:/o:linux:linux_kernel:3.9.7", "cpe:/o:linux:linux_kernel:3.10.11", "cpe:/o:linux:linux_kernel:3.4.31", "cpe:/o:linux:linux_kernel:3.1.6", "cpe:/o:linux:linux_kernel:3.0.22", "cpe:/o:linux:linux_kernel:3.0.24", "cpe:/o:linux:linux_kernel:3.10.15", "cpe:/o:linux:linux_kernel:3.7.1", "cpe:/o:linux:linux_kernel:3.6.4", "cpe:/o:linux:linux_kernel:3.1.8", "cpe:/o:linux:linux_kernel:3.9.10", "cpe:/o:linux:linux_kernel:3.1.2", "cpe:/o:linux:linux_kernel:3.3.1", "cpe:/o:linux:linux_kernel:3.6.2", "cpe:/o:linux:linux_kernel:3.2.26", "cpe:/o:linux:linux_kernel:3.6.8", "cpe:/o:linux:linux_kernel:3.8.2", "cpe:/o:linux:linux_kernel:3.4.5", "cpe:/o:linux:linux_kernel:3.10.2", "cpe:/o:linux:linux_kernel:3.4.1", "cpe:/o:linux:linux_kernel:3.2.10", "cpe:/o:linux:linux_kernel:3.11.1", "cpe:/o:linux:linux_kernel:3.8.11", "cpe:/o:linux:linux_kernel:3.4.11"], "id": "CVE-2013-6381", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6381", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.53:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.68:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.47:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.39:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.43:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.44:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.59:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.62:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.45:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.66:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.54:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.49:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.64:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.42:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.51:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.61:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.55:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.57:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.40:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.60:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.41:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.56:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.48:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.50:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.63:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.52:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.46:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.65:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.58:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.67:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc7:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:52:45", "description": "Buffer overflow in the exitcode_proc_write function in arch/um/kernel/exitcode.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact by leveraging root privileges for a write operation.", "edition": 5, "cvss3": {}, "published": "2013-11-12T14:35:00", "title": "CVE-2013-4512", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4512"], "modified": "2016-12-31T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.0.57", "cpe:/o:linux:linux_kernel:3.7", "cpe:/o:linux:linux_kernel:3.0.36", "cpe:/o:linux:linux_kernel:3.4.4", "cpe:/o:linux:linux_kernel:3.9", "cpe:/o:linux:linux_kernel:3.11.6", "cpe:/o:linux:linux_kernel:3.4.30", "cpe:/o:linux:linux_kernel:3.1.4", "cpe:/o:linux:linux_kernel:3.1.7", "cpe:/o:linux:linux_kernel:3.0.30", "cpe:/o:linux:linux_kernel:3.0.64", "cpe:/o:linux:linux_kernel:3.4.10", "cpe:/o:linux:linux_kernel:3.2.14", "cpe:/o:linux:linux_kernel:3.10.17", "cpe:/o:linux:linux_kernel:3.4.27", "cpe:/o:linux:linux_kernel:3.0.27", "cpe:/o:linux:linux_kernel:3.2.7", "cpe:/o:linux:linux_kernel:3.8.9", "cpe:/o:linux:linux_kernel:3.8.4", "cpe:/o:linux:linux_kernel:3.0.61", "cpe:/o:linux:linux_kernel:3.10.18", "cpe:/o:linux:linux_kernel:3.4.19", "cpe:/o:linux:linux_kernel:3.4.21", "cpe:/o:linux:linux_kernel:3.2.24", "cpe:/o:linux:linux_kernel:3.2.25", "cpe:/o:linux:linux_kernel:3.5.5", "cpe:/o:linux:linux_kernel:3.0.33", "cpe:/o:linux:linux_kernel:3.3.6", "cpe:/o:linux:linux_kernel:3.2.8", "cpe:/o:linux:linux_kernel:3.0.47", "cpe:/o:linux:linux_kernel:3.10.4", "cpe:/o:linux:linux_kernel:3.0.9", "cpe:/o:linux:linux_kernel:3.4.23", "cpe:/o:linux:linux_kernel:3.4.2", "cpe:/o:linux:linux_kernel:3.4.13", "cpe:/o:linux:linux_kernel:3.2.29", "cpe:/o:linux:linux_kernel:3.2.18", "cpe:/o:linux:linux_kernel:3.0.6", "cpe:/o:linux:linux_kernel:3.10.7", "cpe:/o:linux:linux_kernel:3.6.10", "cpe:/o:linux:linux_kernel:3.6.5", "cpe:/o:linux:linux_kernel:3.10.9", "cpe:/o:linux:linux_kernel:3.0.17", "cpe:/o:linux:linux_kernel:3.6", "cpe:/o:linux:linux_kernel:3.2.23", "cpe:/o:linux:linux_kernel:3.0.10", "cpe:/o:linux:linux_kernel:3.6.3", "cpe:/o:linux:linux_kernel:3.10.14", "cpe:/o:linux:linux_kernel:3.7.3", "cpe:/o:linux:linux_kernel:3.8.10", "cpe:/o:linux:linux_kernel:3.8.12", "cpe:/o:linux:linux_kernel:3.7.8", "cpe:/o:linux:linux_kernel:3.0.40", "cpe:/o:linux:linux_kernel:3.11.3", "cpe:/o:linux:linux_kernel:3.0.67", "cpe:/o:linux:linux_kernel:3.10.10", "cpe:/o:linux:linux_kernel:3.1.3", "cpe:/o:linux:linux_kernel:3.0.45", "cpe:/o:linux:linux_kernel:3.0.7", "cpe:/o:linux:linux_kernel:3.3", "cpe:/o:linux:linux_kernel:3.0.20", "cpe:/o:linux:linux_kernel:3.2.30", "cpe:/o:linux:linux_kernel:3.0.31", "cpe:/o:linux:linux_kernel:3.10.3", "cpe:/o:linux:linux_kernel:3.4.9", "cpe:/o:linux:linux_kernel:3.10.12", "cpe:/o:linux:linux_kernel:3.0.49", "cpe:/o:linux:linux_kernel:3.2.13", "cpe:/o:linux:linux_kernel:3.4.24", "cpe:/o:linux:linux_kernel:3.0.12", "cpe:/o:linux:linux_kernel:3.0.41", "cpe:/o:linux:linux_kernel:3.10.6", "cpe:/o:linux:linux_kernel:3.0.59", "cpe:/o:linux:linux_kernel:3.0.15", "cpe:/o:linux:linux_kernel:3.8.3", "cpe:/o:linux:linux_kernel:3.2.27", "cpe:/o:linux:linux_kernel:3.0.50", "cpe:/o:linux:linux_kernel:3.0.23", "cpe:/o:linux:linux_kernel:3.8.13", "cpe:/o:linux:linux_kernel:3.0.44", "cpe:/o:linux:linux_kernel:3.8.5", "cpe:/o:linux:linux_kernel:3.1.10", "cpe:/o:linux:linux_kernel:3.9.11", "cpe:/o:linux:linux_kernel:3.4.6", "cpe:/o:linux:linux_kernel:3.11", "cpe:/o:linux:linux_kernel:3.0.13", "cpe:/o:linux:linux_kernel:3.9.5", "cpe:/o:linux:linux_kernel:3.6.1", "cpe:/o:linux:linux_kernel:3.0.5", "cpe:/o:linux:linux_kernel:3.0.39", "cpe:/o:linux:linux_kernel:3.5.1", "cpe:/o:linux:linux_kernel:3.0.3", "cpe:/o:linux:linux_kernel:3.11.7", "cpe:/o:linux:linux_kernel:3.0.63", "cpe:/o:linux:linux_kernel:3.2.28", "cpe:/o:linux:linux_kernel:3.3.4", "cpe:/o:linux:linux_kernel:3.3.7", "cpe:/o:linux:linux_kernel:3.0.14", "cpe:/o:linux:linux_kernel:3.0.28", "cpe:/o:linux:linux_kernel:3.10.0", "cpe:/o:linux:linux_kernel:3.0.25", "cpe:/o:linux:linux_kernel:3.9.1", "cpe:/o:linux:linux_kernel:3.0.56", "cpe:/o:linux:linux_kernel:3.0.1", "cpe:/o:linux:linux_kernel:3.2.3", "cpe:/o:linux:linux_kernel:3.7.2", "cpe:/o:linux:linux_kernel:3.0.58", "cpe:/o:linux:linux_kernel:3.0.8", "cpe:/o:linux:linux_kernel:3.0.66", "cpe:/o:linux:linux_kernel:3.2.17", "cpe:/o:linux:linux_kernel:3.0.60", "cpe:/o:linux:linux_kernel:3.2.6", "cpe:/o:linux:linux_kernel:3.7.5", "cpe:/o:linux:linux_kernel:3.2.1", "cpe:/o:linux:linux_kernel:3.4.3", "cpe:/o:linux:linux_kernel:3.4.32", "cpe:/o:linux:linux_kernel:3.3.2", "cpe:/o:linux:linux_kernel:3.0.65", "cpe:/o:linux:linux_kernel:3.4.20", "cpe:/o:linux:linux_kernel:3.3.3", "cpe:/o:linux:linux_kernel:3.2.19", "cpe:/o:linux:linux_kernel:3.7.7", "cpe:/o:linux:linux_kernel:3.2.16", "cpe:/o:linux:linux_kernel:3.0.62", "cpe:/o:linux:linux_kernel:3.0.55", "cpe:/o:linux:linux_kernel:3.1.1", "cpe:/o:linux:linux_kernel:3.2.5", "cpe:/o:linux:linux_kernel:3.9.3", "cpe:/o:linux:linux_kernel:3.0.46", "cpe:/o:linux:linux_kernel:3.11.4", "cpe:/o:linux:linux_kernel:3.6.6", "cpe:/o:linux:linux_kernel:3.2.2", "cpe:/o:linux:linux_kernel:3.10.8", "cpe:/o:linux:linux_kernel:3.7.6", "cpe:/o:linux:linux_kernel:3.11.2", "cpe:/o:linux:linux_kernel:3.5.6", "cpe:/o:linux:linux_kernel:3.4.22", "cpe:/o:linux:linux_kernel:3.9.9", "cpe:/o:linux:linux_kernel:3.0.18", "cpe:/o:linux:linux_kernel:3.4.26", "cpe:/o:linux:linux_kernel:3.0.19", "cpe:/o:linux:linux_kernel:3.1.5", "cpe:/o:linux:linux_kernel:3.0.26", "cpe:/o:linux:linux_kernel:3.8.1", "cpe:/o:linux:linux_kernel:3.4", "cpe:/o:linux:linux_kernel:3.4.17", "cpe:/o:linux:linux_kernel:3.10.16", "cpe:/o:linux:linux_kernel:3.6.9", "cpe:/o:linux:linux_kernel:3.0.68", "cpe:/o:linux:linux_kernel:3.8.7", "cpe:/o:linux:linux_kernel:3.0.37", "cpe:/o:linux:linux_kernel:3.0.34", "cpe:/o:linux:linux_kernel:3.10.1", "cpe:/o:linux:linux_kernel:3.0", "cpe:/o:linux:linux_kernel:3.0.32", "cpe:/o:linux:linux_kernel:3.7.10", "cpe:/o:linux:linux_kernel:3.3.8", "cpe:/o:linux:linux_kernel:3.0.16", "cpe:/o:linux:linux_kernel:3.0.38", "cpe:/o:linux:linux_kernel:3.2.4", "cpe:/o:linux:linux_kernel:3.4.29", "cpe:/o:linux:linux_kernel:3.4.15", "cpe:/o:linux:linux_kernel:3.2.15", "cpe:/o:linux:linux_kernel:3.1.9", "cpe:/o:linux:linux_kernel:3.4.18", "cpe:/o:linux:linux_kernel:3.2.20", "cpe:/o:linux:linux_kernel:3.8.8", "cpe:/o:linux:linux_kernel:3.2.12", "cpe:/o:linux:linux_kernel:3.2.21", "cpe:/o:linux:linux_kernel:3.10.5", "cpe:/o:linux:linux_kernel:3.0.2", "cpe:/o:linux:linux_kernel:3.4.8", "cpe:/o:linux:linux_kernel:3.2.11", "cpe:/o:linux:linux_kernel:3.5.7", "cpe:/o:linux:linux_kernel:3.2.22", "cpe:/o:linux:linux_kernel:3.0.53", "cpe:/o:linux:linux_kernel:3.0.4", "cpe:/o:linux:linux_kernel:3.0.42", "cpe:/o:linux:linux_kernel:3.9.6", "cpe:/o:linux:linux_kernel:3.0.21", "cpe:/o:linux:linux_kernel:3.2.9", "cpe:/o:linux:linux_kernel:3.9.2", "cpe:/o:linux:linux_kernel:3.9.0", "cpe:/o:linux:linux_kernel:3.9.8", "cpe:/o:linux:linux_kernel:3.4.28", "cpe:/o:linux:linux_kernel:3.6.7", "cpe:/o:linux:linux_kernel:3.0.29", "cpe:/o:linux:linux_kernel:3.2", "cpe:/o:linux:linux_kernel:3.4.7", "cpe:/o:linux:linux_kernel:3.5.4", "cpe:/o:linux:linux_kernel:3.8.0", "cpe:/o:linux:linux_kernel:3.4.25", "cpe:/o:linux:linux_kernel:3.3.5", "cpe:/o:linux:linux_kernel:3.5.3", "cpe:/o:linux:linux_kernel:3.4.14", "cpe:/o:linux:linux_kernel:3.0.43", "cpe:/o:linux:linux_kernel:3.0.11", "cpe:/o:linux:linux_kernel:3.7.4", "cpe:/o:linux:linux_kernel:3.5.2", "cpe:/o:linux:linux_kernel:3.10.13", "cpe:/o:linux:linux_kernel:3.0.35", "cpe:/o:linux:linux_kernel:3.4.16", "cpe:/o:linux:linux_kernel:3.0.52", "cpe:/o:linux:linux_kernel:3.0.51", "cpe:/o:linux:linux_kernel:3.8.6", "cpe:/o:linux:linux_kernel:3.0.48", "cpe:/o:linux:linux_kernel:3.0.54", "cpe:/o:linux:linux_kernel:3.11.5", "cpe:/o:linux:linux_kernel:3.7.9", "cpe:/o:linux:linux_kernel:3.9.4", "cpe:/o:linux:linux_kernel:3.1", "cpe:/o:linux:linux_kernel:3.6.11", "cpe:/o:linux:linux_kernel:3.4.12", "cpe:/o:linux:linux_kernel:3.9.7", "cpe:/o:linux:linux_kernel:3.10.11", "cpe:/o:linux:linux_kernel:3.4.31", "cpe:/o:linux:linux_kernel:3.1.6", "cpe:/o:linux:linux_kernel:3.0.22", "cpe:/o:linux:linux_kernel:3.0.24", "cpe:/o:linux:linux_kernel:3.10.15", "cpe:/o:linux:linux_kernel:3.7.1", "cpe:/o:linux:linux_kernel:3.6.4", "cpe:/o:linux:linux_kernel:3.1.8", "cpe:/o:linux:linux_kernel:3.9.10", "cpe:/o:linux:linux_kernel:3.1.2", "cpe:/o:linux:linux_kernel:3.3.1", "cpe:/o:linux:linux_kernel:3.6.2", "cpe:/o:linux:linux_kernel:3.2.26", "cpe:/o:linux:linux_kernel:3.6.8", "cpe:/o:linux:linux_kernel:3.8.2", "cpe:/o:linux:linux_kernel:3.4.5", "cpe:/o:linux:linux_kernel:3.10.2", "cpe:/o:linux:linux_kernel:3.4.1", "cpe:/o:linux:linux_kernel:3.2.10", "cpe:/o:linux:linux_kernel:3.11.1", "cpe:/o:linux:linux_kernel:3.8.11", "cpe:/o:linux:linux_kernel:3.4.11"], "id": "CVE-2013-4512", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4512", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.0:*:*:*:*:*:arm64:*", "cpe:2.3:o:linux:linux_kernel:3.4.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.0.53:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.11.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.68:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.10.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.47:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.39:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.43:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.44:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.59:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.62:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.45:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.66:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.6.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.0.54:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.49:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.64:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.42:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.51:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.61:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.55:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.57:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.40:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.60:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.11.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.0.41:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.56:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.48:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.50:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.63:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.52:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.46:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.65:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.11.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.58:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.2.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.67:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc7:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:52:49", "description": "The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.", "edition": 5, "cvss3": {}, "published": "2014-01-06T16:55:00", "title": "CVE-2013-7265", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7265"], "modified": "2017-12-16T02:29:00", "cpe": ["cpe:/o:linux:linux_kernel:3.0.57", "cpe:/o:linux:linux_kernel:3.7", "cpe:/o:linux:linux_kernel:3.0.36", "cpe:/o:linux:linux_kernel:3.4.4", "cpe:/o:linux:linux_kernel:3.9", "cpe:/o:linux:linux_kernel:3.11.6", "cpe:/o:linux:linux_kernel:3.4.30", "cpe:/o:linux:linux_kernel:3.1.4", "cpe:/o:linux:linux_kernel:3.1.7", "cpe:/o:linux:linux_kernel:3.0.30", "cpe:/o:linux:linux_kernel:3.0.64", "cpe:/o:linux:linux_kernel:3.4.10", "cpe:/o:linux:linux_kernel:3.2.14", "cpe:/o:linux:linux_kernel:3.10.17", "cpe:/o:linux:linux_kernel:3.4.27", "cpe:/o:linux:linux_kernel:3.0.27", "cpe:/o:linux:linux_kernel:3.2.7", "cpe:/o:linux:linux_kernel:3.8.9", "cpe:/o:linux:linux_kernel:3.8.4", "cpe:/o:linux:linux_kernel:3.0.61", "cpe:/o:linux:linux_kernel:3.10.18", "cpe:/o:linux:linux_kernel:3.4.19", "cpe:/o:linux:linux_kernel:3.4.21", "cpe:/o:linux:linux_kernel:3.2.24", "cpe:/o:linux:linux_kernel:3.2.25", "cpe:/o:linux:linux_kernel:3.5.5", "cpe:/o:linux:linux_kernel:3.0.33", "cpe:/o:linux:linux_kernel:3.10.21", "cpe:/o:linux:linux_kernel:3.3.6", "cpe:/o:linux:linux_kernel:3.2.8", "cpe:/o:linux:linux_kernel:3.0.47", "cpe:/o:linux:linux_kernel:3.10.4", "cpe:/o:linux:linux_kernel:3.0.9", "cpe:/o:linux:linux_kernel:3.12.3", "cpe:/o:linux:linux_kernel:3.4.23", "cpe:/o:linux:linux_kernel:3.4.2", "cpe:/o:linux:linux_kernel:3.4.13", "cpe:/o:linux:linux_kernel:3.2.29", "cpe:/o:linux:linux_kernel:3.2.18", "cpe:/o:linux:linux_kernel:3.0.6", "cpe:/o:linux:linux_kernel:3.10.7", "cpe:/o:linux:linux_kernel:3.6.10", "cpe:/o:linux:linux_kernel:3.6.5", "cpe:/o:linux:linux_kernel:3.10.9", "cpe:/o:linux:linux_kernel:3.0.17", "cpe:/o:linux:linux_kernel:3.6", "cpe:/o:linux:linux_kernel:3.2.23", "cpe:/o:linux:linux_kernel:3.0.10", "cpe:/o:linux:linux_kernel:3.6.3", "cpe:/o:linux:linux_kernel:3.10.14", "cpe:/o:linux:linux_kernel:3.7.3", "cpe:/o:linux:linux_kernel:3.8.10", "cpe:/o:linux:linux_kernel:3.8.12", "cpe:/o:linux:linux_kernel:3.7.8", "cpe:/o:linux:linux_kernel:3.0.40", "cpe:/o:linux:linux_kernel:3.11.3", "cpe:/o:linux:linux_kernel:3.0.67", "cpe:/o:linux:linux_kernel:3.10.10", "cpe:/o:linux:linux_kernel:3.1.3", "cpe:/o:linux:linux_kernel:3.0.45", "cpe:/o:linux:linux_kernel:3.0.7", "cpe:/o:linux:linux_kernel:3.3", "cpe:/o:linux:linux_kernel:3.0.20", "cpe:/o:linux:linux_kernel:3.2.30", "cpe:/o:linux:linux_kernel:3.0.31", "cpe:/o:linux:linux_kernel:3.10.3", "cpe:/o:linux:linux_kernel:3.4.9", "cpe:/o:linux:linux_kernel:3.10.12", "cpe:/o:linux:linux_kernel:3.0.49", "cpe:/o:linux:linux_kernel:3.2.13", "cpe:/o:linux:linux_kernel:3.4.24", "cpe:/o:linux:linux_kernel:3.0.12", "cpe:/o:linux:linux_kernel:3.0.41", "cpe:/o:linux:linux_kernel:3.10.6", "cpe:/o:linux:linux_kernel:3.0.59", "cpe:/o:linux:linux_kernel:3.0.15", "cpe:/o:linux:linux_kernel:3.8.3", "cpe:/o:linux:linux_kernel:3.2.27", "cpe:/o:linux:linux_kernel:3.0.50", "cpe:/o:linux:linux_kernel:3.0.23", "cpe:/o:linux:linux_kernel:3.8.13", "cpe:/o:linux:linux_kernel:3.0.44", "cpe:/o:linux:linux_kernel:3.8.5", "cpe:/o:linux:linux_kernel:3.1.10", "cpe:/o:linux:linux_kernel:3.9.11", "cpe:/o:linux:linux_kernel:3.4.6", "cpe:/o:linux:linux_kernel:3.10.19", "cpe:/o:linux:linux_kernel:3.11", "cpe:/o:linux:linux_kernel:3.0.13", "cpe:/o:linux:linux_kernel:3.9.5", "cpe:/o:linux:linux_kernel:3.6.1", "cpe:/o:linux:linux_kernel:3.0.5", "cpe:/o:linux:linux_kernel:3.0.39", "cpe:/o:linux:linux_kernel:3.5.1", "cpe:/o:linux:linux_kernel:3.10.20", "cpe:/o:linux:linux_kernel:3.0.3", "cpe:/o:linux:linux_kernel:3.11.7", "cpe:/o:linux:linux_kernel:3.0.63", "cpe:/o:linux:linux_kernel:3.2.28", "cpe:/o:linux:linux_kernel:3.3.4", "cpe:/o:linux:linux_kernel:3.3.7", "cpe:/o:linux:linux_kernel:3.0.14", "cpe:/o:linux:linux_kernel:3.0.28", "cpe:/o:linux:linux_kernel:3.0.25", "cpe:/o:linux:linux_kernel:3.9.1", "cpe:/o:linux:linux_kernel:3.0.56", "cpe:/o:linux:linux_kernel:3.0.1", "cpe:/o:linux:linux_kernel:3.2.3", "cpe:/o:linux:linux_kernel:3.7.2", "cpe:/o:linux:linux_kernel:3.0.58", "cpe:/o:linux:linux_kernel:3.0.8", "cpe:/o:linux:linux_kernel:3.0.66", "cpe:/o:linux:linux_kernel:3.2.17", "cpe:/o:linux:linux_kernel:3.0.60", "cpe:/o:linux:linux_kernel:3.2.6", "cpe:/o:linux:linux_kernel:3.7.5", "cpe:/o:linux:linux_kernel:3.2.1", "cpe:/o:linux:linux_kernel:3.4.3", "cpe:/o:linux:linux_kernel:3.4.32", "cpe:/o:linux:linux_kernel:3.3.2", "cpe:/o:linux:linux_kernel:3.0.65", "cpe:/o:linux:linux_kernel:3.4.20", "cpe:/o:linux:linux_kernel:3.12.1", "cpe:/o:linux:linux_kernel:3.3.3", "cpe:/o:linux:linux_kernel:3.2.19", "cpe:/o:linux:linux_kernel:3.7.7", "cpe:/o:linux:linux_kernel:3.11.8", "cpe:/o:linux:linux_kernel:3.2.16", "cpe:/o:linux:linux_kernel:3.0.62", "cpe:/o:linux:linux_kernel:3.0.55", "cpe:/o:linux:linux_kernel:3.1.1", "cpe:/o:linux:linux_kernel:3.2.5", "cpe:/o:linux:linux_kernel:3.9.3", "cpe:/o:linux:linux_kernel:3.0.46", "cpe:/o:linux:linux_kernel:3.11.4", "cpe:/o:linux:linux_kernel:3.6.6", "cpe:/o:linux:linux_kernel:3.2.2", "cpe:/o:linux:linux_kernel:3.11.9", "cpe:/o:linux:linux_kernel:3.10.8", "cpe:/o:linux:linux_kernel:3.7.6", "cpe:/o:linux:linux_kernel:3.11.2", "cpe:/o:linux:linux_kernel:3.5.6", "cpe:/o:linux:linux_kernel:3.4.22", "cpe:/o:linux:linux_kernel:3.9.9", "cpe:/o:linux:linux_kernel:3.0.18", "cpe:/o:linux:linux_kernel:3.4.26", "cpe:/o:linux:linux_kernel:3.0.19", "cpe:/o:linux:linux_kernel:3.1.5", "cpe:/o:linux:linux_kernel:3.0.26", "cpe:/o:linux:linux_kernel:3.8.1", "cpe:/o:linux:linux_kernel:3.4", "cpe:/o:linux:linux_kernel:3.4.17", "cpe:/o:linux:linux_kernel:3.10.16", "cpe:/o:linux:linux_kernel:3.6.9", "cpe:/o:linux:linux_kernel:3.0.68", "cpe:/o:linux:linux_kernel:3.8.7", "cpe:/o:linux:linux_kernel:3.0.37", "cpe:/o:linux:linux_kernel:3.0.34", "cpe:/o:linux:linux_kernel:3.10.1", "cpe:/o:linux:linux_kernel:3.0", "cpe:/o:linux:linux_kernel:3.12.2", "cpe:/o:linux:linux_kernel:3.0.32", "cpe:/o:linux:linux_kernel:3.7.10", "cpe:/o:linux:linux_kernel:3.3.8", "cpe:/o:linux:linux_kernel:3.0.16", "cpe:/o:linux:linux_kernel:3.0.38", "cpe:/o:linux:linux_kernel:3.2.4", "cpe:/o:linux:linux_kernel:3.4.29", "cpe:/o:linux:linux_kernel:3.4.15", "cpe:/o:linux:linux_kernel:3.2.15", "cpe:/o:linux:linux_kernel:3.1.9", "cpe:/o:linux:linux_kernel:3.4.18", "cpe:/o:linux:linux_kernel:3.2.20", "cpe:/o:linux:linux_kernel:3.8.8", "cpe:/o:linux:linux_kernel:3.2.12", "cpe:/o:linux:linux_kernel:3.2.21", "cpe:/o:linux:linux_kernel:3.10.5", "cpe:/o:linux:linux_kernel:3.0.2", "cpe:/o:linux:linux_kernel:3.4.8", "cpe:/o:linux:linux_kernel:3.2.11", "cpe:/o:linux:linux_kernel:3.5.7", "cpe:/o:linux:linux_kernel:3.2.22", "cpe:/o:linux:linux_kernel:3.0.53", "cpe:/o:linux:linux_kernel:3.0.4", "cpe:/o:linux:linux_kernel:3.0.42", "cpe:/o:linux:linux_kernel:3.9.6", "cpe:/o:linux:linux_kernel:3.0.21", "cpe:/o:linux:linux_kernel:3.2.9", "cpe:/o:linux:linux_kernel:3.9.2", "cpe:/o:linux:linux_kernel:3.9.0", "cpe:/o:linux:linux_kernel:3.9.8", "cpe:/o:linux:linux_kernel:3.4.28", "cpe:/o:linux:linux_kernel:3.6.7", "cpe:/o:linux:linux_kernel:3.0.29", "cpe:/o:linux:linux_kernel:3.2", "cpe:/o:linux:linux_kernel:3.4.7", "cpe:/o:linux:linux_kernel:3.5.4", "cpe:/o:linux:linux_kernel:3.8.0", "cpe:/o:linux:linux_kernel:3.4.25", "cpe:/o:linux:linux_kernel:3.3.5", "cpe:/o:linux:linux_kernel:3.5.3", "cpe:/o:linux:linux_kernel:3.4.14", "cpe:/o:linux:linux_kernel:3.0.43", "cpe:/o:linux:linux_kernel:3.0.11", "cpe:/o:linux:linux_kernel:3.7.4", "cpe:/o:linux:linux_kernel:3.5.2", "cpe:/o:linux:linux_kernel:3.10.13", "cpe:/o:linux:linux_kernel:3.0.35", "cpe:/o:linux:linux_kernel:3.4.16", "cpe:/o:linux:linux_kernel:3.0.52", "cpe:/o:linux:linux_kernel:3.12", "cpe:/o:linux:linux_kernel:3.0.51", "cpe:/o:linux:linux_kernel:3.8.6", "cpe:/o:linux:linux_kernel:3.10.23", "cpe:/o:linux:linux_kernel:3.0.48", "cpe:/o:linux:linux_kernel:3.0.54", "cpe:/o:linux:linux_kernel:3.11.5", "cpe:/o:linux:linux_kernel:3.7.9", "cpe:/o:linux:linux_kernel:3.9.4", "cpe:/o:linux:linux_kernel:3.1", "cpe:/o:linux:linux_kernel:3.6.11", "cpe:/o:linux:linux_kernel:3.4.12", "cpe:/o:linux:linux_kernel:3.9.7", "cpe:/o:linux:linux_kernel:3.10.11", "cpe:/o:linux:linux_kernel:3.4.31", "cpe:/o:linux:linux_kernel:3.1.6", "cpe:/o:linux:linux_kernel:3.0.22", "cpe:/o:linux:linux_kernel:3.0.24", "cpe:/o:linux:linux_kernel:3.10.15", "cpe:/o:linux:linux_kernel:3.7.1", "cpe:/o:linux:linux_kernel:3.6.4", "cpe:/o:linux:linux_kernel:3.1.8", "cpe:/o:linux:linux_kernel:3.9.10", "cpe:/o:linux:linux_kernel:3.1.2", "cpe:/o:linux:linux_kernel:3.3.1", "cpe:/o:linux:linux_kernel:3.6.2", "cpe:/o:linux:linux_kernel:3.2.26", "cpe:/o:linux:linux_kernel:3.6.8", "cpe:/o:linux:linux_kernel:3.8.2", "cpe:/o:linux:linux_kernel:3.4.5", "cpe:/o:linux:linux_kernel:3.10.2", "cpe:/o:linux:linux_kernel:3.4.1", "cpe:/o:linux:linux_kernel:3.2.10", "cpe:/o:linux:linux_kernel:3.11.1", "cpe:/o:linux:linux_kernel:3.8.11", "cpe:/o:linux:linux_kernel:3.10.22", "cpe:/o:linux:linux_kernel:3.4.11", "cpe:/o:linux:linux_kernel:3.11.10"], "id": "CVE-2013-7265", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7265", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.53:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.68:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.47:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.39:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.43:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.44:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.59:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.62:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.45:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.66:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.54:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.49:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.64:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.42:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.51:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.61:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.55:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.57:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.40:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.60:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.41:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.56:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.48:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.50:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.63:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.52:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.46:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.65:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.58:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.67:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc7:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:52:48", "description": "The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAP_SYS_RAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call.", "edition": 