F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)
2017-10-24T00:00:00
ID F5_BIGIP_SOL23030550.NASL Type nessus Reporter Tenable Modified 2018-09-04T00:00:00
Description
An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.
Android ID: A-31349935.(CVE-2016-8399)
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from F5 Networks BIG-IP Solution K23030550.
#
# The text description of this plugin is (C) F5 Networks.
#
include("compat.inc");
if (description)
{
script_id(104107);
script_version("3.11");
script_cvs_date("Date: 2018/09/04 13:20:07");
script_cve_id("CVE-2016-8399");
script_name(english:"F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)");
script_summary(english:"Checks the BIG-IP version.");
script_set_attribute(
attribute:"synopsis",
value:"The remote device is missing a vendor-supplied security patch."
);
script_set_attribute(
attribute:"description",
value:
"An elevation of privilege vulnerability in the kernel networking
subsystem could enable a local malicious application to execute
arbitrary code within the context of the kernel. This issue is rated
as Moderate because it first requires compromising a privileged
process and current compiler optimizations restrict access to the
vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.
Android ID: A-31349935.(CVE-2016-8399)"
);
script_set_attribute(
attribute:"see_also",
value:"https://support.f5.com/csp/#/article/K23030550"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade to one of the non-vulnerable versions listed in the F5
Solution K23030550."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_access_policy_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_advanced_firewall_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_acceleration_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_security_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_visibility_and_reporting");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_global_traffic_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_link_controller");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_local_traffic_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_policy_enforcement_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_webaccelerator");
script_set_attribute(attribute:"cpe", value:"cpe:/h:f5:big-ip");
script_set_attribute(attribute:"cpe", value:"cpe:/h:f5:big-ip_protocol_security_manager");
script_set_attribute(attribute:"patch_publication_date", value:"2017/07/11");
script_set_attribute(attribute:"plugin_publication_date", value:"2017/10/24");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"F5 Networks Local Security Checks");
script_dependencies("f5_bigip_detect.nbin");
script_require_keys("Host/local_checks_enabled", "Host/BIG-IP/hotfix", "Host/BIG-IP/modules", "Host/BIG-IP/version");
exit(0);
}
include("f5_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
version = get_kb_item("Host/BIG-IP/version");
if ( ! version ) audit(AUDIT_OS_NOT, "F5 Networks BIG-IP");
if ( isnull(get_kb_item("Host/BIG-IP/hotfix")) ) audit(AUDIT_KB_MISSING, "Host/BIG-IP/hotfix");
if ( ! get_kb_item("Host/BIG-IP/modules") ) audit(AUDIT_KB_MISSING, "Host/BIG-IP/modules");
sol = "K23030550";
vmatrix = make_array();
# AFM
vmatrix["AFM"] = make_array();
vmatrix["AFM"]["affected" ] = make_list("13.0.0-13.1.0","12.0.0-12.1.2","11.6.0-11.6.1","11.4.1-11.5.4");
vmatrix["AFM"]["unaffected"] = make_list("13.1.0.8","12.1.3","11.6.2-11.6.3","11.5.5");
# AM
vmatrix["AM"] = make_array();
vmatrix["AM"]["affected" ] = make_list("13.0.0-13.1.0","12.0.0-12.1.2","11.6.0-11.6.1","11.4.1-11.5.4");
vmatrix["AM"]["unaffected"] = make_list("13.1.0.8","12.1.3","11.6.2-11.6.3","11.5.5");
# APM
vmatrix["APM"] = make_array();
vmatrix["APM"]["affected" ] = make_list("13.0.0-13.1.0","12.0.0-12.1.2","11.6.0-11.6.1","11.4.1-11.5.4","11.2.1");
vmatrix["APM"]["unaffected"] = make_list("13.1.0.8","12.1.3","11.6.2-11.6.3","11.5.5");
# ASM
vmatrix["ASM"] = make_array();
vmatrix["ASM"]["affected" ] = make_list("13.0.0-13.1.0","12.0.0-12.1.2","11.4.1-11.6.1","11.2.1");
vmatrix["ASM"]["unaffected"] = make_list("13.1.0.8","12.1.3","11.6.2-11.6.3","11.5.5");
# AVR
vmatrix["AVR"] = make_array();
vmatrix["AVR"]["affected" ] = make_list("13.0.0-13.1.0","12.0.0-12.1.2","11.6.0-11.6.1","11.4.1-11.5.4","11.2.1");
vmatrix["AVR"]["unaffected"] = make_list("13.1.0.8","12.1.3","11.6.2-11.6.3","11.5.5");
# GTM
vmatrix["GTM"] = make_array();
vmatrix["GTM"]["affected" ] = make_list("11.6.0-11.6.1","11.4.1-11.5.4","11.2.1");
vmatrix["GTM"]["unaffected"] = make_list("11.6.2-11.6.3","11.5.5");
# LC
vmatrix["LC"] = make_array();
vmatrix["LC"]["affected" ] = make_list("13.0.0-13.1.0","12.0.0-12.1.2","11.6.0-11.6.1","11.4.1-11.5.4","11.2.1");
vmatrix["LC"]["unaffected"] = make_list("13.1.0.8","12.1.3","11.6.2-11.6.3","11.5.5");
# LTM
vmatrix["LTM"] = make_array();
vmatrix["LTM"]["affected" ] = make_list("13.0.0-13.1.0","12.0.0-12.1.2","11.6.0-11.6.1","11.4.1-11.5.4","11.2.1");
vmatrix["LTM"]["unaffected"] = make_list("13.1.0.8","12.1.3","11.6.2-11.6.3","11.5.5");
# PEM
vmatrix["PEM"] = make_array();
vmatrix["PEM"]["affected" ] = make_list("13.0.0-13.1.0","12.0.0-12.1.2","11.6.0-11.6.1","11.4.1-11.5.4");
vmatrix["PEM"]["unaffected"] = make_list("13.1.0.8","12.1.3","11.6.2-11.6.3","11.5.5");
if (bigip_is_affected(vmatrix:vmatrix, sol:sol))
{
if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = bigip_get_tested_modules();
audit_extra = "For BIG-IP module(s) " + tested + ",";
if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);
else audit(AUDIT_HOST_NOT, "running any of the affected modules");
}
{"id": "F5_BIGIP_SOL23030550.NASL", "bulletinFamily": "scanner", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)", "description": "An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.\nAndroid ID: A-31349935.(CVE-2016-8399)", "published": "2017-10-24T00:00:00", "modified": "2018-09-04T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=104107", "reporter": "Tenable", "references": ["https://support.f5.com/csp/#/article/K23030550"], "cvelist": ["CVE-2016-8399"], "type": "nessus", "lastseen": "2018-09-05T05:51:20", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/h:f5:big-ip_protocol_security_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/h:f5:big-ip", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/a:f5:big-ip_access_policy_manager"], "cvelist": ["CVE-2016-8399"], "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.\nAndroid ID: A-31349935.(CVE-2016-8399)", "edition": 9, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "396791f2321f60c2907950416af3cf8acd041b845b26eea946c88839df07ce34", "hashmap": [{"hash": "48d60a46ed3f845ea90484e4bf421124", "key": "modified"}, {"hash": "b52ecc092bab911fd56b1f43ce4df523", "key": "href"}, {"hash": "36e189051a46c1143bb49071c748635a", "key": "sourceData"}, {"hash": "613392037a72c55309f4592ae30595dd", "key": "pluginID"}, {"hash": "ee3026026625b00d67e1ece8c862f36f", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "0b4551f9ee42231d4f28fccb08af87d0", "key": "cvelist"}, {"hash": "774fce555a963c00be305187dd6dff95", "key": "cvss"}, {"hash": "3552591c045bf50d17229fec475d11f0", "key": "cpe"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "6070472d75a0cd9cfa0af787622a13bd", "key": "title"}, {"hash": "fb2005932145ec17d153900a05862b6d", "key": "naslFamily"}, {"hash": "c5bb34af05c207ad0795b24b339835fb", "key": "published"}, {"hash": "db473848e87c17a97cf05d4578a26a3e", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=104107", "id": "F5_BIGIP_SOL23030550.NASL", "lastseen": "2018-07-10T05:59:05", "modified": "2018-07-09T00:00:00", "naslFamily": "F5 Networks Local Security Checks", "objectVersion": "1.3", "pluginID": "104107", "published": "2017-10-24T00:00:00", "references": ["https://support.f5.com/csp/#/article/K23030550"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K23030550.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104107);\n script_version(\"3.8\");\n script_cvs_date(\"Date: 2018/07/09 12:26:58\");\n\n script_cve_id(\"CVE-2016-8399\");\n script_osvdb_id(148195);\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An elevation of privilege vulnerability in the kernel networking\nsubsystem could enable a local malicious application to execute\narbitrary code within the context of the kernel. This issue is rated\nas Moderate because it first requires compromising a privileged\nprocess and current compiler optimizations restrict access to the\nvulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.\nAndroid ID: A-31349935.(CVE-2016-8399)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/#/article/K23030550\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K23030550.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K23030550\";\nvmatrix = make_array();\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.4.1-11.6.1\",\"11.2.1\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.6.2-11.6.3\",\"11.5.5\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)", "type": "nessus", "viewCount": 7}, "differentElements": ["modified", "sourceData"], "edition": 9, "lastseen": "2018-07-10T05:59:05"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/h:f5:big-ip_protocol_security_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/h:f5:big-ip", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/a:f5:big-ip_access_policy_manager"], "cvelist": ["CVE-2016-8399"], "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.\nAndroid ID: A-31349935.(CVE-2016-8399)", "edition": 5, "enchantments": {}, "hash": "07cdef323508ffc39efa503d07b8926bc1b41432cae67138100f88a6cb11313b", "hashmap": [{"hash": "b52ecc092bab911fd56b1f43ce4df523", "key": "href"}, {"hash": "1a0d716429ebd58b1d36755f799ba297", "key": "modified"}, {"hash": "613392037a72c55309f4592ae30595dd", "key": "pluginID"}, {"hash": "ee3026026625b00d67e1ece8c862f36f", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "0b4551f9ee42231d4f28fccb08af87d0", "key": "cvelist"}, {"hash": "774fce555a963c00be305187dd6dff95", "key": "cvss"}, {"hash": "3552591c045bf50d17229fec475d11f0", "key": "cpe"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "6070472d75a0cd9cfa0af787622a13bd", "key": "title"}, {"hash": "fb2005932145ec17d153900a05862b6d", "key": "naslFamily"}, {"hash": "c5bb34af05c207ad0795b24b339835fb", "key": "published"}, {"hash": "db473848e87c17a97cf05d4578a26a3e", "key": "description"}, {"hash": "21c69fe39d6427617b70dc374cf2ede4", "key": "sourceData"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=104107", "id": "F5_BIGIP_SOL23030550.NASL", "lastseen": "2017-11-09T22:43:49", "modified": "2017-11-09T00:00:00", "naslFamily": "F5 Networks Local Security Checks", "objectVersion": "1.3", "pluginID": "104107", "published": "2017-10-24T00:00:00", "references": ["https://support.f5.com/csp/#/article/K23030550"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K23030550.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104107);\n script_version(\"$Revision: 3.4 $\");\n script_cvs_date(\"$Date: 2017/11/09 15:42:21 $\");\n\n script_cve_id(\"CVE-2016-8399\");\n script_osvdb_id(148195);\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An elevation of privilege vulnerability in the kernel networking\nsubsystem could enable a local malicious application to execute\narbitrary code within the context of the kernel. This issue is rated\nas Moderate because it first requires compromising a privileged\nprocess and current compiler optimizations restrict access to the\nvulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.\nAndroid ID: A-31349935.(CVE-2016-8399)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/#/article/K23030550\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K23030550.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K23030550\";\nvmatrix = make_array();\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.4.1-11.6.1\",\"11.2.1\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)", "type": "nessus", "viewCount": 1}, "differentElements": ["modified", "sourceData"], "edition": 5, "lastseen": "2017-11-09T22:43:49"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/h:f5:big-ip_protocol_security_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/h:f5:big-ip", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/a:f5:big-ip_access_policy_manager"], "cvelist": ["CVE-2016-8399"], "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.\nAndroid ID: A-31349935.(CVE-2016-8399)", "edition": 8, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "aac8163bf11557b72d4a3ce1fcc974a1fa99e994dde6fc219e00c9ca83797262", "hashmap": [{"hash": "b52ecc092bab911fd56b1f43ce4df523", "key": "href"}, {"hash": "613392037a72c55309f4592ae30595dd", "key": "pluginID"}, {"hash": "ee3026026625b00d67e1ece8c862f36f", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "0b4551f9ee42231d4f28fccb08af87d0", "key": "cvelist"}, {"hash": "774fce555a963c00be305187dd6dff95", "key": "cvss"}, {"hash": "3552591c045bf50d17229fec475d11f0", "key": "cpe"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "6070472d75a0cd9cfa0af787622a13bd", "key": "title"}, {"hash": "fb2005932145ec17d153900a05862b6d", "key": "naslFamily"}, {"hash": "c5bb34af05c207ad0795b24b339835fb", "key": "published"}, {"hash": "e5ea4e133fdd22d0dad25dd00662de7f", "key": "modified"}, {"hash": "adbd9d50be4896598a9044bfc32174b8", "key": "sourceData"}, {"hash": "db473848e87c17a97cf05d4578a26a3e", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=104107", "id": "F5_BIGIP_SOL23030550.NASL", "lastseen": "2018-02-04T11:06:32", "modified": "2018-02-02T00:00:00", "naslFamily": "F5 Networks Local Security Checks", "objectVersion": "1.3", "pluginID": "104107", "published": "2017-10-24T00:00:00", "references": ["https://support.f5.com/csp/#/article/K23030550"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K23030550.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104107);\n script_version(\"$Revision: 3.7 $\");\n script_cvs_date(\"$Date: 2018/02/02 14:51:01 $\");\n\n script_cve_id(\"CVE-2016-8399\");\n script_osvdb_id(148195);\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An elevation of privilege vulnerability in the kernel networking\nsubsystem could enable a local malicious application to execute\narbitrary code within the context of the kernel. This issue is rated\nas Moderate because it first requires compromising a privileged\nprocess and current compiler optimizations restrict access to the\nvulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.\nAndroid ID: A-31349935.(CVE-2016-8399)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/#/article/K23030550\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K23030550.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K23030550\";\nvmatrix = make_array();\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.4.1-11.6.1\",\"11.2.1\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.6.2-11.6.3\",\"11.5.5\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)", "type": "nessus", "viewCount": 7}, "differentElements": ["modified", "sourceData"], "edition": 8, "lastseen": "2018-02-04T11:06:32"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/h:f5:big-ip_protocol_security_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/h:f5:big-ip", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/a:f5:big-ip_access_policy_manager"], "cvelist": ["CVE-2016-8399"], "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.\nAndroid ID: A-31349935.(CVE-2016-8399)", "edition": 2, "enchantments": {}, "hash": "5576f357a3286a69424fe2051f2ef2f499b1d211c3c197359a1d207031ea9ce7", "hashmap": [{"hash": "b52ecc092bab911fd56b1f43ce4df523", "key": "href"}, {"hash": "613392037a72c55309f4592ae30595dd", "key": "pluginID"}, {"hash": "ee3026026625b00d67e1ece8c862f36f", "key": "references"}, {"hash": "c5bb34af05c207ad0795b24b339835fb", "key": "modified"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "0b4551f9ee42231d4f28fccb08af87d0", "key": "cvelist"}, {"hash": "774fce555a963c00be305187dd6dff95", "key": "cvss"}, {"hash": "3552591c045bf50d17229fec475d11f0", "key": "cpe"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "6070472d75a0cd9cfa0af787622a13bd", "key": "title"}, {"hash": "fb2005932145ec17d153900a05862b6d", "key": "naslFamily"}, {"hash": "c5bb34af05c207ad0795b24b339835fb", "key": "published"}, {"hash": "cd2a10fb19398cdee1647b4cb7133bc5", "key": "sourceData"}, {"hash": "db473848e87c17a97cf05d4578a26a3e", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=104107", "id": "F5_BIGIP_SOL23030550.NASL", "lastseen": "2017-10-29T13:40:42", "modified": "2017-10-24T00:00:00", "naslFamily": "F5 Networks Local Security Checks", "objectVersion": "1.3", "pluginID": "104107", "published": "2017-10-24T00:00:00", "references": ["https://support.f5.com/csp/#/article/K23030550"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K23030550.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104107);\n script_version(\"$Revision: 3.1 $\");\n script_cvs_date(\"$Date: 2017/10/24 13:09:36 $\");\n\n script_cve_id(\"CVE-2016-8399\");\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An elevation of privilege vulnerability in the kernel networking\nsubsystem could enable a local malicious application to execute\narbitrary code within the context of the kernel. This issue is rated\nas Moderate because it first requires compromising a privileged\nprocess and current compiler optimizations restrict access to the\nvulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.\nAndroid ID: A-31349935.(CVE-2016-8399)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/#/article/K23030550\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K23030550.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K23030550\";\nvmatrix = make_array();\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"11.5.5\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.5\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"11.5.5\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"11.5.5\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.4.1-11.6.1\",\"11.2.1\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"11.5.5\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"11.5.5\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.5.5\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"11.5.5\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"11.5.5\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"11.5.5\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-10-29T13:40:42"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/h:f5:big-ip_protocol_security_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/h:f5:big-ip", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/a:f5:big-ip_access_policy_manager"], "cvelist": ["CVE-2016-8399"], "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.\nAndroid ID: A-31349935.(CVE-2016-8399)", "edition": 7, "enchantments": {"score": {"modified": "2017-12-27T13:01:54", "value": 7.6}}, "hash": "36fb9289f427f9853f042753024d60a6f97c8a85ac0c9cd96e82c2c8cedd7a53", "hashmap": [{"hash": "b52ecc092bab911fd56b1f43ce4df523", "key": "href"}, {"hash": "613392037a72c55309f4592ae30595dd", "key": "pluginID"}, {"hash": "ee3026026625b00d67e1ece8c862f36f", "key": "references"}, {"hash": "feb7f1f0178b4c0c67a334d538e12e00", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "0b4551f9ee42231d4f28fccb08af87d0", "key": "cvelist"}, {"hash": "3487ad13e00e4e90d860294ed8b233be", "key": "modified"}, {"hash": "774fce555a963c00be305187dd6dff95", "key": "cvss"}, {"hash": "3552591c045bf50d17229fec475d11f0", "key": "cpe"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "6070472d75a0cd9cfa0af787622a13bd", "key": "title"}, {"hash": "fb2005932145ec17d153900a05862b6d", "key": "naslFamily"}, {"hash": "c5bb34af05c207ad0795b24b339835fb", "key": "published"}, {"hash": "db473848e87c17a97cf05d4578a26a3e", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=104107", "id": "F5_BIGIP_SOL23030550.NASL", "lastseen": "2017-12-27T13:01:54", "modified": "2017-12-26T00:00:00", "naslFamily": "F5 Networks Local Security Checks", "objectVersion": "1.3", "pluginID": "104107", "published": "2017-10-24T00:00:00", "references": ["https://support.f5.com/csp/#/article/K23030550"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K23030550.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104107);\n script_version(\"$Revision: 3.6 $\");\n script_cvs_date(\"$Date: 2017/12/26 18:12:01 $\");\n\n script_cve_id(\"CVE-2016-8399\");\n script_osvdb_id(148195);\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An elevation of privilege vulnerability in the kernel networking\nsubsystem could enable a local malicious application to execute\narbitrary code within the context of the kernel. This issue is rated\nas Moderate because it first requires compromising a privileged\nprocess and current compiler optimizations restrict access to the\nvulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.\nAndroid ID: A-31349935.(CVE-2016-8399)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/#/article/K23030550\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K23030550.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K23030550\";\nvmatrix = make_array();\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"12.1.3\",\"11.6.2\",\"11.5.5\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"12.1.3\",\"11.6.2\",\"11.5.5\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"12.1.3\",\"11.6.2\",\"11.5.5\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.4.1-11.6.1\",\"11.2.1\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"12.1.3\",\"11.6.2\",\"11.5.5\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"12.1.3\",\"11.6.2\",\"11.5.5\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"12.1.3\",\"11.6.2\",\"11.5.5\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"12.1.3\",\"11.6.2\",\"11.5.5\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"12.1.3\",\"11.6.2\",\"11.5.5\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)", "type": "nessus", "viewCount": 1}, "differentElements": ["modified", "sourceData"], "edition": 7, "lastseen": "2017-12-27T13:01:54"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/h:f5:big-ip_protocol_security_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/h:f5:big-ip", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/a:f5:big-ip_access_policy_manager"], "cvelist": ["CVE-2016-8399"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.\nAndroid ID: A-31349935.(CVE-2016-8399)", "edition": 11, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "957c225b7444d81d7e93e28bf1d058694ab0d716d57b659844e6fcc14969afd9", "hashmap": [{"hash": "b52ecc092bab911fd56b1f43ce4df523", "key": "href"}, {"hash": "613392037a72c55309f4592ae30595dd", "key": "pluginID"}, {"hash": "ee3026026625b00d67e1ece8c862f36f", "key": "references"}, {"hash": "126aa6199253ddc5259666d479153208", "key": "modified"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "0b4551f9ee42231d4f28fccb08af87d0", "key": "cvelist"}, {"hash": "3552591c045bf50d17229fec475d11f0", "key": "cpe"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "6070472d75a0cd9cfa0af787622a13bd", "key": "title"}, {"hash": "fb2005932145ec17d153900a05862b6d", "key": "naslFamily"}, {"hash": "c5bb34af05c207ad0795b24b339835fb", "key": "published"}, {"hash": "db473848e87c17a97cf05d4578a26a3e", "key": "description"}, {"hash": "b6a8b1df8b71ceb0d5670d116de041a5", "key": "sourceData"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=104107", "id": "F5_BIGIP_SOL23030550.NASL", "lastseen": "2018-08-30T19:48:06", "modified": "2018-07-10T00:00:00", "naslFamily": "F5 Networks Local Security Checks", "objectVersion": "1.3", "pluginID": "104107", "published": "2017-10-24T00:00:00", "references": ["https://support.f5.com/csp/#/article/K23030550"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K23030550.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104107);\n script_version(\"3.9\");\n script_cvs_date(\"Date: 2018/07/10 14:27:33\");\n\n script_cve_id(\"CVE-2016-8399\");\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An elevation of privilege vulnerability in the kernel networking\nsubsystem could enable a local malicious application to execute\narbitrary code within the context of the kernel. This issue is rated\nas Moderate because it first requires compromising a privileged\nprocess and current compiler optimizations restrict access to the\nvulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.\nAndroid ID: A-31349935.(CVE-2016-8399)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/#/article/K23030550\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K23030550.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K23030550\";\nvmatrix = make_array();\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.4.1-11.6.1\",\"11.2.1\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.6.2-11.6.3\",\"11.5.5\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)", "type": "nessus", "viewCount": 10}, "differentElements": ["cvss", "modified", "sourceData"], "edition": 11, "lastseen": "2018-08-30T19:48:06"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/h:f5:big-ip_protocol_security_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/h:f5:big-ip", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/a:f5:big-ip_access_policy_manager"], "cvelist": ["CVE-2016-8399"], "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.\nAndroid ID: A-31349935.(CVE-2016-8399)", "edition": 6, "enchantments": {"score": {"modified": "2017-11-28T23:14:13", "value": 7.6}}, "hash": "e99371f574c47b9bcc7b69301614e08ef7268fdcb93654852f047cd6f5f338f7", "hashmap": [{"hash": "b52ecc092bab911fd56b1f43ce4df523", "key": "href"}, {"hash": "613392037a72c55309f4592ae30595dd", "key": "pluginID"}, {"hash": "ee3026026625b00d67e1ece8c862f36f", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "0b4551f9ee42231d4f28fccb08af87d0", "key": "cvelist"}, {"hash": "774fce555a963c00be305187dd6dff95", "key": "cvss"}, {"hash": "3552591c045bf50d17229fec475d11f0", "key": "cpe"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "6070472d75a0cd9cfa0af787622a13bd", "key": "title"}, {"hash": "fb2005932145ec17d153900a05862b6d", "key": "naslFamily"}, {"hash": "c5bb34af05c207ad0795b24b339835fb", "key": "published"}, {"hash": "4b5a51181689d4dcf7ab756585c005f9", "key": "sourceData"}, {"hash": "db473848e87c17a97cf05d4578a26a3e", "key": "description"}, {"hash": "c28df2eade75b6560075ad4a45be4d94", "key": "modified"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=104107", "id": "F5_BIGIP_SOL23030550.NASL", "lastseen": "2017-11-28T23:14:13", "modified": "2017-11-28T00:00:00", "naslFamily": "F5 Networks Local Security Checks", "objectVersion": "1.3", "pluginID": "104107", "published": "2017-10-24T00:00:00", "references": ["https://support.f5.com/csp/#/article/K23030550"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K23030550.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104107);\n script_version(\"$Revision: 3.5 $\");\n script_cvs_date(\"$Date: 2017/11/28 14:59:12 $\");\n\n script_cve_id(\"CVE-2016-8399\");\n script_osvdb_id(148195);\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An elevation of privilege vulnerability in the kernel networking\nsubsystem could enable a local malicious application to execute\narbitrary code within the context of the kernel. This issue is rated\nas Moderate because it first requires compromising a privileged\nprocess and current compiler optimizations restrict access to the\nvulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.\nAndroid ID: A-31349935.(CVE-2016-8399)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/#/article/K23030550\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K23030550.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K23030550\";\nvmatrix = make_array();\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.4.1-11.6.1\",\"11.2.1\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)", "type": "nessus", "viewCount": 1}, "differentElements": ["modified", "sourceData"], "edition": 6, "lastseen": "2017-11-28T23:14:13"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2016-8399"], "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.\nAndroid ID: A-31349935.(CVE-2016-8399)", "edition": 1, "enchantments": {}, "hash": "35de39ba482dd082c4e97d4af59da04ee283ae4a5d7fe83be70911c23b5c79e5", "hashmap": [{"hash": "b52ecc092bab911fd56b1f43ce4df523", "key": "href"}, {"hash": "613392037a72c55309f4592ae30595dd", "key": "pluginID"}, {"hash": "ee3026026625b00d67e1ece8c862f36f", "key": "references"}, {"hash": "c5bb34af05c207ad0795b24b339835fb", "key": "modified"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "0b4551f9ee42231d4f28fccb08af87d0", "key": "cvelist"}, {"hash": "774fce555a963c00be305187dd6dff95", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "6070472d75a0cd9cfa0af787622a13bd", "key": "title"}, {"hash": "fb2005932145ec17d153900a05862b6d", "key": "naslFamily"}, {"hash": "c5bb34af05c207ad0795b24b339835fb", "key": "published"}, {"hash": "cd2a10fb19398cdee1647b4cb7133bc5", "key": "sourceData"}, {"hash": "db473848e87c17a97cf05d4578a26a3e", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=104107", "id": "F5_BIGIP_SOL23030550.NASL", "lastseen": "2017-10-25T02:41:53", "modified": "2017-10-24T00:00:00", "naslFamily": "F5 Networks Local Security Checks", "objectVersion": "1.3", "pluginID": "104107", "published": "2017-10-24T00:00:00", "references": ["https://support.f5.com/csp/#/article/K23030550"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K23030550.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104107);\n script_version(\"$Revision: 3.1 $\");\n script_cvs_date(\"$Date: 2017/10/24 13:09:36 $\");\n\n script_cve_id(\"CVE-2016-8399\");\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An elevation of privilege vulnerability in the kernel networking\nsubsystem could enable a local malicious application to execute\narbitrary code within the context of the kernel. This issue is rated\nas Moderate because it first requires compromising a privileged\nprocess and current compiler optimizations restrict access to the\nvulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.\nAndroid ID: A-31349935.(CVE-2016-8399)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/#/article/K23030550\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K23030550.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K23030550\";\nvmatrix = make_array();\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"11.5.5\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.5\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"11.5.5\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"11.5.5\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.4.1-11.6.1\",\"11.2.1\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"11.5.5\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"11.5.5\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.5.5\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"11.5.5\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"11.5.5\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"11.5.5\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2017-10-25T02:41:53"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/h:f5:big-ip_protocol_security_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/h:f5:big-ip", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/a:f5:big-ip_access_policy_manager"], "cvelist": ["CVE-2016-8399"], "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.\nAndroid ID: A-31349935.(CVE-2016-8399)", "edition": 4, "enchantments": {}, "hash": "b66df0bc89bcf861af490017fab10732592d469ed63ef1f901c2f767fd2ed373", "hashmap": [{"hash": "b52ecc092bab911fd56b1f43ce4df523", "key": "href"}, {"hash": "613392037a72c55309f4592ae30595dd", "key": "pluginID"}, {"hash": "ee3026026625b00d67e1ece8c862f36f", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "aa3d62f4b235197a2b91847698ee2e6c", "key": "modified"}, {"hash": "0b4551f9ee42231d4f28fccb08af87d0", "key": "cvelist"}, {"hash": "774fce555a963c00be305187dd6dff95", "key": "cvss"}, {"hash": "3552591c045bf50d17229fec475d11f0", "key": "cpe"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "6070472d75a0cd9cfa0af787622a13bd", "key": "title"}, {"hash": "fb2005932145ec17d153900a05862b6d", "key": "naslFamily"}, {"hash": "c5bb34af05c207ad0795b24b339835fb", "key": "published"}, {"hash": "d2a54281a9d4873d92e1cd4f69bde6a7", "key": "sourceData"}, {"hash": "db473848e87c17a97cf05d4578a26a3e", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=104107", "id": "F5_BIGIP_SOL23030550.NASL", "lastseen": "2017-11-08T02:43:18", "modified": "2017-11-07T00:00:00", "naslFamily": "F5 Networks Local Security Checks", "objectVersion": "1.3", "pluginID": "104107", "published": "2017-10-24T00:00:00", "references": ["https://support.f5.com/csp/#/article/K23030550"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K23030550.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104107);\n script_version(\"$Revision: 3.3 $\");\n script_cvs_date(\"$Date: 2017/11/07 14:53:33 $\");\n\n script_cve_id(\"CVE-2016-8399\");\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An elevation of privilege vulnerability in the kernel networking\nsubsystem could enable a local malicious application to execute\narbitrary code within the context of the kernel. This issue is rated\nas Moderate because it first requires compromising a privileged\nprocess and current compiler optimizations restrict access to the\nvulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.\nAndroid ID: A-31349935.(CVE-2016-8399)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/#/article/K23030550\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K23030550.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K23030550\";\nvmatrix = make_array();\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.4.1-11.6.1\",\"11.2.1\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)", "type": "nessus", "viewCount": 1}, "differentElements": ["modified", "sourceData"], "edition": 4, "lastseen": "2017-11-08T02:43:18"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/h:f5:big-ip_protocol_security_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/h:f5:big-ip", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/a:f5:big-ip_access_policy_manager"], "cvelist": ["CVE-2016-8399"], "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.\nAndroid ID: A-31349935.(CVE-2016-8399)", "edition": 12, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "208a3155c0cb92fa409b7e53fd9d28ef2816ab554ce51f9f1a0591e9c0a01fd9", "hashmap": [{"hash": "b52ecc092bab911fd56b1f43ce4df523", "key": "href"}, {"hash": "613392037a72c55309f4592ae30595dd", "key": "pluginID"}, {"hash": "ee3026026625b00d67e1ece8c862f36f", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "0b4551f9ee42231d4f28fccb08af87d0", "key": "cvelist"}, {"hash": "774fce555a963c00be305187dd6dff95", "key": "cvss"}, {"hash": "3552591c045bf50d17229fec475d11f0", "key": "cpe"}, {"hash": "72335ad5f731b753e9c3b65c45b15ed0", "key": "modified"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "6070472d75a0cd9cfa0af787622a13bd", "key": "title"}, {"hash": "fb2005932145ec17d153900a05862b6d", "key": "naslFamily"}, {"hash": "c5bb34af05c207ad0795b24b339835fb", "key": "published"}, {"hash": "b9cbf16a04ee1b8c1c81c8906260e7af", "key": "sourceData"}, {"hash": "db473848e87c17a97cf05d4578a26a3e", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=104107", "id": "F5_BIGIP_SOL23030550.NASL", "lastseen": "2018-09-01T23:54:06", "modified": "2018-08-31T00:00:00", "naslFamily": "F5 Networks Local Security Checks", "objectVersion": "1.3", "pluginID": "104107", "published": "2017-10-24T00:00:00", "references": ["https://support.f5.com/csp/#/article/K23030550"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K23030550.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104107);\n script_version(\"3.10\");\n script_cvs_date(\"Date: 2018/08/31 12:25:01\");\n\n script_cve_id(\"CVE-2016-8399\");\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An elevation of privilege vulnerability in the kernel networking\nsubsystem could enable a local malicious application to execute\narbitrary code within the context of the kernel. This issue is rated\nas Moderate because it first requires compromising a privileged\nprocess and current compiler optimizations restrict access to the\nvulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.\nAndroid ID: A-31349935.(CVE-2016-8399)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/#/article/K23030550\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K23030550.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K23030550\";\nvmatrix = make_array();\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.4.1-11.6.1\",\"11.2.1\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.6.2-11.6.3\",\"11.5.5\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)", "type": "nessus", "viewCount": 10}, "differentElements": ["modified", "sourceData"], "edition": 12, "lastseen": "2018-09-01T23:54:06"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/h:f5:big-ip_protocol_security_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/h:f5:big-ip", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/a:f5:big-ip_access_policy_manager"], "cvelist": ["CVE-2016-8399"], "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.\nAndroid ID: A-31349935.(CVE-2016-8399)", "edition": 10, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "3d119032164da1a339207ae592c95eca0b319c124dcbabc8d369902d88c0da0b", "hashmap": [{"hash": "b52ecc092bab911fd56b1f43ce4df523", "key": "href"}, {"hash": "613392037a72c55309f4592ae30595dd", "key": "pluginID"}, {"hash": "ee3026026625b00d67e1ece8c862f36f", "key": "references"}, {"hash": "126aa6199253ddc5259666d479153208", "key": "modified"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "0b4551f9ee42231d4f28fccb08af87d0", "key": "cvelist"}, {"hash": "774fce555a963c00be305187dd6dff95", "key": "cvss"}, {"hash": "3552591c045bf50d17229fec475d11f0", "key": "cpe"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "6070472d75a0cd9cfa0af787622a13bd", "key": "title"}, {"hash": "fb2005932145ec17d153900a05862b6d", "key": "naslFamily"}, {"hash": "c5bb34af05c207ad0795b24b339835fb", "key": "published"}, {"hash": "db473848e87c17a97cf05d4578a26a3e", "key": "description"}, {"hash": "b6a8b1df8b71ceb0d5670d116de041a5", "key": "sourceData"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=104107", "id": "F5_BIGIP_SOL23030550.NASL", "lastseen": "2018-07-12T18:01:33", "modified": "2018-07-10T00:00:00", "naslFamily": "F5 Networks Local Security Checks", "objectVersion": "1.3", "pluginID": "104107", "published": "2017-10-24T00:00:00", "references": ["https://support.f5.com/csp/#/article/K23030550"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K23030550.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104107);\n script_version(\"3.9\");\n script_cvs_date(\"Date: 2018/07/10 14:27:33\");\n\n script_cve_id(\"CVE-2016-8399\");\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An elevation of privilege vulnerability in the kernel networking\nsubsystem could enable a local malicious application to execute\narbitrary code within the context of the kernel. This issue is rated\nas Moderate because it first requires compromising a privileged\nprocess and current compiler optimizations restrict access to the\nvulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.\nAndroid ID: A-31349935.(CVE-2016-8399)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/#/article/K23030550\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K23030550.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K23030550\";\nvmatrix = make_array();\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.4.1-11.6.1\",\"11.2.1\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.6.2-11.6.3\",\"11.5.5\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)", "type": "nessus", "viewCount": 10}, "differentElements": ["cvss"], "edition": 10, "lastseen": "2018-07-12T18:01:33"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/h:f5:big-ip_protocol_security_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/h:f5:big-ip", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/a:f5:big-ip_access_policy_manager"], "cvelist": ["CVE-2016-8399"], "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.\nAndroid ID: A-31349935.(CVE-2016-8399)", "edition": 3, "enchantments": {}, "hash": "95079e9f52251f36bfc22963264c6b7d8e021df751cd647ea0c30b48b4c47c2e", "hashmap": [{"hash": "b52ecc092bab911fd56b1f43ce4df523", "key": "href"}, {"hash": "613392037a72c55309f4592ae30595dd", "key": "pluginID"}, {"hash": "ee3026026625b00d67e1ece8c862f36f", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "0b4551f9ee42231d4f28fccb08af87d0", "key": "cvelist"}, {"hash": "453377057bdad377100735c3234df698", "key": "sourceData"}, {"hash": "774fce555a963c00be305187dd6dff95", "key": "cvss"}, {"hash": "2c23739456a1260ec0dda9d22fdc03d2", "key": "modified"}, {"hash": "3552591c045bf50d17229fec475d11f0", "key": "cpe"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "6070472d75a0cd9cfa0af787622a13bd", "key": "title"}, {"hash": "fb2005932145ec17d153900a05862b6d", "key": "naslFamily"}, {"hash": "c5bb34af05c207ad0795b24b339835fb", "key": "published"}, {"hash": "db473848e87c17a97cf05d4578a26a3e", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=104107", "id": "F5_BIGIP_SOL23030550.NASL", "lastseen": "2017-11-01T22:42:43", "modified": "2017-11-01T00:00:00", "naslFamily": "F5 Networks Local Security Checks", "objectVersion": "1.3", "pluginID": "104107", "published": "2017-10-24T00:00:00", "references": ["https://support.f5.com/csp/#/article/K23030550"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K23030550.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104107);\n script_version(\"$Revision: 3.2 $\");\n script_cvs_date(\"$Date: 2017/11/01 14:22:57 $\");\n\n script_cve_id(\"CVE-2016-8399\");\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An elevation of privilege vulnerability in the kernel networking\nsubsystem could enable a local malicious application to execute\narbitrary code within the context of the kernel. This issue is rated\nas Moderate because it first requires compromising a privileged\nprocess and current compiler optimizations restrict access to the\nvulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.\nAndroid ID: A-31349935.(CVE-2016-8399)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/#/article/K23030550\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K23030550.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K23030550\";\nvmatrix = make_array();\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.4.1-11.6.1\",\"11.2.1\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 3, "lastseen": "2017-11-01T22:42:43"}], "edition": 13, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "3552591c045bf50d17229fec475d11f0"}, {"key": "cvelist", "hash": "0b4551f9ee42231d4f28fccb08af87d0"}, {"key": "cvss", "hash": "774fce555a963c00be305187dd6dff95"}, {"key": "description", "hash": "db473848e87c17a97cf05d4578a26a3e"}, {"key": "href", "hash": "b52ecc092bab911fd56b1f43ce4df523"}, {"key": "modified", "hash": "704c887ec56b5c516fa7b02953bad633"}, {"key": "naslFamily", "hash": "fb2005932145ec17d153900a05862b6d"}, {"key": "pluginID", "hash": "613392037a72c55309f4592ae30595dd"}, {"key": "published", "hash": "c5bb34af05c207ad0795b24b339835fb"}, {"key": "references", "hash": "ee3026026625b00d67e1ece8c862f36f"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "235faed10dd1ce261c7d3e87db18450a"}, {"key": "title", "hash": "6070472d75a0cd9cfa0af787622a13bd"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "f66971c87667b13814ad19bcc8cc40a64384b79c149f3f005b25390d8280d32f", "viewCount": 12, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}, "vulnersScore": 7.2}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K23030550.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104107);\n script_version(\"3.11\");\n script_cvs_date(\"Date: 2018/09/04 13:20:07\");\n\n script_cve_id(\"CVE-2016-8399\");\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (K23030550)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An elevation of privilege vulnerability in the kernel networking\nsubsystem could enable a local malicious application to execute\narbitrary code within the context of the kernel. This issue is rated\nas Moderate because it first requires compromising a privileged\nprocess and current compiler optimizations restrict access to the\nvulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18.\nAndroid ID: A-31349935.(CVE-2016-8399)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/#/article/K23030550\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K23030550.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K23030550\";\nvmatrix = make_array();\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.4.1-11.6.1\",\"11.2.1\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.6.2-11.6.3\",\"11.5.5\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.1-11.5.4\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"13.1.0.8\",\"12.1.3\",\"11.6.2-11.6.3\",\"11.5.5\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "naslFamily": "F5 Networks Local Security Checks", "pluginID": "104107", "cpe": ["cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/h:f5:big-ip_protocol_security_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/h:f5:big-ip", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/a:f5:big-ip_access_policy_manager"]}
{"cve": [{"lastseen": "2018-01-05T11:52:26", "references": ["https://access.redhat.com/errata/RHSA-2017:2930", "http://rhn.redhat.com/errata/RHSA-2017-0817.html", "https://source.android.com/security/bulletin/2016-12-01.html", "https://access.redhat.com/errata/RHSA-2017:0869", "https://access.redhat.com/errata/RHSA-2017:2931", "http://www.securityfocus.com/bid/94708"], "edition": 3, "description": "An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31349935.", "reporter": "NVD", "published": "2017-01-12T10:59:01", "type": "cve", "title": "CVE-2016-8399", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2016-8399"], "scanner": [], "cpe": ["cpe:/o:linux:linux_kernel:3.10", "cpe:/o:linux:linux_kernel:3.18"], "modified": "2018-01-04T21:31:18", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8399", "id": "CVE-2016-8399", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "f5": [{"lastseen": "2018-07-05T19:39:12", "references": [], "description": "\nF5 Product Development has assigned IDs 652516 and 695072 (BIG-IP), ID 669855 (BIG-IQ), ID 669854 (Enterprise Manager), and ID 673043 (F5 iWorkflow) to this vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H23030550 on the **Diagnostics** > **Identified** > **Medium** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 \n11.4.1 - 11.5.4 \n11.2.1 | 13.1.0.8 \n12.1.3 \n11.6.2 - 11.6.3 \n11.5.5 | Medium | Linux kernel \nBIG-IP AAM | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 \n11.4.1 - 11.5.4 | 13.1.0.8 \n12.1.3 \n11.6.2 - 11.6.3 \n11.5.5 | Medium | Linux kernel \nBIG-IP AFM | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 \n11.4.1 - 11.5.4 | 13.1.0.8 \n12.1.3 \n11.6.2 - 11.6.3 \n11.5.5 | Medium | Linux kernel \nBIG-IP Analytics | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 \n11.4.1 - 11.5.4 \n11.2.1 | 13.1.0.8 \n12.1.3 \n11.6.2 - 11.6.3 \n11.5.5 | Medium | Linux kernel \nBIG-IP APM | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 \n11.4.1 - 11.5.4 \n11.2.1 | 13.1.0.8 \n12.1.3 \n11.6.2 - 11.6.3 \n11.5.5 | Medium | Linux kernel \nBIG-IP ASM | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.2.1 | 13.1.0.8 \n12.1.3 \n11.6.2 - 11.6.3 \n11.5.5 | Medium | Linux kernel \nBIG-IP DNS | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.2 | 13.1.0.8 \n12.1.3 \n | Medium | Linux kernel \nBIG-IP Edge Gateway | 11.2.1 | None | Medium | Linux kernel \nBIG-IP GTM | 11.6.0 - 11.6.1 \n11.4.1 - 11.5.4 \n11.2.1 | 11.6.2 - 11.6.3 \n11.5.5 | Medium | Linux kernel \nBIG-IP Link Controller | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 \n11.4.1 - 11.5.4 \n11.2.1 | 13.1.0.8 \n12.1.3 \n11.6.2 - 11.6.3 \n11.5.5 | Medium | Linux kernel \nBIG-IP PEM | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 \n11.4.1 - 11.5.4 | 13.1.0.8 \n12.1.3 \n11.6.2 - 11.6.3 \n11.5.5 | Medium | Linux kernel \nBIG-IP PSM | 11.4.1 - 11.4.1 | None | Medium | Linux kernel \nBIG-IP WebAccelerator | 11.2.1 | None | Medium | Linux kernel \nBIG-IP WebSafe | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 | 13.1.0.8 \n12.1.3 \n11.6.2 - 11.6.3 | Medium | Linux kernel \nARX | None | 6.2.0 - 6.4.0 | Not vulnerable | None \nEnterprise Manager | 3.1.1 | None | Medium | Linux kernel \nBIG-IQ Cloud | 4.4.0 - 4.5.0 | None | Medium | Linux kernel \nBIG-IQ Device | 4.4.0 - 4.5.0 | None | Medium | Linux kernel \nBIG-IQ Security | 4.4.0 - 4.5.0 | None | Medium | Linux kernel \nBIG-IQ ADC | 4.5.0 | None | Medium | Linux kernel \nBIG-IQ Centralized Management | 5.0.0 - 5.3.0 \n4.6.0 | None | Medium | Linux kernel \nBIG-IQ Cloud and Orchestration | 1.0.0 | None | Medium | Linux kernel \nF5 iWorkflow | 2.0.0 - 2.3.0 | None | Medium | Linux kernel \nLineRate | None | 2.5.0 - 2.6.2 | Not vulnerable | None \nTraffix SDC | None | 5.0.0 - 5.1.0 \n4.0.0 - 4.4.0 | Not vulnerable | None\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo determine the necessary upgrade path for your BIG-IQ system, you should understand the BIG-IQ product offering name changes. For more information, refer to [K21232150: Considerations for upgrading BIG-IQ or F5 iWorkflow systems](<https://support.f5.com/csp/article/K21232150>).\n\nMitigation\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "edition": 1, "reporter": "f5", "published": "2017-07-11T23:15:00", "title": "Linux kernel vulnerability CVE-2016-8399", "type": "f5", "enchantments": {"score": {"modified": "2018-07-05T19:39:12", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2016-8399"], "modified": "2018-07-05T18:40:00", "id": "F5:K23030550", "href": "https://support.f5.com/csp/article/K23030550", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2018-09-01T23:40:54", "references": ["https://bodhi.fedoraproject.org/updates/FEDORA-2016-02db2f32fd"], "pluginID": "96019", "description": "The 4.8.14 stable kernel update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 7, "reporter": "Tenable", "published": "2016-12-20T00:00:00", "title": "Fedora 25 : kernel (2016-02db2f32fd)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-8399"], "modified": "2017-01-16T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2016-02DB2F32FD.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=96019", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-02db2f32fd.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96019);\n script_version(\"$Revision: 3.3 $\");\n script_cvs_date(\"$Date: 2017/01/16 15:05:10 $\");\n\n script_cve_id(\"CVE-2016-8399\");\n script_xref(name:\"FEDORA\", value:\"2016-02db2f32fd\");\n\n script_name(english:\"Fedora 25 : kernel (2016-02db2f32fd)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.8.14 stable kernel update contains a number of important fixes\nacross the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-02db2f32fd\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"kernel-4.8.14-300.