5, "cvss3": {}, "published": "2013-11-27T04:43:00", "title": "CVE-2013-6383", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6383"], "modified": "2014-03-26T04:54:00", "cpe": ["cpe:/o:linux:linux_kernel:3.0.57", "cpe:/o:linux:linux_kernel:3.7", "cpe:/o:linux:linux_kernel:3.0.36", "cpe:/o:linux:linux_kernel:3.4.4", "cpe:/o:linux:linux_kernel:3.9", "cpe:/o:linux:linux_kernel:3.11.6", "cpe:/o:linux:linux_kernel:3.4.30", "cpe:/o:linux:linux_kernel:3.1.4", "cpe:/o:linux:linux_kernel:3.1.7", "cpe:/o:linux:linux_kernel:3.0.30", "cpe:/o:linux:linux_kernel:3.0.64", "cpe:/o:linux:linux_kernel:3.4.10", "cpe:/o:linux:linux_kernel:3.2.14", "cpe:/o:linux:linux_kernel:3.10.17", "cpe:/o:linux:linux_kernel:3.4.27", "cpe:/o:linux:linux_kernel:3.0.27", "cpe:/o:linux:linux_kernel:3.2.7", "cpe:/o:linux:linux_kernel:3.8.9", "cpe:/o:linux:linux_kernel:3.8.4", "cpe:/o:linux:linux_kernel:3.0.61", "cpe:/o:linux:linux_kernel:3.10.18", "cpe:/o:linux:linux_kernel:3.4.19", "cpe:/o:linux:linux_kernel:3.4.21", "cpe:/o:linux:linux_kernel:3.2.24", "cpe:/o:linux:linux_kernel:3.2.25", "cpe:/o:linux:linux_kernel:3.5.5", "cpe:/o:linux:linux_kernel:3.0.33", "cpe:/o:linux:linux_kernel:3.3.6", "cpe:/o:linux:linux_kernel:3.2.8", "cpe:/o:linux:linux_kernel:3.0.47", "cpe:/o:linux:linux_kernel:3.10.4", "cpe:/o:linux:linux_kernel:3.0.9", "cpe:/o:linux:linux_kernel:3.4.23", "cpe:/o:linux:linux_kernel:3.4.2", "cpe:/o:linux:linux_kernel:3.4.13", "cpe:/o:linux:linux_kernel:3.2.29", "cpe:/o:linux:linux_kernel:3.2.18", "cpe:/o:linux:linux_kernel:3.0.6", "cpe:/o:linux:linux_kernel:3.10.7", "cpe:/o:linux:linux_kernel:3.6.10", "cpe:/o:linux:linux_kernel:3.6.5", "cpe:/o:linux:linux_kernel:3.10.9", "cpe:/o:linux:linux_kernel:3.0.17", "cpe:/o:linux:linux_kernel:3.6", "cpe:/o:linux:linux_kernel:3.2.23", "cpe:/o:linux:linux_kernel:3.0.10", "cpe:/o:linux:linux_kernel:3.6.3", "cpe:/o:linux:linux_kernel:3.10.14", "cpe:/o:linux:linux_kernel:3.7.3", "cpe:/o:linux:linux_kernel:3.8.10", "cpe:/o:linux:linux_kernel:3.8.12", "cpe:/o:linux:linux_kernel:3.7.8", "cpe:/o:linux:linux_kernel:3.0.40", "cpe:/o:linux:linux_kernel:3.11.3", "cpe:/o:linux:linux_kernel:3.0.67", "cpe:/o:linux:linux_kernel:3.10.10", "cpe:/o:linux:linux_kernel:3.1.3", "cpe:/o:linux:linux_kernel:3.0.45", "cpe:/o:linux:linux_kernel:3.0.7", "cpe:/o:linux:linux_kernel:3.3", "cpe:/o:linux:linux_kernel:3.0.20", "cpe:/o:linux:linux_kernel:3.2.30", "cpe:/o:linux:linux_kernel:3.0.31", "cpe:/o:linux:linux_kernel:3.10.3", "cpe:/o:linux:linux_kernel:3.4.9", "cpe:/o:linux:linux_kernel:3.10.12", "cpe:/o:linux:linux_kernel:3.0.49", "cpe:/o:linux:linux_kernel:3.2.13", "cpe:/o:linux:linux_kernel:3.4.24", "cpe:/o:linux:linux_kernel:3.0.12", "cpe:/o:linux:linux_kernel:3.0.41", "cpe:/o:linux:linux_kernel:3.10.6", "cpe:/o:linux:linux_kernel:3.0.59", "cpe:/o:linux:linux_kernel:3.0.15", "cpe:/o:linux:linux_kernel:3.8.3", "cpe:/o:linux:linux_kernel:3.2.27", "cpe:/o:linux:linux_kernel:3.0.50", "cpe:/o:linux:linux_kernel:3.0.23", "cpe:/o:linux:linux_kernel:3.8.13", "cpe:/o:linux:linux_kernel:3.0.44", "cpe:/o:linux:linux_kernel:3.8.5", "cpe:/o:linux:linux_kernel:3.1.10", "cpe:/o:linux:linux_kernel:3.9.11", "cpe:/o:linux:linux_kernel:3.4.6", "cpe:/o:linux:linux_kernel:3.11", "cpe:/o:linux:linux_kernel:3.0.13", "cpe:/o:linux:linux_kernel:3.9.5", "cpe:/o:linux:linux_kernel:3.6.1", "cpe:/o:linux:linux_kernel:3.0.5", "cpe:/o:linux:linux_kernel:3.0.39", "cpe:/o:linux:linux_kernel:3.5.1", "cpe:/o:linux:linux_kernel:3.0.3", "cpe:/o:linux:linux_kernel:3.11.7", "cpe:/o:linux:linux_kernel:3.0.63", "cpe:/o:linux:linux_kernel:3.2.28", "cpe:/o:linux:linux_kernel:3.3.4", "cpe:/o:linux:linux_kernel:3.3.7", "cpe:/o:linux:linux_kernel:3.0.14", "cpe:/o:linux:linux_kernel:3.0.28", "cpe:/o:linux:linux_kernel:3.0.25", "cpe:/o:linux:linux_kernel:3.9.1", "cpe:/o:linux:linux_kernel:3.0.56", "cpe:/o:linux:linux_kernel:3.0.1", "cpe:/o:linux:linux_kernel:3.2.3", "cpe:/o:linux:linux_kernel:3.7.2", "cpe:/o:linux:linux_kernel:3.0.58", "cpe:/o:linux:linux_kernel:3.0.8", "cpe:/o:linux:linux_kernel:3.0.66", "cpe:/o:linux:linux_kernel:3.2.17", "cpe:/o:linux:linux_kernel:3.0.60", "cpe:/o:linux:linux_kernel:3.2.6", "cpe:/o:linux:linux_kernel:3.7.5", "cpe:/o:linux:linux_kernel:3.2.1", "cpe:/o:linux:linux_kernel:3.4.3", "cpe:/o:linux:linux_kernel:3.4.32", "cpe:/o:linux:linux_kernel:3.3.2", "cpe:/o:linux:linux_kernel:3.0.65", "cpe:/o:linux:linux_kernel:3.4.20", "cpe:/o:linux:linux_kernel:3.3.3", "cpe:/o:linux:linux_kernel:3.2.19", "cpe:/o:linux:linux_kernel:3.7.7", "cpe:/o:linux:linux_kernel:3.2.16", "cpe:/o:linux:linux_kernel:3.0.62", "cpe:/o:linux:linux_kernel:3.0.55", "cpe:/o:linux:linux_kernel:3.1.1", "cpe:/o:linux:linux_kernel:3.2.5", "cpe:/o:linux:linux_kernel:3.9.3", "cpe:/o:linux:linux_kernel:3.0.46", "cpe:/o:linux:linux_kernel:3.11.4", "cpe:/o:linux:linux_kernel:3.6.6", "cpe:/o:linux:linux_kernel:3.2.2", "cpe:/o:linux:linux_kernel:3.10.8", "cpe:/o:linux:linux_kernel:3.7.6", "cpe:/o:linux:linux_kernel:3.11.2", "cpe:/o:linux:linux_kernel:3.5.6", "cpe:/o:linux:linux_kernel:3.4.22", "cpe:/o:linux:linux_kernel:3.9.9", "cpe:/o:linux:linux_kernel:3.0.18", "cpe:/o:linux:linux_kernel:3.4.26", "cpe:/o:linux:linux_kernel:3.0.19", "cpe:/o:linux:linux_kernel:3.1.5", "cpe:/o:linux:linux_kernel:3.0.26", "cpe:/o:linux:linux_kernel:3.8.1", "cpe:/o:linux:linux_kernel:3.4", "cpe:/o:linux:linux_kernel:3.4.17", "cpe:/o:linux:linux_kernel:3.10.16", "cpe:/o:linux:linux_kernel:3.6.9", "cpe:/o:linux:linux_kernel:3.0.68", "cpe:/o:linux:linux_kernel:3.8.7", "cpe:/o:linux:linux_kernel:3.0.37", "cpe:/o:linux:linux_kernel:3.0.34", "cpe:/o:linux:linux_kernel:3.10.1", "cpe:/o:linux:linux_kernel:3.0", "cpe:/o:linux:linux_kernel:3.0.32", "cpe:/o:linux:linux_kernel:3.7.10", "cpe:/o:linux:linux_kernel:3.3.8", "cpe:/o:linux:linux_kernel:3.0.16", "cpe:/o:linux:linux_kernel:3.0.38", "cpe:/o:linux:linux_kernel:3.2.4", "cpe:/o:linux:linux_kernel:3.4.29", "cpe:/o:linux:linux_kernel:3.4.15", "cpe:/o:linux:linux_kernel:3.2.15", "cpe:/o:linux:linux_kernel:3.1.9", "cpe:/o:linux:linux_kernel:3.4.18", "cpe:/o:linux:linux_kernel:3.2.20", "cpe:/o:linux:linux_kernel:3.8.8", "cpe:/o:linux:linux_kernel:3.2.12", "cpe:/o:linux:linux_kernel:3.2.21", "cpe:/o:linux:linux_kernel:3.10.5", "cpe:/o:linux:linux_kernel:3.0.2", "cpe:/o:linux:linux_kernel:3.4.8", "cpe:/o:linux:linux_kernel:3.2.11", "cpe:/o:linux:linux_kernel:3.5.7", "cpe:/o:linux:linux_kernel:3.2.22", "cpe:/o:linux:linux_kernel:3.0.53", "cpe:/o:linux:linux_kernel:3.0.4", "cpe:/o:linux:linux_kernel:3.0.42", "cpe:/o:linux:linux_kernel:3.9.6", "cpe:/o:linux:linux_kernel:3.0.21", "cpe:/o:linux:linux_kernel:3.2.9", "cpe:/o:linux:linux_kernel:3.9.2", "cpe:/o:linux:linux_kernel:3.9.0", "cpe:/o:linux:linux_kernel:3.9.8", "cpe:/o:linux:linux_kernel:3.4.28", "cpe:/o:linux:linux_kernel:3.6.7", "cpe:/o:linux:linux_kernel:3.0.29", "cpe:/o:linux:linux_kernel:3.2", "cpe:/o:linux:linux_kernel:3.4.7", "cpe:/o:linux:linux_kernel:3.5.4", "cpe:/o:linux:linux_kernel:3.8.0", "cpe:/o:linux:linux_kernel:3.4.25", "cpe:/o:linux:linux_kernel:3.3.5", "cpe:/o:linux:linux_kernel:3.5.3", "cpe:/o:linux:linux_kernel:3.4.14", "cpe:/o:linux:linux_kernel:3.0.43", "cpe:/o:linux:linux_kernel:3.0.11", "cpe:/o:linux:linux_kernel:3.7.4", "cpe:/o:linux:linux_kernel:3.5.2", "cpe:/o:linux:linux_kernel:3.10.13", "cpe:/o:linux:linux_kernel:3.0.35", "cpe:/o:linux:linux_kernel:3.4.16", "cpe:/o:linux:linux_kernel:3.0.52", "cpe:/o:linux:linux_kernel:3.0.51", "cpe:/o:linux:linux_kernel:3.8.6", "cpe:/o:linux:linux_kernel:3.0.48", "cpe:/o:linux:linux_kernel:3.0.54", "cpe:/o:linux:linux_kernel:3.11.5", "cpe:/o:linux:linux_kernel:3.7.9", "cpe:/o:linux:linux_kernel:3.9.4", "cpe:/o:linux:linux_kernel:3.1", "cpe:/o:linux:linux_kernel:3.6.11", "cpe:/o:linux:linux_kernel:3.4.12", "cpe:/o:linux:linux_kernel:3.9.7", "cpe:/o:linux:linux_kernel:3.10.11", "cpe:/o:linux:linux_kernel:3.4.31", "cpe:/o:linux:linux_kernel:3.1.6", "cpe:/o:linux:linux_kernel:3.0.22", "cpe:/o:linux:linux_kernel:3.0.24", "cpe:/o:linux:linux_kernel:3.10.15", "cpe:/o:linux:linux_kernel:3.7.1", "cpe:/o:linux:linux_kernel:3.6.4", "cpe:/o:linux:linux_kernel:3.1.8", "cpe:/o:linux:linux_kernel:3.9.10", "cpe:/o:linux:linux_kernel:3.1.2", "cpe:/o:linux:linux_kernel:3.3.1", "cpe:/o:linux:linux_kernel:3.6.2", "cpe:/o:linux:linux_kernel:3.2.26", "cpe:/o:linux:linux_kernel:3.6.8", "cpe:/o:linux:linux_kernel:3.8.2", "cpe:/o:linux:linux_kernel:3.4.5", "cpe:/o:linux:linux_kernel:3.10.2", "cpe:/o:linux:linux_kernel:3.4.1", "cpe:/o:linux:linux_kernel:3.2.10", "cpe:/o:linux:linux_kernel:3.11.1", "cpe:/o:linux:linux_kernel:3.8.11", "cpe:/o:linux:linux_kernel:3.4.11"], "id": "CVE-2013-6383", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6383", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.53:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.68:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.47:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.39:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.43:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.44:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.59:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.62:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.45:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.66:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.54:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.49:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.64:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.42:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.51:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.61:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.55:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.57:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.40:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.60:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.41:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.56:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.48:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.50:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.63:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.52:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.46:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.65:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.58:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.67:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc7:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:52:48", "description": "The aac_send_raw_srb function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 3.12.1 does not properly validate a certain size value, which allows local users to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via an FSACTL_SEND_RAW_SRB ioctl call that triggers a crafted SRB command.", "edition": 5, "cvss3": {}, "published": "2013-11-27T04:43:00", "title": "CVE-2013-6380", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6380"], "modified": "2014-03-16T04:42:00", "cpe": ["cpe:/o:linux:linux_kernel:3.0.57", "cpe:/o:linux:linux_kernel:3.7", "cpe:/o:linux:linux_kernel:3.0.36", "cpe:/o:linux:linux_kernel:3.4.4", "cpe:/o:linux:linux_kernel:3.9", "cpe:/o:linux:linux_kernel:3.11.6", "cpe:/o:linux:linux_kernel:3.4.30", "cpe:/o:linux:linux_kernel:3.1.4", "cpe:/o:linux:linux_kernel:3.1.7", "cpe:/o:linux:linux_kernel:3.0.30", "cpe:/o:linux:linux_kernel:3.0.64", "cpe:/o:linux:linux_kernel:3.4.10", "cpe:/o:linux:linux_kernel:3.2.14", "cpe:/o:linux:linux_kernel:3.10.17", "cpe:/o:linux:linux_kernel:3.4.27", "cpe:/o:linux:linux_kernel:3.0.27", "cpe:/o:linux:linux_kernel:3.2.7", "cpe:/o:linux:linux_kernel:3.8.9", "cpe:/o:linux:linux_kernel:3.8.4", "cpe:/o:linux:linux_kernel:3.0.61", "cpe:/o:linux:linux_kernel:3.10.18", "cpe:/o:linux:linux_kernel:3.4.19", "cpe:/o:linux:linux_kernel:3.4.21", "cpe:/o:linux:linux_kernel:3.2.24", "cpe:/o:linux:linux_kernel:3.2.25", "cpe:/o:linux:linux_kernel:3.5.5", "cpe:/o:linux:linux_kernel:3.0.33", "cpe:/o:linux:linux_kernel:3.3.6", "cpe:/o:linux:linux_kernel:3.2.8", "cpe:/o:linux:linux_kernel:3.0.47", "cpe:/o:linux:linux_kernel:3.10.4", "cpe:/o:linux:linux_kernel:3.0.9", "cpe:/o:linux:linux_kernel:3.4.23", "cpe:/o:linux:linux_kernel:3.4.2", "cpe:/o:linux:linux_kernel:3.4.13", "cpe:/o:linux:linux_kernel:3.2.29", "cpe:/o:linux:linux_kernel:3.2.18", "cpe:/o:linux:linux_kernel:3.0.6", "cpe:/o:linux:linux_kernel:3.10.7", "cpe:/o:linux:linux_kernel:3.6.10", "cpe:/o:linux:linux_kernel:3.6.5", "cpe:/o:linux:linux_kernel:3.10.9", "cpe:/o:linux:linux_kernel:3.0.17", "cpe:/o:linux:linux_kernel:3.6", "cpe:/o:linux:linux_kernel:3.2.23", "cpe:/o:linux:linux_kernel:3.0.10", "cpe:/o:linux:linux_kernel:3.6.3", "cpe:/o:linux:linux_kernel:3.10.14", "cpe:/o:linux:linux_kernel:3.7.3", "cpe:/o:linux:linux_kernel:3.8.10", "cpe:/o:linux:linux_kernel:3.8.12", "cpe:/o:linux:linux_kernel:3.7.8", "cpe:/o:linux:linux_kernel:3.0.40", "cpe:/o:linux:linux_kernel:3.11.3", "cpe:/o:linux:linux_kernel:3.0.67", "cpe:/o:linux:linux_kernel:3.10.10", "cpe:/o:linux:linux_kernel:3.1.3", "cpe:/o:linux:linux_kernel:3.0.45", "cpe:/o:linux:linux_kernel:3.0.7", "cpe:/o:linux:linux_kernel:3.3", "cpe:/o:linux:linux_kernel:3.0.20", "cpe:/o:linux:linux_kernel:3.2.30", "cpe:/o:linux:linux_kernel:3.0.31", "cpe:/o:linux:linux_kernel:3.10.3", "cpe:/o:linux:linux_kernel:3.4.9", "cpe:/o:linux:linux_kernel:3.10.12", "cpe:/o:linux:linux_kernel:3.0.49", "cpe:/o:linux:linux_kernel:3.2.13", "cpe:/o:linux:linux_kernel:3.4.24", "cpe:/o:linux:linux_kernel:3.0.12", "cpe:/o:linux:linux_kernel:3.0.41", "cpe:/o:linux:linux_kernel:3.10.6", "cpe:/o:linux:linux_kernel:3.0.59", "cpe:/o:linux:linux_kernel:3.0.15", "cpe:/o:linux:linux_kernel:3.8.3", "cpe:/o:linux:linux_kernel:3.2.27", "cpe:/o:linux:linux_kernel:3.0.50", "cpe:/o:linux:linux_kernel:3.0.23", "cpe:/o:linux:linux_kernel:3.8.13", "cpe:/o:linux:linux_kernel:3.0.44", "cpe:/o:linux:linux_kernel:3.8.5", "cpe:/o:linux:linux_kernel:3.1.10", "cpe:/o:linux:linux_kernel:3.9.11", "cpe:/o:linux:linux_kernel:3.4.6", "cpe:/o:linux:linux_kernel:3.11", "cpe:/o:linux:linux_kernel:3.0.13", "cpe:/o:linux:linux_kernel:3.9.5", "cpe:/o:linux:linux_kernel:3.6.1", "cpe:/o:linux:linux_kernel:3.0.5", "cpe:/o:linux:linux_kernel:3.0.39", "cpe:/o:linux:linux_kernel:3.5.1", "cpe:/o:linux:linux_kernel:3.0.3", "cpe:/o:linux:linux_kernel:3.11.7", "cpe:/o:linux:linux_kernel:3.0.63", "cpe:/o:linux:linux_kernel:3.2.28", "cpe:/o:linux:linux_kernel:3.3.4", "cpe:/o:linux:linux_kernel:3.3.7", "cpe:/o:linux:linux_kernel:3.0.14", "cpe:/o:linux:linux_kernel:3.0.28", "cpe:/o:linux:linux_kernel:3.0.25", "cpe:/o:linux:linux_kernel:3.9.1", "cpe:/o:linux:linux_kernel:3.0.56", "cpe:/o:linux:linux_kernel:3.0.1", "cpe:/o:linux:linux_kernel:3.2.3", "cpe:/o:linux:linux_kernel:3.7.2", "cpe:/o:linux:linux_kernel:3.0.58", "cpe:/o:linux:linux_kernel:3.0.8", "cpe:/o:linux:linux_kernel:3.0.66", "cpe:/o:linux:linux_kernel:3.2.17", "cpe:/o:linux:linux_kernel:3.0.60", "cpe:/o:linux:linux_kernel:3.2.6", "cpe:/o:linux:linux_kernel:3.7.5", "cpe:/o:linux:linux_kernel:3.2.1", "cpe:/o:linux:linux_kernel:3.4.3", "cpe:/o:linux:linux_kernel:3.4.32", "cpe:/o:linux:linux_kernel:3.3.2", "cpe:/o:linux:linux_kernel:3.0.65", "cpe:/o:linux:linux_kernel:3.4.20", "cpe:/o:linux:linux_kernel:3.12.1", "cpe:/o:linux:linux_kernel:3.3.3", "cpe:/o:linux:linux_kernel:3.2.19", "cpe:/o:linux:linux_kernel:3.7.7", "cpe:/o:linux:linux_kernel:3.2.16", "cpe:/o:linux:linux_kernel:3.0.62", "cpe:/o:linux:linux_kernel:3.0.55", "cpe:/o:linux:linux_kernel:3.1.1", "cpe:/o:linux:linux_kernel:3.2.5", "cpe:/o:linux:linux_kernel:3.9.3", "cpe:/o:linux:linux_kernel:3.0.46", "cpe:/o:linux:linux_kernel:3.11.4", "cpe:/o:linux:linux_kernel:3.6.6", "cpe:/o:linux:linux_kernel:3.2.2", "cpe:/o:linux:linux_kernel:3.10.8", "cpe:/o:linux:linux_kernel:3.7.6", "cpe:/o:linux:linux_kernel:3.11.2", "cpe:/o:linux:linux_kernel:3.5.6", "cpe:/o:linux:linux_kernel:3.4.22", "cpe:/o:linux:linux_kernel:3.9.9", "cpe:/o:linux:linux_kernel:3.0.18", "cpe:/o:linux:linux_kernel:3.4.26", "cpe:/o:linux:linux_kernel:3.0.19", "cpe:/o:linux:linux_kernel:3.1.5", "cpe:/o:linux:linux_kernel:3.0.26", "cpe:/o:linux:linux_kernel:3.8.1", "cpe:/o:linux:linux_kernel:3.4", "cpe:/o:linux:linux_kernel:3.4.17", "cpe:/o:linux:linux_kernel:3.10.16", "cpe:/o:linux:linux_kernel:3.6.9", "cpe:/o:linux:linux_kernel:3.0.68", "cpe:/o:linux:linux_kernel:3.8.7", "cpe:/o:linux:linux_kernel:3.0.37", "cpe:/o:linux:linux_kernel:3.0.34", "cpe:/o:linux:linux_kernel:3.10.1", "cpe:/o:linux:linux_kernel:3.0", "cpe:/o:linux:linux_kernel:3.0.32", "cpe:/o:linux:linux_kernel:3.7.10", "cpe:/o:linux:linux_kernel:3.3.8", "cpe:/o:linux:linux_kernel:3.0.16", "cpe:/o:linux:linux_kernel:3.0.38", "cpe:/o:linux:linux_kernel:3.2.4", "cpe:/o:linux:linux_kernel:3.4.29", "cpe:/o:linux:linux_kernel:3.4.15", "cpe:/o:linux:linux_kernel:3.2.15", "cpe:/o:linux:linux_kernel:3.1.9", "cpe:/o:linux:linux_kernel:3.4.18", "cpe:/o:linux:linux_kernel:3.2.20", "cpe:/o:linux:linux_kernel:3.8.8", "cpe:/o:linux:linux_kernel:3.2.12", "cpe:/o:linux:linux_kernel:3.2.21", "cpe:/o:linux:linux_kernel:3.10.5", "cpe:/o:linux:linux_kernel:3.0.2", "cpe:/o:linux:linux_kernel:3.4.8", "cpe:/o:linux:linux_kernel:3.2.11", "cpe:/o:linux:linux_kernel:3.5.7", "cpe:/o:linux:linux_kernel:3.2.22", "cpe:/o:linux:linux_kernel:3.0.53", "cpe:/o:linux:linux_kernel:3.0.4", "cpe:/o:linux:linux_kernel:3.0.42", "cpe:/o:linux:linux_kernel:3.9.6", "cpe:/o:linux:linux_kernel:3.0.21", "cpe:/o:linux:linux_kernel:3.2.9", "cpe:/o:linux:linux_kernel:3.9.2", "cpe:/o:linux:linux_kernel:3.9.0", "cpe:/o:linux:linux_kernel:3.9.8", "cpe:/o:linux:linux_kernel:3.4.28", "cpe:/o:linux:linux_kernel:3.6.7", "cpe:/o:linux:linux_kernel:3.0.29", "cpe:/o:linux:linux_kernel:3.2", "cpe:/o:linux:linux_kernel:3.4.7", "cpe:/o:linux:linux_kernel:3.5.4", "cpe:/o:linux:linux_kernel:3.8.0", "cpe:/o:linux:linux_kernel:3.4.25", "cpe:/o:linux:linux_kernel:3.3.5", "cpe:/o:linux:linux_kernel:3.5.3", "cpe:/o:linux:linux_kernel:3.4.14", "cpe:/o:linux:linux_kernel:3.0.43", "cpe:/o:linux:linux_kernel:3.0.11", "cpe:/o:linux:linux_kernel:3.7.4", "cpe:/o:linux:linux_kernel:3.5.2", "cpe:/o:linux:linux_kernel:3.10.13", "cpe:/o:linux:linux_kernel:3.0.35", "cpe:/o:linux:linux_kernel:3.4.16", "cpe:/o:linux:linux_kernel:3.0.52", "cpe:/o:linux:linux_kernel:3.12", "cpe:/o:linux:linux_kernel:3.0.51", "cpe:/o:linux:linux_kernel:3.8.6", "cpe:/o:linux:linux_kernel:3.0.48", "cpe:/o:linux:linux_kernel:3.0.54", "cpe:/o:linux:linux_kernel:3.11.5", "cpe:/o:linux:linux_kernel:3.7.9", "cpe:/o:linux:linux_kernel:3.9.4", "cpe:/o:linux:linux_kernel:3.1", "cpe:/o:linux:linux_kernel:3.6.11", "cpe:/o:linux:linux_kernel:3.4.12", "cpe:/o:linux:linux_kernel:3.9.7", "cpe:/o:linux:linux_kernel:3.10.11", "cpe:/o:linux:linux_kernel:3.4.31", "cpe:/o:linux:linux_kernel:3.1.6", "cpe:/o:linux:linux_kernel:3.0.22", "cpe:/o:linux:linux_kernel:3.0.24", "cpe:/o:linux:linux_kernel:3.10.15", "cpe:/o:linux:linux_kernel:3.7.1", "cpe:/o:linux:linux_kernel:3.6.4", "cpe:/o:linux:linux_kernel:3.1.8", "cpe:/o:linux:linux_kernel:3.9.10", "cpe:/o:linux:linux_kernel:3.1.2", "cpe:/o:linux:linux_kernel:3.3.1", "cpe:/o:linux:linux_kernel:3.6.2", "cpe:/o:linux:linux_kernel:3.2.26", "cpe:/o:linux:linux_kernel:3.6.8", "cpe:/o:linux:linux_kernel:3.8.2", "cpe:/o:linux:linux_kernel:3.4.5", "cpe:/o:linux:linux_kernel:3.10.2", "cpe:/o:linux:linux_kernel:3.4.1", "cpe:/o:linux:linux_kernel:3.2.10", "cpe:/o:linux:linux_kernel:3.11.1", "cpe:/o:linux:linux_kernel:3.8.11", "cpe:/o:linux:linux_kernel:3.4.11"], "id": "CVE-2013-6380", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6380", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.53:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.68:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.47:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.39:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.43:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.44:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.59:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.62:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.45:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.66:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.54:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.49:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.64:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.42:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.51:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.61:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.55:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.57:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.40:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.60:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.41:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.56:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.48:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.50:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.63:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.52:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.46:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.65:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.58:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.67:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc7:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:52:48", "description": "Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value, related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c.", "edition": 5, "cvss3": {}, "published": "2013-11-27T04:43:00", "title": "CVE-2013-6382", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6382"], "modified": "2016-12-31T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.0.57", "cpe:/o:linux:linux_kernel:3.7", "cpe:/o:linux:linux_kernel:3.0.36", "cpe:/o:linux:linux_kernel:3.4.4", "cpe:/o:linux:linux_kernel:3.9", "cpe:/o:linux:linux_kernel:3.11.6", "cpe:/o:linux:linux_kernel:3.4.30", "cpe:/o:linux:linux_kernel:3.1.4", "cpe:/o:linux:linux_kernel:3.1.7", "cpe:/o:linux:linux_kernel:3.0.30", "cpe:/o:linux:linux_kernel:3.0.64", "cpe:/o:linux:linux_kernel:3.4.10", "cpe:/o:linux:linux_kernel:3.2.14", "cpe:/o:linux:linux_kernel:3.10.17", "cpe:/o:linux:linux_kernel:3.4.27", "cpe:/o:linux:linux_kernel:3.0.27", "cpe:/o:linux:linux_kernel:3.2.7", "cpe:/o:linux:linux_kernel:3.8.9", "cpe:/o:linux:linux_kernel:3.8.4", "cpe:/o:linux:linux_kernel:3.0.61", "cpe:/o:linux:linux_kernel:3.10.18", "cpe:/o:linux:linux_kernel:3.4.19", "cpe:/o:linux:linux_kernel:3.4.21", "cpe:/o:linux:linux_kernel:3.2.24", "cpe:/o:linux:linux_kernel:3.2.25", "cpe:/o:linux:linux_kernel:3.5.5", "cpe:/o:linux:linux_kernel:3.0.33", "cpe:/o:linux:linux_kernel:3.3.6", "cpe:/o:linux:linux_kernel:3.2.8", "cpe:/o:linux:linux_kernel:3.0.47", "cpe:/o:linux:linux_kernel:3.10.4", "cpe:/o:linux:linux_kernel:3.0.9", "cpe:/o:linux:linux_kernel:3.4.23", "cpe:/o:linux:linux_kernel:3.4.2", "cpe:/o:linux:linux_kernel:3.4.13", "cpe:/o:linux:linux_kernel:3.2.29", "cpe:/o:linux:linux_kernel:3.2.18", "cpe:/o:linux:linux_kernel:3.0.6", "cpe:/o:linux:linux_kernel:3.10.7", "cpe:/o:linux:linux_kernel:3.6.10", "cpe:/o:linux:linux_kernel:3.6.5", "cpe:/o:linux:linux_kernel:3.10.9", "cpe:/o:linux:linux_kernel:3.0.17", "cpe:/o:linux:linux_kernel:3.6", "cpe:/o:linux:linux_kernel:3.2.23", "cpe:/o:linux:linux_kernel:3.0.10", "cpe:/o:linux:linux_kernel:3.6.3", "cpe:/o:linux:linux_kernel:3.10.14", "cpe:/o:linux:linux_kernel:3.7.3", "cpe:/o:linux:linux_kernel:3.8.10", "cpe:/o:linux:linux_kernel:3.8.12", "cpe:/o:linux:linux_kernel:3.7.8", "cpe:/o:linux:linux_kernel:3.0.40", "cpe:/o:linux:linux_kernel:3.11.3", "cpe:/o:linux:linux_kernel:3.0.67", "cpe:/o:linux:linux_kernel:3.10.10", "cpe:/o:linux:linux_kernel:3.1.3", "cpe:/o:linux:linux_kernel:3.0.45", "cpe:/o:linux:linux_kernel:3.0.7", "cpe:/o:linux:linux_kernel:3.3", "cpe:/o:linux:linux_kernel:3.0.20", "cpe:/o:linux:linux_kernel:3.2.30", "cpe:/o:linux:linux_kernel:3.0.31", "cpe:/o:linux:linux_kernel:3.10.3", "cpe:/o:linux:linux_kernel:3.4.9", "cpe:/o:linux:linux_kernel:3.10.12", "cpe:/o:linux:linux_kernel:3.0.49", "cpe:/o:linux:linux_kernel:3.2.13", "cpe:/o:linux:linux_kernel:3.4.24", "cpe:/o:linux:linux_kernel:3.0.12", "cpe:/o:linux:linux_kernel:3.0.41", "cpe:/o:linux:linux_kernel:3.10.6", "cpe:/o:linux:linux_kernel:3.0.59", "cpe:/o:linux:linux_kernel:3.0.15", "cpe:/o:linux:linux_kernel:3.8.3", "cpe:/o:linux:linux_kernel:3.2.27", "cpe:/o:linux:linux_kernel:3.0.50", "cpe:/o:linux:linux_kernel:3.0.23", "cpe:/o:linux:linux_kernel:3.8.13", "cpe:/o:linux:linux_kernel:3.0.44", "cpe:/o:linux:linux_kernel:3.8.5", "cpe:/o:linux:linux_kernel:3.1.10", "cpe:/o:linux:linux_kernel:3.9.11", "cpe:/o:linux:linux_kernel:3.4.6", "cpe:/o:linux:linux_kernel:3.11", "cpe:/o:linux:linux_kernel:3.0.13", "cpe:/o:linux:linux_kernel:3.9.5", "cpe:/o:linux:linux_kernel:3.6.1", "cpe:/o:linux:linux_kernel:3.0.5", "cpe:/o:linux:linux_kernel:3.0.39", "cpe:/o:linux:linux_kernel:3.5.1", "cpe:/o:linux:linux_kernel:3.0.3", "cpe:/o:linux:linux_kernel:3.11.7", "cpe:/o:linux:linux_kernel:3.0.63", "cpe:/o:linux:linux_kernel:3.2.28", "cpe:/o:linux:linux_kernel:3.3.4", "cpe:/o:linux:linux_kernel:3.3.7", "cpe:/o:linux:linux_kernel:3.0.14", "cpe:/o:linux:linux_kernel:3.0.28", "cpe:/o:linux:linux_kernel:3.0.25", "cpe:/o:linux:linux_kernel:3.9.1", "cpe:/o:linux:linux_kernel:3.0.56", "cpe:/o:linux:linux_kernel:3.0.1", "cpe:/o:linux:linux_kernel:3.2.3", "cpe:/o:linux:linux_kernel:3.7.2", "cpe:/o:linux:linux_kernel:3.0.58", "cpe:/o:linux:linux_kernel:3.0.8", "cpe:/o:linux:linux_kernel:3.0.66", "cpe:/o:linux:linux_kernel:3.2.17", "cpe:/o:linux:linux_kernel:3.0.60", "cpe:/o:linux:linux_kernel:3.2.6", "cpe:/o:linux:linux_kernel:3.7.5", "cpe:/o:linux:linux_kernel:3.2.1", "cpe:/o:linux:linux_kernel:3.4.3", "cpe:/o:linux:linux_kernel:3.4.32", "cpe:/o:linux:linux_kernel:3.3.2", "cpe:/o:linux:linux_kernel:3.0.65", "cpe:/o:linux:linux_kernel:3.4.20", "cpe:/o:linux:linux_kernel:3.12.1", "cpe:/o:linux:linux_kernel:3.3.3", "cpe:/o:linux:linux_kernel:3.2.19", "cpe:/o:linux:linux_kernel:3.7.7", "cpe:/o:linux:linux_kernel:3.2.16", "cpe:/o:linux:linux_kernel:3.0.62", "cpe:/o:linux:linux_kernel:3.0.55", "cpe:/o:linux:linux_kernel:3.1.1", "cpe:/o:linux:linux_kernel:3.2.5", "cpe:/o:linux:linux_kernel:3.9.3", "cpe:/o:linux:linux_kernel:3.0.46", "cpe:/o:linux:linux_kernel:3.11.4", "cpe:/o:linux:linux_kernel:3.6.6", "cpe:/o:linux:linux_kernel:3.2.2", "cpe:/o:linux:linux_kernel:3.10.8", "cpe:/o:linux:linux_kernel:3.7.6", "cpe:/o:linux:linux_kernel:3.11.2", "cpe:/o:linux:linux_kernel:3.5.6", "cpe:/o:linux:linux_kernel:3.4.22", "cpe:/o:linux:linux_kernel:3.9.9", "cpe:/o:linux:linux_kernel:3.0.18", "cpe:/o:linux:linux_kernel:3.4.26", "cpe:/o:linux:linux_kernel:3.0.19", "cpe:/o:linux:linux_kernel:3.1.5", "cpe:/o:linux:linux_kernel:3.0.26", "cpe:/o:linux:linux_kernel:3.8.1", "cpe:/o:linux:linux_kernel:3.4", "cpe:/o:linux:linux_kernel:3.4.17", "cpe:/o:linux:linux_kernel:3.10.16", "cpe:/o:linux:linux_kernel:3.6.9", "cpe:/o:linux:linux_kernel:3.0.68", "cpe:/o:linux:linux_kernel:3.8.7", "cpe:/o:linux:linux_kernel:3.0.37", "cpe:/o:linux:linux_kernel:3.0.34", "cpe:/o:linux:linux_kernel:3.10.1", "cpe:/o:linux:linux_kernel:3.0", "cpe:/o:linux:linux_kernel:3.0.32", "cpe:/o:linux:linux_kernel:3.7.10", "cpe:/o:linux:linux_kernel:3.3.8", "cpe:/o:linux:linux_kernel:3.0.16", "cpe:/o:linux:linux_kernel:3.0.38", "cpe:/o:linux:linux_kernel:3.2.4", "cpe:/o:linux:linux_kernel:3.4.29", "cpe:/o:linux:linux_kernel:3.4.15", "cpe:/o:linux:linux_kernel:3.2.15", "cpe:/o:linux:linux_kernel:3.1.9", "cpe:/o:linux:linux_kernel:3.4.18", "cpe:/o:linux:linux_kernel:3.2.20", "cpe:/o:linux:linux_kernel:3.8.8", "cpe:/o:linux:linux_kernel:3.2.12", "cpe:/o:linux:linux_kernel:3.2.21", "cpe:/o:linux:linux_kernel:3.10.5", "cpe:/o:linux:linux_kernel:3.0.2", "cpe:/o:linux:linux_kernel:3.4.8", "cpe:/o:linux:linux_kernel:3.2.11", "cpe:/o:linux:linux_kernel:3.5.7", "cpe:/o:linux:linux_kernel:3.2.22", "cpe:/o:linux:linux_kernel:3.0.53", "cpe:/o:linux:linux_kernel:3.0.4", "cpe:/o:linux:linux_kernel:3.0.42", "cpe:/o:linux:linux_kernel:3.9.6", "cpe:/o:linux:linux_kernel:3.0.21", "cpe:/o:linux:linux_kernel:3.2.9", "cpe:/o:linux:linux_kernel:3.9.2", "cpe:/o:linux:linux_kernel:3.9.0", "cpe:/o:linux:linux_kernel:3.9.8", "cpe:/o:linux:linux_kernel:3.4.28", "cpe:/o:linux:linux_kernel:3.6.7", "cpe:/o:linux:linux_kernel:3.0.29", "cpe:/o:linux:linux_kernel:3.2", "cpe:/o:linux:linux_kernel:3.4.7", "cpe:/o:linux:linux_kernel:3.5.4", "cpe:/o:linux:linux_kernel:3.8.0", "cpe:/o:linux:linux_kernel:3.4.25", "cpe:/o:linux:linux_kernel:3.3.5", "cpe:/o:linux:linux_kernel:3.5.3", "cpe:/o:linux:linux_kernel:3.4.14", "cpe:/o:linux:linux_kernel:3.0.43", "cpe:/o:linux:linux_kernel:3.0.11", "cpe:/o:linux:linux_kernel:3.7.4", "cpe:/o:linux:linux_kernel:3.5.2", "cpe:/o:linux:linux_kernel:3.10.13", "cpe:/o:linux:linux_kernel:3.0.35", "cpe:/o:linux:linux_kernel:3.4.16", "cpe:/o:linux:linux_kernel:3.0.52", "cpe:/o:linux:linux_kernel:3.12", "cpe:/o:linux:linux_kernel:3.0.51", "cpe:/o:linux:linux_kernel:3.8.6", "cpe:/o:linux:linux_kernel:3.0.48", "cpe:/o:linux:linux_kernel:3.0.54", "cpe:/o:linux:linux_kernel:3.11.5", "cpe:/o:linux:linux_kernel:3.7.9", "cpe:/o:linux:linux_kernel:3.9.4", "cpe:/o:linux:linux_kernel:3.1", "cpe:/o:linux:linux_kernel:3.6.11", "cpe:/o:linux:linux_kernel:3.4.12", "cpe:/o:linux:linux_kernel:3.9.7", "cpe:/o:linux:linux_kernel:3.10.11", "cpe:/o:linux:linux_kernel:3.4.31", "cpe:/o:linux:linux_kernel:3.1.6", "cpe:/o:linux:linux_kernel:3.0.22", "cpe:/o:linux:linux_kernel:3.0.24", "cpe:/o:linux:linux_kernel:3.10.15", "cpe:/o:linux:linux_kernel:3.7.1", "cpe:/o:linux:linux_kernel:3.6.4", "cpe:/o:linux:linux_kernel:3.1.8", "cpe:/o:linux:linux_kernel:3.9.10", "cpe:/o:linux:linux_kernel:3.1.2", "cpe:/o:linux:linux_kernel:3.3.1", "cpe:/o:linux:linux_kernel:3.6.2", "cpe:/o:linux:linux_kernel:3.2.26", "cpe:/o:linux:linux_kernel:3.6.8", "cpe:/o:linux:linux_kernel:3.8.2", "cpe:/o:linux:linux_kernel:3.4.5", "cpe:/o:linux:linux_kernel:3.10.2", "cpe:/o:linux:linux_kernel:3.4.1", "cpe:/o:linux:linux_kernel:3.2.10", "cpe:/o:linux:linux_kernel:3.11.1", "cpe:/o:linux:linux_kernel:3.8.11", "cpe:/o:linux:linux_kernel:3.4.11"], "id": "CVE-2013-6382", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6382", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.53:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.68:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.47:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.39:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.43:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.44:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.59:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.62:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.45:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.66:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.54:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.49:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.64:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.42:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.51:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.61:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.55:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.57:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.40:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.60:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.41:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.56:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.48:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.50:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.63:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.52:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.46:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.65:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.58:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.67:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc7:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:52:49", "description": "The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c.", "edition": 5, "cvss3": {}, "published": "2014-01-06T16:55:00", "title": "CVE-2013-7263", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7263"], "modified": "2017-12-16T02:29:00", "cpe": ["cpe:/o:linux:linux_kernel:3.0.57", "cpe:/o:linux:linux_kernel:3.7", "cpe:/o:linux:linux_kernel:3.0.36", "cpe:/o:linux:linux_kernel:3.4.4", "cpe:/o:linux:linux_kernel:3.9", "cpe:/o:linux:linux_kernel:3.11.6", "cpe:/o:linux:linux_kernel:3.4.30", "cpe:/o:linux:linux_kernel:3.1.4", "cpe:/o:linux:linux_kernel:3.1.7", "cpe:/o:linux:linux_kernel:3.0.30", "cpe:/o:linux:linux_kernel:3.0.64", "cpe:/o:linux:linux_kernel:3.4.10", "cpe:/o:linux:linux_kernel:3.2.14", "cpe:/o:linux:linux_kernel:3.10.17", "cpe:/o:linux:linux_kernel:3.4.27", "cpe:/o:linux:linux_kernel:3.0.27", "cpe:/o:linux:linux_kernel:3.2.7", "cpe:/o:linux:linux_kernel:3.8.9", "cpe:/o:linux:linux_kernel:3.8.4", "cpe:/o:linux:linux_kernel:3.0.61", "cpe:/o:linux:linux_kernel:3.10.18", "cpe:/o:linux:linux_kernel:3.4.19", "cpe:/o:linux:linux_kernel:3.4.21", "cpe:/o:linux:linux_kernel:3.2.24", "cpe:/o:linux:linux_kernel:3.2.25", "cpe:/o:linux:linux_kernel:3.5.5", "cpe:/o:linux:linux_kernel:3.0.33", "cpe:/o:linux:linux_kernel:3.10.21", "cpe:/o:linux:linux_kernel:3.3.6", "cpe:/o:linux:linux_kernel:3.2.8", "cpe:/o:linux:linux_kernel:3.0.47", "cpe:/o:linux:linux_kernel:3.10.4", "cpe:/o:linux:linux_kernel:3.0.9", "cpe:/o:linux:linux_kernel:3.12.3", "cpe:/o:linux:linux_kernel:3.4.23", "cpe:/o:linux:linux_kernel:3.4.2", "cpe:/o:linux:linux_kernel:3.4.13", "cpe:/o:linux:linux_kernel:3.2.29", "cpe:/o:linux:linux_kernel:3.2.18", "cpe:/o:linux:linux_kernel:3.0.6", "cpe:/o:linux:linux_kernel:3.10.7", "cpe:/o:linux:linux_kernel:3.6.10", "cpe:/o:linux:linux_kernel:3.6.5", "cpe:/o:linux:linux_kernel:3.10.9", "cpe:/o:linux:linux_kernel:3.0.17", "cpe:/o:linux:linux_kernel:3.6", "cpe:/o:linux:linux_kernel:3.2.23", "cpe:/o:linux:linux_kernel:3.0.10", "cpe:/o:linux:linux_kernel:3.6.3", "cpe:/o:linux:linux_kernel:3.10.14", "cpe:/o:linux:linux_kernel:3.7.3", "cpe:/o:linux:linux_kernel:3.8.10", "cpe:/o:linux:linux_kernel:3.8.12", "cpe:/o:linux:linux_kernel:3.7.8", "cpe:/o:linux:linux_kernel:3.0.40", "cpe:/o:linux:linux_kernel:3.11.3", "cpe:/o:linux:linux_kernel:3.0.67", "cpe:/o:linux:linux_kernel:3.10.10", "cpe:/o:linux:linux_kernel:3.1.3", "cpe:/o:linux:linux_kernel:3.0.45", "cpe:/o:linux:linux_kernel:3.0.7", "cpe:/o:linux:linux_kernel:3.3", "cpe:/o:linux:linux_kernel:3.0.20", "cpe:/o:linux:linux_kernel:3.2.30", "cpe:/o:linux:linux_kernel:3.0.31", "cpe:/o:linux:linux_kernel:3.10.3", "cpe:/o:linux:linux_kernel:3.4.9", "cpe:/o:linux:linux_kernel:3.10.12", "cpe:/o:linux:linux_kernel:3.0.49", "cpe:/o:linux:linux_kernel:3.2.13", "cpe:/o:linux:linux_kernel:3.4.24", "cpe:/o:linux:linux_kernel:3.0.12", "cpe:/o:linux:linux_kernel:3.0.41", "cpe:/o:linux:linux_kernel:3.10.6", "cpe:/o:linux:linux_kernel:3.0.59", "cpe:/o:linux:linux_kernel:3.0.15", "cpe:/o:linux:linux_kernel:3.8.3", "cpe:/o:linux:linux_kernel:3.2.27", "cpe:/o:linux:linux_kernel:3.0.50", "cpe:/o:linux:linux_kernel:3.0.23", "cpe:/o:linux:linux_kernel:3.8.13", "cpe:/o:linux:linux_kernel:3.0.44", "cpe:/o:linux:linux_kernel:3.8.5", "cpe:/o:linux:linux_kernel:3.1.10", "cpe:/o:linux:linux_kernel:3.9.11", "cpe:/o:linux:linux_kernel:3.4.6", "cpe:/o:linux:linux_kernel:3.10.19", "cpe:/o:linux:linux_kernel:3.11", "cpe:/o:linux:linux_kernel:3.0.13", "cpe:/o:linux:linux_kernel:3.9.5", "cpe:/o:linux:linux_kernel:3.6.1", "cpe:/o:linux:linux_kernel:3.0.5", "cpe:/o:linux:linux_kernel:3.0.39", "cpe:/o:linux:linux_kernel:3.5.1", "cpe:/o:linux:linux_kernel:3.10.20", "cpe:/o:linux:linux_kernel:3.0.3", "cpe:/o:linux:linux_kernel:3.11.7", "cpe:/o:linux:linux_kernel:3.0.63", "cpe:/o:linux:linux_kernel:3.2.28", "cpe:/o:linux:linux_kernel:3.3.4", "cpe:/o:linux:linux_kernel:3.3.7", "cpe:/o:linux:linux_kernel:3.0.14", "cpe:/o:linux:linux_kernel:3.0.28", "cpe:/o:linux:linux_kernel:3.0.25", "cpe:/o:linux:linux_kernel:3.9.1", "cpe:/o:linux:linux_kernel:3.0.56", "cpe:/o:linux:linux_kernel:3.0.1", "cpe:/o:linux:linux_kernel:3.2.3", "cpe:/o:linux:linux_kernel:3.7.2", "cpe:/o:linux:linux_kernel:3.0.58", "cpe:/o:linux:linux_kernel:3.0.8", "cpe:/o:linux:linux_kernel:3.0.66", "cpe:/o:linux:linux_kernel:3.2.17", "cpe:/o:linux:linux_kernel:3.0.60", "cpe:/o:linux:linux_kernel:3.2.6", "cpe:/o:linux:linux_kernel:3.7.5", "cpe:/o:linux:linux_kernel:3.2.1", "cpe:/o:linux:linux_kernel:3.4.3", "cpe:/o:linux:linux_kernel:3.4.32", "cpe:/o:linux:linux_kernel:3.3.2", "cpe:/o:linux:linux_kernel:3.0.65", "cpe:/o:linux:linux_kernel:3.4.20", "cpe:/o:linux:linux_kernel:3.12.1", "cpe:/o:linux:linux_kernel:3.3.3", "cpe:/o:linux:linux_kernel:3.2.19", "cpe:/o:linux:linux_kernel:3.7.7", "cpe:/o:linux:linux_kernel:3.11.8", "cpe:/o:linux:linux_kernel:3.2.16", "cpe:/o:linux:linux_kernel:3.0.62", "cpe:/o:linux:linux_kernel:3.0.55", "cpe:/o:linux:linux_kernel:3.1.1", "cpe:/o:linux:linux_kernel:3.2.5", "cpe:/o:linux:linux_kernel:3.9.3", "cpe:/o:linux:linux_kernel:3.0.46", "cpe:/o:linux:linux_kernel:3.11.4", "cpe:/o:linux:linux_kernel:3.6.6", "cpe:/o:linux:linux_kernel:3.2.2", "cpe:/o:linux:linux_kernel:3.11.9", "cpe:/o:linux:linux_kernel:3.10.8", "cpe:/o:linux:linux_kernel:3.7.6", "cpe:/o:linux:linux_kernel:3.11.2", "cpe:/o:linux:linux_kernel:3.5.6", "cpe:/o:linux:linux_kernel:3.4.22", "cpe:/o:linux:linux_kernel:3.9.9", "cpe:/o:linux:linux_kernel:3.0.18", "cpe:/o:linux:linux_kernel:3.4.26", "cpe:/o:linux:linux_kernel:3.0.19", "cpe:/o:linux:linux_kernel:3.1.5", "cpe:/o:linux:linux_kernel:3.0.26", "cpe:/o:linux:linux_kernel:3.8.1", "cpe:/o:linux:linux_kernel:3.4", "cpe:/o:linux:linux_kernel:3.4.17", "cpe:/o:linux:linux_kernel:3.10.16", "cpe:/o:linux:linux_kernel:3.6.9", "cpe:/o:linux:linux_kernel:3.0.68", "cpe:/o:linux:linux_kernel:3.8.7", "cpe:/o:linux:linux_kernel:3.0.37", "cpe:/o:linux:linux_kernel:3.0.34", "cpe:/o:linux:linux_kernel:3.10.1", "cpe:/o:linux:linux_kernel:3.0", "cpe:/o:linux:linux_kernel:3.12.2", "cpe:/o:linux:linux_kernel:3.0.32", "cpe:/o:linux:linux_kernel:3.7.10", "cpe:/o:linux:linux_kernel:3.3.8", "cpe:/o:linux:linux_kernel:3.0.16", "cpe:/o:linux:linux_kernel:3.0.38", "cpe:/o:linux:linux_kernel:3.2.4", "cpe:/o:linux:linux_kernel:3.4.29", "cpe:/o:linux:linux_kernel:3.4.15", "cpe:/o:linux:linux_kernel:3.2.15", "cpe:/o:linux:linux_kernel:3.1.9", "cpe:/o:linux:linux_kernel:3.4.18", "cpe:/o:linux:linux_kernel:3.2.20", "cpe:/o:linux:linux_kernel:3.8.8", "cpe:/o:linux:linux_kernel:3.2.12", "cpe:/o:linux:linux_kernel:3.2.21", "cpe:/o:linux:linux_kernel:3.10.5", "cpe:/o:linux:linux_kernel:3.0.2", "cpe:/o:linux:linux_kernel:3.4.8", "cpe:/o:linux:linux_kernel:3.2.11", "cpe:/o:linux:linux_kernel:3.5.7", "cpe:/o:linux:linux_kernel:3.2.22", "cpe:/o:linux:linux_kernel:3.0.53", "cpe:/o:linux:linux_kernel:3.0.4", "cpe:/o:linux:linux_kernel:3.0.42", "cpe:/o:linux:linux_kernel:3.9.6", "cpe:/o:linux:linux_kernel:3.0.21", "cpe:/o:linux:linux_kernel:3.2.9", "cpe:/o:linux:linux_kernel:3.9.2", "cpe:/o:linux:linux_kernel:3.9.0", "cpe:/o:linux:linux_kernel:3.9.8", "cpe:/o:linux:linux_kernel:3.4.28", "cpe:/o:linux:linux_kernel:3.6.7", "cpe:/o:linux:linux_kernel:3.0.29", "cpe:/o:linux:linux_kernel:3.2", "cpe:/o:linux:linux_kernel:3.4.7", "cpe:/o:linux:linux_kernel:3.5.4", "cpe:/o:linux:linux_kernel:3.8.0", "cpe:/o:linux:linux_kernel:3.4.25", "cpe:/o:linux:linux_kernel:3.3.5", "cpe:/o:linux:linux_kernel:3.5.3", "cpe:/o:linux:linux_kernel:3.4.14", "cpe:/o:linux:linux_kernel:3.0.43", "cpe:/o:linux:linux_kernel:3.0.11", "cpe:/o:linux:linux_kernel:3.7.4", "cpe:/o:linux:linux_kernel:3.5.2", "cpe:/o:linux:linux_kernel:3.10.13", "cpe:/o:linux:linux_kernel:3.0.35", "cpe:/o:linux:linux_kernel:3.4.16", "cpe:/o:linux:linux_kernel:3.0.52", "cpe:/o:linux:linux_kernel:3.12", "cpe:/o:linux:linux_kernel:3.0.51", "cpe:/o:linux:linux_kernel:3.8.6", "cpe:/o:linux:linux_kernel:3.10.23", "cpe:/o:linux:linux_kernel:3.0.48", "cpe:/o:linux:linux_kernel:3.0.54", "cpe:/o:linux:linux_kernel:3.11.5", "cpe:/o:linux:linux_kernel:3.7.9", "cpe:/o:linux:linux_kernel:3.9.4", "cpe:/o:linux:linux_kernel:3.1", "cpe:/o:linux:linux_kernel:3.6.11", "cpe:/o:linux:linux_kernel:3.4.12", "cpe:/o:linux:linux_kernel:3.9.7", "cpe:/o:linux:linux_kernel:3.10.11", "cpe:/o:linux:linux_kernel:3.4.31", "cpe:/o:linux:linux_kernel:3.1.6", "cpe:/o:linux:linux_kernel:3.0.22", "cpe:/o:linux:linux_kernel:3.0.24", "cpe:/o:linux:linux_kernel:3.10.15", "cpe:/o:linux:linux_kernel:3.7.1", "cpe:/o:linux:linux_kernel:3.6.4", "cpe:/o:linux:linux_kernel:3.1.8", "cpe:/o:linux:linux_kernel:3.9.10", "cpe:/o:linux:linux_kernel:3.1.2", "cpe:/o:linux:linux_kernel:3.3.1", "cpe:/o:linux:linux_kernel:3.6.2", "cpe:/o:linux:linux_kernel:3.2.26", "cpe:/o:linux:linux_kernel:3.6.8", "cpe:/o:linux:linux_kernel:3.8.2", "cpe:/o:linux:linux_kernel:3.4.5", "cpe:/o:linux:linux_kernel:3.10.2", "cpe:/o:linux:linux_kernel:3.4.1", "cpe:/o:linux:linux_kernel:3.2.10", "cpe:/o:linux:linux_kernel:3.11.1", "cpe:/o:linux:linux_kernel:3.8.11", "cpe:/o:linux:linux_kernel:3.10.22", "cpe:/o:linux:linux_kernel:3.4.11", "cpe:/o:linux:linux_kernel:3.11.10"], "id": "CVE-2013-7263", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7263", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.53:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.68:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.47:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.39:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.43:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.44:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.59:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.62:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.45:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.66:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.54:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.49:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.64:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.42:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.51:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.61:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.55:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.57:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.40:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.60:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.41:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.56:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.48:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.50:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.63:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.52:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.46:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.65:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.58:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.67:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc7:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:52:48", "description": "The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via crafted modifications of the TMICT value.", "edition": 5, "cvss3": {}, "published": "2013-12-14T18:08:00", "title": "CVE-2013-6367", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 