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:39:58", "references": ["https://bodhi.fedoraproject.org/updates/FEDORA-2016-e5b72816d0"], "pluginID": "96027", "description": "The 4.8.14 stable kernel update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 7, "reporter": "Tenable", "published": "2016-12-20T00:00:00", "title": "Fedora 24 : kernel (2016-e5b72816d0)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-8399"], "modified": "2017-01-16T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2016-E5B72816D0.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=96027", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-e5b72816d0.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96027);\n script_version(\"$Revision: 3.3 $\");\n script_cvs_date(\"$Date: 2017/01/16 15:05:10 $\");\n\n script_cve_id(\"CVE-2016-8399\");\n script_xref(name:\"FEDORA\", value:\"2016-e5b72816d0\");\n\n script_name(english:\"Fedora 24 : kernel (2016-e5b72816d0)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.8.14 stable kernel update contains a number of important fixes\nacross the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-e5b72816d0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"kernel-4.8.14-200.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-07T05:50:26", "references": ["http://rhn.redhat.com/errata/RHSA-2017-0869.html", "https://www.redhat.com/security/data/cve/CVE-2016-8399.html"], "pluginID": "99337", "description": "An update for kernel is now available for Red Hat Enterprise Linux 6.7 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* A flaw was found in the Linux networking subsystem where a local attacker with CAP_NET_ADMIN capabilities could cause an out-of-bounds memory access by creating a smaller-than-expected ICMP header and sending to its destination via sendto(). (CVE-2016-8399, Moderate)\n\nEnhancement(s) :\n\n* Previously, the mpt3sas driver incorrectly checked the Transport Layer Retries (TLR) state even on Redundant Array Of Independent Discs (RAID) devices. Consequently, a kernel panic occurred when mpt3sas attempted to read from the RAID devices. With this update, mpt3sas has been fixed to check the TLR state only for non-RAID devices, and the kernel no longer panics under the described circumstances.\n(BZ#1427459)", "edition": 8, "reporter": "Tenable", "published": "2017-04-13T00:00:00", "title": "RHEL 6 : kernel (RHSA-2017:0869)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-8399"], "modified": "2018-09-06T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "cpe:/o:redhat:enterprise_linux:6.7", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:python-perf", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686"], "id": "REDHAT-RHSA-2017-0869.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=99337", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:0869. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(99337);\n script_version(\"3.4\");\n script_cvs_date(\"Date: 2018/09/06 11:58:21\");\n\n script_cve_id(\"CVE-2016-8399\");\n script_xref(name:\"RHSA\", value:\"2017:0869\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2017:0869)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 6.7\nExtended Update Support.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* A flaw was found in the Linux networking subsystem where a local\nattacker with CAP_NET_ADMIN capabilities could cause an out-of-bounds\nmemory access by creating a smaller-than-expected ICMP header and\nsending to its destination via sendto(). (CVE-2016-8399, Moderate)\n\nEnhancement(s) :\n\n* Previously, the mpt3sas driver incorrectly checked the Transport\nLayer Retries (TLR) state even on Redundant Array Of Independent Discs\n(RAID) devices. Consequently, a kernel panic occurred when mpt3sas\nattempted to read from the RAID devices. With this update, mpt3sas has\nbeen fixed to check the TLR state only for non-RAID devices, and the\nkernel no longer panics under the described circumstances.\n(BZ#1427459)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2017-0869.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2016-8399.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/04/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/04/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6\\.7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.7\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:0869\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"kernel-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"kernel-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", reference:\"kernel-abi-whitelists-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"kernel-debug-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"kernel-debug-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"kernel-devel-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"kernel-devel-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", reference:\"kernel-doc-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", reference:\"kernel-firmware-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"kernel-headers-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"kernel-headers-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"perf-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"perf-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"perf-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"perf-debuginfo-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"perf-debuginfo-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"python-perf-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"python-perf-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"python-perf-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"python-perf-debuginfo-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"python-perf-debuginfo-2.6.32-573.41.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-2.6.32-573.41.1.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:59:39", "references": ["http://www.nessus.org/u?4f5a1684", "http://www.nessus.org/u?e96dca98", "http://www.nessus.org/u?d2e6d1e6", "https://help.virtuozzo.com/customer/portal/articles/2892757"], "pluginID": "104131", "description": "According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw was found in the Linux networking subsystem where a local attacker with CAP_NET_ADMIN capabilities could cause an out-of-bounds memory access by creating a smaller-than-expected ICMP header and sending to its destination via sendto().\n\n - It was found that in the Linux kernel through v4.14-rc5, bio_map_user_iov() and bio_unmap_user() in 'block/bio.c' do unbalanced pages refcounting if IO vector has small consecutive buffers belonging to the same page. bio_add_pc_page() merges them into one, but the page reference is never dropped, causing a memory leak and possible system lockup due to out-of-memory condition.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 10, "reporter": "Tenable", "published": "2017-10-25T00:00:00", "title": "Virtuozzo 7 : readykernel-patch (VZA-2017-097)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Virtuozzo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-8399", "CVE-2017-12190"], "modified": "2018-07-17T00:00:00", "cpe": ["cpe:/o:virtuozzo:virtuozzo:7", "p-cpe:/a:virtuozzo:virtuozzo:readykernel"], "id": "VIRTUOZZO_VZA-2017-097.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=104131", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104131);\n script_version(\"3.5\");\n script_cvs_date(\"Date: 2018/07/17 12:00:07\");\n\n script_cve_id(\n \"CVE-2016-8399\",\n \"CVE-2017-12190\"\n );\n\n script_name(english:\"Virtuozzo 7 : readykernel-patch (VZA-2017-097)\");\n script_summary(english:\"Checks the readykernel output for the updated patch.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the vzkernel package and the\nreadykernel-patch installed, the Virtuozzo installation on the remote\nhost is affected by the following vulnerabilities :\n\n - A flaw was found in the Linux networking subsystem\n where a local attacker with CAP_NET_ADMIN capabilities\n could cause an out-of-bounds memory access by creating\n a smaller-than-expected ICMP header and sending to its\n destination via sendto().\n\n - It was found that in the Linux kernel through\n v4.14-rc5, bio_map_user_iov() and bio_unmap_user() in\n 'block/bio.c' do unbalanced pages refcounting if IO\n vector has small consecutive buffers belonging to the\n same page. bio_add_pc_page() merges them into one, but\n the page reference is never dropped, causing a memory\n leak and possible system lockup due to out-of-memory\n condition.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://help.virtuozzo.com/customer/portal/articles/2892757\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-15.2-35.2-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4f5a1684\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-18.7-35.2-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e96dca98\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-20.18-35.2-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d2e6d1e6\");\n script_set_attribute(attribute:\"solution\", value:\"Update the readykernel patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:readykernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:7\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\", \"Host/readykernel-info\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"readykernel.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 7.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nrk_info = get_kb_item(\"Host/readykernel-info\");\nif (empty_or_null(rk_info)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\n\nchecks = make_list2(\n make_array(\n \"kernel\",\"vzkernel-3.10.0-327.18.2.vz7.15.2\",\n \"patch\",\"readykernel-patch-15.2-35.2-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-327.36.1.vz7.18.7\",\n \"patch\",\"readykernel-patch-18.7-35.2-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-327.36.1.vz7.20.18\",\n \"patch\",\"readykernel-patch-20.18-35.2-1.vl7\"\n )\n);\nreadykernel_execute_checks(checks:checks, severity:SECURITY_HOLE, release:\"Virtuozzo-7\");\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-05T05:51:24", "references": [], "pluginID": "97017", "description": "USN-3189-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS.\n\nMikulas Patocka discovered that the asynchronous multibuffer cryptographic daemon (mcryptd) in the Linux kernel did not properly handle being invoked with incompatible algorithms. A local attacker could use this to cause a denial of service (system crash).\n(CVE-2016-10147)\n\nQidan He discovered that the ICMP implementation in the Linux kernel did not properly check the size of an ICMP header. A local attacker with CAP_NET_ADMIN could use this to expose sensitive information.\n(CVE-2016-8399).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 9, "reporter": "Tenable", "published": "2017-02-06T00:00:00", "title": "Ubuntu 14.04 LTS : linux-lts-xenial vulnerabilities (USN-3189-2)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-8399", "CVE-2016-10147"], "modified": "2018-09-04T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-lts-xenial", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-lts-xenial", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-xenial", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3189-2.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=97017", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3189-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(97017);\n script_version(\"3.5\");\n script_cvs_date(\"Date: 2018/09/04 13:20:08\");\n\n script_cve_id(\"CVE-2016-10147\", \"CVE-2016-8399\");\n script_xref(name:\"USN\", value:\"3189-2\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-xenial vulnerabilities (USN-3189-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-3189-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04\nLTS. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu\n14.04 LTS.\n\nMikulas Patocka discovered that the asynchronous multibuffer\ncryptographic daemon (mcryptd) in the Linux kernel did not properly\nhandle being invoked with incompatible algorithms. A local attacker\ncould use this to cause a denial of service (system crash).\n(CVE-2016-10147)\n\nQidan He discovered that the ICMP implementation in the Linux kernel\ndid not properly check the size of an ICMP header. A local attacker\nwith CAP_NET_ADMIN could use this to expose sensitive information.\n(CVE-2016-8399).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-lts-xenial\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-xenial\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-lts-xenial\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/02/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.4.0-62-generic\", pkgver:\"4.4.0-62.83~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.4.0-62-generic-lpae\", pkgver:\"4.4.0-62.83~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.4.0-62-lowlatency\", pkgver:\"4.4.0-62.83~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-generic-lpae-lts-xenial\", pkgver:\"4.4.0.62.48\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-generic-lts-xenial\", pkgver:\"4.4.0.62.48\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-lowlatency-lts-xenial\", pkgver:\"4.4.0.62.48\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.4-generic / linux-image-4.4-generic-lpae / etc\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-05T05:41:02", "references": [], "pluginID": "97016", "description": "Mikulas Patocka discovered that the asynchronous multibuffer cryptographic daemon (mcryptd) in the Linux kernel did not properly handle being invoked with incompatible algorithms. A local attacker could use this to cause a denial of service (system crash).\n(CVE-2016-10147)\n\nQidan He discovered that the ICMP implementation in the Linux kernel did not properly check the size of an ICMP header. A local attacker with CAP_NET_ADMIN could use this to expose sensitive information.\n(CVE-2016-8399).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 9, "reporter": "Tenable", "published": "2017-02-06T00:00:00", "title": "Ubuntu 16.04 LTS : linux, linux-raspi2, linux-snapdragon vulnerabilities (USN-3189-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-8399", "CVE-2016-10147"], "modified": "2018-09-04T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "cpe:/o:canonical:ubuntu_linux:16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic"], "id": "UBUNTU_USN-3189-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=97016", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3189-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(97016);\n script_version(\"3.5\");\n script_cvs_date(\"Date: 2018/09/04 13:20:08\");\n\n script_cve_id(\"CVE-2016-10147\", \"CVE-2016-8399\");\n script_xref(name:\"USN\", value:\"3189-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS : linux, linux-raspi2, linux-snapdragon vulnerabilities (USN-3189-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mikulas Patocka discovered that the asynchronous multibuffer\ncryptographic daemon (mcryptd) in the Linux kernel did not properly\nhandle being invoked with incompatible algorithms. A local attacker\ncould use this to cause a denial of service (system crash).\n(CVE-2016-10147)\n\nQidan He discovered that the ICMP implementation in the Linux kernel\ndid not properly check the size of an ICMP header. A local attacker\nwith CAP_NET_ADMIN could use this to expose sensitive information.\n(CVE-2016-8399).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/02/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1042-raspi2\", pkgver:\"4.4.0-1042.49\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1046-snapdragon\", pkgver:\"4.4.0-1046.50\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-62-generic\", pkgver:\"4.4.0-62.83\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-62-generic-lpae\", pkgver:\"4.4.0-62.83\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-62-lowlatency\", pkgver:\"4.4.0-62.83\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic\", pkgver:\"4.4.0.62.65\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.4.0.62.65\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.4.0.62.65\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-raspi2\", pkgver:\"4.4.0.1042.41\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-snapdragon\", pkgver:\"4.4.0.1046.38\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.4-generic / linux-image-4.4-generic-lpae / etc\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:00:49", "references": ["http://www.nessus.org/u?3ffa1df3", "http://www.nessus.org/u?ce2ff292", "https://help.virtuozzo.com/customer/portal/articles/2892758", "http://www.nessus.org/u?2636ca46"], "pluginID": "104132", "description": "According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities :\n\n - Linux kernel built with the KVM virtualisation support (CONFIG_KVM), with nested virtualisation (nVMX) feature enabled (nested=1), is vulnerable to a stack buffer overflow issue. It could occur while traversing guest pagetable entries to resolve guest virtual address. A guest system could use this flaw to crash the host kernel resulting in DoS, or potentially execute arbitrary code on the host.\n\n - A flaw was found in the Linux networking subsystem where a local attacker with CAP_NET_ADMIN capabilities could cause an out-of-bounds memory access by creating a smaller-than-expected ICMP header and sending to its destination via sendto().\n\n - It was found that in the Linux kernel through v4.14-rc5, bio_map_user_iov() and bio_unmap_user() in 'block/bio.c' do unbalanced pages refcounting if IO vector has small consecutive buffers belonging to the same page. bio_add_pc_page() merges them into one, but the page reference is never dropped, causing a memory leak and possible system lockup due to out-of-memory condition.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 10, "reporter": "Tenable", "published": "2017-10-25T00:00:00", "title": "Virtuozzo 7 : readykernel-patch (VZA-2017-098)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Virtuozzo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-12188", "CVE-2016-8399", "CVE-2017-12190"], "modified": "2018-07-17T00:00:00", "cpe": ["cpe:/o:virtuozzo:virtuozzo:7", "p-cpe:/a:virtuozzo:virtuozzo:readykernel"], "id": "VIRTUOZZO_VZA-2017-098.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=104132", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104132);\n script_version(\"3.5\");\n script_cvs_date(\"Date: 2018/07/17 12:00:07\");\n\n script_cve_id(\n \"CVE-2016-8399\",\n \"CVE-2017-12188\",\n \"CVE-2017-12190\"\n );\n\n script_name(english:\"Virtuozzo 7 : readykernel-patch (VZA-2017-098)\");\n script_summary(english:\"Checks the readykernel output for the updated patch.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the vzkernel package and the\nreadykernel-patch installed, the Virtuozzo installation on the remote\nhost is affected by the following vulnerabilities :\n\n - Linux kernel built with the KVM virtualisation support\n (CONFIG_KVM), with nested virtualisation (nVMX) feature\n enabled (nested=1), is vulnerable to a stack buffer\n overflow issue. It could occur while traversing guest\n pagetable entries to resolve guest virtual address. A\n guest system could use this flaw to crash the host\n kernel resulting in DoS, or potentially execute\n arbitrary code on the host.\n\n - A flaw was found in the Linux networking subsystem\n where a local attacker with CAP_NET_ADMIN capabilities\n could cause an out-of-bounds memory access by creating\n a smaller-than-expected ICMP header and sending to its\n destination via sendto().\n\n - It was found that in the Linux kernel through\n v4.14-rc5, bio_map_user_iov() and bio_unmap_user() in\n 'block/bio.c' do unbalanced pages refcounting if IO\n vector has small consecutive buffers belonging to the\n same page. bio_add_pc_page() merges them into one, but\n the page reference is never dropped, causing a memory\n leak and possible system lockup due to out-of-memory\n condition.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://help.virtuozzo.com/customer/portal/articles/2892758\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-30.10-35.2-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2636ca46\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-30.15-35.2-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ce2ff292\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-33.22-35.2-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3ffa1df3\");\n script_set_attribute(attribute:\"solution\", value:\"Update the readykernel patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:readykernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:7\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\", \"Host/readykernel-info\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"readykernel.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 7.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nrk_info = get_kb_item(\"Host/readykernel-info\");\nif (empty_or_null(rk_info)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\n\nchecks = make_list2(\n make_array(\n \"kernel\",\"vzkernel-3.10.0-514.16.1.vz7.30.10\",\n \"patch\",\"readykernel-patch-30.10-35.2-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-514.16.1.vz7.30.15\",\n \"patch\",\"readykernel-patch-30.15-35.2-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-514.26.1.vz7.33.22\",\n \"patch\",\"readykernel-patch-33.22-35.2-1.vl7\"\n )\n);\nreadykernel_execute_checks(checks:checks, severity:SECURITY_HOLE, release:\"Virtuozzo-7\");\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:40:21", "references": [], "pluginID": "97098", "description": "Mikulas Patocka discovered that the asynchronous multibuffer cryptographic daemon (mcryptd) in the Linux kernel did not properly handle being invoked with incompatible algorithms. A local attacker could use this to cause a denial of service (system crash).\n(CVE-2016-10147)\n\nIt was discovered that a use-after-free existed in the KVM susbsystem of the Linux kernel when creating devices. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-10150)\n\nQidan He discovered that the ICMP implementation in the Linux kernel did not properly check the size of an ICMP header. A local attacker with CAP_NET_ADMIN could use this to expose sensitive information.\n(CVE-2016-8399)\n\nQian Zhang discovered a heap-based buffer overflow in the tipc_msg_build() function in the Linux kernel. A local attacker could use to cause a denial of service (system crash) or possible execute arbitrary code with administrative privileges. (CVE-2016-8632)\n\nDmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly restrict the VCPU index when I/O APIC is enabled, An attacker in a guest VM could use this to cause a denial of service (system crash) or possibly gain privileges in the host OS.\n(CVE-2016-9777).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 8, "reporter": "Tenable", "published": "2017-02-10T00:00:00", "title": "Ubuntu 16.10 : linux-raspi2 vulnerabilities (USN-3190-2)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9777", "CVE-2016-8399", "CVE-2016-8632", "CVE-2016-10147", "CVE-2016-10150"], "modified": "2018-08-03T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.8-raspi2", "cpe:/o:canonical:ubuntu_linux:16.10"], "id": "UBUNTU_USN-3190-2.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=97098", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3190-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(97098);\n script_version(\"3.3\");\n script_cvs_date(\"Date: 2018/08/03 12:21:26\");\n\n script_cve_id(\"CVE-2016-10147\", \"CVE-2016-10150\", \"CVE-2016-8399\", \"CVE-2016-8632\", \"CVE-2016-9777\");\n script_xref(name:\"USN\", value:\"3190-2\");\n\n script_name(english:\"Ubuntu 16.10 : linux-raspi2 vulnerabilities (USN-3190-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mikulas Patocka discovered that the asynchronous multibuffer\ncryptographic daemon (mcryptd) in the Linux kernel did not properly\nhandle being invoked with incompatible algorithms. A local attacker\ncould use this to cause a denial of service (system crash).\n(CVE-2016-10147)\n\nIt was discovered that a use-after-free existed in the KVM susbsystem\nof the Linux kernel when creating devices. A local attacker could use\nthis to cause a denial of service (system crash). (CVE-2016-10150)\n\nQidan He discovered that the ICMP implementation in the Linux kernel\ndid not properly check the size of an ICMP header. A local attacker\nwith CAP_NET_ADMIN could use this to expose sensitive information.\n(CVE-2016-8399)\n\nQian Zhang discovered a heap-based buffer overflow in the\ntipc_msg_build() function in the Linux kernel. A local attacker could\nuse to cause a denial of service (system crash) or possible execute\narbitrary code with administrative privileges. (CVE-2016-8632)\n\nDmitry Vyukov discovered that the KVM implementation in the Linux\nkernel did not properly restrict the VCPU index when I/O APIC is\nenabled, An attacker in a guest VM could use this to cause a denial of\nservice (system crash) or possibly gain privileges in the host OS.\n(CVE-2016-9777).