5.7, "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6367"], "modified": "2018-01-09T02:29:00", "cpe": ["cpe:/o:linux:linux_kernel:3.0.57", "cpe:/o:linux:linux_kernel:3.7", "cpe:/o:linux:linux_kernel:3.0.36", "cpe:/o:linux:linux_kernel:3.4.4", "cpe:/o:linux:linux_kernel:3.9", "cpe:/o:linux:linux_kernel:3.11.6", "cpe:/o:linux:linux_kernel:3.4.30", "cpe:/o:linux:linux_kernel:3.1.4", "cpe:/o:linux:linux_kernel:3.1.7", "cpe:/o:linux:linux_kernel:3.0.30", "cpe:/o:linux:linux_kernel:3.0.64", "cpe:/o:linux:linux_kernel:3.4.10", "cpe:/o:linux:linux_kernel:3.2.14", "cpe:/o:linux:linux_kernel:3.10.17", "cpe:/o:linux:linux_kernel:3.10", "cpe:/o:linux:linux_kernel:3.4.27", "cpe:/o:linux:linux_kernel:3.0.27", "cpe:/o:linux:linux_kernel:3.2.7", "cpe:/o:linux:linux_kernel:3.8.9", "cpe:/o:linux:linux_kernel:3.8.4", "cpe:/o:linux:linux_kernel:3.0.61", "cpe:/o:linux:linux_kernel:3.10.18", "cpe:/o:linux:linux_kernel:3.4.19", "cpe:/o:linux:linux_kernel:3.4.21", "cpe:/o:linux:linux_kernel:3.2.24", "cpe:/o:linux:linux_kernel:3.2.25", "cpe:/o:linux:linux_kernel:3.5.5", "cpe:/o:linux:linux_kernel:3.0.33", "cpe:/o:linux:linux_kernel:3.10.21", "cpe:/o:linux:linux_kernel:3.3.6", "cpe:/o:linux:linux_kernel:3.2.8", "cpe:/o:linux:linux_kernel:3.0.47", "cpe:/o:linux:linux_kernel:3.10.4", "cpe:/o:linux:linux_kernel:3.0.9", "cpe:/o:linux:linux_kernel:3.12.3", "cpe:/o:linux:linux_kernel:3.4.23", "cpe:/o:linux:linux_kernel:3.4.2", "cpe:/o:linux:linux_kernel:3.4.13", "cpe:/o:linux:linux_kernel:3.2.29", "cpe:/o:linux:linux_kernel:3.2.18", "cpe:/o:linux:linux_kernel:3.0.6", "cpe:/o:linux:linux_kernel:3.10.7", "cpe:/o:linux:linux_kernel:3.6.10", "cpe:/o:linux:linux_kernel:3.6.5", "cpe:/o:linux:linux_kernel:3.10.9", "cpe:/o:linux:linux_kernel:3.0.17", "cpe:/o:linux:linux_kernel:3.6", "cpe:/o:linux:linux_kernel:3.2.23", "cpe:/o:linux:linux_kernel:3.0.10", "cpe:/o:linux:linux_kernel:3.6.3", "cpe:/o:linux:linux_kernel:3.10.14", "cpe:/o:linux:linux_kernel:3.7.3", "cpe:/o:linux:linux_kernel:3.8.10", "cpe:/o:linux:linux_kernel:3.8.12", "cpe:/o:linux:linux_kernel:3.7.8", "cpe:/o:linux:linux_kernel:3.0.40", "cpe:/o:linux:linux_kernel:3.11.3", "cpe:/o:linux:linux_kernel:3.0.67", "cpe:/o:linux:linux_kernel:3.10.10", "cpe:/o:linux:linux_kernel:3.1.3", "cpe:/o:linux:linux_kernel:3.0.45", "cpe:/o:linux:linux_kernel:3.0.7", "cpe:/o:linux:linux_kernel:3.3", "cpe:/o:linux:linux_kernel:3.0.20", "cpe:/o:linux:linux_kernel:3.2.30", "cpe:/o:linux:linux_kernel:3.0.31", "cpe:/o:linux:linux_kernel:3.10.3", "cpe:/o:linux:linux_kernel:3.4.9", "cpe:/o:linux:linux_kernel:3.10.12", "cpe:/o:linux:linux_kernel:3.0.49", "cpe:/o:linux:linux_kernel:3.2.13", "cpe:/o:linux:linux_kernel:3.4.24", "cpe:/o:linux:linux_kernel:3.0.12", "cpe:/o:linux:linux_kernel:3.0.41", "cpe:/o:linux:linux_kernel:3.10.6", "cpe:/o:linux:linux_kernel:3.0.59", "cpe:/o:linux:linux_kernel:3.0.15", "cpe:/o:linux:linux_kernel:3.8.3", "cpe:/o:linux:linux_kernel:3.2.27", "cpe:/o:linux:linux_kernel:3.0.50", "cpe:/o:linux:linux_kernel:3.0.23", "cpe:/o:linux:linux_kernel:3.8.13", "cpe:/o:linux:linux_kernel:3.0.44", "cpe:/o:linux:linux_kernel:3.8.5", "cpe:/o:linux:linux_kernel:3.1.10", "cpe:/o:linux:linux_kernel:3.9.11", "cpe:/o:linux:linux_kernel:3.4.6", "cpe:/o:linux:linux_kernel:3.10.19", "cpe:/o:linux:linux_kernel:3.11", "cpe:/o:linux:linux_kernel:3.0.13", "cpe:/o:linux:linux_kernel:3.9.5", "cpe:/o:linux:linux_kernel:3.6.1", "cpe:/o:linux:linux_kernel:3.0.5", "cpe:/o:linux:linux_kernel:3.0.39", "cpe:/o:linux:linux_kernel:3.5.1", "cpe:/o:linux:linux_kernel:3.10.20", "cpe:/o:linux:linux_kernel:3.0.3", "cpe:/o:linux:linux_kernel:3.11.7", "cpe:/o:linux:linux_kernel:3.0.63", "cpe:/o:linux:linux_kernel:3.10.26", "cpe:/o:linux:linux_kernel:3.2.28", "cpe:/o:linux:linux_kernel:3.3.4", "cpe:/o:linux:linux_kernel:3.3.7", "cpe:/o:linux:linux_kernel:3.0.14", "cpe:/o:linux:linux_kernel:3.0.28", "cpe:/o:linux:linux_kernel:3.0.25", "cpe:/o:linux:linux_kernel:3.9.1", "cpe:/o:linux:linux_kernel:3.0.56", "cpe:/o:linux:linux_kernel:3.0.1", "cpe:/o:linux:linux_kernel:3.2.3", "cpe:/o:linux:linux_kernel:3.10.27", "cpe:/o:linux:linux_kernel:3.7.2", "cpe:/o:linux:linux_kernel:3.0.58", "cpe:/o:linux:linux_kernel:3.0.8", "cpe:/o:linux:linux_kernel:3.10.24", "cpe:/o:linux:linux_kernel:3.0.66", "cpe:/o:linux:linux_kernel:3.2.17", "cpe:/o:linux:linux_kernel:3.0.60", "cpe:/o:linux:linux_kernel:3.2.6", "cpe:/o:linux:linux_kernel:3.7.5", "cpe:/o:linux:linux_kernel:3.2.1", "cpe:/o:linux:linux_kernel:3.4.3", "cpe:/o:linux:linux_kernel:3.12.5", "cpe:/o:linux:linux_kernel:3.4.32", "cpe:/o:linux:linux_kernel:3.3.2", "cpe:/o:linux:linux_kernel:3.0.65", "cpe:/o:linux:linux_kernel:3.4.20", "cpe:/o:linux:linux_kernel:3.12.1", "cpe:/o:linux:linux_kernel:3.3.3", "cpe:/o:linux:linux_kernel:3.2.19", "cpe:/o:linux:linux_kernel:3.7.7", "cpe:/o:linux:linux_kernel:3.11.8", "cpe:/o:linux:linux_kernel:3.2.16", "cpe:/o:linux:linux_kernel:3.0.62", "cpe:/o:linux:linux_kernel:3.10.28", "cpe:/o:linux:linux_kernel:3.0.55", "cpe:/o:linux:linux_kernel:3.1.1", "cpe:/o:linux:linux_kernel:3.2.5", "cpe:/o:linux:linux_kernel:3.9.3", "cpe:/o:linux:linux_kernel:3.0.46", "cpe:/o:linux:linux_kernel:3.11.4", "cpe:/o:linux:linux_kernel:3.6.6", "cpe:/o:linux:linux_kernel:3.2.2", "cpe:/o:linux:linux_kernel:3.11.9", "cpe:/o:linux:linux_kernel:3.10.8", "cpe:/o:linux:linux_kernel:3.7.6", "cpe:/o:linux:linux_kernel:3.11.2", "cpe:/o:linux:linux_kernel:3.5.6", "cpe:/o:linux:linux_kernel:3.4.22", "cpe:/o:linux:linux_kernel:3.9.9", "cpe:/o:linux:linux_kernel:3.0.18", "cpe:/o:linux:linux_kernel:3.4.26", "cpe:/o:linux:linux_kernel:3.0.19", "cpe:/o:linux:linux_kernel:3.1.5", "cpe:/o:linux:linux_kernel:3.0.26", "cpe:/o:linux:linux_kernel:3.8.1", "cpe:/o:linux:linux_kernel:3.10.25", "cpe:/o:linux:linux_kernel:3.4", "cpe:/o:linux:linux_kernel:3.4.17", "cpe:/o:linux:linux_kernel:3.10.16", "cpe:/o:linux:linux_kernel:3.6.9", "cpe:/o:linux:linux_kernel:3.0.68", "cpe:/o:linux:linux_kernel:3.8.7", "cpe:/o:linux:linux_kernel:3.0.37", "cpe:/o:linux:linux_kernel:3.0.34", "cpe:/o:linux:linux_kernel:3.10.1", "cpe:/o:linux:linux_kernel:3.0", "cpe:/o:linux:linux_kernel:3.12.2", "cpe:/o:linux:linux_kernel:3.0.32", "cpe:/o:linux:linux_kernel:3.7.10", "cpe:/o:linux:linux_kernel:3.3.8", "cpe:/o:linux:linux_kernel:3.0.16", "cpe:/o:linux:linux_kernel:3.0.38", "cpe:/o:linux:linux_kernel:3.2.4", "cpe:/o:linux:linux_kernel:3.4.29", "cpe:/o:linux:linux_kernel:3.4.15", "cpe:/o:linux:linux_kernel:3.2.15", "cpe:/o:linux:linux_kernel:3.1.9", "cpe:/o:linux:linux_kernel:3.4.18", "cpe:/o:linux:linux_kernel:3.2.20", "cpe:/o:linux:linux_kernel:3.8.8", "cpe:/o:linux:linux_kernel:3.2.12", "cpe:/o:linux:linux_kernel:3.2.21", "cpe:/o:linux:linux_kernel:3.10.5", "cpe:/o:linux:linux_kernel:3.0.2", "cpe:/o:linux:linux_kernel:3.4.8", "cpe:/o:linux:linux_kernel:3.2.11", "cpe:/o:linux:linux_kernel:3.5.7", "cpe:/o:linux:linux_kernel:3.2.22", "cpe:/o:linux:linux_kernel:3.0.53", "cpe:/o:linux:linux_kernel:3.0.4", "cpe:/o:linux:linux_kernel:3.0.42", "cpe:/o:linux:linux_kernel:3.9.6", "cpe:/o:linux:linux_kernel:3.0.21", "cpe:/o:linux:linux_kernel:3.2.9", "cpe:/o:linux:linux_kernel:3.9.2", "cpe:/o:linux:linux_kernel:3.9.0", "cpe:/o:linux:linux_kernel:3.9.8", "cpe:/o:linux:linux_kernel:3.4.28", "cpe:/o:linux:linux_kernel:3.6.7", "cpe:/o:linux:linux_kernel:3.0.29", "cpe:/o:linux:linux_kernel:3.2", "cpe:/o:linux:linux_kernel:3.4.7", "cpe:/o:linux:linux_kernel:3.5.4", "cpe:/o:linux:linux_kernel:3.8.0", "cpe:/o:linux:linux_kernel:3.4.25", "cpe:/o:linux:linux_kernel:3.3.5", "cpe:/o:linux:linux_kernel:3.5.3", "cpe:/o:linux:linux_kernel:3.4.14", "cpe:/o:linux:linux_kernel:3.0.43", "cpe:/o:linux:linux_kernel:3.0.11", "cpe:/o:linux:linux_kernel:3.7.4", "cpe:/o:linux:linux_kernel:3.5.2", "cpe:/o:linux:linux_kernel:3.10.13", "cpe:/o:linux:linux_kernel:3.0.35", "cpe:/o:linux:linux_kernel:3.4.16", "cpe:/o:linux:linux_kernel:3.0.52", "cpe:/o:linux:linux_kernel:3.12", "cpe:/o:linux:linux_kernel:3.0.51", "cpe:/o:linux:linux_kernel:3.8.6", "cpe:/o:linux:linux_kernel:3.10.23", "cpe:/o:linux:linux_kernel:3.0.48", "cpe:/o:linux:linux_kernel:3.0.54", "cpe:/o:linux:linux_kernel:3.11.5", "cpe:/o:linux:linux_kernel:3.7.9", "cpe:/o:linux:linux_kernel:3.9.4", "cpe:/o:linux:linux_kernel:3.1", "cpe:/o:linux:linux_kernel:3.6.11", "cpe:/o:linux:linux_kernel:3.4.12", "cpe:/o:linux:linux_kernel:3.9.7", "cpe:/o:linux:linux_kernel:3.10.11", "cpe:/o:linux:linux_kernel:3.4.31", "cpe:/o:linux:linux_kernel:3.1.6", "cpe:/o:linux:linux_kernel:3.0.22", "cpe:/o:linux:linux_kernel:3.0.24", "cpe:/o:linux:linux_kernel:3.10.15", "cpe:/o:linux:linux_kernel:3.7.1", "cpe:/o:linux:linux_kernel:3.6.4", "cpe:/o:linux:linux_kernel:3.10.29", "cpe:/o:linux:linux_kernel:3.1.8", "cpe:/o:linux:linux_kernel:3.9.10", "cpe:/o:linux:linux_kernel:3.1.2", "cpe:/o:linux:linux_kernel:3.3.1", "cpe:/o:linux:linux_kernel:3.6.2", "cpe:/o:linux:linux_kernel:3.12.4", "cpe:/o:linux:linux_kernel:3.2.26", "cpe:/o:linux:linux_kernel:3.6.8", "cpe:/o:linux:linux_kernel:3.8.2", "cpe:/o:linux:linux_kernel:3.4.5", "cpe:/o:linux:linux_kernel:3.10.2", "cpe:/o:linux:linux_kernel:3.4.1", "cpe:/o:linux:linux_kernel:3.2.10", "cpe:/o:linux:linux_kernel:3.11.1", "cpe:/o:linux:linux_kernel:3.8.11", "cpe:/o:linux:linux_kernel:3.10.22", "cpe:/o:linux:linux_kernel:3.4.11", "cpe:/o:linux:linux_kernel:3.11.10"], "id": "CVE-2013-6367", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6367", "cvss": {"score": 5.7, "vector": "AV:A/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.53:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.68:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.47:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.39:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.43:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.44:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.59:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.62:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.45:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.66:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.54:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.49:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.64:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.42:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.51:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.61:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.55:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.57:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.40:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.60:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.41:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.56:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.48:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.50:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.63:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.52:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.46:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.65:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.58:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.67:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc7:*:*:*:*:*:*"]}], "suse": [{"lastseen": "2016-09-04T11:57:50", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3122", "CVE-2013-7265", "CVE-2014-1737", "CVE-2014-1874", "CVE-2014-1738", "CVE-2013-7264", "CVE-2014-1446", "CVE-2013-7339", "CVE-2014-0196", "CVE-2014-2678", "CVE-2013-6382", "CVE-2014-2039", "CVE-2013-4579", "CVE-2013-7263", "CVE-2014-1444", "CVE-2013-6885", "CVE-2014-1445", "CVE-2013-4470", "CVE-2014-2523", "CVE-2014-0101", "CVE-2014-0069"], "edition": 1, "description": "The SUSE Linux Enterprise Server 11 SP2 LTSS kernel received a roll-up\n update to fix security and non-security issues.\n\n The following security bugs have been fixed:\n\n *\n\n CVE-2013-4470: The Linux kernel before 3.12, when UDP Fragmentation\n Offload (UFO) is enabled, does not properly initialize certain data\n structures, which allows local users to cause a denial of service (memory\n corruption and system crash) or possibly gain privileges via a crafted\n application that uses the UDP_CORK option in a setsockopt system call and\n sends both short and long packets, related to the ip_ufo_append_data\n function in net/ipv4/ip_output.c and the ip6_ufo_append_data function in\n net/ipv6/ip6_output.c. (bnc#847672)\n\n *\n\n CVE-2013-4579: The ath9k_htc_set_bssid_mask function in\n drivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel through\n 3.12 uses a BSSID masking approach to determine the set of MAC addresses\n on which a Wi-Fi device is listening, which allows remote attackers to\n discover the original MAC address after spoofing by sending a series of\n packets to MAC addresses with certain bit manipulations. (bnc#851426)\n\n *\n\n CVE-2013-6382: Multiple buffer underflows in the XFS implementation\n in the Linux kernel through 3.12.1 allow local users to cause a denial of\n service (memory corruption) or possibly have unspecified\n other impact by leveraging the CAP_SYS_ADMIN capability for a (1)\n XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call\n with a crafted length value, related to the xfs_attrlist_by_handle\n function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle\n function in fs/xfs/xfs_ioctl32.c. (bnc#852553)\n\n *\n\n CVE-2013-6885: The microcode on AMD 16h 00h through 0Fh processors\n does not properly handle the interaction between locked instructions and\n write-combined memory types, which allows local users to cause a denial of\n service (system hang) via a crafted application, aka the errata 793 issue.\n (bnc#852967)\n\n *\n\n CVE-2013-7263: The Linux kernel before 3.12.4 updates certain length\n values before ensuring that associated data structures have been\n initialized, which allows local users to obtain sensitive information from\n kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg\n system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c,\n net/ipv6/raw.c, and net/ipv6/udp.c. (bnc#857643)\n\n *\n\n CVE-2013-7264: The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in\n the Linux kernel before 3.12.4 updates a certain length value before\n ensuring that an associated data structure has been initialized, which\n allows local users to obtain sensitive information from kernel stack\n memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.\n (bnc#857643)\n\n *\n\n CVE-2013-7265: The pn_recvmsg function in net/phonet/datagram.c in\n the Linux kernel before 3.12.4 updates a certain length value before\n ensuring that an associated data structure has been initialized, which\n allows local users to obtain sensitive information from kernel stack\n memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.\n (bnc#857643)\n\n *\n\n CVE-2013-7339: The rds_ib_laddr_check function in net/rds/ib.c in\n the Linux kernel before 3.12.8 allows local users to cause a denial of\n service (NULL pointer dereference and system crash) or possibly have\n unspecified other impact via a bind system call for an RDS socket on a\n system that lacks RDS transports. (bnc#869563)\n\n *\n\n CVE-2014-0069: The cifs_iovec_write function in fs/cifs/file.c in\n the Linux kernel through 3.13.5 does not properly handle uncached write\n operations that copy fewer than the requested number of bytes, which\n allows local users to obtain sensitive information from kernel memory,\n cause a denial of service (memory corruption and system crash), or\n possibly gain privileges via a writev system call with a crafted pointer.\n (bnc#864025)\n\n *\n\n CVE-2014-0101: The sctp_sf_do_5_1D_ce function in\n net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not\n validate certain auth_enable and auth_capable fields before making an\n sctp_sf_authenticate call, which allows remote attackers to cause a denial\n of service (NULL pointer dereference and system crash) via an SCTP\n handshake with a modified INIT chunk and a crafted AUTH chunk before a\n COOKIE_ECHO chunk. (bnc#866102)\n\n *\n\n CVE-2014-0196: The n_tty_write function in drivers/tty/n_tty.c in\n the Linux kernel through 3.14.3 does not properly manage tty driver access\n in the "LECHO & !OPOST" case, which allows local users to cause a denial\n of service (memory corruption and system crash) or gain privileges by\n triggering a race condition involving read and write operations with long\n strings. (bnc#875690)\n\n *\n\n CVE-2014-1444: The fst_get_iface function in\n drivers/net/wan/farsync.c in the Linux kernel before 3.11.7 does not\n properly initialize a certain data structure, which allows local users to\n obtain sensitive information from kernel memory by leveraging the\n CAP_NET_ADMIN capability for an SIOCWANDEV ioctl call. (bnc#858869)\n\n *\n\n CVE-2014-1445: The wanxl_ioctl function in drivers/net/wan/wanxl.c\n in the Linux kernel before 3.11.7 does not properly initialize a certain\n data structure, which allows local users to obtain sensitive information\n from kernel memory via an ioctl call. (bnc#858870)\n\n *\n\n CVE-2014-1446: The yam_ioctl function in drivers/net/hamradio/yam.c\n in the Linux kernel before 3.12.8 does not initialize a certain structure\n member, which allows local users to obtain sensitive information from\n kernel memory by leveraging the CAP_NET_ADMIN capability for an\n SIOCYAMGCFG ioctl call. (bnc#858872)\n\n *\n\n CVE-2014-1737: The raw_cmd_copyin function in drivers/block/floppy.c\n in the Linux kernel through 3.14.3 does not properly handle error\n conditions during processing of an FDRAWCMD ioctl call, which allows local\n users to trigger kfree operations and gain privileges by leveraging write\n access to a /dev/fd device. (bnc#875798)\n\n *\n\n CVE-2014-1738: The raw_cmd_copyout function in\n drivers/block/floppy.c in the Linux kernel through 3.14.3 does not\n properly restrict access to certain pointers during processing of an\n FDRAWCMD ioctl call, which allows local users to obtain sensitive\n information from kernel heap memory by leveraging write access to a\n /dev/fd device. (bnc#875798)\n\n *\n\n CVE-2014-1874: The security_context_to_sid_core function in\n security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows\n local users to cause a denial of service (system crash) by leveraging the\n CAP_MAC_ADMIN capability to set a zero-length security context.\n (bnc#863335)\n\n *\n\n CVE-2014-2039: arch/s390/kernel/head64.S in the Linux kernel before\n 3.13.5 on the s390 platform does not properly handle attempted use of the\n linkage stack, which allows local users to cause a denial of service\n (system crash) by executing a crafted instruction. (bnc#865307)\n\n *\n\n CVE-2014-2523: net/netfilter/nf_conntrack_proto_dccp.c in the Linux\n kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows\n remote attackers to cause a denial of service (system crash)\n or possibly execute arbitrary code via a DCCP packet that triggers a\n call to the (1) dccp_new, (2) dccp_packet, or (3) dccp_error function.\n (bnc#868653)\n\n *\n\n CVE-2014-2678: The rds_iw_laddr_check function in net/rds/iw.c in\n the Linux kernel through 3.14 allows local users to cause a denial of\n service (NULL pointer dereference and system crash) or possibly have\n unspecified other impact via a bind system call for an RDS socket on a\n system that lacks RDS transports. (bnc#871561)\n\n *\n\n CVE-2014-3122: The try_to_unmap_cluster function in mm/rmap.c in the\n Linux kernel before 3.14.3 does not properly consider which pages must be\n locked, which allows local users to cause a denial of service (system\n crash) by triggering a memory-usage pattern that requires removal of\n page-table mappings. (bnc#876102)\n\n Also the following non-security bugs have been fixed:\n\n * kabi: protect symbols modified by bnc#864833 fix (bnc#864833).\n * arch: Fix incorrect config symbol in #ifdef (bnc#844513).\n * ACPICA: Add a lock to the internal object reference count mechanism\n (bnc#857499).\n * x86/PCI: reduce severity of host bridge window conflict warnings\n (bnc#858534).\n * ia64: Change default PSR.ac from "1" to "0" (Fix erratum #237)\n (bnc#874108).\n * timer: Prevent overflow in apply_slack (bnc#873061).\n * xen: Close a race condition in Xen nested spinlock (bnc#858280,\n bnc#819351).\n * storvsc: NULL pointer dereference fix (bnc#865330).\n * sched: Make scale_rt_power() deal with backward clocks (bnc#865310).\n * sched: Use CPUPRI_NR_PRIORITIES instead of MAX_RT_PRIO in cpupri\n check (bnc#871861).\n *\n\n sched: update_rq_clock() must skip ONE update (bnc#868528,\n bnc#869033).\n\n *\n\n md: Change handling of save_raid_disk and metadata update during\n recovery (bnc#849364).\n\n * dm-mpath: Fixup race condition in activate_path() (bnc#708296).\n * dm-mpath: do not detach stale hardware handler (bnc#708296).\n * dm-multipath: Improve logging (bnc#708296).\n * scsi_dh_alua: Simplify state machine (bnc#854025).\n * scsi_dh_alua: endless STPG retries for a failed LUN (bnc#865342).\n *\n\n scsi_dh_alua: fixup RTPG retry delay miscalculation (bnc#854025).\n\n *\n\n vfs,proc: guarantee unique inodes in /proc.\n\n * FS-Cache: Handle removal of unadded object to the\n fscache_object_list rb tree (bnc#855885).\n * NFSD/sunrpc: avoid deadlock on TCP connection due to memory pressure\n (bnc#853455).\n * NFS: Avoid occasional hang with NFS (bnc#852488).\n * NFS: do not try to use lock state when we hold a delegation\n (bnc#831029) - add to series.conf\n * btrfs: do not loop on large offsets in readdir (bnc#863300).\n * btrfs: restrict snapshotting to own subvolumes (bnc#736697).\n * btrfs: fix extent boundary check in bio_readpage_error.\n *\n\n btrfs: fix extent_map block_len after merging.\n\n *\n\n net: add missing bh_unlock_sock() calls (bnc#862429).\n\n * inet: Pass inetpeer root into inet_getpeer*() interfaces\n (bnc#864833).\n * inet: Hide route peer accesses behind helpers (bnc#864833).\n * inet: Avoid potential NULL peer dereference (bnc#864833).\n * inet: handle rt{,6}_bind_peer() failure correctly (bnc#870801).\n * inetpeer: prevent unlinking from unused list twice (bnc#867953).\n * net/mlx4_en: Fix pages never dma unmapped on rx (bnc#858604).\n * tcp: clear xmit timers in tcp_v4_syn_recv_sock() (bnc#862429).\n * ipv6: fix race condition regarding dst->expires and dst->from\n (bnc#843185).\n *\n\n ipv6 routing, NLM_F_* flag support: REPLACE and EXCL flags support,\n warn about missing CREATE flag (bnc#865783).\n\n *\n\n mpt2sas: Do not check DIF for unwritten blocks (bnc#746500,\n bnc#836347).\n\n * mpt2sas: Add a module parameter that permits overriding protection\n capabilities (bnc#746500).\n *\n\n mpt2sas: Return the correct sense key for DIF errors (bnc#746500).\n\n *\n\n s390/cio: Delay scan for newly available I/O devices (bnc#855347,\n bnc#814788, bnc#856083).\n\n * s390/cio: More efficient handling of CHPID availability events\n (bnc#855347, bnc#814788, bnc#856083).\n * s390/cio: Relax subchannel scan loop (bnc#855347, bnc#814788,\n bnc#856083).\n *\n\n s390/css: stop stsch loop after cc 3 (bnc#855347, bnc#814788,\n bnc#856083).\n\n *\n\n supported.conf: Driver corgi_bl was renamed to generic_bl in kernel\n 2.6.29.\n\n * supported.conf: Add drivers/of/of_mdio That was a missing dependency\n for mdio-gpio on ppc64.\n * supported.conf: Fix mdio-gpio module name Module mdio-ofgpio was\n renamed to mdio-gpio in kernel 2.6.29, this should have been\n reflected in supported.conf.\n * supported.conf: Adjust radio-si470x module names\n * Update config files: re-enable twofish crypto support. (bnc#871325)\n", "modified": "2014-05-22T02:04:17", "published": "2014-05-22T02:04:17", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00013.html", "id": "SUSE-SU-2014:0696-1", "type": "suse", "title": "Security update for Linux kernel (important)", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-01-12T10:11:30", "description": "The 3.11.10 stable update contains a number of important fixes across\nthe tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2013-12-10T00:00:00", "title": "Fedora 18 : kernel-3.11.10-100.fc18 (2013-22695)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-7265", "CVE-2013-6378", "CVE-2013-7264", "CVE-2013-6382", "CVE-2013-7263", "CVE-2013-6380"], "modified": "2013-12-10T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:18", "p-cpe:/a:fedoraproject:fedora:kernel"], "id": "FEDORA_2013-22695.NASL", "href": "https://www.tenable.com/plugins/nessus/71283", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-22695.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(71283);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-6378\", \"CVE-2013-6380\", \"CVE-2013-6382\", \"CVE-2013-7263\", \"CVE-2013-7264\", \"CVE-2013-7265\");\n script_xref(name:\"FEDORA\", value:\"2013-22695\");\n\n script_name(english:\"Fedora 18 : kernel-3.11.10-100.fc18 (2013-22695)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 3.11.10 stable update contains a number of important fixes across\nthe tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1033578\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1033593\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1033603\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1035875\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-December/123338.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bdebe835\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/12/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"kernel-3.11.10-100.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2021-01-12T10:11:30", "description": "The 3.11.10 stable update contains a number of important fixes across\nthe tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2013-12-08T00:00:00", "title": "Fedora 19 : kernel-3.11.10-200.fc19 (2013-22669)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-7265", "CVE-2013-6378", "CVE-2013-7264", "CVE-2013-6382", "CVE-2013-7263", "CVE-2013-6380"], "modified": "2013-12-08T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:19"], "id": "FEDORA_2013-22669.NASL", "href": "https://www.tenable.com/plugins/nessus/71249", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-22669.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(71249);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-6378\", \"CVE-2013-6380\", \"CVE-2013-6382\", \"CVE-2013-7263\", \"CVE-2013-7264\", \"CVE-2013-7265\");\n script_xref(name:\"FEDORA\", value:\"2013-22669\");\n\n script_name(english:\"Fedora 19 : kernel-3.11.10-200.fc19 (2013-22669)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 3.11.10 stable update contains a number of important fixes across\nthe tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1033578\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1033593\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1033603\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1035875\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-December/123200.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?828af8fd\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/12/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"kernel-3.11.10-200.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2021-01-01T01:18:39", "description": "Multiple buffer underflows in the XFS implementation in the Linux\nkernel through 3.12.1 allow local users to cause a denial of service\n(memory corruption) or possibly have unspecified other impact by\nleveraging the CAP_SYS_ADMIN capability for a (1)\nXFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl\ncall with a crafted length value, related to the\nxfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the\nxfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c.", "edition": 23, "published": "2013-12-14T00:00:00", "title": "Amazon Linux AMI : kernel (ALAS-2013-258)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-7265", "CVE-2013-7264", "CVE-2013-6382", "CVE-2013-7263"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-doc", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686", "p-cpe:/a:amazon:linux:kernel-headers", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2013-258.NASL", "href": "https://www.tenable.com/plugins/nessus/71398", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2013-258.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(71398);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2013-6382\", \"CVE-2013-7263\", \"CVE-2013-7264\", \"CVE-2013-7265\");\n script_xref(name:\"ALAS\", value:\"2013-258\");\n\n script_name(english:\"Amazon Linux AMI : kernel (ALAS-2013-258)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple buffer underflows in the XFS implementation in the Linux\nkernel through 3.12.1 allow local users to cause a denial of service\n(memory corruption) or possibly have unspecified other impact by\nleveraging the CAP_SYS_ADMIN capability for a (1)\nXFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl\ncall with a crafted length value, related to the\nxfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the\nxfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2013-258.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Run 'yum update kernel' to update your system. You will need to reboot\nyour system in order for the new kernel to be running.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/12/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/12/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"kernel-3.4.73-64.112.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-debuginfo-3.4.73-64.112.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-3.4.73-64.112.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-3.4.73-64.112.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-devel-3.4.73-64.112.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-doc-3.4.73-64.112.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-headers-3.4.73-64.112.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-3.4.73-64.112.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-debuginfo-3.4.73-64.112.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-i686 / etc\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2021-01-17T13:14:04", "description": "Updated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A buffer overflow flaw was found in the way the qeth_snmp_command()\nfunction in the Linux kernel's QETH network device driver\nimplementation handled SNMP IOCTL requests with an out-of-bounds\nlength. A local, unprivileged user could use this flaw to crash the\nsystem or, potentially, escalate their privileges on the system.\n(CVE-2013-6381, Important)\n\n* A flaw was found in the way the get_dumpable() function return value\nwas interpreted in the ptrace subsystem of the Linux kernel. When\n'fs.suid_dumpable' was set to 2, a local, unprivileged local user\ncould use this flaw to bypass intended ptrace restrictions and obtain\npotentially sensitive information. (CVE-2013-2929, Low)\n\n* It was found that certain protocol handlers in the Linux kernel's\nnetworking implementation could set the addr_len value without\ninitializing the associated data structure. A local, unprivileged user\ncould use this flaw to leak kernel stack memory to user space using\nthe recvmsg, recvfrom, and recvmmsg system calls (CVE-2013-7263,\nCVE-2013-7265, Low).\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.", "edition": 25, "published": "2014-02-12T00:00:00", "title": "RHEL 6 : kernel (RHSA-2014:0159)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-7265", "CVE-2013-2929", "CVE-2013-7263", "CVE-2013-6381"], "modified": "2014-02-12T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "cpe:/o:redhat:enterprise_linux:6.5", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:python-perf", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686"], "id": "REDHAT-RHSA-2014-0159.NASL", "href": "https://www.tenable.com/plugins/nessus/72454", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0159. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(72454);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-2929\", \"CVE-2013-6381\", \"CVE-2013-7263\", \"CVE-2013-7265\");\n script_bugtraq_id(63890, 64111, 64677, 64686);\n script_xref(name:\"RHSA\", value:\"2014:0159\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2014:0159)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A buffer overflow flaw was found in the way the qeth_snmp_command()\nfunction in the Linux kernel's QETH network device driver\nimplementation handled SNMP IOCTL requests with an out-of-bounds\nlength. A local, unprivileged user could use this flaw to crash the\nsystem or, potentially, escalate their privileges on the system.\n(CVE-2013-6381, Important)\n\n* A flaw was found in the way the get_dumpable() function return value\nwas interpreted in the ptrace subsystem of the Linux kernel. When\n'fs.suid_dumpable' was set to 2, a local, unprivileged local user\ncould use this flaw to bypass intended ptrace restrictions and obtain\npotentially sensitive information. (CVE-2013-2929, Low)\n\n* It was found that certain protocol handlers in the Linux kernel's\nnetworking implementation could set the addr_len value without\ninitializing the associated data structure. A local, unprivileged user\ncould use this flaw to leak kernel stack memory to user space using\nthe recvmsg, recvfrom, and recvmmsg system calls (CVE-2013-7263,\nCVE-2013-7265, Low).\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n # https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c6b506c4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:0159\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-2929\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-7265\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-6381\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-7263\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/11/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/02/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-2929\", \"CVE-2013-6381\", \"CVE-2013-7263\", \"CVE-2013-7265\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2014:0159\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0159\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-abi-whitelists-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-devel-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-devel-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-doc-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-firmware-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-headers-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-headers-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"perf-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"perf-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"perf-debuginfo-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"perf-debuginfo-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-perf-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-perf-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-perf-debuginfo-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-perf-debuginfo-2.6.32-431.5.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-2.6.32-431.5.1.el6\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:29:17", "description": "Updated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A buffer overflow flaw was found in the way the qeth_snmp_command()\nfunction in the Linux kernel's QETH network device driver\nimplementation handled SNMP IOCTL requests with an out-of-bounds\nlength. A local, unprivileged user could use this flaw to crash the\nsystem or, potentially, escalate their privileges on the system.\n(CVE-2013-6381, Important)\n\n* A flaw was found in the way the get_dumpable() function return value\nwas interpreted in the ptrace subsystem of the Linux kernel. When\n'fs.suid_dumpable' was set to 2, a local, unprivileged local user\ncould use this flaw to bypass intended ptrace restrictions and obtain\npotentially sensitive information. (CVE-2013-2929, Low)\n\n* It was found that certain protocol handlers in the Linux kernel's\nnetworking implementation could set the addr_len value without\ninitializing the associated data structure. A local, unprivileged user\ncould use this flaw to leak kernel stack memory to user space using\nthe recvmsg, recvfrom, and recvmmsg system calls (CVE-2013-7263,\nCVE-2013-7265, Low).\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.", "edition": 25, "published": "2014-02-12T00:00:00", "title": "CentOS 6 : kernel (CESA-2014:0159)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-7265", "CVE-2013-2929", "CVE-2013-7263", "CVE-2013-6381"], "modified": "2014-02-12T00:00:00", "cpe": ["cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:perf", "p-cpe:/a:centos:centos:python-perf", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:kernel-firmware", "p-cpe:/a:centos:centos:kernel-abi-whitelists", "p-cpe:/a:centos:centos:kernel-debug-devel"], "id": "CENTOS_RHSA-2014-0159.NASL", "href": "https://www.tenable.com/plugins/nessus/72437", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0159 and \n# CentOS Errata and Security Advisory 2014:0159 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(72437);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2013-2929\", \"CVE-2013-6381\", \"CVE-2013-7263\", \"CVE-2013-7265\");\n script_bugtraq_id(63890, 64111, 64677, 64686);\n script_xref(name:\"RHSA\", value:\"2014:0159\");\n\n script_name(english:\"CentOS 6 : kernel (CESA-2014:0159)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A buffer overflow flaw was found in the way the qeth_snmp_command()\nfunction in the Linux kernel's QETH network device driver\nimplementation handled SNMP IOCTL requests with an out-of-bounds\nlength. A local, unprivileged user could use this flaw to crash the\nsystem or, potentially, escalate their privileges on the system.\n(CVE-2013-6381, Important)\n\n* A flaw was found in the way the get_dumpable() function return value\nwas interpreted in the ptrace subsystem of the Linux kernel. When\n'fs.suid_dumpable' was set to 2, a local, unprivileged local user\ncould use this flaw to bypass intended ptrace restrictions and obtain\npotentially sensitive information. (CVE-2013-2929, Low)\n\n* It was found that certain protocol handlers in the Linux kernel's\nnetworking implementation could set the addr_len value without\ninitializing the associated data structure. A local, unprivileged user\ncould use this flaw to leak kernel stack memory to user space using\nthe recvmsg, recvfrom, and recvmmsg system calls (CVE-2013-7263,\nCVE-2013-7265, Low).\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2014-February/020150.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?93ab98c2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-6381\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/02/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-abi-whitelists-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-debug-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-debug-devel-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-devel-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-doc-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-firmware-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-headers-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"perf-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"python-perf-2.6.32-431.5.1.el6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / kernel-debug-devel / etc\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:48:08", "description": "* A buffer overflow flaw was found in the way the qeth_snmp_command()\nfunction in the Linux kernel's QETH network device driver\nimplementation handled SNMP IOCTL requests with an out-of-bounds\nlength. A local, unprivileged user could use this flaw to crash the\nsystem or, potentially, escalate their privileges on the system.\n(CVE-2013-6381, Important)\n\n* A flaw was found in the way the get_dumpable() function return value\nwas interpreted in the ptrace subsystem of the Linux kernel. When\n'fs.suid_dumpable' was set to 2, a local, unprivileged local user\ncould use this flaw to bypass intended ptrace restrictions and obtain\npotentially sensitive information. (CVE-2013-2929, Low)\n\n* It was found that certain protocol handlers in the Linux kernel's\nnetworking implementation could set the addr_len value without\ninitializing the associated data structure. A local, unprivileged user\ncould use this flaw to leak kernel stack memory to user space using\nthe recvmsg, recvfrom, and recvmmsg system calls (CVE-2013-7263,\nCVE-2013-7265, Low).\n\nThe system must be rebooted for this update to take effect.", "edition": 16, "published": "2014-02-13T00:00:00", "title": "Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20140211)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-7265", "CVE-2013-2929", "CVE-2013-7263", "CVE-2013-6381"], "modified": "2014-02-13T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-abi-whitelists", "p-cpe:/a:fermilab:scientific_linux:kernel", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo", "p-cpe:/a:fermilab:scientific_linux:python-perf-debuginfo", "p-cpe:/a:fermilab:scientific_linux:perf-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-debug", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-i686", "p-cpe:/a:fermilab:scientific_linux:kernel-firmware", "p-cpe:/a:fermilab:scientific_linux:kernel-headers", "p-cpe:/a:fermilab:scientific_linux:python-perf", "p-cpe:/a:fermilab:scientific_linux:kernel-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:kernel-doc", "p-cpe:/a:fermilab:scientific_linux:perf"], "id": "SL_20140211_KERNEL_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/72475", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(72475);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-2929\", \"CVE-2013-6381\", \"CVE-2013-7263\", \"CVE-2013-7265\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20140211)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"* A buffer overflow flaw was found in the way the qeth_snmp_command()\nfunction in the Linux kernel's QETH network device driver\nimplementation handled SNMP IOCTL requests with an out-of-bounds\nlength. A local, unprivileged user could use this flaw to crash the\nsystem or, potentially, escalate their privileges on the system.\n(CVE-2013-6381, Important)\n\n* A flaw was found in the way the get_dumpable() function return value\nwas interpreted in the ptrace subsystem of the Linux kernel. When\n'fs.suid_dumpable' was set to 2, a local, unprivileged local user\ncould use this flaw to bypass intended ptrace restrictions and obtain\npotentially sensitive information. (CVE-2013-2929, Low)\n\n* It was found that certain protocol handlers in the Linux kernel's\nnetworking implementation could set the addr_len value without\ninitializing the associated data structure. A local, unprivileged user\ncould use this flaw to leak kernel stack memory to user space using\nthe recvmsg, recvfrom, and recvmmsg system calls (CVE-2013-7263,\nCVE-2013-7265, Low).\n\nThe system must be rebooted for this update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1402&L=scientific-linux-errata&T=0&P=1319\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?70b4c52f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/02/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"kernel-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-abi-whitelists-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-debuginfo-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-devel-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debuginfo-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", cpu:\"i386\", reference:\"kernel-debuginfo-common-i686-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-devel-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-doc-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-firmware-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-headers-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"perf-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"perf-debuginfo-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"python-perf-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"python-perf-debuginfo-2.6.32-431.5.1.el6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:48:44", "description": "From Red Hat Security Advisory 2014:0159 :\n\nUpdated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A buffer overflow flaw was found in the way the qeth_snmp_command()\nfunction in the Linux kernel's QETH network device driver\nimplementation handled SNMP IOCTL requests with an out-of-bounds\nlength. A local, unprivileged user could use this flaw to crash the\nsystem or, potentially, escalate their privileges on the system.\n(CVE-2013-6381, Important)\n\n* A flaw was found in the way the get_dumpable() function return value\nwas interpreted in the ptrace subsystem of the Linux kernel. When\n'fs.suid_dumpable' was set to 2, a local, unprivileged local user\ncould use this flaw to bypass intended ptrace restrictions and obtain\npotentially sensitive information. (CVE-2013-2929, Low)\n\n* It was found that certain protocol handlers in the Linux kernel's\nnetworking implementation could set the addr_len value without\ninitializing the associated data structure. A local, unprivileged user\ncould use this flaw to leak kernel stack memory to user space using\nthe recvmsg, recvfrom, and recvmmsg system calls (CVE-2013-7263,\nCVE-2013-7265, Low).\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.", "edition": 22, "published": "2014-02-13T00:00:00", "title": "Oracle Linux 6 : kernel (ELSA-2014-0159)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-7265", "CVE-2013-2929", "CVE-2013-7263", "CVE-2013-6381"], "modified": "2014-02-13T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-firmware", "p-cpe:/a:oracle:linux:python-perf"], "id": "ORACLELINUX_ELSA-2014-0159.NASL", "href": "https://www.tenable.com/plugins/nessus/72469", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:0159 and \n# Oracle Linux Security Advisory ELSA-2014-0159 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(72469);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-2929\", \"CVE-2013-6381\", \"CVE-2013-7263\", \"CVE-2013-7265\");\n script_bugtraq_id(63744, 63890, 64111, 64677, 64686);\n script_xref(name:\"RHSA\", value:\"2014:0159\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2014-0159)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:0159 :\n\nUpdated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A buffer overflow flaw was found in the way the qeth_snmp_command()\nfunction in the Linux kernel's QETH network device driver\nimplementation handled SNMP IOCTL requests with an out-of-bounds\nlength. A local, unprivileged user could use this flaw to crash the\nsystem or, potentially, escalate their privileges on the system.