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-4.8-raspi2 and / or linux-image-raspi2\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.8-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/02/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/02/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2018 Canonical, Inc. / NASL script (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(16\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.10\", pkgname:\"linux-image-4.8.0-1024-raspi2\", pkgver:\"4.8.0-1024.27\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"linux-image-raspi2\", pkgver:\"4.8.0.1024.27\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.8-raspi2 / linux-image-raspi2\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:52:38", "references": ["https://alas.aws.amazon.com/ALAS-2017-782.html"], "pluginID": "96284", "description": "A flaw was found in the Linux kernel key management subsystem in which a local attacker could crash the kernel or corrupt the stack and additional memory (denial of service) by supplying a specially crafted RSA key. This flaw panics the machine during the verification of the RSA key. (CVE-2016-8650)\n\nThe blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device. (CVE-2016-9576)\n\nThe sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.\n(CVE-2016-9793)\n\nA flaw was found in the Linux networking subsystem where a local attacker with CAP_NET_ADMIN capabilities could cause an out of bounds read by creating a smaller-than-expected ICMP header and sending to its destination via sendto(). (CVE-2016-8399)\n\nAlgorithms not compatible with mcryptd could be spawned by mcryptd with a direct crypto_alloc_tfm invocation using a 'mcryptd(alg)' name construct. This causes mcryptd to crash the kernel if an arbitrary 'alg' is incompatible and not intended to be used with mcryptd.\n(CVE-2016-10147)\n\n(Updated on 2017-01-19: CVE-2016-8399 was fixed in this release but was previously not part of this errata.)\n\n(Updated on 2017-02-22: CVE-2016-10147 was fixed in this release but was previously not part of this errata.)", "edition": 9, "reporter": "Tenable", "published": "2017-01-05T00:00:00", "title": "Amazon Linux AMI : kernel (ALAS-2017-782)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Amazon Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-8650", "CVE-2016-8399", "CVE-2016-9793", "CVE-2016-10147", "CVE-2016-9576"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-doc", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:kernel-headers", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2017-782.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=96284", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2017-782.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96284);\n script_version(\"3.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:36\");\n\n script_cve_id(\"CVE-2016-10147\", \"CVE-2016-8399\", \"CVE-2016-8650\", \"CVE-2016-9576\", \"CVE-2016-9793\");\n script_xref(name:\"ALAS\", value:\"2017-782\");\n\n script_name(english:\"Amazon Linux AMI : kernel (ALAS-2017-782)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the Linux kernel key management subsystem in which\na local attacker could crash the kernel or corrupt the stack and\nadditional memory (denial of service) by supplying a specially crafted\nRSA key. This flaw panics the machine during the verification of the\nRSA key. (CVE-2016-8650)\n\nThe blk_rq_map_user_iov function in block/blk-map.c in the Linux\nkernel before 4.8.14 does not properly restrict the type of iterator,\nwhich allows local users to read or write to arbitrary kernel memory\nlocations or cause a denial of service (use-after-free) by leveraging\naccess to a /dev/sg device. (CVE-2016-9576)\n\nThe sock_setsockopt function in net/core/sock.c in the Linux kernel\nbefore 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf,\nwhich allows local users to cause a denial of service (memory\ncorruption and system crash) or possibly have unspecified other impact\nby leveraging the CAP_NET_ADMIN capability for a crafted setsockopt\nsystem call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.\n(CVE-2016-9793)\n\nA flaw was found in the Linux networking subsystem where a local\nattacker with CAP_NET_ADMIN capabilities could cause an out of bounds\nread by creating a smaller-than-expected ICMP header and sending to\nits destination via sendto(). (CVE-2016-8399)\n\nAlgorithms not compatible with mcryptd could be spawned by mcryptd\nwith a direct crypto_alloc_tfm invocation using a 'mcryptd(alg)' name\nconstruct. This causes mcryptd to crash the kernel if an arbitrary\n'alg' is incompatible and not intended to be used with mcryptd.\n(CVE-2016-10147)\n\n(Updated on 2017-01-19: CVE-2016-8399 was fixed in this release but\nwas previously not part of this errata.)\n\n(Updated on 2017-02-22: CVE-2016-10147 was fixed in this release but\nwas previously not part of this errata.)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2017-782.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Run 'yum update kernel' to update your system. You will need to reboot\nyour system in order for the new kernel to be running.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"kernel-4.4.39-34.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-debuginfo-4.4.39-34.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-4.4.39-34.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-4.4.39-34.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-devel-4.4.39-34.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-doc-4.4.39-34.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-headers-4.4.39-34.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-4.4.39-34.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-debuginfo-4.4.39-34.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-devel-4.4.39-34.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-4.4.39-34.54.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-debuginfo-4.4.39-34.54.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-i686 / etc\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:59:54", "references": [], "pluginID": "97018", "description": "Mikulas Patocka discovered that the asynchronous multibuffer cryptographic daemon (mcryptd) in the Linux kernel did not properly handle being invoked with incompatible algorithms. A local attacker could use this to cause a denial of service (system crash).\n(CVE-2016-10147)\n\nIt was discovered that a use-after-free existed in the KVM susbsystem of the Linux kernel when creating devices. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-10150)\n\nQidan He discovered that the ICMP implementation in the Linux kernel did not properly check the size of an ICMP header. A local attacker with CAP_NET_ADMIN could use this to expose sensitive information.\n(CVE-2016-8399)\n\nQian Zhang discovered a heap-based buffer overflow in the tipc_msg_build() function in the Linux kernel. A local attacker could use to cause a denial of service (system crash) or possible execute arbitrary code with administrative privileges. (CVE-2016-8632)\n\nDmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly restrict the VCPU index when I/O APIC is enabled, An attacker in a guest VM could use this to cause a denial of service (system crash) or possibly gain privileges in the host OS.\n(CVE-2016-9777).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 9, "reporter": "Tenable", "published": "2017-02-06T00:00:00", "title": "Ubuntu 16.10 : linux vulnerabilities (USN-3190-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9777", "CVE-2016-8399", "CVE-2016-8632", "CVE-2016-10147", "CVE-2016-10150"], "modified": "2018-08-03T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.8-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.8-lowlatency", "cpe:/o:canonical:ubuntu_linux:16.10", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.8-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic"], "id": "UBUNTU_USN-3190-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=97018", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3190-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(97018);\n script_version(\"3.4\");\n script_cvs_date(\"Date: 2018/08/03 12:21:26\");\n\n script_cve_id(\"CVE-2016-10147\", \"CVE-2016-10150\", \"CVE-2016-8399\", \"CVE-2016-8632\", \"CVE-2016-9777\");\n script_xref(name:\"USN\", value:\"3190-1\");\n\n script_name(english:\"Ubuntu 16.10 : linux vulnerabilities (USN-3190-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mikulas Patocka discovered that the asynchronous multibuffer\ncryptographic daemon (mcryptd) in the Linux kernel did not properly\nhandle being invoked with incompatible algorithms. A local attacker\ncould use this to cause a denial of service (system crash).\n(CVE-2016-10147)\n\nIt was discovered that a use-after-free existed in the KVM susbsystem\nof the Linux kernel when creating devices. A local attacker could use\nthis to cause a denial of service (system crash). (CVE-2016-10150)\n\nQidan He discovered that the ICMP implementation in the Linux kernel\ndid not properly check the size of an ICMP header. A local attacker\nwith CAP_NET_ADMIN could use this to expose sensitive information.\n(CVE-2016-8399)\n\nQian Zhang discovered a heap-based buffer overflow in the\ntipc_msg_build() function in the Linux kernel. A local attacker could\nuse to cause a denial of service (system crash) or possible execute\narbitrary code with administrative privileges. (CVE-2016-8632)\n\nDmitry Vyukov discovered that the KVM implementation in the Linux\nkernel did not properly restrict the VCPU index when I/O APIC is\nenabled, An attacker in a guest VM could use this to cause a denial of\nservice (system crash) or possibly gain privileges in the host OS.\n(CVE-2016-9777).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.8-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.8-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.8-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/02/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2018 Canonical, Inc. / NASL script (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(16\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.10\", pkgname:\"linux-image-4.8.0-37-generic\", pkgver:\"4.8.0-37.39\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"linux-image-4.8.0-37-generic-lpae\", pkgver:\"4.8.0-37.39\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"linux-image-4.8.0-37-lowlatency\", pkgver:\"4.8.0-37.39\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"linux-image-generic\", pkgver:\"4.8.0.37.46\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.8.0.37.46\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.8.0.37.46\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.8-generic / linux-image-4.8-generic-lpae / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2017-04-18T17:21:10", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-debuginfo", "arch": "i686", "packageFilename": "kernel-debuginfo-2.6.32-573.41.1.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-debuginfo", "arch": "ppc64", "packageFilename": "kernel-debuginfo-2.6.32-573.41.1.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-debug-debuginfo", "arch": "i686", "packageFilename": "kernel-debug-debuginfo-2.6.32-573.41.1.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel", "arch": "x86_64", "packageFilename": "kernel-2.6.32-573.41.1.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-debug", "arch": "x86_64", "packageFilename": "kernel-debug-2.6.32-573.41.1.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-debug", "arch": "i686", "packageFilename": "kernel-debug-2.6.32-573.41.1.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-debug-devel", "arch": "x86_64", "packageFilename": "kernel-debug-devel-2.6.32-573.41.1.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "python-perf", "arch": "x86_64", "packageFilename": "python-perf-2.6.32-573.41.1.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "python-perf-debuginfo", "arch": "i686", "packageFilename": "python-perf-debuginfo-2.6.32-573.41.1.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-firmware", "arch": "noarch", "packageFilename": "kernel-firmware-2.6.32-573.41.1.el6.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "perf", "arch": "i686", "packageFilename": "perf-2.6.32-573.41.1.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-abi-whitelists", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-2.6.32-573.41.1.el6.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-headers", "arch": "x86_64", "packageFilename": "kernel-headers-2.6.32-573.41.1.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-kdump", "arch": "s390x", "packageFilename": "kernel-kdump-2.6.32-573.41.1.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "python-perf", "arch": "ppc64", "packageFilename": "python-perf-2.6.32-573.41.1.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-debug", "arch": "ppc64", "packageFilename": "kernel-debug-2.6.32-573.41.1.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-devel", "arch": "i686", "packageFilename": "kernel-devel-2.6.32-573.41.1.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "perf", "arch": "x86_64", "packageFilename": "perf-2.6.32-573.41.1.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "python-perf", "arch": "i686", "packageFilename": "python-perf-2.6.32-573.41.1.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "perf-debuginfo", "arch": "s390x", "packageFilename": "perf-debuginfo-2.6.32-573.41.1.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel", "arch": "src", "packageFilename": "kernel-2.6.32-573.41.1.el6.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "perf", "arch": "ppc64", "packageFilename": "perf-2.6.32-573.41.1.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-kdump-devel", "arch": "s390x", "packageFilename": "kernel-kdump-devel-2.6.32-573.41.1.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "perf-debuginfo", "arch": "x86_64", "packageFilename": "perf-debuginfo-2.6.32-573.41.1.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel", "arch": "i686", "packageFilename": "kernel-2.6.32-573.41.1.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "python-perf-debuginfo", "arch": "x86_64", "packageFilename": "python-perf-debuginfo-2.6.32-573.41.1.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "perf-debuginfo", "arch": "i686", "packageFilename": "perf-debuginfo-2.6.32-573.41.1.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-debuginfo-common-s390x", "arch": "s390x", "packageFilename": "kernel-debuginfo-common-s390x-2.6.32-573.41.1.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel", "arch": "s390x", "packageFilename": "kernel-2.6.32-573.41.1.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-debug-devel", "arch": "s390x", "packageFilename": "kernel-debug-devel-2.6.32-573.41.1.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-debug-debuginfo", "arch": "x86_64", "packageFilename": "kernel-debug-debuginfo-2.6.32-573.41.1.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-debuginfo-common-x86_64", "arch": "x86_64", "packageFilename": "kernel-debuginfo-common-x86_64-2.6.32-573.41.1.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "python-perf", "arch": "s390x", "packageFilename": "python-perf-2.6.32-573.41.1.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel", "arch": "ppc64", "packageFilename": "kernel-2.6.32-573.41.1.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-debuginfo", "arch": "x86_64", "packageFilename": "kernel-debuginfo-2.6.32-573.41.1.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-debuginfo", "arch": "s390x", "packageFilename": "kernel-debuginfo-2.6.32-573.41.1.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "python-perf-debuginfo", "arch": "ppc64", "packageFilename": "python-perf-debuginfo-2.6.32-573.41.1.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-debug-debuginfo", "arch": "ppc64", "packageFilename": "kernel-debug-debuginfo-2.6.32-573.41.1.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "perf", "arch": "s390x", "packageFilename": "perf-2.6.32-573.41.1.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-debuginfo-common-i686", "arch": "i686", "packageFilename": "kernel-debuginfo-common-i686-2.6.32-573.41.1.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-devel", "arch": "s390x", "packageFilename": "kernel-devel-2.6.32-573.41.1.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-headers", "arch": "ppc64", "packageFilename": "kernel-headers-2.6.32-573.41.1.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-devel", "arch": "ppc64", "packageFilename": "kernel-devel-2.6.32-573.41.1.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-debuginfo-common-ppc64", "arch": "ppc64", "packageFilename": "kernel-debuginfo-common-ppc64-2.6.32-573.41.1.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "python-perf-debuginfo", "arch": "s390x", "packageFilename": "python-perf-debuginfo-2.6.32-573.41.1.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-kdump-debuginfo", "arch": "s390x", "packageFilename": "kernel-kdump-debuginfo-2.6.32-573.41.1.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-debug-devel", "arch": "i686", "packageFilename": "kernel-debug-devel-2.6.32-573.41.1.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-debug-debuginfo", "arch": "s390x", "packageFilename": "kernel-debug-debuginfo-2.6.32-573.41.1.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-devel", "arch": "x86_64", "packageFilename": "kernel-devel-2.6.32-573.41.1.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-debug-devel", "arch": "ppc64", "packageFilename": "kernel-debug-devel-2.6.32-573.41.1.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-headers", "arch": "s390x", "packageFilename": "kernel-headers-2.6.32-573.41.1.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-bootwrapper", "arch": "ppc64", "packageFilename": "kernel-bootwrapper-2.6.32-573.41.1.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-debug", "arch": "s390x", "packageFilename": "kernel-debug-2.6.32-573.41.1.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "perf-debuginfo", "arch": "ppc64", "packageFilename": "perf-debuginfo-2.6.32-573.41.1.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-headers", "arch": "i686", "packageFilename": "kernel-headers-2.6.32-573.41.1.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-573.41.1.el6", "packageName": "kernel-doc", "arch": "noarch", "packageFilename": "kernel-doc-2.6.32-573.41.1.el6.noarch.rpm", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A flaw was found in the Linux networking subsystem where a local attacker with CAP_NET_ADMIN capabilities could cause an out-of-bounds memory access by creating a smaller-than-expected ICMP header and sending to its destination via sendto(). (CVE-2016-8399, Moderate)\n\nEnhancement(s):\n\n* Previously, the mpt3sas driver incorrectly checked the Transport Layer Retries (TLR) state even on Redundant Array Of Independent Discs (RAID) devices. Consequently, a kernel panic occurred when mpt3sas attempted to read from the RAID devices. With this update, mpt3sas has been fixed to check the TLR state only for non-RAID devices, and the kernel no longer panics under the described circumstances. (BZ#1427459)", "reporter": "RedHat", "published": "2017-04-04T15:01:03", "type": "redhat", "title": "(RHSA-2017:0869) Moderate: kernel security and enhancement update", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-8399"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-04-04T15:09:55", "id": "RHSA-2017:0869", "href": "https://access.redhat.com/errata/RHSA-2017:0869", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-17T20:56:14", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.rt56.626.el7", "arch": "src", "packageName": "kernel-rt", "packageFilename": "kernel-rt-3.10.0-693.5.2.rt56.626.el7.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.rt56.626.el7", "arch": "x86_64", "packageName": "kernel-rt", "packageFilename": "kernel-rt-3.10.0-693.5.2.rt56.626.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.rt56.626.el7", "arch": "x86_64", "packageName": "kernel-rt-debug", "packageFilename": "kernel-rt-debug-3.10.0-693.5.2.rt56.626.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.rt56.626.el7", "arch": "x86_64", "packageName": "kernel-rt-debug-debuginfo", "packageFilename": "kernel-rt-debug-debuginfo-3.10.0-693.5.2.rt56.626.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.rt56.626.el7", "arch": "x86_64", "packageName": "kernel-rt-debug-devel", "packageFilename": "kernel-rt-debug-devel-3.10.0-693.5.2.rt56.626.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.rt56.626.el7", "arch": "x86_64", "packageName": "kernel-rt-debug-kvm", "packageFilename": "kernel-rt-debug-kvm-3.10.0-693.5.2.rt56.626.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.rt56.626.el7", "arch": "x86_64", "packageName": "kernel-rt-debug-kvm-debuginfo", "packageFilename": "kernel-rt-debug-kvm-debuginfo-3.10.0-693.5.2.rt56.626.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.rt56.626.el7", "arch": "x86_64", "packageName": "kernel-rt-debuginfo", "packageFilename": "kernel-rt-debuginfo-3.10.0-693.5.2.rt56.626.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.rt56.626.el7", "arch": "x86_64", "packageName": "kernel-rt-debuginfo-common-x86_64", "packageFilename": "kernel-rt-debuginfo-common-x86_64-3.10.0-693.5.2.rt56.626.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.rt56.626.el7", "arch": "x86_64", "packageName": "kernel-rt-devel", "packageFilename": "kernel-rt-devel-3.10.0-693.5.2.rt56.626.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.rt56.626.el7", "arch": "noarch", "packageName": "kernel-rt-doc", "packageFilename": "kernel-rt-doc-3.10.0-693.5.2.rt56.626.el7.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.rt56.626.el7", "arch": "x86_64", "packageName": "kernel-rt-kvm", "packageFilename": "kernel-rt-kvm-3.10.0-693.5.2.rt56.626.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.rt56.626.el7", "arch": "x86_64", "packageName": "kernel-rt-kvm-debuginfo", "packageFilename": "kernel-rt-kvm-debuginfo-3.10.0-693.5.2.rt56.626.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.rt56.626.el7", "arch": "x86_64", "packageName": "kernel-rt-trace", "packageFilename": "kernel-rt-trace-3.10.0-693.5.2.rt56.626.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.rt56.626.el7", "arch": "x86_64", "packageName": "kernel-rt-trace-debuginfo", "packageFilename": "kernel-rt-trace-debuginfo-3.10.0-693.5.2.rt56.626.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.rt56.626.el7", "arch": "x86_64", "packageName": "kernel-rt-trace-devel", "packageFilename": "kernel-rt-trace-devel-3.10.0-693.5.2.rt56.626.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.rt56.626.el7", "arch": "x86_64", "packageName": "kernel-rt-trace-kvm", "packageFilename": "kernel-rt-trace-kvm-3.10.0-693.5.2.rt56.626.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.rt56.626.el7", "arch": "x86_64", "packageName": "kernel-rt-trace-kvm-debuginfo", "packageFilename": "kernel-rt-trace-kvm-debuginfo-3.10.0-693.5.2.rt56.626.el7.x86_64.rpm", "operator": "lt"}], "description": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* Out-of-bounds kernel heap access vulnerability was found in xfrm, kernel's IP framework for transforming packets. An error dealing with netlink messages from an unprivileged user leads to arbitrary read/write and privilege escalation. (CVE-2017-7184, Important)\n\n* A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented in the Linux kernel networking subsystem handling synchronization. A local user able to open a raw packet socket (requires the CAP_NET_RAW capability) could use this flaw to elevate their privileges on the system. (CVE-2017-1000111, Important)\n\n* An exploitable memory corruption flaw was found in the Linux kernel. The append path can be erroneously switched from UFO to non-UFO in ip_ufo_append_data() when building an UFO packet with MSG_MORE option. If unprivileged user namespaces are available, this flaw can be exploited to gain root privileges. (CVE-2017-1000112, Important)\n\n* A flaw was found in the Linux networking subsystem where a local attacker with CAP_NET_ADMIN capabilities could cause an out-of-bounds memory access by creating a smaller-than-expected ICMP header and sending to its destination via sendto(). (CVE-2016-8399, Moderate)\n\n* Kernel memory corruption due to a buffer overflow was found in brcmf_cfg80211_mgmt_tx() function in Linux kernels from v3.9-rc1 to v4.13-rc1. The vulnerability can be triggered by sending a crafted NL80211_CMD_FRAME packet via netlink. This flaw is unlikely to be triggered remotely as certain userspace code is needed for this. An unprivileged local user could use this flaw to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is unlikely. (CVE-2017-7541, Moderate)\n\n* An integer overflow vulnerability in ip6_find_1stfragopt() function was found. A local attacker that has privileges (of CAP_NET_RAW) to open raw socket can cause an infinite loop inside the ip6_find_1stfragopt() function. (CVE-2017-7542, Moderate)\n\n* A kernel data leak due to an out-of-bound read was found in the Linux kernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in sockaddr data structures used to export socket's diagnostic information. As a result, up to 100 bytes of the slab data could be leaked to a userspace. (CVE-2017-7558, Moderate)\n\n* The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to possibly cause a situation where a value may be used after being freed (use-after-free) which may lead to memory corruption or other unspecified other impact. (CVE-2017-11176, Moderate)\n\n* A divide-by-zero vulnerability was found in the __tcp_select_window function in the Linux kernel. This can result in a kernel panic causing a local denial of service. (CVE-2017-14106, Moderate)\n\nRed Hat would like to thank Chaitin Security Research Lab for reporting CVE-2017-7184; Willem de Bruijn for reporting CVE-2017-1000111; and Andrey Konovalov for reporting CVE-2017-1000112. The CVE-2017-7558 issue was discovered by Stefano Brivio (Red Hat).