\n(CVE-2013-6381, Important)\n\n* A flaw was found in the way the get_dumpable() function return value\nwas interpreted in the ptrace subsystem of the Linux kernel. When\n'fs.suid_dumpable' was set to 2, a local, unprivileged local user\ncould use this flaw to bypass intended ptrace restrictions and obtain\npotentially sensitive information. (CVE-2013-2929, Low)\n\n* It was found that certain protocol handlers in the Linux kernel's\nnetworking implementation could set the addr_len value without\ninitializing the associated data structure. A local, unprivileged user\ncould use this flaw to leak kernel stack memory to user space using\nthe recvmsg, recvfrom, and recvmmsg system calls (CVE-2013-7263,\nCVE-2013-7265, Low).\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-February/003958.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/11/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/02/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-2929\", \"CVE-2013-6381\", \"CVE-2013-7263\", \"CVE-2013-7265\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2014-0159\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-abi-whitelists-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-abi-whitelists-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-devel-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-devel-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-doc-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-firmware-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-headers-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"perf-2.6.32-431.5.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"python-perf-2.6.32-431.5.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-09-14T18:36:34", "description": "The SUSE Linux Enterprise Server 10 SP3 LTSS received a roll up update\nto fix several security and non-security issues.\n\nThe following security issues have been fixed :\n\nCVE-2013-0343: The ipv6_create_tempaddr function in\nnet/ipv6/addrconf.c in the Linux kernel through 3.8 does not properly\nhandle problems with the generation of IPv6 temporary addresses, which\nallows remote attackers to cause a denial of service (excessive\nretries and address-generation outage), and consequently obtain\nsensitive information, via ICMPv6 Router Advertisement (RA) messages.\n(bnc#805226)\n\nCVE-2013-2888: Multiple array index errors in\ndrivers/hid/hid-core.c in the Human Interface Device (HID)\nsubsystem in the Linux kernel through 3.11 allow physically\nproximate attackers to execute arbitrary code or cause a\ndenial of service (heap memory corruption) via a crafted\ndevice that provides an invalid Report ID. (bnc#835839)\n\nCVE-2013-2893: The Human Interface Device (HID) subsystem in\nthe Linux kernel through 3.11, when CONFIG_LOGITECH_FF,\nCONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled,\nallows physically proximate attackers to cause a denial of\nservice (heap-based out-of-bounds write) via a crafted\ndevice, related to (1) drivers/hid/hid-lgff.c, (2)\ndrivers/hid/hid-lg3ff.c, and (3) drivers/hid/hid-lg4ff.c.\n(bnc#835839)\n\nCVE-2013-2897: Multiple array index errors in\ndrivers/hid/hid-multitouch.c in the Human Interface Device\n(HID) subsystem in the Linux kernel through 3.11, when\nCONFIG_HID_MULTITOUCH is enabled, allow physically proximate\nattackers to cause a denial of service (heap memory\ncorruption, or NULL pointer dereference and OOPS) via a\ncrafted device. (bnc#835839)\n\nCVE-2013-4470: The Linux kernel before 3.12, when UDP\nFragmentation Offload (UFO) is enabled, does not properly\ninitialize certain data structures, which allows local users\nto cause a denial of service (memory corruption and system\ncrash) or possibly gain privileges via a crafted application\nthat uses the UDP_CORK option in a setsockopt system call\nand sends both short and long packets, related to the\nip_ufo_append_data function in net/ipv4/ip_output.c and the\nip6_ufo_append_data function in net/ipv6/ip6_output.c.\n(bnc#847672)\n\nCVE-2013-4483: The ipc_rcu_putref function in ipc/util.c in\nthe Linux kernel before 3.10 does not properly manage a\nreference count, which allows local users to cause a denial\nof service (memory consumption or system crash) via a\ncrafted application. (bnc#848321)\n\nCVE-2013-4588: Multiple stack-based buffer overflows in\nnet/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before\n2.6.33, when CONFIG_IP_VS is used, allow local users to gain\nprivileges by leveraging the CAP_NET_ADMIN capability for\n(1) a getsockopt system call, related to the\ndo_ip_vs_get_ctl function, or (2) a setsockopt system call,\nrelated to the do_ip_vs_set_ctl function. (bnc#851095)\n\nCVE-2013-6382: Multiple buffer underflows in the XFS\nimplementation in the Linux kernel through 3.12.1 allow\nlocal users to cause a denial of service (memory corruption)\nor possibly have unspecified other impact by leveraging the\nCAP_SYS_ADMIN capability for a (1)\nXFS_IOC_ATTRLIST_BY_HANDLE or (2)\nXFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted\nlength value, related to the xfs_attrlist_by_handle function\nin fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle\nfunction in fs/xfs/xfs_ioctl32.c. (bnc#852553)\n\nCVE-2013-6383: The aac_compat_ioctl function in\ndrivers/scsi/aacraid/linit.c in the Linux kernel before\n3.11.8 does not require the CAP_SYS_RAWIO capability, which\nallows local users to bypass intended access restrictions\nvia a crafted ioctl call. (bnc#852558)\n\nCVE-2013-7263: The Linux kernel before 3.12.4 updates\ncertain length values before ensuring that associated data\nstructures have been initialized, which allows local users\nto obtain sensitive information from kernel stack memory via\na (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call,\nrelated to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c,\nnet/ipv6/raw.c, and net/ipv6/udp.c. (bnc#857643)\n\nCVE-2013-7264: The l2tp_ip_recvmsg function in\nnet/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4 updates\na certain length value before ensuring that an associated\ndata structure has been initialized, which allows local\nusers to obtain sensitive information from kernel stack\nmemory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg\nsystem call. (bnc#857643)\n\nCVE-2013-7265: The pn_recvmsg function in\nnet/phonet/datagram.c in the Linux kernel before 3.12.4\nupdates a certain length value before ensuring that an\nassociated data structure has been initialized, which allows\nlocal users to obtain sensitive information from kernel\nstack memory via a (1) recvfrom, (2) recvmmsg, or (3)\nrecvmsg system call. (bnc#857643)\n\nCVE-2014-1444: The fst_get_iface function in\ndrivers/net/wan/farsync.c in the Linux kernel before 3.11.7\ndoes not properly initialize a certain data structure, which\nallows local users to obtain sensitive information from\nkernel memory by leveraging the CAP_NET_ADMIN capability for\nan SIOCWANDEV ioctl call. (bnc#858869)\n\nCVE-2014-1445: The wanxl_ioctl function in\ndrivers/net/wan/wanxl.c in the Linux kernel before 3.11.7\ndoes not properly initialize a certain data structure, which\nallows local users to obtain sensitive information from\nkernel memory via an ioctl call. (bnc#858870)\n\nCVE-2014-1446: The yam_ioctl function in\ndrivers/net/hamradio/yam.c in the Linux kernel before 3.12.8\ndoes not initialize a certain structure member, which allows\nlocal users to obtain sensitive information from kernel\nmemory by leveraging the CAP_NET_ADMIN capability for an\nSIOCYAMGCFG ioctl call. (bnc#858872)\n\nCVE-2014-1737: The raw_cmd_copyin function in\ndrivers/block/floppy.c in the Linux kernel through 3.14.3\ndoes not properly handle error conditions during processing\nof an FDRAWCMD ioctl call, which allows local users to\ntrigger kfree operations and gain privileges by leveraging\nwrite access to a /dev/fd device. (bnc#875798)\n\nCVE-2014-1738: The raw_cmd_copyout function in\ndrivers/block/floppy.c in the Linux kernel through 3.14.3\ndoes not properly restrict access to certain pointers during\nprocessing of an FDRAWCMD ioctl call, which allows local\nusers to obtain sensitive information from kernel heap\nmemory by leveraging write access to a /dev/fd device.\n(bnc#875798)\n\nThe following bugs have been fixed :\n\n - kernel: sclp console hangs (bnc#830344, LTC#95711,\n bnc#860304).\n\n - ia64: Change default PSR.ac from '1' to '0' (Fix erratum\n #237) (bnc#874108).\n\n - net: Uninline kfree_skb and allow NULL argument\n (bnc#853501).\n\n - tcp: syncookies: reduce cookie lifetime to 128 seconds\n (bnc#833968).\n\n - tcp: syncookies: reduce mss table to four values\n (bnc#833968).\n\n - udp: Fix bogus UFO packet generation (bnc#847672).\n\n - blkdev_max_block: make private to fs/buffer.c\n (bnc#820338).\n\n - vfs: avoid 'attempt to access beyond end of device'\n warnings (bnc#820338).\n\n - vfs: fix O_DIRECT read past end of block device\n (bnc#820338).\n\n - HID: check for NULL field when setting values\n (bnc#835839).\n\n - HID: provide a helper for validating hid reports\n (bnc#835839).\n\n - dl2k: Tighten ioctl permissions (bnc#758813).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 17, "published": "2015-05-20T00:00:00", "title": "SUSE SLES10 Security Update : kernel (SUSE-SU-2014:0832-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-7265", "CVE-2014-1737", "CVE-2013-6383", "CVE-2014-1738", "CVE-2013-7264", "CVE-2014-1446", "CVE-2013-2897", "CVE-2013-6382", "CVE-2013-7263", "CVE-2013-4483", "CVE-2014-1444", "CVE-2013-0343", "CVE-2014-1445", "CVE-2013-4470", "CVE-2013-2888", "CVE-2013-4588", "CVE-2013-2893"], "modified": "2015-05-20T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-vmi", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-bigsmp", "p-cpe:/a:novell:suse_linux:kernel-debug", "p-cpe:/a:novell:suse_linux:kernel-vmipae", "p-cpe:/a:novell:suse_linux:kernel-source", "p-cpe:/a:novell:suse_linux:kernel-xen", "p-cpe:/a:novell:suse_linux:kernel-kdumppae", "p-cpe:/a:novell:suse_linux:kernel-kdump", "p-cpe:/a:novell:suse_linux:kernel-xenpae", "p-cpe:/a:novell:suse_linux:kernel-default", "cpe:/o:novell:suse_linux:10", "p-cpe:/a:novell:suse_linux:kernel-smp"], "id": "SUSE_SU-2014-0832-1.NASL", "href": "https://www.tenable.com/plugins/nessus/83628", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2014:0832-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83628);\n script_version(\"2.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2013-0343\", \"CVE-2013-2888\", \"CVE-2013-2893\", \"CVE-2013-2897\", \"CVE-2013-4470\", \"CVE-2013-4483\", \"CVE-2013-4588\", \"CVE-2013-6382\", \"CVE-2013-6383\", \"CVE-2013-7263\", \"CVE-2013-7264\", \"CVE-2013-7265\", \"CVE-2014-1444\", \"CVE-2014-1445\", \"CVE-2014-1446\", \"CVE-2014-1737\", \"CVE-2014-1738\");\n script_bugtraq_id(58795, 62043, 62044, 62050, 63359, 63445, 63744, 63888, 63889, 64677, 64685, 64686, 64952, 64953, 64954, 67300, 67302);\n\n script_name(english:\"SUSE SLES10 Security Update : kernel (SUSE-SU-2014:0832-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise Server 10 SP3 LTSS received a roll up update\nto fix several security and non-security issues.\n\nThe following security issues have been fixed :\n\nCVE-2013-0343: The ipv6_create_tempaddr function in\nnet/ipv6/addrconf.c in the Linux kernel through 3.8 does not properly\nhandle problems with the generation of IPv6 temporary addresses, which\nallows remote attackers to cause a denial of service (excessive\nretries and address-generation outage), and consequently obtain\nsensitive information, via ICMPv6 Router Advertisement (RA) messages.\n(bnc#805226)\n\nCVE-2013-2888: Multiple array index errors in\ndrivers/hid/hid-core.c in the Human Interface Device (HID)\nsubsystem in the Linux kernel through 3.11 allow physically\nproximate attackers to execute arbitrary code or cause a\ndenial of service (heap memory corruption) via a crafted\ndevice that provides an invalid Report ID. (bnc#835839)\n\nCVE-2013-2893: The Human Interface Device (HID) subsystem in\nthe Linux kernel through 3.11, when CONFIG_LOGITECH_FF,\nCONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled,\nallows physically proximate attackers to cause a denial of\nservice (heap-based out-of-bounds write) via a crafted\ndevice, related to (1) drivers/hid/hid-lgff.c, (2)\ndrivers/hid/hid-lg3ff.c, and (3) drivers/hid/hid-lg4ff.c.\n(bnc#835839)\n\nCVE-2013-2897: Multiple array index errors in\ndrivers/hid/hid-multitouch.c in the Human Interface Device\n(HID) subsystem in the Linux kernel through 3.11, when\nCONFIG_HID_MULTITOUCH is enabled, allow physically proximate\nattackers to cause a denial of service (heap memory\ncorruption, or NULL pointer dereference and OOPS) via a\ncrafted device. (bnc#835839)\n\nCVE-2013-4470: The Linux kernel before 3.12, when UDP\nFragmentation Offload (UFO) is enabled, does not properly\ninitialize certain data structures, which allows local users\nto cause a denial of service (memory corruption and system\ncrash) or possibly gain privileges via a crafted application\nthat uses the UDP_CORK option in a setsockopt system call\nand sends both short and long packets, related to the\nip_ufo_append_data function in net/ipv4/ip_output.c and the\nip6_ufo_append_data function in net/ipv6/ip6_output.c.\n(bnc#847672)\n\nCVE-2013-4483: The ipc_rcu_putref function in ipc/util.c in\nthe Linux kernel before 3.10 does not properly manage a\nreference count, which allows local users to cause a denial\nof service (memory consumption or system crash) via a\ncrafted application. (bnc#848321)\n\nCVE-2013-4588: Multiple stack-based buffer overflows in\nnet/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before\n2.6.33, when CONFIG_IP_VS is used, allow local users to gain\nprivileges by leveraging the CAP_NET_ADMIN capability for\n(1) a getsockopt system call, related to the\ndo_ip_vs_get_ctl function, or (2) a setsockopt system call,\nrelated to the do_ip_vs_set_ctl function. (bnc#851095)\n\nCVE-2013-6382: Multiple buffer underflows in the XFS\nimplementation in the Linux kernel through 3.12.1 allow\nlocal users to cause a denial of service (memory corruption)\nor possibly have unspecified other impact by leveraging the\nCAP_SYS_ADMIN capability for a (1)\nXFS_IOC_ATTRLIST_BY_HANDLE or (2)\nXFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted\nlength value, related to the xfs_attrlist_by_handle function\nin fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle\nfunction in fs/xfs/xfs_ioctl32.c. (bnc#852553)\n\nCVE-2013-6383: The aac_compat_ioctl function in\ndrivers/scsi/aacraid/linit.c in the Linux kernel before\n3.11.8 does not require the CAP_SYS_RAWIO capability, which\nallows local users to bypass intended access restrictions\nvia a crafted ioctl call. (bnc#852558)\n\nCVE-2013-7263: The Linux kernel before 3.12.4 updates\ncertain length values before ensuring that associated data\nstructures have been initialized, which allows local users\nto obtain sensitive information from kernel stack memory via\na (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call,\nrelated to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c,\nnet/ipv6/raw.c, and net/ipv6/udp.c. (bnc#857643)\n\nCVE-2013-7264: The l2tp_ip_recvmsg function in\nnet/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4 updates\na certain length value before ensuring that an associated\ndata structure has been initialized, which allows local\nusers to obtain sensitive information from kernel stack\nmemory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg\nsystem call. (bnc#857643)\n\nCVE-2013-7265: The pn_recvmsg function in\nnet/phonet/datagram.c in the Linux kernel before 3.12.4\nupdates a certain length value before ensuring that an\nassociated data structure has been initialized, which allows\nlocal users to obtain sensitive information from kernel\nstack memory via a (1) recvfrom, (2) recvmmsg, or (3)\nrecvmsg system call. (bnc#857643)\n\nCVE-2014-1444: The fst_get_iface function in\ndrivers/net/wan/farsync.c in the Linux kernel before 3.11.7\ndoes not properly initialize a certain data structure, which\nallows local users to obtain sensitive information from\nkernel memory by leveraging the CAP_NET_ADMIN capability for\nan SIOCWANDEV ioctl call. (bnc#858869)\n\nCVE-2014-1445: The wanxl_ioctl function in\ndrivers/net/wan/wanxl.c in the Linux kernel before 3.11.7\ndoes not properly initialize a certain data structure, which\nallows local users to obtain sensitive information from\nkernel memory via an ioctl call. (bnc#858870)\n\nCVE-2014-1446: The yam_ioctl function in\ndrivers/net/hamradio/yam.c in the Linux kernel before 3.12.8\ndoes not initialize a certain structure member, which allows\nlocal users to obtain sensitive information from kernel\nmemory by leveraging the CAP_NET_ADMIN capability for an\nSIOCYAMGCFG ioctl call. (bnc#858872)\n\nCVE-2014-1737: The raw_cmd_copyin function in\ndrivers/block/floppy.c in the Linux kernel through 3.14.3\ndoes not properly handle error conditions during processing\nof an FDRAWCMD ioctl call, which allows local users to\ntrigger kfree operations and gain privileges by leveraging\nwrite access to a /dev/fd device. (bnc#875798)\n\nCVE-2014-1738: The raw_cmd_copyout function in\ndrivers/block/floppy.c in the Linux kernel through 3.14.3\ndoes not properly restrict access to certain pointers during\nprocessing of an FDRAWCMD ioctl call, which allows local\nusers to obtain sensitive information from kernel heap\nmemory by leveraging write access to a /dev/fd device.\n(bnc#875798)\n\nThe following bugs have been fixed :\n\n - kernel: sclp console hangs (bnc#830344, LTC#95711,\n bnc#860304).\n\n - ia64: Change default PSR.ac from '1' to '0' (Fix erratum\n #237) (bnc#874108).\n\n - net: Uninline kfree_skb and allow NULL argument\n (bnc#853501).\n\n - tcp: syncookies: reduce cookie lifetime to 128 seconds\n (bnc#833968).\n\n - tcp: syncookies: reduce mss table to four values\n (bnc#833968).\n\n - udp: Fix bogus UFO packet generation (bnc#847672).\n\n - blkdev_max_block: make private to fs/buffer.c\n (bnc#820338).\n\n - vfs: avoid 'attempt to access beyond end of device'\n warnings (bnc#820338).\n\n - vfs: fix O_DIRECT read past end of block device\n (bnc#820338).\n\n - HID: check for NULL field when setting values\n (bnc#835839).\n\n - HID: provide a helper for validating hid reports\n (bnc#835839).\n\n - dl2k: Tighten ioctl permissions (bnc#758813).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://download.suse.com/patch/finder/?keywords=17ddf66eae63aab3af8b2b3bec742669\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3366e92c\"\n );\n # http://download.suse.com/patch/finder/?keywords=26314f5d51311e1fdece27b8fcdf804a\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?992a6e07\"\n );\n # http://download.suse.com/patch/finder/?keywords=9914353b490102922bc3d08bdf30bacc\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?287c54b5\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-0343.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2888.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2893.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2897.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4470.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4483.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4588.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-6382.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-6383.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-7263.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-7264.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-7265.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-1444.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-1445.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-1446.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-1737.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-1738.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/758813\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/805226\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/820338\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/830344\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/833968\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/835839\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/847672\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/848321\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/851095\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/852553\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/852558\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/853501\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/857643\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/858869\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/858870\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/858872\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/860304\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/874108\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/875798\"\n );\n # https://www.suse.com/support/update/announcement/2014/suse-su-20140832-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d643af8f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-bigsmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kdumppae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vmi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vmipae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xenpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES10)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES10\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES10\" && (! ereg(pattern:\"^3$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES10 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.16.60-0.123.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-kdump-2.6.16.60-0.123.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.123.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.123.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-bigsmp-2.6.16.60-0.123.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-kdumppae-2.6.16.60-0.123.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-vmi-2.6.16.60-0.123.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-vmipae-2.6.16.60-0.123.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-xenpae-2.6.16.60-0.123.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"3\", reference:\"kernel-default-2.6.16.60-0.123.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"3\", reference:\"kernel-source-2.6.16.60-0.123.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"3\", reference:\"kernel-syms-2.6.16.60-0.123.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"3\", cpu:\"i586\", reference:\"kernel-debug-2.6.16.60-0.123.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"3\", cpu:\"i586\", reference:\"kernel-kdump-2.6.16.60-0.123.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"3\", cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.123.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"3\", cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.123.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"3\", cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.123.