\n\nBug Fix(es):\n\n* The kernel-rt packages have been upgraded to the 3.10.0-693.5.2 source tree, which provides number of bug fixes over the previous version. (BZ#1489084)", "reporter": "RedHat", "published": "2017-10-19T17:19:05", "type": "redhat", "title": "(RHSA-2017:2931) Important: kernel-rt security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-8399", "CVE-2017-1000111", "CVE-2017-1000112", "CVE-2017-11176", "CVE-2017-14106", "CVE-2017-7184", "CVE-2017-7541", "CVE-2017-7542", "CVE-2017-7558"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-03-19T16:29:53", "id": "RHSA-2017:2931", "href": "https://access.redhat.com/errata/RHSA-2017:2931", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-17T20:55:57", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64", "packageName": "kernel", "packageFilename": "kernel-3.10.0-693.5.2.el7.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64le", "packageName": "kernel", "packageFilename": "kernel-3.10.0-693.5.2.el7.ppc64le.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "s390x", "packageName": "kernel", "packageFilename": "kernel-3.10.0-693.5.2.el7.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "src", "packageName": "kernel", "packageFilename": "kernel-3.10.0-693.5.2.el7.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageName": "kernel", "packageFilename": "kernel-3.10.0-693.5.2.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "noarch", "packageName": "kernel-abi-whitelists", "packageFilename": "kernel-abi-whitelists-3.10.0-693.5.2.el7.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64", "packageName": "kernel-bootwrapper", "packageFilename": "kernel-bootwrapper-3.10.0-693.5.2.el7.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64le", "packageName": "kernel-bootwrapper", "packageFilename": "kernel-bootwrapper-3.10.0-693.5.2.el7.ppc64le.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64", "packageName": "kernel-debug", "packageFilename": "kernel-debug-3.10.0-693.5.2.el7.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64le", "packageName": "kernel-debug", "packageFilename": "kernel-debug-3.10.0-693.5.2.el7.ppc64le.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "s390x", "packageName": "kernel-debug", "packageFilename": "kernel-debug-3.10.0-693.5.2.el7.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageName": "kernel-debug", "packageFilename": "kernel-debug-3.10.0-693.5.2.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64", "packageName": "kernel-debug-debuginfo", "packageFilename": "kernel-debug-debuginfo-3.10.0-693.5.2.el7.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64le", "packageName": "kernel-debug-debuginfo", "packageFilename": "kernel-debug-debuginfo-3.10.0-693.5.2.el7.ppc64le.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "s390x", "packageName": "kernel-debug-debuginfo", "packageFilename": "kernel-debug-debuginfo-3.10.0-693.5.2.el7.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageName": "kernel-debug-debuginfo", "packageFilename": "kernel-debug-debuginfo-3.10.0-693.5.2.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-3.10.0-693.5.2.el7.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64le", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-3.10.0-693.5.2.el7.ppc64le.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "s390x", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-3.10.0-693.5.2.el7.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-3.10.0-693.5.2.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64", "packageName": "kernel-debuginfo", "packageFilename": "kernel-debuginfo-3.10.0-693.5.2.el7.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64le", "packageName": "kernel-debuginfo", "packageFilename": "kernel-debuginfo-3.10.0-693.5.2.el7.ppc64le.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "s390x", "packageName": "kernel-debuginfo", "packageFilename": "kernel-debuginfo-3.10.0-693.5.2.el7.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageName": "kernel-debuginfo", "packageFilename": "kernel-debuginfo-3.10.0-693.5.2.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64", "packageName": "kernel-debuginfo-common-ppc64", "packageFilename": "kernel-debuginfo-common-ppc64-3.10.0-693.5.2.el7.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64le", "packageName": "kernel-debuginfo-common-ppc64le", "packageFilename": "kernel-debuginfo-common-ppc64le-3.10.0-693.5.2.el7.ppc64le.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "s390x", "packageName": "kernel-debuginfo-common-s390x", "packageFilename": "kernel-debuginfo-common-s390x-3.10.0-693.5.2.el7.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageName": "kernel-debuginfo-common-x86_64", "packageFilename": "kernel-debuginfo-common-x86_64-3.10.0-693.5.2.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64", "packageName": "kernel-devel", "packageFilename": "kernel-devel-3.10.0-693.5.2.el7.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64le", "packageName": "kernel-devel", "packageFilename": "kernel-devel-3.10.0-693.5.2.el7.ppc64le.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "s390x", "packageName": "kernel-devel", "packageFilename": "kernel-devel-3.10.0-693.5.2.el7.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageName": "kernel-devel", "packageFilename": "kernel-devel-3.10.0-693.5.2.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "noarch", "packageName": "kernel-doc", "packageFilename": "kernel-doc-3.10.0-693.5.2.el7.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64", "packageName": "kernel-headers", "packageFilename": "kernel-headers-3.10.0-693.5.2.el7.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64le", "packageName": "kernel-headers", "packageFilename": "kernel-headers-3.10.0-693.5.2.el7.ppc64le.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "s390x", "packageName": "kernel-headers", "packageFilename": "kernel-headers-3.10.0-693.5.2.el7.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageName": "kernel-headers", "packageFilename": "kernel-headers-3.10.0-693.5.2.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "s390x", "packageName": "kernel-kdump", "packageFilename": "kernel-kdump-3.10.0-693.5.2.el7.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "s390x", "packageName": "kernel-kdump-debuginfo", "packageFilename": "kernel-kdump-debuginfo-3.10.0-693.5.2.el7.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "s390x", "packageName": "kernel-kdump-devel", "packageFilename": "kernel-kdump-devel-3.10.0-693.5.2.el7.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64", "packageName": "kernel-tools", "packageFilename": "kernel-tools-3.10.0-693.5.2.el7.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64le", "packageName": "kernel-tools", "packageFilename": "kernel-tools-3.10.0-693.5.2.el7.ppc64le.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageName": "kernel-tools", "packageFilename": "kernel-tools-3.10.0-693.5.2.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64", "packageName": "kernel-tools-debuginfo", "packageFilename": "kernel-tools-debuginfo-3.10.0-693.5.2.el7.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64le", "packageName": "kernel-tools-debuginfo", "packageFilename": "kernel-tools-debuginfo-3.10.0-693.5.2.el7.ppc64le.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageName": "kernel-tools-debuginfo", "packageFilename": "kernel-tools-debuginfo-3.10.0-693.5.2.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64", "packageName": "kernel-tools-libs", "packageFilename": "kernel-tools-libs-3.10.0-693.5.2.el7.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64le", "packageName": "kernel-tools-libs", "packageFilename": "kernel-tools-libs-3.10.0-693.5.2.el7.ppc64le.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageName": "kernel-tools-libs", "packageFilename": "kernel-tools-libs-3.10.0-693.5.2.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64", "packageName": "kernel-tools-libs-devel", "packageFilename": "kernel-tools-libs-devel-3.10.0-693.5.2.el7.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64le", "packageName": "kernel-tools-libs-devel", "packageFilename": "kernel-tools-libs-devel-3.10.0-693.5.2.el7.ppc64le.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageName": "kernel-tools-libs-devel", "packageFilename": "kernel-tools-libs-devel-3.10.0-693.5.2.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64", "packageName": "perf", "packageFilename": "perf-3.10.0-693.5.2.el7.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64le", "packageName": "perf", "packageFilename": "perf-3.10.0-693.5.2.el7.ppc64le.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "s390x", "packageName": "perf", "packageFilename": "perf-3.10.0-693.5.2.el7.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageName": "perf", "packageFilename": "perf-3.10.0-693.5.2.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64", "packageName": "perf-debuginfo", "packageFilename": "perf-debuginfo-3.10.0-693.5.2.el7.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64le", "packageName": "perf-debuginfo", "packageFilename": "perf-debuginfo-3.10.0-693.5.2.el7.ppc64le.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "s390x", "packageName": "perf-debuginfo", "packageFilename": "perf-debuginfo-3.10.0-693.5.2.el7.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageName": "perf-debuginfo", "packageFilename": "perf-debuginfo-3.10.0-693.5.2.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64", "packageName": "python-perf", "packageFilename": "python-perf-3.10.0-693.5.2.el7.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64le", "packageName": "python-perf", "packageFilename": "python-perf-3.10.0-693.5.2.el7.ppc64le.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "s390x", "packageName": "python-perf", "packageFilename": "python-perf-3.10.0-693.5.2.el7.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageName": "python-perf", "packageFilename": "python-perf-3.10.0-693.5.2.el7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64", "packageName": "python-perf-debuginfo", "packageFilename": "python-perf-debuginfo-3.10.0-693.5.2.el7.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "ppc64le", "packageName": "python-perf-debuginfo", "packageFilename": "python-perf-debuginfo-3.10.0-693.5.2.el7.ppc64le.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "s390x", "packageName": "python-perf-debuginfo", "packageFilename": "python-perf-debuginfo-3.10.0-693.5.2.el7.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageName": "python-perf-debuginfo", "packageFilename": "python-perf-debuginfo-3.10.0-693.5.2.el7.x86_64.rpm", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* Out-of-bounds kernel heap access vulnerability was found in xfrm, kernel's IP framework for transforming packets. An error dealing with netlink messages from an unprivileged user leads to arbitrary read/write and privilege escalation. (CVE-2017-7184, Important)\n\n* A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented in the Linux kernel networking subsystem handling synchronization. A local user able to open a raw packet socket (requires the CAP_NET_RAW capability) could use this flaw to elevate their privileges on the system. (CVE-2017-1000111, Important)\n\n* An exploitable memory corruption flaw was found in the Linux kernel. The append path can be erroneously switched from UFO to non-UFO in ip_ufo_append_data() when building an UFO packet with MSG_MORE option. If unprivileged user namespaces are available, this flaw can be exploited to gain root privileges. (CVE-2017-1000112, Important)\n\n* A flaw was found in the Linux networking subsystem where a local attacker with CAP_NET_ADMIN capabilities could cause an out-of-bounds memory access by creating a smaller-than-expected ICMP header and sending to its destination via sendto(). (CVE-2016-8399, Moderate)\n\n* Kernel memory corruption due to a buffer overflow was found in brcmf_cfg80211_mgmt_tx() function in Linux kernels from v3.9-rc1 to v4.13-rc1. The vulnerability can be triggered by sending a crafted NL80211_CMD_FRAME packet via netlink. This flaw is unlikely to be triggered remotely as certain userspace code is needed for this. An unprivileged local user could use this flaw to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is unlikely. (CVE-2017-7541, Moderate)\n\n* An integer overflow vulnerability in ip6_find_1stfragopt() function was found. A local attacker that has privileges (of CAP_NET_RAW) to open raw socket can cause an infinite loop inside the ip6_find_1stfragopt() function. (CVE-2017-7542, Moderate)\n\n* A kernel data leak due to an out-of-bound read was found in the Linux kernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in sockaddr data structures used to export socket's diagnostic information. As a result, up to 100 bytes of the slab data could be leaked to a userspace. (CVE-2017-7558, Moderate)\n\n* The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to possibly cause a situation where a value may be used after being freed (use-after-free) which may lead to memory corruption or other unspecified other impact. (CVE-2017-11176, Moderate)\n\n* A divide-by-zero vulnerability was found in the __tcp_select_window function in the Linux kernel. This can result in a kernel panic causing a local denial of service. (CVE-2017-14106, Moderate)\n\nRed Hat would like to thank Chaitin Security Research Lab for reporting CVE-2017-7184; Willem de Bruijn for reporting CVE-2017-1000111; and Andrey Konovalov for reporting CVE-2017-1000112. The CVE-2017-7558 issue was discovered by Stefano Brivio (Red Hat).\n\nSpace precludes documenting all of the bug fixes and enhancements included in this advisory. To see the complete list of bug fixes and enhancements, refer to the following KnowledgeBase article: https://access.redhat.com/node/3212921.", "reporter": "RedHat", "published": "2017-10-19T17:19:00", "type": "redhat", "title": "(RHSA-2017:2930) Important: kernel security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-8399", "CVE-2017-1000111", "CVE-2017-1000112", "CVE-2017-11176", "CVE-2017-14106", "CVE-2017-7184", "CVE-2017-7541", "CVE-2017-7542", "CVE-2017-7558"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-04-12T03:33:03", "id": "RHSA-2017:2930", "href": "https://access.redhat.com/errata/RHSA-2017:2930", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-17T20:56:17", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "i686", "packageName": "kernel", "packageFilename": "kernel-2.6.32-696.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "ppc64", "packageName": "kernel", "packageFilename": "kernel-2.6.32-696.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "s390x", "packageName": "kernel", "packageFilename": "kernel-2.6.32-696.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "src", "packageName": "kernel", "packageFilename": "kernel-2.6.32-696.el6.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "x86_64", "packageName": "kernel", "packageFilename": "kernel-2.6.32-696.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "noarch", "packageName": "kernel-abi-whitelists", "packageFilename": "kernel-abi-whitelists-2.6.32-696.el6.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "ppc64", "packageName": "kernel-bootwrapper", "packageFilename": "kernel-bootwrapper-2.6.32-696.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "i686", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.32-696.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "ppc64", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.32-696.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "s390x", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.32-696.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "x86_64", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.32-696.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "i686", "packageName": "kernel-debug-debuginfo", "packageFilename": "kernel-debug-debuginfo-2.6.32-696.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "ppc64", "packageName": "kernel-debug-debuginfo", "packageFilename": "kernel-debug-debuginfo-2.6.32-696.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "s390x", "packageName": "kernel-debug-debuginfo", "packageFilename": "kernel-debug-debuginfo-2.6.32-696.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "x86_64", "packageName": "kernel-debug-debuginfo", "packageFilename": "kernel-debug-debuginfo-2.6.32-696.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "i686", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.32-696.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "ppc64", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.32-696.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "s390x", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.32-696.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "x86_64", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.32-696.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "i686", "packageName": "kernel-debuginfo", "packageFilename": "kernel-debuginfo-2.6.32-696.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "ppc64", "packageName": "kernel-debuginfo", "packageFilename": "kernel-debuginfo-2.6.32-696.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "s390x", "packageName": "kernel-debuginfo", "packageFilename": "kernel-debuginfo-2.6.32-696.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "x86_64", "packageName": "kernel-debuginfo", "packageFilename": "kernel-debuginfo-2.6.32-696.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "i686", "packageName": "kernel-debuginfo-common-i686", "packageFilename": "kernel-debuginfo-common-i686-2.6.32-696.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "ppc64", "packageName": "kernel-debuginfo-common-ppc64", "packageFilename": "kernel-debuginfo-common-ppc64-2.6.32-696.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "s390x", "packageName": "kernel-debuginfo-common-s390x", "packageFilename": "kernel-debuginfo-common-s390x-2.6.32-696.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "x86_64", "packageName": "kernel-debuginfo-common-x86_64", "packageFilename": "kernel-debuginfo-common-x86_64-2.6.32-696.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "i686", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.32-696.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "ppc64", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.32-696.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "s390x", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.32-696.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "x86_64", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.32-696.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "noarch", "packageName": "kernel-doc", "packageFilename": "kernel-doc-2.6.32-696.el6.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "noarch", "packageName": "kernel-firmware", "packageFilename": "kernel-firmware-2.6.32-696.el6.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "i686", "packageName": "kernel-headers", "packageFilename": "kernel-headers-2.6.32-696.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "ppc64", "packageName": "kernel-headers", "packageFilename": "kernel-headers-2.6.32-696.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "s390x", "packageName": "kernel-headers", "packageFilename": "kernel-headers-2.6.32-696.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "x86_64", "packageName": "kernel-headers", "packageFilename": "kernel-headers-2.6.32-696.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "s390x", "packageName": "kernel-kdump", "packageFilename": "kernel-kdump-2.6.32-696.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "s390x", "packageName": "kernel-kdump-debuginfo", "packageFilename": "kernel-kdump-debuginfo-2.6.32-696.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "s390x", "packageName": "kernel-kdump-devel", "packageFilename": "kernel-kdump-devel-2.6.32-696.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "i686", "packageName": "perf", "packageFilename": "perf-2.6.32-696.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "ppc64", "packageName": "perf", "packageFilename": "perf-2.6.32-696.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "s390x", "packageName": "perf", "packageFilename": "perf-2.6.32-696.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "x86_64", "packageName": "perf", "packageFilename": "perf-2.6.32-696.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "i686", "packageName": "perf-debuginfo", "packageFilename": "perf-debuginfo-2.6.32-696.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "ppc64", "packageName": "perf-debuginfo", "packageFilename": "perf-debuginfo-2.6.32-696.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "s390x", "packageName": "perf-debuginfo", "packageFilename": "perf-debuginfo-2.6.32-696.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "x86_64", "packageName": "perf-debuginfo", "packageFilename": "perf-debuginfo-2.6.32-696.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "i686", "packageName": "python-perf", "packageFilename": "python-perf-2.6.32-696.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "ppc64", "packageName": "python-perf", "packageFilename": "python-perf-2.6.32-696.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "s390x", "packageName": "python-perf", "packageFilename": "python-perf-2.6.32-696.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "x86_64", "packageName": "python-perf", "packageFilename": "python-perf-2.6.32-696.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "i686", "packageName": "python-perf-debuginfo", "packageFilename": "python-perf-debuginfo-2.6.32-696.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "ppc64", "packageName": "python-perf-debuginfo", "packageFilename": "python-perf-debuginfo-2.6.32-696.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "s390x", "packageName": "python-perf-debuginfo", "packageFilename": "python-perf-debuginfo-2.6.32-696.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "x86_64", "packageName": "python-perf-debuginfo", "packageFilename": "python-perf-debuginfo-2.6.32-696.el6.x86_64.rpm", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* It was discovered that a remote attacker could leverage the generation of IPv6 atomic fragments to trigger the use of fragmentation in an arbitrary IPv6 flow (in scenarios in which actual fragmentation of packets is not needed) and could subsequently perform any type of a fragmentation-based attack against legacy IPv6 nodes that do not implement RFC6946. (CVE-2016-10142, Moderate)\n\n* A flaw was discovered in the way the Linux kernel dealt with paging structures. When the kernel invalidated a paging structure that was not in use locally, it could, in principle, race against another CPU that is switching to a process that uses the paging structure in question. A local user could use a thread running with a stale cached virtual->physical translation to potentially escalate their privileges if the translation in question were writable and the physical page got reused for something critical (for example, a page table). (CVE-2016-2069, Moderate)\n\n* A race condition flaw was found in the ioctl_send_fib() function in the Linux kernel's aacraid implementation. A local attacker could use this flaw to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value. (CVE-2016-6480, Moderate)\n\n* It was found that when the gcc stack protector was enabled, reading the /proc/keys file could cause a panic in the Linux kernel due to stack corruption. This happened because an incorrect buffer size was used to hold a 64-bit timeout value rendered as weeks. (CVE-2016-7042, Moderate)\n\n* It was found that when file permissions were modified via chmod and the user modifying them was not in the owning group or capable of CAP_FSETID, the setgid bit would be cleared. Setting a POSIX ACL via setxattr sets the file permissions as well as the new ACL, but doesn't clear the setgid bit in a similar way. This could allow a local user to gain group privileges via certain setgid applications. (CVE-2016-7097, Moderate)\n\n* A flaw was found in the Linux networking subsystem where a local attacker with CAP_NET_ADMIN capabilities could cause an out-of-bounds memory access by creating a smaller-than-expected ICMP header and sending to its destination via sendto(). (CVE-2016-8399, Moderate)\n\n* It was found that the blk_rq_map_user_iov() function in the Linux kernel's block device implementation did not properly restrict the type of iterator, which could allow a local attacker to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging write access to a /dev/sg device. (CVE-2016-9576, CVE-2016-10088, Moderate)\n\n* A flaw was found in the USB-MIDI Linux kernel driver: a double-free error could be triggered for the 'umidi' object. An attacker with physical access to the system could use this flaw to escalate their privileges. (CVE-2016-2384, Low)\n\nThe CVE-2016-7042 issue was discovered by Ondrej Kozina (Red Hat) and the CVE-2016-7097 issue was discovered by Andreas Gruenbacher (Red Hat) and Jan Kara (SUSE).