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"3\", cpu:\"i586\", reference:\"kernel-kdumppae-2.6.16.60-0.123.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"3\", cpu:\"i586\", reference:\"kernel-vmi-2.6.16.60-0.123.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"3\", cpu:\"i586\", reference:\"kernel-vmipae-2.6.16.60-0.123.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"3\", cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.123.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:11:38", "description": "The 3.12.5 kernel contains support for new devices, and a number of\nbug fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2013-12-23T00:00:00", "title": "Fedora 19 : kernel-3.12.5-200.fc19 (2013-23653)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-7265", "CVE-2013-7264", "CVE-2013-6368", "CVE-2013-6367", "CVE-2013-7263", "CVE-2013-6376", "CVE-2013-4587"], "modified": "2013-12-23T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:19"], "id": "FEDORA_2013-23653.NASL", "href": "https://www.tenable.com/plugins/nessus/71598", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-23653.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(71598);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-4587\", \"CVE-2013-6367\", \"CVE-2013-6368\", \"CVE-2013-6376\", \"CVE-2013-7263\", \"CVE-2013-7264\", \"CVE-2013-7265\");\n script_bugtraq_id(64270, 64291, 64319, 64328);\n script_xref(name:\"FEDORA\", value:\"2013-23653\");\n\n script_name(english:\"Fedora 19 : kernel-3.12.5-200.fc19 (2013-23653)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 3.12.5 kernel contains support for new devices, and a number of\nbug fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1030986\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1032207\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1032210\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1033106\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1035875\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1039845\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-December/124751.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?58f2f9f4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/12/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"kernel-3.12.5-200.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:11:36", "description": "The 3.12.5 kernel contains support for new devices, and a number of\nbug fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2013-12-23T00:00:00", "title": "Fedora 20 : kernel-3.12.5-302.fc20 (2013-23445)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-7265", "CVE-2013-7264", "CVE-2013-6368", "CVE-2013-6367", "CVE-2013-7263", "CVE-2013-6376", "CVE-2013-4587"], "modified": "2013-12-23T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2013-23445.NASL", "href": "https://www.tenable.com/plugins/nessus/71593", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-23445.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(71593);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-4587\", \"CVE-2013-6367\", \"CVE-2013-6368\", \"CVE-2013-6376\", \"CVE-2013-7263\", \"CVE-2013-7264\", \"CVE-2013-7265\");\n script_bugtraq_id(64270, 64291, 64319, 64328);\n script_xref(name:\"FEDORA\", value:\"2013-23445\");\n\n script_name(english:\"Fedora 20 : kernel-3.12.5-302.fc20 (2013-23445)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 3.12.5 kernel contains support for new devices, and a number of\nbug fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1030986\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1032207\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1032210\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1033106\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1035875\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1039845\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-December/124795.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1b819ebb\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/12/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"kernel-3.12.5-302.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:27:19", "bulletinFamily": "unix", "cvelist": ["CVE-2013-7265", "CVE-2013-2929", "CVE-2013-7263", "CVE-2013-6381"], "description": "**CentOS Errata and Security Advisory** CESA-2014:0159\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A buffer overflow flaw was found in the way the qeth_snmp_command()\nfunction in the Linux kernel's QETH network device driver implementation\nhandled SNMP IOCTL requests with an out-of-bounds length. A local,\nunprivileged user could use this flaw to crash the system or, potentially,\nescalate their privileges on the system. (CVE-2013-6381, Important)\n\n* A flaw was found in the way the get_dumpable() function return value was\ninterpreted in the ptrace subsystem of the Linux kernel. When\n'fs.suid_dumpable' was set to 2, a local, unprivileged local user could\nuse this flaw to bypass intended ptrace restrictions and obtain\npotentially sensitive information. (CVE-2013-2929, Low)\n\n* It was found that certain protocol handlers in the Linux kernel's\nnetworking implementation could set the addr_len value without initializing\nthe associated data structure. A local, unprivileged user could use this\nflaw to leak kernel stack memory to user space using the recvmsg, recvfrom,\nand recvmmsg system calls (CVE-2013-7263, CVE-2013-7265, Low).\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-February/032188.html\n\n**Affected packages:**\nkernel\nkernel-abi-whitelists\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-firmware\nkernel-headers\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-0159.html", "edition": 3, "modified": "2014-02-12T04:44:55", "published": "2014-02-12T04:44:55", "href": "http://lists.centos.org/pipermail/centos-announce/2014-February/032188.html", "id": "CESA-2014:0159", "title": "kernel, perf, python security update", "type": "centos", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:44:42", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2929", "CVE-2013-6381", "CVE-2013-7263", "CVE-2013-7265"], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A buffer overflow flaw was found in the way the qeth_snmp_command()\nfunction in the Linux kernel's QETH network device driver implementation\nhandled SNMP IOCTL requests with an out-of-bounds length. A local,\nunprivileged user could use this flaw to crash the system or, potentially,\nescalate their privileges on the system. (CVE-2013-6381, Important)\n\n* A flaw was found in the way the get_dumpable() function return value was\ninterpreted in the ptrace subsystem of the Linux kernel. When\n'fs.suid_dumpable' was set to 2, a local, unprivileged local user could\nuse this flaw to bypass intended ptrace restrictions and obtain\npotentially sensitive information. (CVE-2013-2929, Low)\n\n* It was found that certain protocol handlers in the Linux kernel's\nnetworking implementation could set the addr_len value without initializing\nthe associated data structure. A local, unprivileged user could use this\nflaw to leak kernel stack memory to user space using the recvmsg, recvfrom,\nand recvmmsg system calls (CVE-2013-7263, CVE-2013-7265, Low).\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "modified": "2018-06-06T20:24:11", "published": "2014-02-11T05:00:00", "id": "RHSA-2014:0159", "href": "https://access.redhat.com/errata/RHSA-2014:0159", "type": "redhat", "title": "(RHSA-2014:0159) Important: kernel security and bug fix update", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-08T23:40:56", "bulletinFamily": "unix", "cvelist": ["CVE-2013-7265", "CVE-2013-6383", "CVE-2013-7264", "CVE-2013-7263", "CVE-2013-7281"], "description": "A flaw was discovered in the Linux kernel's compat ioctls for Adaptec \nAACRAID scsi raid devices. An unprivileged local user could send \nadministrative commands to these devices potentially compromising the data \nstored on the device. (CVE-2013-6383)\n\nmpd reported an information leak in the recvfrom, recvmmsg, and recvmsg \nsystem calls in the Linux kernel. An unprivileged local user could exploit \nthis flaw to obtain sensitive information from kernel stack memory. \n(CVE-2013-7263)\n\nmpb reported an information leak in the Layer Two Tunneling Protocol (l2tp) \nof the Linux kernel. A local user could exploit this flaw to obtain \nsensitive information from kernel stack memory. (CVE-2013-7264)\n\nmpb reported an information leak in the Phone Network protocol (phonet) in \nthe Linux kernel. A local user could exploit this flaw to obtain sensitive \ninformation from kernel stack memory. (CVE-2013-7265)\n\nmpb reported an information leak in the Low-Rate Wireless Personal Area \nNetworks support (IEEE 802.15.4) in the Linux kernel. A local user could \nexploit this flaw to obtain sensitive information from kernel stack memory. \n(CVE-2013-7281)", "edition": 5, "modified": "2014-02-18T00:00:00", "published": "2014-02-18T00:00:00", "id": "USN-2108-1", "href": "https://ubuntu.com/security/notices/USN-2108-1", "title": "Linux kernel (EC2) vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-08T23:30:18", "bulletinFamily": "unix", "cvelist": ["CVE-2013-7265", "CVE-2013-6383", "CVE-2013-7264", "CVE-2013-7263", "CVE-2013-7281"], "description": "A flaw was discovered in the Linux kernel's compat ioctls for Adaptec \nAACRAID scsi raid devices. An unprivileged local user could send \nadministrative commands to these devices potentially compromising the data \nstored on the device. (CVE-2013-6383)\n\nmpd reported an information leak in the recvfrom, recvmmsg, and recvmsg \nsystem calls in the Linux kernel. An unprivileged local user could exploit \nthis flaw to obtain sensitive information from kernel stack memory. \n(CVE-2013-7263)\n\nmpb reported an information leak in the Layer Two Tunneling Protocol (l2tp) \nof the Linux kernel. A local user could exploit this flaw to obtain \nsensitive information from kernel stack memory. (CVE-2013-7264)\n\nmpb reported an information leak in the Phone Network protocol (phonet) in \nthe Linux kernel. A local user could exploit this flaw to obtain sensitive \ninformation from kernel stack memory. (CVE-2013-7265)\n\nmpb reported an information leak in the Low-Rate Wireless Personal Area \nNetworks support (IEEE 802.15.4) in the Linux kernel. A local user could \nexploit this flaw to obtain sensitive information from kernel stack memory. \n(CVE-2013-7281)", "edition": 5, "modified": "2014-02-18T00:00:00", "published": "2014-02-18T00:00:00", "id": "USN-2107-1", "href": "https://ubuntu.com/security/notices/USN-2107-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:24:38", "bulletinFamily": "unix", "cvelist": ["CVE-2013-7027", "CVE-2013-7270", "CVE-2013-0160", "CVE-2013-2929", "CVE-2014-1874", "CVE-2013-7267", "CVE-2013-7266", "CVE-2014-1446", "CVE-2013-6382", "CVE-2013-6367", "CVE-2014-1444", "CVE-2013-7269", "CVE-2013-7271", "CVE-2013-6380", "CVE-2013-7268", "CVE-2013-4587", "CVE-2014-1445"], "description": "An information leak was discovered in the Linux kernel when inotify is used \nto monitor the /dev/ptmx device. A local user could exploit this flaw to \ndiscover keystroke timing and potentially discover sensitive information \nlike password length. (CVE-2013-0160)\n\nVasily Kulikov reported a flaw in the Linux kernel's implementation of \nptrace. An unprivileged local user could exploit this flaw to obtain \nsensitive information from kernel memory. (CVE-2013-2929)\n\nAndrew Honig reported a flaw in the Linux Kernel's kvm_vm_ioctl_create_vcpu \nfunction of the Kernel Virtual Machine (KVM) subsystem. A local user could \nexploit this flaw to gain privileges on the host machine. (CVE-2013-4587)\n\nAndrew Honig reported a flaw in the apic_get_tmcct function of the Kernel \nVirtual Machine (KVM) subsystem if the Linux kernel. A guest OS user could \nexploit this flaw to cause a denial of service or host OS system crash. \n(CVE-2013-6367)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the driver for Adaptec \nAACRAID scsi raid devices in the Linux kernel. A local user could use this \nflaw to cause a denial of service or possibly other unspecified impact. \n(CVE-2013-6380)\n\nNico Golde and Fabian Yamaguchi reported buffer underflow errors in the \nimplementation of the XFS filesystem in the Linux kernel. A local user with \nCAP_SYS_ADMIN could exploit these flaw to cause a denial of service (memory \ncorruption) or possibly other unspecified issues. (CVE-2013-6382)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header \nparsing. A remote attacker could cause a denial of service (buffer over- \nread) via a specially crafted header. (CVE-2013-7027)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg \nsystemcalls when used with ISDN sockets in the Linux kernel. A local user \ncould exploit this leak to obtain potentially sensitive information from \nkernel memory. (CVE-2013-7266)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg \nsystemcalls when used with apple talk sockets in the Linux kernel. A local \nuser could exploit this leak to obtain potentially sensitive information \nfrom kernel memory. (CVE-2013-7267)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg \nsystemcalls when used with ipx protocol sockets in the Linux kernel. A \nlocal user could exploit this leak to obtain potentially sensitive \ninformation from kernel memory. (CVE-2013-7268)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg \nsystemcalls when used with the netrom address family in the Linux kernel. A \nlocal user could exploit this leak to obtain potentially sensitive \ninformation from kernel memory. (CVE-2013-7269)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg \nsystemcalls when used with packet address family sockets in the Linux \nkernel. A local user could exploit this leak to obtain potentially \nsensitive information from kernel memory. (CVE-2013-7270)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg \nsystemcalls when used with x25 protocol sockets in the Linux kernel. A \nlocal user could exploit this leak to obtain potentially sensitive \ninformation from kernel memory. (CVE-2013-7271)\n\nAn information leak was discovered in the Linux kernel's SIOCWANDEV ioctl \ncall. A local user with the CAP_NET_ADMIN capability could exploit this \nflaw to obtain potentially sensitive information from kernel memory. \n(CVE-2014-1444)\n\nAn information leak was discovered in the wanxl ioctl function the \nLinux kernel. A local user could exploit this flaw to obtain potentially \nsensitive information from kernel memory. (CVE-2014-1445)\n\nAn information leak was discovered in the Linux kernel's hamradio YAM \ndriver for AX.25 packet radio. A local user with the CAP_NET_ADMIN \ncapability could exploit this flaw to obtain sensitive information from \nkernel memory. (CVE-2014-1446)\n\nMatthew Thode reported a denial of service vulnerability in the Linux \nkernel when SELinux support is enabled. A local user with the CAP_MAC_ADMIN \ncapability (and the SELinux mac_admin permission if running in enforcing \nmode) could exploit this flaw to cause a denial of service (kernel crash). \n(CVE-2014-1874)", "edition": 5, "modified": "2014-03-06T00:00:00", "published": "2014-03-06T00:00:00", "id": "USN-2129-1", "href": "https://ubuntu.com/security/notices/USN-2129-1", "title": "Linux kernel (EC2) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:21:09", "bulletinFamily": "unix", "cvelist": ["CVE-2013-7027", "CVE-2013-7270", "CVE-2013-0160", "CVE-2013-2929", "CVE-2014-1874", "CVE-2013-7267", "CVE-2013-7266", "CVE-2014-1446", "CVE-2013-6382", "CVE-2013-6367", "CVE-2014-1444", "CVE-2013-7269", "CVE-2013-7271", "CVE-2013-6380", "CVE-2013-7268", "CVE-2013-4587", "CVE-2014-1445"], "description": "An information leak was discovered in the Linux kernel when inotify is used \nto monitor the /dev/ptmx device. A local user could exploit this flaw to \ndiscover keystroke timing and potentially discover sensitive information \nlike password length. (CVE-2013-0160)\n\nVasily Kulikov reported a flaw in the Linux kernel's implementation of \nptrace. An unprivileged local user could exploit this flaw to obtain \nsensitive information from kernel memory. (CVE-2013-2929)\n\nAndrew Honig reported a flaw in the Linux Kernel's kvm_vm_ioctl_create_vcpu \nfunction of the Kernel Virtual Machine (KVM) subsystem. A local user could \nexploit this flaw to gain privileges on the host machine. (CVE-2013-4587)\n\nAndrew Honig reported a flaw in the apic_get_tmcct function of the Kernel \nVirtual Machine (KVM) subsystem if the Linux kernel. A guest OS user could \nexploit this flaw to cause a denial of service or host OS system crash. \n(CVE-2013-6367)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the driver for Adaptec \nAACRAID scsi raid devices in the Linux kernel. A local user could use this \nflaw to cause a denial of service or possibly other unspecified impact. \n(CVE-2013-6380)\n\nNico Golde and Fabian Yamaguchi reported buffer underflow errors in the \nimplementation of the XFS filesystem in the Linux kernel. A local user with \nCAP_SYS_ADMIN could exploit these flaw to cause a denial of service (memory \ncorruption) or possibly other unspecified issues. (CVE-2013-6382)\n\nEvan Huus reported a buffer overflow in the Linux kernel's radiotap header \nparsing. A remote attacker could cause a denial of service (buffer over- \nread) via a specially crafted header. (CVE-2013-7027)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg \nsystemcalls when used with ISDN sockets in the Linux kernel. A local user \ncould exploit this leak to obtain potentially sensitive information from \nkernel memory. (CVE-2013-7266)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg \nsystemcalls when used with apple talk sockets in the Linux kernel. A local \nuser could exploit this leak to obtain potentially sensitive information \nfrom kernel memory. (CVE-2013-7267)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg \nsystemcalls when used with ipx protocol sockets in the Linux kernel. A \nlocal user could exploit this leak to obtain potentially sensitive \ninformation from kernel memory. (CVE-2013-7268)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg \nsystemcalls when used with the netrom address family in the Linux kernel. A \nlocal user could exploit this leak to obtain potentially sensitive \ninformation from kernel memory. (CVE-2013-7269)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg \nsystemcalls when used with packet address family sockets in the Linux \nkernel. A local user could exploit this leak to obtain potentially \nsensitive information from kernel memory. (CVE-2013-7270)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg \nsystemcalls when used with x25 protocol sockets in the Linux kernel. A \nlocal user could exploit this leak to obtain potentially sensitive \ninformation from kernel memory. (CVE-2013-7271)\n\nAn information leak was discovered in the Linux kernel's SIOCWANDEV ioctl \ncall. A local user with the CAP_NET_ADMIN capability could exploit this \nflaw to obtain potentially sensitive information from kernel memory. \n(CVE-2014-1444)\n\nAn information leak was discovered in the wanxl ioctl function the \nLinux kernel. A local user could exploit this flaw to obtain potentially \nsensitive information from kernel memory. (CVE-2014-1445)\n\nAn information leak was discovered in the Linux kernel's hamradio YAM \ndriver for AX.25 packet radio. A local user with the CAP_NET_ADMIN \ncapability could exploit this flaw to obtain sensitive information from \nkernel memory. (CVE-2014-1446)\n\nMatthew Thode reported a denial of service vulnerability in the Linux \nkernel when SELinux support is enabled. A local user with the CAP_MAC_ADMIN \ncapability (and the SELinux mac_admin permission if running in enforcing \nmode) could exploit this flaw to cause a denial of service (kernel crash). \n(CVE-2014-1874)", "edition": 5, "modified": "2014-03-05T00:00:00", "published": "2014-03-05T00:00:00", "id": "USN-2128-1", "href": "https://ubuntu.com/security/notices/USN-2128-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-02T11:37:34", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4345", "CVE-2013-7270", "CVE-2013-7265", "CVE-2013-2929", "CVE-2013-7267", "CVE-2013-7266", "CVE-2013-7264", "CVE-2013-6382", "CVE-2013-6367", "CVE-2013-7263", "CVE-2013-7269", "CVE-2013-7271", "CVE-2013-6380", "CVE-2013-7268", "CVE-2013-7281", "CVE-2013-4587", "CVE-2013-4348"], "description": "Vasily Kulikov reported a flaw in the Linux kernel's implementation of \nptrace. An unprivileged local user could exploit this flaw to obtain \nsensitive information from kernel memory. (CVE-2013-2929)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random \nnumber generator. This flaw makes it easier for a local attacker to break \ncryptographic protections. (CVE-2013-4345)\n\nJason Wang discovered a bug in the network flow dissector in the Linux \nkernel. A remote attacker could exploit this flaw to cause a denial of \nservice (infinite loop). (CVE-2013-4348)\n\nAndrew Honig reported a flaw in the Linux Kernel's kvm_vm_ioctl_create_vcpu \nfunction of the Kernel Virtual Machine (KVM) subsystem. A local user could \nexploit this flaw to gain privileges on the host machine. (CVE-2013-4587)\n\nAndrew Honig reported a flaw in the apic_get_tmcct function of the Kernel \nVirtual Machine (KVM) subsystem if the Linux kernel. A guest OS user could \nexploit this flaw to cause a denial of service or host OS system crash. \n(CVE-2013-6367)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the driver for Adaptec \nAACRAID scsi raid devices in the Linux kernel. A local user could use this \nflaw to cause a denial of service or possibly other unspecified impact. \n(CVE-2013-6380)\n\nNico Golde and Fabian Yamaguchi reported buffer underflow errors in the \nimplementation of the XFS filesystem in the Linux kernel. A local user with \nCAP_SYS_ADMIN could exploit these flaw to cause a denial of service (memory \ncorruption) or possibly other unspecified issues. (CVE-2013-6382)\n\nmpd reported an information leak in the recvfrom, recvmmsg, and recvmsg \nsystem calls in the Linux kernel. An unprivileged local user could exploit \nthis flaw to obtain sensitive information from kernel stack memory. \n(CVE-2013-7263)\n\nmpb reported an information leak in the Layer Two Tunneling Protocol (l2tp) \nof the Linux kernel. A local user could exploit this flaw to obtain \nsensitive information from kernel stack memory. (CVE-2013-7264)\n\nmpb reported an information leak in the Phone Network protocol (phonet) in \nthe Linux kernel. A local user could exploit this flaw to obtain sensitive \ninformation from kernel stack memory. (CVE-2013-7265)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg \nsystemcalls when used with ISDN sockets in the Linux kernel. A local user \ncould exploit this leak to obtain potentially sensitive information from \nkernel memory. (CVE-2013-7266)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg \nsystemcalls