\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked from the References section.", "reporter": "RedHat", "published": "2017-03-21T12:09:43", "type": "redhat", "title": "(RHSA-2017:0817) Moderate: kernel security, bug fix, and enhancement update", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-10088", "CVE-2016-10142", "CVE-2016-2069", "CVE-2016-2384", "CVE-2016-6480", "CVE-2016-7042", "CVE-2016-7097", "CVE-2016-8399", "CVE-2016-9576", "CVE-2017-5551"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-09-03T16:56:21", "id": "RHSA-2017:0817", "href": "https://access.redhat.com/errata/RHSA-2017:0817", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-09-01T23:48:13", "references": ["2016-e5b72816d0", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALFWOGSCEHRBHPLQY6D23CL3QJ5OBJK7"], "pluginID": "1361412562310872159", "description": "Check the version of kernel", "edition": 4, "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "published": "2016-12-17T00:00:00", "title": "Fedora Update for kernel FEDORA-2016-e5b72816d0", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-8399"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310872159", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872159", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2016-e5b72816d0\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872159\");\n script_version(\"$Revision: 6631 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:36:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-17 05:55:26 +0100 (Sat, 17 Dec 2016)\");\n script_cve_id(\"CVE-2016-8399\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2016-e5b72816d0\");\n script_tag(name: \"summary\", value: \"Check the version of kernel\");\n\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\n of detect NVT and check if the version is vulnerable or not.\");\n\n script_tag(name: \"insight\", value: \"The kernel meta package\");\n\n script_tag(name: \"affected\", value: \"kernel on Fedora 24\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"FEDORA\", value: \"2016-e5b72816d0\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALFWOGSCEHRBHPLQY6D23CL3QJ5OBJK7\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.8.14~200.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:46:46", "references": ["https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SE7UGJ73CPHZKSMWVZ56RR56B5CJR7G6", "2016-02db2f32fd"], "pluginID": "1361412562310872163", "description": "Check the version of kernel", "edition": 4, "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "published": "2016-12-17T00:00:00", "title": "Fedora Update for kernel FEDORA-2016-02db2f32fd", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-8399"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310872163", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872163", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2016-02db2f32fd\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872163\");\n script_version(\"$Revision: 6631 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:36:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-17 05:55:31 +0100 (Sat, 17 Dec 2016)\");\n script_cve_id(\"CVE-2016-8399\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2016-02db2f32fd\");\n script_tag(name: \"summary\", value: \"Check the version of kernel\");\n\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\n of detect NVT and check if the version is vulnerable or not.\");\n\n script_tag(name: \"insight\", value: \"The kernel meta package\");\n\n script_tag(name: \"affected\", value: \"kernel on Fedora 25\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"FEDORA\", value: \"2016-02db2f32fd\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SE7UGJ73CPHZKSMWVZ56RR56B5CJR7G6\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.8.14~300.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:42:26", "references": ["http://www.ubuntu.com/usn/usn-3189-2/", "3189-2"], "pluginID": "1361412562310843040", "description": "Check the version of linux-lts-xenial", "edition": 6, "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "published": "2017-02-04T00:00:00", "title": "Ubuntu Update for linux-lts-xenial USN-3189-2", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-8399", "CVE-2016-10147"], "modified": "2018-08-17T00:00:00", "id": "OPENVAS:1361412562310843040", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843040", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-lts-xenial USN-3189-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843040\");\n script_version(\"$Revision: 11037 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-08-17 13:51:16 +0200 (Fri, 17 Aug 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-02-04 05:46:29 +0100 (Sat, 04 Feb 2017)\");\n script_cve_id(\"CVE-2016-10147\", \"CVE-2016-8399\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-lts-xenial USN-3189-2\");\n script_tag(name:\"summary\", value:\"Check the version of linux-lts-xenial\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"USN-3189-1 fixed vulnerabilities in the Linux\n kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for\n the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu\n 14.04 LTS.\n\nMikulas Patocka discovered that the asynchronous multibuffer cryptographic\ndaemon (mcryptd) in the Linux kernel did not properly handle being invoked\nwith incompatible algorithms. A local attacker could use this to cause a\ndenial of service (system crash). (CVE-2016-10147)\n\nQidan He discovered that the ICMP implementation in the Linux kernel did\nnot properly check the size of an ICMP header. A local attacker with\nCAP_NET_ADMIN could use this to expose sensitive information.\n(CVE-2016-8399)\");\n script_tag(name:\"affected\", value:\"linux-lts-xenial on Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3189-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3189-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-62-generic\", ver:\"4.4.0-62.83~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-62-generic-lpae\", ver:\"4.4.0-62.83~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-62-lowlatency\", ver:\"4.4.0-62.83~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-62-powerpc-e500mc\", ver:\"4.4.0-62.83~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-62-powerpc-smp\", ver:\"4.4.0-62.83~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-62-powerpc64-emb\", ver:\"4.4.0-62.83~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-62-powerpc64-smp\", ver:\"4.4.0-62.83~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae-lts-xenial\", ver:\"4.4.0.62.48\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lts-xenial\", ver:\"4.4.0.62.48\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency-lts-xenial\", ver:\"4.4.0.62.48\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc-lts-xenial\", ver:\"4.4.0.62.48\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-smp-lts-xenial\", ver:\"4.4.0.62.48\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb-lts-xenial\", ver:\"4.4.0.62.48\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp-lts-xenial\", ver:\"4.4.0.62.48\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:41:44", "references": ["http://www.ubuntu.com/usn/usn-3189-1/", "3189-1"], "pluginID": "1361412562310843039", "description": "Check the version of linux", "edition": 6, "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "published": "2017-02-04T00:00:00", "title": "Ubuntu Update for linux USN-3189-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-8399", "CVE-2016-10147"], "modified": "2018-08-17T00:00:00", "id": "OPENVAS:1361412562310843039", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843039", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux USN-3189-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843039\");\n script_version(\"$Revision: 11037 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-08-17 13:51:16 +0200 (Fri, 17 Aug 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-02-04 05:46:27 +0100 (Sat, 04 Feb 2017)\");\n script_cve_id(\"CVE-2016-10147\", \"CVE-2016-8399\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux USN-3189-1\");\n script_tag(name:\"summary\", value:\"Check the version of linux\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Mikulas Patocka discovered that the\n asynchronous multibuffer cryptographic daemon (mcryptd) in the Linux kernel did\n not properly handle being invoked with incompatible algorithms. A local attacker\n could use this to cause a denial of service (system crash). (CVE-2016-10147)\n\nQidan He discovered that the ICMP implementation in the Linux kernel did\nnot properly check the size of an ICMP header. A local attacker with\nCAP_NET_ADMIN could use this to expose sensitive information.\n(CVE-2016-8399)\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 16.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3189-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3189-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-1042-raspi2\", ver:\"4.4.0-1042.49\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-1046-snapdragon\", ver:\"4.4.0-1046.50\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-62-generic\", ver:\"4.4.0-62.83\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-62-generic-lpae\", ver:\"4.4.0-62.83\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-62-lowlatency\", ver:\"4.4.0-62.83\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-62-powerpc-e500mc\", ver:\"4.4.0-62.83\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-62-powerpc-smp\", ver:\"4.4.0-62.83\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-62-powerpc64-emb\", ver:\"4.4.0-62.83\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-62-powerpc64-smp\", ver:\"4.4.0-62.83\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.4.0.62.65\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.4.0.62.65\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.4.0.62.65\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.4.0.62.65\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.4.0.62.65\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.4.0.62.65\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.4.0.62.65\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"4.4.0.1042.41\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"4.4.0.1046.38\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:40:48", "references": ["http://www.ubuntu.com/usn/usn-3190-2/", "3190-2"], "pluginID": "1361412562310843050", "description": "Check the version of linux-raspi2", "edition": 6, "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "published": "2017-02-10T00:00:00", "title": "Ubuntu Update for linux-raspi2 USN-3190-2", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9777", "CVE-2016-8399", "CVE-2016-8632", "CVE-2016-10147", "CVE-2016-10150"], "modified": "2018-08-17T00:00:00", "id": "OPENVAS:1361412562310843050", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843050", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-raspi2 USN-3190-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843050\");\n script_version(\"$Revision: 11037 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-08-17 13:51:16 +0200 (Fri, 17 Aug 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-02-10 05:51:10 +0100 (Fri, 10 Feb 2017)\");\n script_cve_id(\"CVE-2016-10147\", \"CVE-2016-10150\", \"CVE-2016-8399\", \"CVE-2016-8632\", \"CVE-2016-9777\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-raspi2 USN-3190-2\");\n script_tag(name:\"summary\", value:\"Check the version of linux-raspi2\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Mikulas Patocka discovered that the asynchronous multibuffer cryptographic\ndaemon (mcryptd) in the Linux kernel did not properly handle being invoked\nwith incompatible algorithms. A local attacker could use this to cause a\ndenial of service (system crash). (CVE-2016-10147)\n\nIt was discovered that a use-after-free existed in the KVM susbsystem of\nthe Linux kernel when creating devices. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2016-10150)\n\nQidan He discovered that the ICMP implementation in the Linux kernel did\nnot properly check the size of an ICMP header. A local attacker with\nCAP_NET_ADMIN could use this to expose sensitive information.\n(CVE-2016-8399)\n\nQian Zhang discovered a heap-based buffer overflow in the tipc_msg_build()\nfunction in the Linux kernel. A local attacker could use to cause a denial\nof service (system crash) or possible execute arbitrary code with\nadministrative privileges. (CVE-2016-8632)\n\nDmitry Vyukov discovered that the KVM implementation in the Linux kernel\ndid not properly restrict the VCPU index when I/O APIC is enabled, An\nattacker in a guest VM could use this to cause a denial of service (system\ncrash) or possibly gain privileges in the host OS. (CVE-2016-9777)\");\n script_tag(name:\"affected\", value:\"linux-raspi2 on Ubuntu 16.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3190-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3190-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.10\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU16.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.8.0-1024-raspi2\", ver:\"4.8.0-1024.27\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"4.8.0.1024.27\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:41:50", "references": ["3190-1", "http://www.ubuntu.com/usn/usn-3190-1/"], "pluginID": "1361412562310843041", "description": "Check the version of linux", "edition": 6, "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "published": "2017-02-04T00:00:00", "title": "Ubuntu Update for linux USN-3190-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9777", "CVE-2016-8399", "CVE-2016-8632", "CVE-2016-10147", "CVE-2016-10150"], "modified": "2018-08-17T00:00:00", "id": "OPENVAS:1361412562310843041", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843041", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux USN-3190-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843041\");\n script_version(\"$Revision: 11037 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-08-17 13:51:16 +0200 (Fri, 17 Aug 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-02-04 05:46:31 +0100 (Sat, 04 Feb 2017)\");\n script_cve_id(\"CVE-2016-10147\", \"CVE-2016-10150\", \"CVE-2016-8399\", \"CVE-2016-8632\", \"CVE-2016-9777\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux USN-3190-1\");\n script_tag(name:\"summary\", value:\"Check the version of linux\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Mikulas Patocka discovered that the asynchronous\n multibuffer cryptographic daemon (mcryptd) in the Linux kernel did not properly\n handle being invoked with incompatible algorithms. A local attacker could use this\n to cause a denial of service (system crash). (CVE-2016-10147)\n\nIt was discovered that a use-after-free existed in the KVM susbsystem of\nthe Linux kernel when creating devices. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2016-10150)\n\nQidan He discovered that the ICMP implementation in the Linux kernel did\nnot properly check the size of an ICMP header. A local attacker with\nCAP_NET_ADMIN could use this to expose sensitive information.\n(CVE-2016-8399)\n\nQian Zhang discovered a heap-based buffer overflow in the tipc_msg_build()\nfunction in the Linux kernel. A local attacker could use to cause a denial\nof service (system crash) or possible execute arbitrary code with\nadministrative privileges. (CVE-2016-8632)\n\nDmitry Vyukov discovered that the KVM implementation in the Linux kernel\ndid not properly restrict the VCPU index when I/O APIC is enabled, An\nattacker in a guest VM could use this to cause a denial of service (system\ncrash) or possibly gain privileges in the host OS. (CVE-2016-9777)\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 16.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3190-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3190-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.10\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU16.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.8.0-37-generic\", ver:\"4.8.0-37.39\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.8.0-37-generic-lpae\", ver:\"4.8.0-37.39\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.8.0-37-lowlatency\", ver:\"4.8.0-37.39\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.8.0-37-powerpc-e500mc\", ver:\"4.8.0-37.39\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.8.0-37-powerpc-smp\", ver:\"4.8.0-37.39\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.8.0-37-powerpc64-emb\", ver:\"4.8.0-37.39\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.8.0.37.46\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.8.0.37.46\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.8.0.37.46\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.8.0.37.46\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.8.0.37.46\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.8.0.37.46\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:41:52", "references": ["2017:0817-01", "https://www.redhat.com/archives/rhsa-announce/2017-March/msg00055.html"], "pluginID": "1361412562310871783", "description": "Check the version of kernel", "edition": 4, "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "published": "2017-03-22T00:00:00", "title": "RedHat Update for kernel RHSA-2017:0817-01", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-2384", "CVE-2016-7097", "CVE-2016-8399", "CVE-2016-6480", "CVE-2016-2069", "CVE-2016-10088", "CVE-2016-9576", "CVE-2016-10142", "CVE-2016-7042"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:1361412562310871783", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871783", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2017:0817-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871783\");\n script_version(\"$Revision: 6691 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:51:43 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2017-03-22 05:48:26 +0100 (Wed, 22 Mar 2017)\");\n script_cve_id(\"CVE-2016-10088\", \"CVE-2016-10142\", \"CVE-2016-2069\", \"CVE-2016-2384\",\n \"CVE-2016-6480\", \"CVE-2016-7042\", \"CVE-2016-7097\", \"CVE-2016-8399\",\n \"CVE-2016-9576\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for kernel RHSA-2017:0817-01\");\n script_tag(name: \"summary\", value: \"Check the version of kernel\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The kernel packages contain the Linux\nkernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* It was discovered that a remote attacker could leverage the generation of\nIPv6 atomic fragments to trigger the use of fragmentation in an arbitrary\nIPv6 flow (in scenarios in which actual fragmentation of packets is not\nneeded) and could subsequently perform any type of a fragmentation-based\nattack against legacy IPv6 nodes that do not implement RFC6946.\n(CVE-2016-10142, Moderate)\n\n* A flaw was discovered in the way the Linux kernel dealt with paging\nstructures. When the kernel invalidated a paging structure that was not in\nuse locally, it could, in principle, race against another CPU that is\nswitching to a process that uses the paging structure in question. A local\nuser could use a thread running with a stale cached virtual- physical\ntranslation to potentially escalate their privileges if the translation in\nquestion were writable and the physical page got reused for something\ncritical (for example, a page table). (CVE-2016-2069, Moderate)\n\n* A race condition flaw was found in the ioctl_send_fib() function in the\nLinux kernel's aacraid implementation. A local attacker could use this flaw\nto cause a denial of service (out-of-bounds access or system crash) by\nchanging a certain size value. (CVE-2016-6480, Moderate)\n\n* It was found that when the gcc stack protector was enabled, reading the\n/proc/keys file could cause a panic in the Linux kernel due to stack\ncorruption. This happened because an incorrect buffer size was used to hold\na 64-bit timeout value rendered as weeks. (CVE-2016-7042, Moderate)\n\n* It was found that when file permissions were modified via chmod and the\nuser modifying them was not in the owning group or capable of CAP_FSETID,\nthe setgid bit would be cleared. Setting a POSIX ACL via setxattr sets the\nfile permissions as well as the new ACL, but doesn't clear the setgid bit\nin a similar way. This could allow a local user to gain group privileges\nvia certain setgid applications. (CVE-2016-7097, Moderate)\n\n* A flaw was found in the Linux networking subsystem where a local attacker\nwith CAP_NET_ADMIN capabilities could cause an out-of-bounds memory access\nby creating a smaller-than-expected ICMP header and sending to its\ndestination via sendto(). (CVE-2016-8399, Moderate)\n\n* It was found that the blk_rq_map_user_iov() function in the Linux\nkernel's block device implementation did not properly restrict the type of\niterator, which could allow a local attacker to re ... \n\n Description truncated, for more information please check the Reference URL\");\n script_tag(name: \"affected\", value: \"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"RHSA\", value: \"2017:0817-01\");\n script_xref(name: \"URL\" , value: \"https://www.redhat.com/archives/rhsa-announce/2017-March/msg00055.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~696.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~696.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~696.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~696.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~696.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~696.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~696.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~696.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~696.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~2.6.32~696.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~2.6.32~696.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~696.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~696.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~696.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~696.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-01T10:24:16", "references": ["2017:2930-01", "https://www.redhat.com/archives/rhsa-announce/2017-October/msg00025.html"], "pluginID": "1361412562310812046", "description": "Check the version of kernel", "edition": 4, "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "published": "2017-10-20T00:00:00", "title": "RedHat Update for kernel RHSA-2017:2930-01", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-11176", "CVE-2017-7184", "CVE-2017-1000111", "CVE-2016-8399", "CVE-2017-14106", "CVE-2017-1000112", "CVE-2017-7558", "CVE-2017-7541", "CVE-2017-7542"], "modified": "2018-10-01T00:00:00", "id": "OPENVAS:1361412562310812046", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812046", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_RHSA-2017_2930-01_kernel.nasl 11700 2018-10-01 04:58:46Z ckuersteiner $\n#\n# RedHat Update for kernel RHSA-2017:2930-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812046\");\n script_version(\"$Revision: 11700 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-01 06:58:46 +0200 (Mon, 01 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-10-20 08:39:36 +0200 (Fri, 20 Oct 2017)\");\n script_cve_id(\"CVE-2016-8399\", \"CVE-2017-1000111\", \"CVE-2017-1000112\", \"CVE-2017-11176\",\n \"CVE-2017-14106\", \"CVE-2017-7184\", \"CVE-2017-7541\", \"CVE-2017-7542\",\n \"CVE-2017-7558\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for kernel RHSA-2017:2930-01\");\n script_tag(name: \"summary\", value: \"Check the version of kernel\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of\n detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The kernel packages contain the Linux kernel,\n the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* Out-of-bounds kernel heap access vulnerability was found in xfrm,\nkernel's IP framework for transforming packets. An error dealing with\nnetlink messages from an unprivileged user leads to arbitrary read/write\nand privilege escalation. (CVE-2017-7184, Important)\n\n* A race condition issue leading to a use-after-free flaw was found in the\nway the raw packet sockets are implemented in the Linux kernel networking\nsubsystem handling synchronization. A local user able to open a raw packet\nsocket (requires the CAP_NET_RAW capability) could use this flaw to elevate\ntheir privileges on the system. (CVE-2017-1000111, Important)\n\n* An exploitable memory corruption flaw was found in the Linux kernel. The\nappend path can be erroneously switched from UFO to non-UFO in\nip_ufo_append_data() when building an UFO packet with MSG_MORE option. If\nunprivileged user namespaces are available, this flaw can be exploited to\ngain root privileges. (CVE-2017-1000112, Important)\n\n* A flaw was found in the Linux networking subsystem where a local attacker\nwith CAP_NET_ADMIN capabilities could cause an out-of-bounds memory access\nby creating a smaller-than-expected ICMP header and sending to its\ndestination via sendto(). (CVE-2016-8399, Moderate)\n\n* Kernel memory corruption due to a buffer overflow was found in\nbrcmf_cfg80211_mgmt_tx() function in Linux kernels from v3.9-rc1 to\nv4.13-rc1. The vulnerability can be triggered by sending a crafted\nNL80211_CMD_FRAME packet via netlink. This flaw is unlikely to be triggered\nremotely as certain userspace code is needed for this. An unprivileged\nlocal user could use this flaw to induce kernel memory corruption on the\nsystem, leading to a crash. Due to the nature of the flaw, privilege\nescalation cannot be fully ruled out, although it is unlikely.