when used with apple talk sockets in the Linux kernel. A local \nuser could exploit this leak to obtain potentially sensitive information \nfrom kernel memory. (CVE-2013-7267)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg \nsystemcalls when used with ipx protocol sockets in the Linux kernel. A \nlocal user could exploit this leak to obtain potentially sensitive \ninformation from kernel memory. (CVE-2013-7268)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg \nsystemcalls when used with the netrom address family in the Linux kernel. A \nlocal user could exploit this leak to obtain potentially sensitive \ninformation from kernel memory. (CVE-2013-7269)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg \nsystemcalls when used with packet address family sockets in the Linux \nkernel. A local user could exploit this leak to obtain potentially \nsensitive information from kernel memory. (CVE-2013-7270)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg \nsystemcalls when used with x25 protocol sockets in the Linux kernel. A \nlocal user could exploit this leak to obtain potentially sensitive \ninformation from kernel memory. (CVE-2013-7271)\n\nmpb reported an information leak in the Low-Rate Wireless Personal Area \nNetworks support (IEEE 802.15.4) in the Linux kernel. A local user could \nexploit this flaw to obtain sensitive information from kernel stack memory. \n(CVE-2013-7281)", "edition": 5, "modified": "2014-02-18T00:00:00", "published": "2014-02-18T00:00:00", "id": "USN-2109-1", "href": "https://ubuntu.com/security/notices/USN-2109-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-02T11:36:33", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4345", "CVE-2013-7270", "CVE-2013-7265", "CVE-2013-2929", "CVE-2013-7267", "CVE-2013-7266", "CVE-2013-7264", "CVE-2013-6382", "CVE-2013-6367", "CVE-2013-7263", "CVE-2013-7269", "CVE-2013-7271", "CVE-2013-6380", "CVE-2013-7268", "CVE-2013-7281", "CVE-2013-4587", "CVE-2013-4348"], "description": "Vasily Kulikov reported a flaw in the Linux kernel's implementation of \nptrace. An unprivileged local user could exploit this flaw to obtain \nsensitive information from kernel memory. (CVE-2013-2929)\n\nStephan Mueller reported an error in the Linux kernel's ansi cprng random \nnumber generator. This flaw makes it easier for a local attacker to break \ncryptographic protections. (CVE-2013-4345)\n\nJason Wang discovered a bug in the network flow dissector in the Linux \nkernel. A remote attacker could exploit this flaw to cause a denial of \nservice (infinite loop). (CVE-2013-4348)\n\nAndrew Honig reported a flaw in the Linux Kernel's kvm_vm_ioctl_create_vcpu \nfunction of the Kernel Virtual Machine (KVM) subsystem. A local user could \nexploit this flaw to gain privileges on the host machine. (CVE-2013-4587)\n\nAndrew Honig reported a flaw in the apic_get_tmcct function of the Kernel \nVirtual Machine (KVM) subsystem if the Linux kernel. A guest OS user could \nexploit this flaw to cause a denial of service or host OS system crash. \n(CVE-2013-6367)\n\nNico Golde and Fabian Yamaguchi reported a flaw in the driver for Adaptec \nAACRAID scsi raid devices in the Linux kernel. A local user could use this \nflaw to cause a denial of service or possibly other unspecified impact. \n(CVE-2013-6380)\n\nNico Golde and Fabian Yamaguchi reported buffer underflow errors in the \nimplementation of the XFS filesystem in the Linux kernel. A local user with \nCAP_SYS_ADMIN could exploit these flaw to cause a denial of service (memory \ncorruption) or possibly other unspecified issues. (CVE-2013-6382)\n\nmpd reported an information leak in the recvfrom, recvmmsg, and recvmsg \nsystem calls in the Linux kernel. An unprivileged local user could exploit \nthis flaw to obtain sensitive information from kernel stack memory. \n(CVE-2013-7263)\n\nmpb reported an information leak in the Layer Two Tunneling Protocol (l2tp) \nof the Linux kernel. A local user could exploit this flaw to obtain \nsensitive information from kernel stack memory. (CVE-2013-7264)\n\nmpb reported an information leak in the Phone Network protocol (phonet) in \nthe Linux kernel. A local user could exploit this flaw to obtain sensitive \ninformation from kernel stack memory. (CVE-2013-7265)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg \nsystemcalls when used with ISDN sockets in the Linux kernel. A local user \ncould exploit this leak to obtain potentially sensitive information from \nkernel memory. (CVE-2013-7266)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg \nsystemcalls when used with apple talk sockets in the Linux kernel. A local \nuser could exploit this leak to obtain potentially sensitive information \nfrom kernel memory. (CVE-2013-7267)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg \nsystemcalls when used with ipx protocol sockets in the Linux kernel. A \nlocal user could exploit this leak to obtain potentially sensitive \ninformation from kernel memory. (CVE-2013-7268)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg \nsystemcalls when used with the netrom address family in the Linux kernel. A \nlocal user could exploit this leak to obtain potentially sensitive \ninformation from kernel memory. (CVE-2013-7269)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg \nsystemcalls when used with packet address family sockets in the Linux \nkernel. A local user could exploit this leak to obtain potentially \nsensitive information from kernel memory. (CVE-2013-7270)\n\nAn information leak was discovered in the recvfrom, recvmmsg, and recvmsg \nsystemcalls when used with x25 protocol sockets in the Linux kernel. A \nlocal user could exploit this leak to obtain potentially sensitive \ninformation from kernel memory. (CVE-2013-7271)\n\nmpb reported an information leak in the Low-Rate Wireless Personal Area \nNetworks support (IEEE 802.15.4) in the Linux kernel. A local user could \nexploit this flaw to obtain sensitive information from kernel stack memory. \n(CVE-2013-7281)", "edition": 5, "modified": "2014-02-18T00:00:00", "published": "2014-02-18T00:00:00", "id": "USN-2110-1", "href": "https://ubuntu.com/security/notices/USN-2110-1", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:25:32", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2147", "CVE-2013-2897", "CVE-2013-4299", "CVE-2013-2889", "CVE-2013-2893"], "description": "Dan Carpenter discovered an information leak in the HP Smart Array and \nCompaq SMART2 disk-array driver in the Linux kernel. A local user could \nexploit this flaw to obtain sensitive information from kernel memory. \n(CVE-2013-2147)\n\nKees Cook discovered flaw in the Human Interface Device (HID) subsystem \nwhen CONFIG_HID_ZEROPLUS is enabled. A physically proximate attacker could \nleverage this flaw to cause a denial of service via a specially crafted \ndevice. (CVE-2013-2889)\n\nKees Cook discovered another flaw in the Human Interface Device (HID) \nsubsystem of the Linux kernel when any of CONFIG_LOGITECH_FF, \nCONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF are enabled. A physcially \nproximate attacker can leverage this flaw to cause a denial of service vias \na specially crafted device. (CVE-2013-2893)\n\nKees Cook discovered yet another flaw in the Human Interface Device (HID) \nsubsystem of the Linux kernel when CONFIG_HID_MULTITOUCH is enabled. A \nphysically proximate attacker could leverage this flaw to cause a denial of \nservice (OOPS) via a specially crafted device. (CVE-2013-2897)\n\nA flaw was discovered in the Linux kernel's dm snapshot facility. A remote \nauthenticated user could exploit this flaw to obtain sensitive information \nor modify/corrupt data. (CVE-2013-4299)", "edition": 5, "modified": "2013-11-08T00:00:00", "published": "2013-11-08T00:00:00", "id": "USN-2016-1", "href": "https://ubuntu.com/security/notices/USN-2016-1", "title": "Linux kernel (EC2) vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-07-09T00:23:33", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2147", "CVE-2013-2897", "CVE-2013-4299", "CVE-2013-2889", "CVE-2013-2893"], "description": "Dan Carpenter discovered an information leak in the HP Smart Array and \nCompaq SMART2 disk-array driver in the Linux kernel. A local user could \nexploit this flaw to obtain sensitive information from kernel memory. \n(CVE-2013-2147)\n\nKees Cook discovered flaw in the Human Interface Device (HID) subsystem \nwhen CONFIG_HID_ZEROPLUS is enabled. A physically proximate attacker could \nleverage this flaw to cause a denial of service via a specially crafted \ndevice. (CVE-2013-2889)\n\nKees Cook discovered another flaw in the Human Interface Device (HID) \nsubsystem of the Linux kernel when any of CONFIG_LOGITECH_FF, \nCONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF are enabled. A physcially \nproximate attacker can leverage this flaw to cause a denial of service vias \na specially crafted device. (CVE-2013-2893)\n\nKees Cook discovered yet another flaw in the Human Interface Device (HID) \nsubsystem of the Linux kernel when CONFIG_HID_MULTITOUCH is enabled. A \nphysically proximate attacker could leverage this flaw to cause a denial of \nservice (OOPS) via a specially crafted device. (CVE-2013-2897)\n\nA flaw was discovered in the Linux kernel's dm snapshot facility. A remote \nauthenticated user could exploit this flaw to obtain sensitive information \nor modify/corrupt data. (CVE-2013-4299)", "edition": 5, "modified": "2013-11-08T00:00:00", "published": "2013-11-08T00:00:00", "id": "USN-2015-1", "href": "https://ubuntu.com/security/notices/USN-2015-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:35:29", "bulletinFamily": "unix", "cvelist": ["CVE-2013-7265", "CVE-2013-6383", "CVE-2013-2929", "CVE-2013-4554", "CVE-2013-7264", "CVE-2013-7263", "CVE-2013-4483", "CVE-2013-6885", "CVE-2013-7281", "CVE-2013-6381"], "description": "kernel\n[2.6.18-371.6.1]\n- [net] be2net: don't use skb_get_queue_mapping() (Ivan Vecera) [1066302 1063955]\n- [ipc] change refcount to atomic_t (Phillip Lougher) [1024866 1024868] {CVE-2013-4483}\n- [s390] qeth: buffer overflow in snmp ioctl (Jacob Tanenbaum) [1034402 1034404] {CVE-2013-6381}\n- [scsi] AACRAID Driver compat IOCTL missing capability check (Jacob Tanenbaum) [1033531 1033532] {CVE-2013-6383}\n- [xen] x86/AMD: work around erratum 793 (Radim Krcmar) [1035834 1035836] {CVE-2013-6885}\n- [xen] do not expose hypercalls to rings 1 and 2 of HVM guests (Andrew Jones) [1029112 1029113] {CVE-2013-4554}\n- [redhat] kabi: Adding symbol print_hex_dump (Jiri Olsa) [1054055 662558]\n- [scsi] Add 'eh_deadline' to limit SCSI EH runtime (Ewan Milne) [1050097 956132]\n- [scsi] remove check for 'resetting' (Ewan Milne) [1050097 956132]\n- [scsi] dc395: Move 'last_reset' into internal host structure (Ewan Milne) [1050097 956132]\n- [scsi] tmscsim: Move 'last_reset' into host structure (Ewan Milne) [1050097 956132]\n- [scsi] advansys: Remove 'last_reset' references (Ewan Milne) [1050097 956132]\n- [scsi] dpt_i2o: return SCSI_MLQUEUE_HOST_BUSY when in reset (Ewan Milne) [1050097 956132]\n- [scsi] dpt_i2o: Remove DPTI_STATE_IOCTL (Ewan Milne) [1050097 956132]\n- [net] ipv6: fix leaking uninit port number of offender sockaddr (Florian Westphal) [1035880 1035881] {CVE-2013-7264 CVE-2013-7265 CVE-2013-7281 CVE-2013-7263}\n- [net] fix addr_len/msg->msg_namelen assign in recv_error funcs (Florian Westphal) [1035880 1035881] {CVE-2013-7264 CVE-2013-7265 CVE-2013-7281 CVE-2013-7263}\n- [net] prevent leakage of uninitialized memory to user in recv (Florian Westphal) [1035880 1035881] {CVE-2013-7264 CVE-2013-7265 CVE-2013-7281 CVE-2013-7263}\n- [net] be2net: prevent Tx stall on SH-R when packet size < 32 (Ivan Vecera) [1051535 1007995]\n- [net] be2net: Trim padded packets for Lancer (Ivan Vecera) [1051535 1007995]\n- [net] be2net: Pad skb to meet min Tx pkt size in lancer (Ivan Vecera) [1051535 1007995]\n- [net] be2net: refactor HW workarounds in be_xmit() (Ivan Vecera) [1051535 1007995]\n- [fs] exec/ptrace: fix get_dumpable() incorrect tests (Petr Oros) [1039483 1039484] {CVE-2013-2929}\n[2.6.18-371.5.1]\n- [fs] cifs: stop trying to use virtual circuits (Sachin Prabhu) [1044328 1013469]", "edition": 4, "modified": "2014-03-12T00:00:00", "published": "2014-03-12T00:00:00", "id": "ELSA-2014-0285", "href": "http://linux.oracle.com/errata/ELSA-2014-0285.html", "title": "kernel security, bug fix, and enhancement update", "type": "oraclelinux", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:58", "bulletinFamily": "unix", "cvelist": ["CVE-2013-7265", "CVE-2013-2929", "CVE-2013-7263"], "description": "[2.6.32-400.34.3]\n- inet: fix addr_len/msg->msg_namelen assignment in recv_error and rxpmtu functions (Hannes Frederic Sowa) [18247290] {CVE-2013-7263} {CVE-2013-7265}\n[2.6.32-400.34.2]\n- exec/ptrace: fix get_dumpable() incorrect tests (Kees Cook) [18239033] {CVE-2013-2929} {CVE-2013-2929}\n- inet: prevent leakage of uninitialized memory to user in recv syscalls (Hannes Frederic Sowa) [18239036] {CVE-2013-7263} {CVE-2013-7265}", "edition": 4, "modified": "2014-02-14T00:00:00", "published": "2014-02-14T00:00:00", "id": "ELSA-2014-3010", "href": "http://linux.oracle.com/errata/ELSA-2014-3010.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2019-05-29T18:35:16", "bulletinFamily": "unix", "cvelist": ["CVE-2013-7265", "CVE-2013-2929", "CVE-2013-7263"], "description": "[3.8.13-26.1.1.el6uek]\n- inet: fix addr_len/msg->msg_namelen assignment in recv_error and rxpmtu functions (Hannes Frederic Sowa) [18247287] {CVE-2013-7263} {CVE-2013-7265}\n- inet: prevent leakage of uninitialized memory to user in recv syscalls (Hannes Frederic Sowa) [18238377] {CVE-2013-7263} {CVE-2013-7265}\n- exec/ptrace: fix get_dumpable() incorrect tests (Kees Cook) [18238348] {CVE-2013-2929}", "edition": 4, "modified": "2014-02-14T00:00:00", "published": "2014-02-14T00:00:00", "id": "ELSA-2014-3011", "href": "http://linux.oracle.com/errata/ELSA-2014-3011.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2019-05-29T18:38:13", "bulletinFamily": "unix", "cvelist": ["CVE-2013-7265", "CVE-2013-2929", "CVE-2013-7263"], "description": "[2.6.39-400.214.3]\n- inet: fix addr_len/msg->msg_namelen assignment in recv_error and rxpmtu functions (Hannes Frederic Sowa) [18247289] {CVE-2013-7263} {CVE-2013-7265}\n[2.6.39-400.214.2]\n- inet: prevent leakage of uninitialized memory to user in recv syscalls (Hannes Frederic Sowa) [18238382] {CVE-2013-7263} {CVE-2013-7265}\n- exec/ptrace: fix get_dumpable() incorrect tests (Kees Cook) [18238353] {CVE-2013-2929}", "edition": 4, "modified": "2014-02-13T00:00:00", "published": "2014-02-13T00:00:00", "id": "ELSA-2014-3009", "href": "http://linux.oracle.com/errata/ELSA-2014-3009.html", "title": "unbreakable enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:49", "bulletinFamily": "software", "cvelist": ["CVE-2013-2147", "CVE-2013-2897", "CVE-2013-4299", "CVE-2013-2889", "CVE-2013-2893"], "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2015-1\r\nNovember 08, 2013\r\n\r\nlinux vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 10.04 LTS\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in the kernel.\r\n\r\nSoftware Description:\r\n- linux: Linux kernel\r\n\r\nDetails:\r\n\r\nDan Carpenter discovered an information leak in the HP Smart Aray and\r\nCompaq SMART2 disk-array driver in the Linux kernel. A local user could\r\nexploit this flaw to obtain sensitive information from kernel memory.\r\n(CVE-2013-2147)\r\n\r\nKees Cook discovered flaw in the Human Interface Device (HID) subsystem\r\nwhen CONFIG_HID_ZEROPLUS is enabled. A physically proximate attacker could\r\nleverage this flaw to cause a denial of service via a specially crafted\r\ndevice. (CVE-2013-2889)\r\n\r\nKees Cook discovered another flaw in the Human Interface Device (HID)\r\nsubsystem of the Linux kernel when any of CONFIG_LOGITECH_FF,\r\nCONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF are enabled. A physcially\r\nproximate attacker can leverage this flaw to cause a denial of service vias\r\na specially crafted device. (CVE-2013-2893)\r\n\r\nKees Cook discovered yet another flaw in the Human Interface Device (HID)\r\nsubsystem of the Linux kernel when CONFIG_HID_MULTITOUCH is enabled. A\r\nphysically proximate attacker could leverage this flaw to cause a denial of\r\nservice (OOPS) via a specially crafted device. (CVE-2013-2897)\r\n\r\nA flaw was discovered in the Linux kernel's dm snapshot facility. A remote\r\nauthenticated user could exploit this flaw to obtain sensitive information\r\nor modify/corrupt data. (CVE-2013-4299)\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 10.04 LTS:\r\n linux-image-2.6.32-53-386 2.6.32-53.115\r\n linux-image-2.6.32-53-generic 2.6.32-53.115\r\n linux-image-2.6.32-53-generic-pae 2.6.32-53.115\r\n linux-image-2.6.32-53-ia64 2.6.32-53.115\r\n linux-image-2.6.32-53-lpia 2.6.32-53.115\r\n linux-image-2.6.32-53-powerpc 2.6.32-53.115\r\n linux-image-2.6.32-53-powerpc-smp 2.6.32-53.115\r\n linux-image-2.6.32-53-powerpc64-smp 2.6.32-53.115\r\n linux-image-2.6.32-53-preempt 2.6.32-53.115\r\n linux-image-2.6.32-53-server 2.6.32-53.115\r\n linux-image-2.6.32-53-sparc64 2.6.32-53.115\r\n linux-image-2.6.32-53-sparc64-smp 2.6.32-53.115\r\n linux-image-2.6.32-53-versatile 2.6.32-53.115\r\n linux-image-2.6.32-53-virtual 2.6.32-53.115\r\n\r\nAfter a standard system update you need to reboot your computer to make\r\nall the necessary changes.\r\n\r\nATTENTION: Due to an unavoidable ABI change the kernel updates have\r\nbeen given a new version number, which requires you to recompile and\r\nreinstall all third party kernel modules you might have installed. If\r\nyou use linux-restricted-modules, you have to update that package as\r\nwell to get modules which work with the new kernel version. Unless you\r\nmanually uninstalled the standard kernel metapackages (e.g. linux-generic,\r\nlinux-server, linux-powerpc), a standard system upgrade will automatically\r\nperform this as well.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2015-1\r\n CVE-2013-2147, CVE-2013-2889, CVE-2013-2893, CVE-2013-2897,\r\n CVE-2013-4299\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/linux/2.6.32-53.115\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n", "edition": 1, "modified": "2013-11-13T00:00:00", "published": "2013-11-13T00:00:00", "id": "SECURITYVULNS:DOC:29993", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29993", "title": "[USN-2015-1] Linux kernel vulnerabilities", "type": "securityvulns", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "f5": [{"lastseen": "2016-09-26T17:22:57", "bulletinFamily": "software", "cvelist": ["CVE-2013-7265"], "edition": 1, "description": "Recommended Action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 is responding to this vulnerability as determined by the parameters defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability, you should only permit management access to F5 products over a secure network and limit shell access to trusted users. For more information, refer to SOL13309: Restricting access to the Configuration utility by source IP address (11.x) and SOL13092: Overview of securing access to the BIG-IP system. \n\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "modified": "2015-01-14T00:00:00", "published": "2015-01-14T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/900/sol15984.html", "id": "SOL15984", "title": "SOL15984 - Linux kernel vulnerability CVE-2013-7265", "type": "f5", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2016-09-26T17:23:31", "bulletinFamily": "software", "cvelist": ["CVE-2013-7263"], "edition": 1, "description": "Recommended Action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 is responding to this vulnerability as determined by the parameters defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability, you should only permit management access to F5 products over a secure network and limit shell access to trusted users. For more information, refer to SOL13309: Restricting access to the Configuration utility by source IP address (11.x) and SOL13092: Overview of securing access to the BIG-IP system.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "modified": "2015-01-12T00:00:00", "published": "2015-01-12T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/900/sol15983.html", "id": "SOL15983", "title": "SOL15983 - Linux kernel vulnerability CVE-2013-7263", "type": "f5", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2019-03-12T00:17:20", "bulletinFamily": "software", "cvelist": ["CVE-2014-0101"], "description": "\nF5 Product Development has assigned ID 454180 (BIG-IP), ID 462326 (Enterprise Manager), and ID 462324 (BIG-IQ) to this vulnerability. In addition, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) lists Heuristic 464523 on the **Diagnostics** > **Identified** > **High **screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM| 11.1.0 - 11.5.3| 12.0.0 \n11.6.0 \n11.0.0 \n10.0.0 - 10.2.4| Linux kernel \nBIG-IP AAM| 11.4.0 - 11.5.3| 12.0.0 \n11.6.0| Linux kernel \nBIG-IP AFM| 11.3.0 - 11.5.3| 12.0.0 \n11.6.0| Linux kernel \nBIG-IP Analytics| 11.1.0 - 11.5.3| 12.0.0 \n11.6.0 \n11.0.0| Linux kernel \nBIG-IP APM| 11.1.0 - 11.5.3| 12.0.0 \n11.6.0 \n11.0.0 \n10.1.0 - 10.2.4| Linux kernel \nBIG-IP ASM| 11.1.0 - 11.5.3| 12.0.0 \n11.6.0 \n11.0.0 \n10.0.0 - 10.2.4| Linux kernel \nBIG-IP Edge Gateway| 11.1.0 - 11.3.0| 11.0.0 \n10.1.0 - 10.2.4| Linux kernel \nBIG-IP GTM| 11.1.0 - 11.5.3| 11.6.0 \n11.0.0 \n10.0.0 - 10.2.4| Linux kernel \nBIG-IP Link Controller| 11.1.0 - 11.5.3| 12.0.0 \n11.6.0 \n11.0.0 \n10.0.0 - 10.2.4| Linux kernel \nBIG-IP PEM| 11.3.0 - 11.5.3| 12.0.0 \n11.6.0| Linux kernel \nBIG-IP PSM| 11.1.0 - 11.4.1| 11.0.0 \n10.0.0 - 10.2.4| Linux kernel \nBIG-IP WebAccelerator| 11.1.0 - 11.3.0| 11.0.0 \n10.0.0 - 10.2.4| Linux kernel \nBIG-IP WOM| 11.1.0 - 11.3.0| 11.0.0 \n10.0.0 - 10.2.4| Linux kernel \nARX| None| 6.0.0 - 6.4.0| None \nEnterprise Manager| 3.0.0 - 3.1.1 \n2.1.0 - 2.3.0| None| Linux kernel \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| None \nBIG-IQ Cloud| 4.0.0 - 4.5.0| None| Linux kernel \nBIG-IQ Device| 4.2.0 - 4.5.0| None| Linux kernel \nBIG-IQ Security| 4.0.0 - 4.5.0| None| Linux kernel \nBIG-IQ ADC| 4.5.0| None| Linux kernel \nBIG-IQ Centralized Management| 4.6.0| 5.0.0| Linux kernel \nBIG-IQ Cloud and Orchestration| None| 1.0.0| None \nLineRate| None| 2.2.0 - 2.3.1| None\n\nIf you are running a version listed in the **Versions known to be vulnerable **column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable **column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nF5 is responding to this vulnerability as determined by the parameters defined in [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>). \n\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "edition": 1, "modified": "2017-04-06T16:51:00", "published": "2014-06-05T19:56:00", "id": "F5:K15317", "href": "https://support.f5.com/csp/article/K15317", "title": "Linux kernel vulnerability CVE-2014-0101", "type": "f5", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}]}