\n(CVE-2017-7541, Moderate)\n\n* An integer overflow vulnerability in ip6_find_1stfragopt() function was\nfound. A local attacker that has privileges (of CAP_NET_RAW) to open raw\nsocket can cause an infinite loop inside the ip6_find_1stfragopt()\nfunction. (CVE-2017-7542, Moderate)\n\n* A kernel data leak due to an out-of-bound read was found in the Linux\nkernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info()\nfunctions present since version 4.7-rc1 through version 4.13. A data leak\nhappens when these functions fill in sockaddr data structures used to\nexport socket's diagnostic information. As a result, up to 100 bytes of the\nslab data could be leaked to a userspace. (CVE-2017-7558, Moderate)\n\n* The mq_n ... \n\n Description truncated, for more information please check the Reference URL\");\n script_tag(name: \"affected\", value: \"kernel on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"RHSA\", value: \"2017:2930-01\");\n script_xref(name: \"URL\" , value: \"https://www.redhat.com/archives/rhsa-announce/2017-October/msg00025.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~3.10.0~693.5.2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~3.10.0~693.5.2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~693.5.2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~693.5.2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~3.10.0~693.5.2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~693.5.2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~3.10.0~693.5.2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~3.10.0~693.5.2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~693.5.2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~693.5.2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~693.5.2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-debuginfo\", rpm:\"kernel-tools-debuginfo~3.10.0~693.5.2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~693.5.2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~693.5.2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~3.10.0~693.5.2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~693.5.2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~3.10.0~693.5.2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-01T10:25:36", "references": ["2017:2930", "http://lists.centos.org/pipermail/centos-announce/2017-October/022605.html"], "pluginID": "1361412562310882792", "description": "Check the version of kernel", "edition": 4, "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "published": "2017-10-25T00:00:00", "title": "CentOS Update for kernel CESA-2017:2930 centos7 ", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-11176", "CVE-2017-7184", "CVE-2017-1000111", "CVE-2016-8399", "CVE-2017-14106", "CVE-2017-1000112", "CVE-2017-7558", "CVE-2017-7541", "CVE-2017-7542"], "modified": "2018-10-01T00:00:00", "id": "OPENVAS:1361412562310882792", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882792", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_CESA-2017_2930_kernel_centos7.nasl 11700 2018-10-01 04:58:46Z ckuersteiner $\n#\n# CentOS Update for kernel CESA-2017:2930 centos7 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882792\");\n script_version(\"$Revision: 11700 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-01 06:58:46 +0200 (Mon, 01 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-10-25 15:03:50 +0200 (Wed, 25 Oct 2017)\");\n script_cve_id(\"CVE-2016-8399\", \"CVE-2017-1000111\", \"CVE-2017-1000112\", \"CVE-2017-11176\", \n \"CVE-2017-14106\", \"CVE-2017-7184\", \"CVE-2017-7541\", \"CVE-2017-7542\", \n \"CVE-2017-7558\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for kernel CESA-2017:2930 centos7 \");\n script_tag(name: \"summary\", value: \"Check the version of kernel\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help \nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The kernel packages contain the Linux kernel, \nthe core of any Linux operating system.\n\nSecurity Fix(es):\n\n* Out-of-bounds kernel heap access vulnerability was found in xfrm,\nkernel's IP framework for transforming packets. An error dealing with\nnetlink messages from an unprivileged user leads to arbitrary read/write\nand privilege escalation. (CVE-2017-7184, Important)\n\n* A race condition issue leading to a use-after-free flaw was found in the\nway the raw packet sockets are implemented in the Linux kernel networking\nsubsystem handling synchronization. A local user able to open a raw packet\nsocket (requires the CAP_NET_RAW capability) could use this flaw to elevate\ntheir privileges on the system. (CVE-2017-1000111, Important)\n\n* An exploitable memory corruption flaw was found in the Linux kernel. The\nappend path can be erroneously switched from UFO to non-UFO in\nip_ufo_append_data() when building an UFO packet with MSG_MORE option. If\nunprivileged user namespaces are available, this flaw can be exploited to\ngain root privileges. (CVE-2017-1000112, Important)\n\n* A flaw was found in the Linux networking subsystem where a local attacker\nwith CAP_NET_ADMIN capabilities could cause an out-of-bounds memory access\nby creating a smaller-than-expected ICMP header and sending to its\ndestination via sendto(). (CVE-2016-8399, Moderate)\n\n* Kernel memory corruption due to a buffer overflow was found in\nbrcmf_cfg80211_mgmt_tx() function in Linux kernels from v3.9-rc1 to\nv4.13-rc1. The vulnerability can be triggered by sending a crafted\nNL80211_CMD_FRAME packet via netlink. This flaw is unlikely to be triggered\nremotely as certain userspace code is needed for this. An unprivileged\nlocal user could use this flaw to induce kernel memory corruption on the\nsystem, leading to a crash. Due to the nature of the flaw, privilege\nescalation cannot be fully ruled out, although it is unlikely.\n(CVE-2017-7541, Moderate)\n\n* An integer overflow vulnerability in ip6_find_1stfragopt() function was\nfound. A local attacker that has privileges (of CAP_NET_RAW) to open raw\nsocket can cause an infinite loop inside the ip6_find_1stfragopt()\nfunction. (CVE-2017-7542, Moderate)\n\n* A kernel data leak due to an out-of-bound read was found in the Linux\nkernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info()\nfunctions present since version 4.7-rc1 through version 4.13. A data leak\nhappens when these functions fill in sockaddr data structures used to\nexport socket's diagnostic information. As a result, up to 100 bytes of the\nslab data could be leaked to a userspace. (CVE-2017-7558, Moderate)\n\n* The mq_notify function in the Linux ke ... \n\n Description truncated, for more information please check the Reference URL\");\n script_tag(name: \"affected\", value: \"kernel on CentOS 7\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"CESA\", value: \"2017:2930\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2017-October/022605.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~693.5.2.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~3.10.0~693.5.2.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~693.5.2.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~693.5.2.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~693.5.2.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~3.10.0~693.5.2.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~693.5.2.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~693.5.2.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~693.5.2.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~693.5.2.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~693.5.2.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~693.5.2.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:09:00", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2016-10147", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-8399"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.4.0-62.83", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-62-powerpc64-emb", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-generic - 4.4.0.62.65", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.4.0-62.83", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-62-powerpc-e500mc", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-lowlatency - 4.4.0.62.65", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.4.0-1046.50", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-1046-snapdragon", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.4.0-62.83", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-62-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.4.0-62.83", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-62-lowlatency", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.4.0-62.83", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-62-powerpc-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.4.0-62.83", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-62-powerpc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc64-smp - 4.4.0.62.65", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc-smp - 4.4.0.62.65", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-snapdragon - 4.4.0.1046.38", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-raspi2 - 4.4.0.1042.41", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-generic-lpae - 4.4.0.62.65", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.4.0-1042.49", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-1042-raspi2", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc64-emb - 4.4.0.62.65", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.4.0-62.83", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-62-generic-lpae", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc-e500mc - 4.4.0.62.65", "operator": "lt"}], "description": "Mikulas Patocka discovered that the asynchronous multibuffer cryptographic daemon (mcryptd) in the Linux kernel did not properly handle being invoked with incompatible algorithms. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-10147)\n\nQidan He discovered that the ICMP implementation in the Linux kernel did not properly check the size of an ICMP header. A local attacker with CAP_NET_ADMIN could use this to expose sensitive information. (CVE-2016-8399)", "edition": 3, "reporter": "Ubuntu", "published": "2017-02-03T00:00:00", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-8399", "CVE-2016-10147"], "modified": "2017-02-03T00:00:00", "id": "USN-3189-1", "href": "https://usn.ubuntu.com/3189-1/", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:47", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2016-10147", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-8399", "https://usn.ubuntu.com/usn/usn-3189-1"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0-62.83~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-62-powerpc-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0.62.48", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc64-smp-lts-xenial", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0.62.48", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc-e500mc-lts-xenial", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0.62.48", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc64-emb-lts-xenial", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0.62.48", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-lowlatency-lts-xenial", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0.62.48", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc-smp-lts-xenial", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0.62.48", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-generic-lts-xenial", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0-62.83~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-62-powerpc-e500mc", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0-62.83~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-62-generic-lpae", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0-62.83~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-62-lowlatency", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0-62.83~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-62-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0.62.48", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-generic-lpae-lts-xenial", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0-62.83~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-62-powerpc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0-62.83~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-62-powerpc64-emb", "operator": "lt"}], "description": "USN-3189-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS.\n\nMikulas Patocka discovered that the asynchronous multibuffer cryptographic daemon (mcryptd) in the Linux kernel did not properly handle being invoked with incompatible algorithms. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-10147)\n\nQidan He discovered that the ICMP implementation in the Linux kernel did not properly check the size of an ICMP header. A local attacker with CAP_NET_ADMIN could use this to expose sensitive information. (CVE-2016-8399)", "edition": 3, "reporter": "Ubuntu", "published": "2017-02-03T00:00:00", "title": "Linux kernel (Xenial HWE) vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-8399", "CVE-2016-10147"], "modified": "2017-02-03T00:00:00", "id": "USN-3189-2", "href": "https://usn.ubuntu.com/3189-2/", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:09:52", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2016-9777", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-8632", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-10147", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-10150", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-8399", "https://usn.ubuntu.com/usn/usn-3190-1"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "16.10", "packageVersion": "4.8.0.1024.27", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-raspi2", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.10", "packageVersion": "4.8.0-1024.27", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.8.0-1024-raspi2", "operator": "lt"}], "description": "Mikulas Patocka discovered that the asynchronous multibuffer cryptographic daemon (mcryptd) in the Linux kernel did not properly handle being invoked with incompatible algorithms. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-10147)\n\nIt was discovered that a use-after-free existed in the KVM susbsystem of the Linux kernel when creating devices. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-10150)\n\nQidan He discovered that the ICMP implementation in the Linux kernel did not properly check the size of an ICMP header. A local attacker with CAP_NET_ADMIN could use this to expose sensitive information. (CVE-2016-8399)\n\nQian Zhang discovered a heap-based buffer overflow in the tipc_msg_build() function in the Linux kernel. A local attacker could use to cause a denial of service (system crash) or possible execute arbitrary code with administrative privileges. (CVE-2016-8632)\n\nDmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly restrict the VCPU index when I/O APIC is enabled, An attacker in a guest VM could use this to cause a denial of service (system crash) or possibly gain privileges in the host OS. (CVE-2016-9777)", "edition": 3, "reporter": "Ubuntu", "published": "2017-02-10T00:00:00", "title": "Linux kernel (Raspberry Pi 2) vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-9777", "CVE-2016-8399", "CVE-2016-8632", "CVE-2016-10147", "CVE-2016-10150"], "modified": "2017-02-10T00:00:00", "id": "USN-3190-2", "href": "https://usn.ubuntu.com/3190-2/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:09:24", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2016-9777", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-8632", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-10147", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-10150", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-8399"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "16.10", "packageVersion": "4.8.0-37.39", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.8.0-37-lowlatency", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.10", "packageVersion": "4.8.0.37.46", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc64-emb", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.10", "packageVersion": "4.8.0-37.39", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.8.0-37-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.10", "packageVersion": "4.8.0.37.46", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-generic-lpae", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.10", "packageVersion": "4.8.0.37.46", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc-e500mc", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.10", "packageVersion": "4.8.0-37.39", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.8.0-37-powerpc-e500mc", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.10", "packageVersion": "4.8.0.37.46", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.10", "packageVersion": "4.8.0.37.46", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.10", "packageVersion": "4.8.0.37.46", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-lowlatency", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.10", "packageVersion": "4.8.0-37.39", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.8.0-37-powerpc64-emb", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.10", "packageVersion": "4.8.0-37.39", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.8.0-37-generic-lpae", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.10", "packageVersion": "4.8.0-37.39", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.8.0-37-powerpc-smp", "operator": "lt"}], "description": "Mikulas Patocka discovered that the asynchronous multibuffer cryptographic daemon (mcryptd) in the Linux kernel did not properly handle being invoked with incompatible algorithms. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-10147)\n\nIt was discovered that a use-after-free existed in the KVM susbsystem of the Linux kernel when creating devices. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-10150)\n\nQidan He discovered that the ICMP implementation in the Linux kernel did not properly check the size of an ICMP header. A local attacker with CAP_NET_ADMIN could use this to expose sensitive information. (CVE-2016-8399)\n\nQian Zhang discovered a heap-based buffer overflow in the tipc_msg_build() function in the Linux kernel. A local attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-8632)\n\nDmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly restrict the VCPU index when I/O APIC is enabled, An attacker in a guest VM could use this to cause a denial of service (system crash) or possibly gain privileges in the host OS. (CVE-2016-9777)", "edition": 3, "reporter": "Ubuntu", "published": "2017-02-03T00:00:00", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-9777", "CVE-2016-8399", "CVE-2016-8632", "CVE-2016-10147", "CVE-2016-10150"], "modified": "2017-02-03T00:00:00", "id": "USN-3190-1", "href": "https://usn.ubuntu.com/3190-1/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cloudfoundry": [{"lastseen": "2018-09-07T03:25:36", "references": [], "description": "# \n\n# **Severity**\n\nMedium\n\n# **Vendor**\n\nCanonical Ubuntu\n\n# **Versions Affected**\n\n * Canonical Ubuntu 14.04 LTS\n\n# **Description**\n\nUSN-3189-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. \n \nMikulas Patocka discovered that the asynchronous multi buffer cryptographic daemon (mcryptd) in the Linux kernel did not properly handle being invoked with incompatible algorithms. A local attacker could use this to cause a denial of service (system crash). ([CVE-2016-10147](<https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-10147.html>)) \n \nQidan He discovered that the ICMP implementation in the Linux kernel did not properly check the size of an ICMP header. A local attacker withCAP_NET_ADMIN could use this to expose sensitive information.([CVE-2016-8399](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-8399.html>))\n\n# **Affected Cloud Foundry Products and Versions**\n\n_Severity is medium unless otherwise noted._\n\n * Cloud Foundry BOSH stemcells are vulnerable, including:\n * 3151.x versions prior to 3151.11\n * 3233.x versions prior to 3233.14\n * 3263.x versions prior to 3263.20\n * 3312.x versions prior to 3312.20\n * 3363.x versions prior to 3363.9\n\n# **Mitigation**\n\nOSS users are strongly encouraged to follow one of the mitigations below:\n\n * The Cloud Foundry team recommends upgrading to the following BOSH stemcells:\n * Upgrade 3151.x versions to 3151.11\n * Upgrade 3233.x versions to 3233.14\n * Upgrade 3263.x versions to 3263.20\n * Upgrade 3312.x versions to 3312.20\n * Upgrade 3363.x versions to 3363.9\n\n# **References**\n\n * [https://www.ubuntu.com/usn/usn-3189-2/](<https://www.ubuntu.com/usn/usn-3189-2/>)\n * [https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-10147.html](<https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-10147.html>)\n * [http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-8399.html](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-8399.html>)\n", "edition": 4, "reporter": "Cloud Foundry", "published": "2017-03-14T00:00:00", "title": "USN-3189-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry", "type": "cloudfoundry", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2016-8399", "CVE-2016-10147"], "modified": "2017-03-14T00:00:00", "id": "CFOUNDRY:E4E1DF639E31042E2C6F495D3AD4AB50", "href": "https://www.cloudfoundry.org/blog/usn-3189-2/", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "amazon": [{"lastseen": "2018-10-02T16:55:21", "references": [], "affectedPackage": [{"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.39-34.54.amzn1", "arch": "i686", "packageFilename": "kernel-tools-debuginfo-4.4.39-34.54.amzn1.i686.rpm", "packageName": "kernel-tools-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.39-34.54.amzn1", "arch": "src", "packageFilename": "kernel-4.4.39-34.54.amzn1.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.39-34.54.amzn1", "arch": "x86_64", "packageFilename": "kernel-debuginfo-common-x86_64-4.4.39-34.54.amzn1.x86_64.rpm", "packageName": "kernel-debuginfo-common-x86_64", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.39-34.54.amzn1", "arch": "i686", "packageFilename": "kernel-tools-devel-4.4.39-34.54.amzn1.i686.rpm", "packageName": "kernel-tools-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.39-34.54.amzn1", "arch": "x86_64", "packageFilename": "kernel-headers-4.4.39-34.54.amzn1.x86_64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.39-34.54.amzn1", "arch": "x86_64", "packageFilename": "kernel-devel-4.4.39-34.54.amzn1.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.39-34.54.amzn1", "arch": "i686", "packageFilename": "perf-debuginfo-4.4.39-34.54.amzn1.i686.rpm", "packageName": "perf-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.39-34.54.amzn1", "arch": "x86_64", "packageFilename": "kernel-debuginfo-4.4.39-34.54.amzn1.x86_64.rpm", "packageName": "kernel-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.39-34.54.amzn1", "arch": "x86_64", "packageFilename": "perf-4.4.39-34.54.amzn1.x86_64.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.39-34.54.amzn1", "arch": "i686", "packageFilename": "kernel-debuginfo-4.4.39-34.54.amzn1.i686.rpm", "packageName": "kernel-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.39-34.54.amzn1", "arch": "i686", "packageFilename": "kernel-4.4.39-34.54.amzn1.i686.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.39-34.54.amzn1", "arch": "i686", "packageFilename": "kernel-headers-4.4.39-34.54.amzn1.i686.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.39-34.54.amzn1", "arch": "x86_64", "packageFilename": "kernel-tools-4.4.39-34.54.amzn1.x86_64.rpm", "packageName": "kernel-tools", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.39-34.54.amzn1", "arch": "x86_64", "packageFilename": "perf-debuginfo-4.4.39-34.54.amzn1.x86_64.rpm", "packageName": "perf-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.39-34.54.amzn1", "arch": "x86_64", "packageFilename": "kernel-4.4.39-34.54.amzn1.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.39-34.54.amzn1", "arch": "noarch", "packageFilename": "kernel-doc-4.4.39-34.54.amzn1.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.39-34.54.amzn1", "arch": "x86_64", "packageFilename": "kernel-tools-devel-4.4.39-34.54.amzn1.x86_64.rpm", "packageName": "kernel-tools-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.39-34.54.amzn1", "arch": "i686", "packageFilename": "kernel-tools-4.4.39-34.54.amzn1.i686.rpm", "packageName": "kernel-tools", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.39-34.54.amzn1", "arch": "i686", "packageFilename": "kernel-debuginfo-common-i686-4.4.39-34.54.amzn1.i686.rpm", "packageName": "kernel-debuginfo-common-i686", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.39-34.54.amzn1", "arch": "i686", "packageFilename": "perf-4.4.39-34.54.amzn1.i686.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.39-34.54.amzn1", "arch": "i686", "packageFilename": "kernel-devel-4.4.39-34.54.amzn1.i686.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.39-34.54.amzn1", "arch": "x86_64", "packageFilename": "kernel-tools-debuginfo-4.4.39-34.54.amzn1.x86_64.rpm", "packageName": "kernel-tools-debuginfo", "operator": "lt"}], "description": "**Issue Overview:**\n\nA flaw was found in the Linux kernel key management subsystem in which a local attacker could crash the kernel or corrupt the stack and additional memory (denial of service) by supplying a specially crafted RSA key. This flaw panics the machine during the verification of the RSA key. ([CVE-2016-8650 __](<https://access.redhat.com/security/cve/CVE-2016-8650>))\n\nThe blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device. ([CVE-2016-9576 __](<https://access.redhat.com/security/cve/CVE-2016-9576>))\n\nThe sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option. ([CVE-2016-9793 __](<https://access.redhat.com/security/cve/CVE-2016-9793>))\n\nA flaw was found in the Linux networking subsystem where a local attacker with CAP_NET_ADMIN capabilities could cause an out of bounds read by creating a smaller-than-expected ICMP header and sending to its destination via sendto(). ([CVE-2016-8399 __](<https://access.redhat.com/security/cve/CVE-2016-8399>))\n\nAlgorithms not compatible with mcryptd could be spawned by mcryptd with a direct crypto_alloc_tfm invocation using a \"mcryptd(alg)\" name construct. This causes mcryptd to crash the kernel if an arbitrary \"alg\" is incompatible and not intended to be used with mcryptd. ([CVE-2016-10147 __](<https://access.redhat.com/security/cve/CVE-2016-10147>))\n\n(Updated on 2017-01-19: [CVE-2016-8399 __](<https://access.redhat.com/security/cve/CVE-2016-8399>) was fixed in this release but was previously not part of this errata.) \n(Updated on 2017-02-22: [CVE-2016-10147 __](<https://access.redhat.com/security/cve/CVE-2016-10147>) was fixed in this release but was previously not part of this errata.)\n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. You will need to reboot your system in order for the new kernel to be running.\n\n \n\n\n**New Packages:**\n \n \n i686: \n kernel-debuginfo-4.4.39-34.54.amzn1.i686 \n kernel-headers-4.4.39-34.54.amzn1.i686 \n kernel-tools-debuginfo-4.4.39-34.54.amzn1.i686 \n kernel-tools-4.4.39-34.54.amzn1.i686 \n kernel-debuginfo-common-i686-4.4.39-34.54.amzn1.i686 \n kernel-4.4.39-34.54.amzn1.i686 \n kernel-devel-4.4.39-34.54.amzn1.i686 \n kernel-tools-devel-4.4.39-34.54.amzn1.i686 \n perf-debuginfo-4.4.39-34.54.amzn1.i686 \n perf-4.4.39-34.54.amzn1.i686 \n \n noarch: \n kernel-doc-4.4.39-34.54.amzn1.noarch \n \n src: \n kernel-4.4.39-34.54.amzn1.src \n \n x86_64: \n perf-4.4.39-34.54.amzn1.x86_64 \n kernel-tools-debuginfo-4.4.39-34.54.amzn1.x86_64 \n kernel-4.4.39-34.54.amzn1.x86_64 \n kernel-devel-4.4.39-34.54.amzn1.x86_64 \n kernel-headers-4.4.39-34.54.amzn1.x86_64 \n kernel-tools-4.4.39-34.54.amzn1.x86_64 \n kernel-debuginfo-common-x86_64-4.4.39-34.54.amzn1.x86_64 \n kernel-tools-devel-4.4.39-34.54.amzn1.x86_64 \n perf-debuginfo-4.4.39-34.54.amzn1.x86_64 \n kernel-debuginfo-4.4.39-34.54.amzn1.x86_64 \n \n \n", "edition": 1, "reporter": "Amazon", "published": "2017-02-22T12:00:00", "title": "Medium: kernel", "type": "amazon", "enchantments": {"score": {"modified": "2018-10-02T16:55:21", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-8650", "CVE-2016-8399", "CVE-2016-9793", "CVE-2016-10147", "CVE-2016-9576"], "modified": "2017-02-22T12:00:00", "id": "ALAS-2017-782", "href": "https://alas.aws.amazon.com/ALAS-2017-782.html", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2017-10-03T18:25:20", "references": ["https://rhn.redhat.com/errata/RHSA-2017-0817.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "packageFilename": "kernel-debug-2.6.32-696.el6.x86_64.rpm", "packageName": "kernel-debug", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "packageFilename": "kernel-debug-2.6.32-696.el6.i686.rpm", "packageName": "kernel-debug", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "packageFilename": "perf-2.6.32-696.el6.i686.rpm", "packageName": "perf", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "packageFilename": "kernel-2.6.32-696.el6.x86_64.rpm", "packageName": "kernel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "packageFilename": "kernel-debug-devel-2.6.32-696.el6.x86_64.rpm", "packageName": "kernel-debug-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "packageFilename": "kernel-headers-2.6.32-696.el6.x86_64.rpm", "packageName": "kernel-headers", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "packageFilename": "kernel-devel-2.6.32-696.el6.x86_64.rpm", "packageName": "kernel-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "packageFilename": "python-perf-2.6.32-696.el6.i686.rpm", "packageName": "python-perf", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "packageFilename": "kernel-abi-whitelists-2.6.32-696.el6.noarch.rpm", "packageName": "kernel-abi-whitelists", "arch": "noarch", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "packageFilename": "kernel-abi-whitelists-2.6.32-696.el6.noarch.rpm", "packageName": "kernel-abi-whitelists", "arch": "noarch", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "packageFilename": "kernel-devel-2.6.32-696.el6.i686.rpm", "packageName": "kernel-devel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "packageFilename": "perf-2.6.32-696.el6.x86_64.rpm", "packageName": "perf", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "packageFilename": "kernel-firmware-2.6.32-696.el6.noarch.rpm", "packageName": "kernel-firmware", "arch": "noarch", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "packageFilename": "kernel-firmware-2.6.32-696.el6.noarch.rpm", "packageName": "kernel-firmware", "arch": "noarch", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "packageFilename": "python-perf-2.6.32-696.el6.x86_64.rpm", "packageName": "python-perf", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "packageFilename": "kernel-headers-2.6.32-696.el6.i686.rpm", "packageName": "kernel-headers", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "packageFilename": "kernel-2.6.32-696.el6.i686.rpm", "packageName": "kernel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "packageFilename": "kernel-2.6.32-696.el6.src.rpm", "packageName": "kernel", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "packageFilename": "kernel-debug-devel-2.6.32-696.el6.i686.rpm", "packageName": "kernel-debug-devel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "packageFilename": "kernel-debug-devel-2.6.32-696.el6.i686.rpm", "packageName": "kernel-debug-devel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "packageFilename": "kernel-doc-2.6.32-696.el6.noarch.rpm", "packageName": "kernel-doc", "arch": "noarch", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "packageFilename": "kernel-doc-2.6.32-696.el6.noarch.rpm", "packageName": "kernel-doc", "arch": "noarch", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2017:0817\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* It was discovered that a remote attacker could leverage the generation of IPv6 atomic fragments to trigger the use of fragmentation in an arbitrary IPv6 flow (in scenarios in which actual fragmentation of packets is not needed) and could subsequently perform any type of a fragmentation-based attack against legacy IPv6 nodes that do not implement RFC6946. (CVE-2016-10142, Moderate)\n\n* A flaw was discovered in the way the Linux kernel dealt with paging structures. When the kernel invalidated a paging structure that was not in use locally, it could, in principle, race against another CPU that is switching to a process that uses the paging structure in question. A local user could use a thread running with a stale cached virtual->physical translation to potentially escalate their privileges if the translation in question were writable and the physical page got reused for something critical (for example, a page table). (CVE-2016-2069, Moderate)\n\n* A race condition flaw was found in the ioctl_send_fib() function in the Linux kernel's aacraid implementation. A local attacker could use this flaw to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value. (CVE-2016-6480, Moderate)\n\n* It was found that when the gcc stack protector was enabled, reading the /proc/keys file could cause a panic in the Linux kernel due to stack corruption. This happened because an incorrect buffer size was used to hold a 64-bit timeout value rendered as weeks. (CVE-2016-7042, Moderate)\n\n* It was found that when file permissions were modified via chmod and the user modifying them was not in the owning group or capable of CAP_FSETID, the setgid bit would be cleared. Setting a POSIX ACL via setxattr sets the file permissions as well as the new ACL, but doesn't clear the setgid bit in a similar way. This could allow a local user to gain group privileges via certain setgid applications. (CVE-2016-7097, Moderate)\n\n* A flaw was found in the Linux networking subsystem where a local attacker with CAP_NET_ADMIN capabilities could cause an out-of-bounds memory access by creating a smaller-than-expected ICMP header and sending to its destination via sendto(). (CVE-2016-8399, Moderate)\n\n* It was found that the blk_rq_map_user_iov() function in the Linux kernel's block device implementation did not properly restrict the type of iterator, which could allow a local attacker to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging write access to a /dev/sg device. (CVE-2016-9576, CVE-2016-10088, Moderate)\n\n* A flaw was found in the USB-MIDI Linux kernel driver: a double-free error could be triggered for the 'umidi' object. An attacker with physical access to the system could use this flaw to escalate their privileges. (CVE-2016-2384, Low)\n\nThe CVE-2016-7042 issue was discovered by Ondrej Kozina (Red Hat) and the CVE-2016-7097 issue was discovered by Andreas Gruenbacher (Red Hat) and Jan Kara (SUSE).\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked from the References section.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2017-March/003811.html\n\n**Affected packages:**\nkernel\nkernel-abi-whitelists\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-firmware\nkernel-headers\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2017-0817.html", "edition": 1, "reporter": "CentOS Project", "published": "2017-03-24T15:34:16", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "title": "kernel, perf, python security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2016-2384", "CVE-2016-7097", "CVE-2016-8399", "CVE-2016-6480", "CVE-2016-2069", "CVE-2016-10088", "CVE-2016-9576", "CVE-2016-10142", "CVE-2016-7042"], "modified": "2017-03-24T15:34:16", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2017-March/003811.html", "id": "CESA-2017:0817", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T12:09:40", "references": ["https://access.redhat.com/errata/RHSA-2017:2930"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageFilename": "python-perf-3.10.0-693.5.2.el7.x86_64.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "noarch", "packageFilename": "kernel-doc-3.10.0-693.5.2.el7.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageFilename": "kernel-tools-3.10.0-693.5.2.el7.x86_64.rpm", "packageName": "kernel-tools", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageFilename": "kernel-3.10.0-693.5.2.el7.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageFilename": "perf-3.10.0-693.5.2.el7.x86_64.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageFilename": "kernel-debug-3.10.0-693.5.2.el7.x86_64.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageFilename": "kernel-tools-libs-3.10.0-693.5.2.el7.x86_64.rpm", "packageName": "kernel-tools-libs", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageFilename": "kernel-debug-devel-3.10.0-693.5.2.el7.x86_64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-3.10.0-693.5.2.el7.noarch.rpm", "packageName": "kernel-abi-whitelists", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageFilename": "kernel-devel-3.10.0-693.5.2.el7.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "any", "packageFilename": "kernel-3.10.0-693.5.2.el7.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageFilename": "kernel-tools-libs-devel-3.10.0-693.5.2.el7.x86_64.rpm", "packageName": "kernel-tools-libs-devel", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageFilename": "kernel-headers-3.10.0-693.5.2.el7.x86_64.rpm", "packageName": "kernel-headers", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2017:2930\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* Out-of-bounds kernel heap access vulnerability was found in xfrm, kernel's IP framework for transforming packets. An error dealing with netlink messages from an unprivileged user leads to arbitrary read/write and privilege escalation. (CVE-2017-7184, Important)\n\n* A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented in the Linux kernel networking subsystem handling synchronization. A local user able to open a raw packet socket (requires the CAP_NET_RAW capability) could use this flaw to elevate their privileges on the system. (CVE-2017-1000111, Important)\n\n* An exploitable memory corruption flaw was found in the Linux kernel. The append path can be erroneously switched from UFO to non-UFO in ip_ufo_append_data() when building an UFO packet with MSG_MORE option. If unprivileged user namespaces are available, this flaw can be exploited to gain root privileges. (CVE-2017-1000112, Important)\n\n* A flaw was found in the Linux networking subsystem where a local attacker with CAP_NET_ADMIN capabilities could cause an out-of-bounds memory access by creating a smaller-than-expected ICMP header and sending to its destination via sendto(). (CVE-2016-8399, Moderate)\n\n* Kernel memory corruption due to a buffer overflow was found in brcmf_cfg80211_mgmt_tx() function in Linux kernels from v3.9-rc1 to v4.13-rc1. The vulnerability can be triggered by sending a crafted NL80211_CMD_FRAME packet via netlink. This flaw is unlikely to be triggered remotely as certain userspace code is needed for this. An unprivileged local user could use this flaw to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is unlikely. (CVE-2017-7541, Moderate)\n\n* An integer overflow vulnerability in ip6_find_1stfragopt() function was found. A local attacker that has privileges (of CAP_NET_RAW) to open raw socket can cause an infinite loop inside the ip6_find_1stfragopt() function. (CVE-2017-7542, Moderate)\n\n* A kernel data leak due to an out-of-bound read was found in the Linux kernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in sockaddr data structures used to export socket's diagnostic information. As a result, up to 100 bytes of the slab data could be leaked to a userspace. (CVE-2017-7558, Moderate)\n\n* The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to possibly cause a situation where a value may be used after being freed (use-after-free) which may lead to memory corruption or other unspecified other impact. (CVE-2017-11176, Moderate)\n\n* A divide-by-zero vulnerability was found in the __tcp_select_window function in the Linux kernel. This can result in a kernel panic causing a local denial of service. (CVE-2017-14106, Moderate)\n\nRed Hat would like to thank Chaitin Security Research Lab for reporting CVE-2017-7184; Willem de Bruijn for reporting CVE-2017-1000111; and Andrey Konovalov for reporting CVE-2017-1000112. The CVE-2017-7558 issue was discovered by Stefano Brivio (Red Hat).\n\nSpace precludes documenting all of the bug fixes and enhancements included in this advisory. To see the complete list of bug fixes and enhancements, refer to the following KnowledgeBase article: https://access.redhat.com/node/3212921.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2017-October/022605.html\n\n**Affected packages:**\nkernel\nkernel-abi-whitelists\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-tools\nkernel-tools-libs\nkernel-tools-libs-devel\nperf\npython-perf\n\n**Upstream details at:**\n", "edition": 2, "reporter": "CentOS Project", "published": "2017-10-23T17:05:09", "title": "kernel, perf, python security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2017-11176", "CVE-2017-7184", "CVE-2017-1000111", "CVE-2016-8399", "CVE-2017-14106", "CVE-2017-1000112", "CVE-2017-7558", "CVE-2017-7541", "CVE-2017-7542"], "modified": "2017-10-23T17:05:09", "id": "CESA-2017:2930", "href": "http://lists.centos.org/pipermail/centos-announce/2017-October/022605.html", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2018-08-31T11:45:38", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageFilename": "python-perf-3.10.0-693.5.2.el7.x86_64.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageFilename": "kernel-3.10.0-693.5.2.el7.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageFilename": "kernel-devel-3.10.0-693.5.2.el7.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageFilename": "perf-3.10.0-693.5.2.el7.x86_64.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-3.10.0-693.5.2.el7.noarch.rpm", "packageName": "kernel-abi-whitelists", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageFilename": "kernel-debug-devel-3.10.0-693.5.2.el7.x86_64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "src", "packageFilename": "kernel-3.10.0-693.5.2.el7.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageFilename": "kernel-headers-3.10.0-693.5.2.el7.x86_64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageFilename": "kernel-tools-3.10.0-693.5.2.el7.x86_64.rpm", "packageName": "kernel-tools", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageFilename": "kernel-tools-libs-devel-3.10.0-693.5.2.el7.x86_64.rpm", "packageName": "kernel-tools-libs-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "noarch", "packageFilename": "kernel-doc-3.10.0-693.5.2.el7.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageFilename": "kernel-tools-libs-3.10.0-693.5.2.el7.x86_64.rpm", "packageName": "kernel-tools-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.el7", "arch": "x86_64", "packageFilename": "kernel-debug-3.10.0-693.5.2.el7.x86_64.rpm", "packageName": "kernel-debug", "operator": "lt"}], "description": "- [3.10.0-693.5.2.OL7]\n- Oracle Linux certificates (Alexey Petrenko)\n- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)\n- Update x509.genkey [bug 24817676]\n[3.10.0-693.5.2]\n- [mm] page_cgroup: Fix Kernel bug during boot with memory cgroups enabled (Larry Woodman) [1491970 1483747]\n- Revert: [mm] Fix Kernel bug during boot with memory cgroups enabled (Larry Woodman) [1491970 1483747]\n[3.10.0-693.5.1]\n- [netdrv] i40e: point wb_desc at the nvm_wb_desc during i40e_read_nvm_aq (Stefan Assmann) [1491972 1484232]\n- [netdrv] i40e: avoid NVM acquire deadlock during NVM update (Stefan Assmann) [1491972 1484232]\n- [mm] Fix Kernel bug during boot with memory cgroups enabled (Larry Woodman) [1491970 1483747]\n- [fs] nfsv4: Ensure we don't re-test revoked and freed stateids (Dave Wysochanski) [1491969 1459733]\n- [netdrv] bonding: commit link status change after propose (Jarod Wilson) [1491121 1469790]\n- [mm] page_alloc: ratelimit PFNs busy info message (Jonathan Toppins) [1491120 1383179]\n- [netdrv] cxgb4: avoid crash on PCI error recovery path (Gustavo Duarte) [1489872 1456990]\n- [scsi] Add STARGET_CREATED_REMOVE state to scsi_target_state (Ewan Milne) [1489814 1468727]\n- [net] tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0 (Davide Caratti) [1488341 1487061] {CVE-2017-14106}\n- [net] tcp: fix 0 divide in __tcp_select_window() (Davide Caratti) [1488341 1487061] {CVE-2017-14106}\n- [net] sctp: Avoid out-of-bounds reads from address storage (Stefano Brivio) [1484356 1484355] {CVE-2017-7558}\n- [net] udp: consistently apply ufo or fragmentation (Davide Caratti) [1481530 1481535] {CVE-2017-1000112}\n- [net] udp: account for current skb length when deciding about UFO (Davide Caratti) [1481530 1481535] {CVE-2017-1000112}\n- [net] ipv4: Should use consistent conditional judgement for ip fragment in __ip_append_data and ip_finish_output (Davide Caratti) [1481530 1481535] {CVE-2017-1000112}\n- [net] udp: avoid ufo handling on IP payload compression packets (Stefano Brivio) [1490263 1464161]\n- [pci] hv: Use vPCI protocol version 1.2 (Vitaly Kuznetsov) [1478256 1459202]\n- [pci] hv: Add vPCI version protocol negotiation (Vitaly Kuznetsov) [1478256 1459202]\n- [pci] hv: Use page allocation for hbus structure (Vitaly Kuznetsov) [1478256 1459202]\n- [pci] hv: Fix comment formatting and use proper integer fields (Vitaly Kuznetsov) [1478256 1459202]\n- [net] ipv6: accept 64k - 1 packet length in ip6_find_1stfragopt() (Stefano Brivio) [1477007 1477010] {CVE-2017-7542}\n- [net] ipv6: avoid overflow of offset in ip6_find_1stfragopt (Sabrina Dubroca) [1477007 1477010] {CVE-2017-7542}\n- [net] xfrm_user: validate XFRM_MSG_NEWAE incoming ESN size harder (Hannes Frederic Sowa) [1435672 1435670] {CVE-2017-7184}\n- [net] xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window (Hannes Frederic Sowa) [1435672 1435670] {CVE-2017-7184}\n- [net] l2cap: prevent stack overflow on incoming bluetooth packet (Neil Horman) [1489788 1489789] {CVE-2017-1000251}\n[3.10.0-693.4.1]\n- [fs] nfsv4: Add missing nfs_put_lock_context() (Benjamin Coddington) [1487271 1476826]\n- [fs] nfs: discard nfs_lockowner structure (Benjamin Coddington) [1487271 1476826]\n- [fs] nfsv4: enhance nfs4_copy_lock_stateid to use a flock stateid if there is one (Benjamin Coddington) [1487271 1476826]\n- [fs] nfsv4: change nfs4_select_rw_stateid to take a lock_context inplace of lock_owner (Benjamin Coddington) [1487271 1476826]\n- [fs] nfsv4: change nfs4_do_setattr to take an open_context instead of a nfs4_state (Benjamin Coddington) [1487271 1476826]\n- [fs] nfsv4: add flock_owner to open context (Benjamin Coddington) [1487271 1476826]\n- [fs] nfs: remove l_pid field from nfs_lockowner (Benjamin Coddington) [1487271 1476826]\n- [x86] platform/uv/bau: Disable BAU on single hub configurations (Frank Ramsay) [1487159 1487160 1472455 1473353]\n- [x86] platform/uv/bau: Fix congested_response_us not taking effect (Frank Ramsay) [1487159 1472455]\n- [fs] cifs: Disable encryption capability for RHEL 7.4 kernel (Sachin Prabhu) [1485445 1485445]\n- [fs] sunrpc: Handle EADDRNOTAVAIL on connection failures (Dave Wysochanski) [1484269 1479043]\n- [fs] include/linux/printk.h: include pr_fmt in pr_debug_ratelimited (Sachin Prabhu) [1484267 1472823]\n- [fs] printk: pr_debug_ratelimited: check state first to reduce 'callbacks suppressed' messages (Sachin Prabhu) [1484267 1472823]\n- [net] packet: fix tp_reserve race in packet_set_ring (Stefano Brivio) [1481938 1481940] {CVE-2017-1000111}\n- [fs] proc: revert /proc/\n/maps [stack:TID] annotation (Waiman Long) [1481724 1448534]\n- [net] ping: check minimum size on ICMP header length (Matteo Croce) [1481578 1481573] {CVE-2016-8399}\n- [ipc] mqueue: fix a use-after-free in sys_mq_notify() (Davide Caratti) [1476128 1476126] {CVE-2017-11176}\n- [netdrv] brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx() (Stanislaw Gruszka) [1474778 1474784] {CVE-2017-7541}\n[3.10.0-693.3.1]\n- [block] blk-mq-tag: fix wakeup hang after tag resize (Ming Lei) [1487281 1472434]", "edition": 4, "reporter": "Oracle", "published": "2017-10-19T00:00:00", "title": "kernel security and bug fix update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2017-11176", "CVE-2017-7184", "CVE-2017-1000111", "CVE-2016-8399", "CVE-2017-14106", "CVE-2017-1000251", "CVE-2017-1000112", "CVE-2017-7558", "CVE-2017-7541", "CVE-2017-7542"], "modified": "2017-10-19T00:00:00", "id": "ELSA-2017-2930", "href": "http://linux.oracle.com/errata/ELSA-2017-2930.html", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:41:41", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.0.1.el7", "arch": "x86_64", "packageFilename": "kernel-tools-libs-3.10.0-693.5.2.0.1.el7.x86_64.rpm", "packageName": "kernel-tools-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.0.1.el7", "arch": "src", "packageFilename": "kernel-3.10.0-693.5.2.0.1.el7.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.0.1.el7", "arch": "noarch", "packageFilename": "kernel-doc-3.10.0-693.5.2.0.1.el7.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.0.1.el7", "arch": "x86_64", "packageFilename": "kernel-3.10.0-693.5.2.0.1.el7.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.0.1.el7", "arch": "x86_64", "packageFilename": "kernel-tools-libs-devel-3.10.0-693.5.2.0.1.el7.x86_64.rpm", "packageName": "kernel-tools-libs-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.0.1.el7", "arch": "x86_64", "packageFilename": "kernel-debug-3.10.0-693.5.2.0.1.el7.x86_64.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.0.1.el7", "arch": "x86_64", "packageFilename": "kernel-tools-3.10.0-693.5.2.0.1.el7.x86_64.rpm", "packageName": "kernel-tools", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.0.1.el7", "arch": "x86_64", "packageFilename": "kernel-devel-3.10.0-693.5.2.0.1.el7.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.0.1.el7", "arch": "x86_64", "packageFilename": "kernel-debug-devel-3.10.0-693.5.2.0.1.el7.x86_64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.0.1.el7", "arch": "x86_64", "packageFilename": "perf-3.10.0-693.5.2.0.1.el7.x86_64.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.0.1.el7", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-3.10.0-693.5.2.0.1.el7.noarch.rpm", "packageName": "kernel-abi-whitelists", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.0.1.el7", "arch": "x86_64", "packageFilename": "kernel-headers-3.10.0-693.5.2.0.1.el7.x86_64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-693.5.2.0.1.el7", "arch": "x86_64", "packageFilename": "python-perf-3.10.0-693.5.2.0.1.el7.x86_64.rpm", "packageName": "python-perf", "operator": "lt"}], "description": "- [3.10.0-693.5.2.0.1.el7.OL7]\n- [ipc] ipc/sem.c: bugfix for semctl(,,GETZCNT) (Manfred Spraul) [orabug 22552377]\n- Oracle Linux certificates (Alexey Petrenko)\n- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)\n- Update x509.genkey [bug 24817676]\n[3.10.0-693.5.2.el7]\n- [mm] page_cgroup: Fix Kernel bug during boot with memory cgroups enabled (Larry Woodman) [1491970 1483747]\n- Revert: [mm] Fix Kernel bug during boot with memory cgroups enabled (Larry Woodman) [1491970 1483747]\n[3.10.0-693.5.1.el7]\n- [netdrv] i40e: point wb_desc at the nvm_wb_desc during i40e_read_nvm_aq (Stefan Assmann) [1491972 1484232]\n- [netdrv] i40e: avoid NVM acquire deadlock during NVM update (Stefan Assmann) [1491972 1484232]\n- [mm] Fix Kernel bug during boot with memory cgroups enabled (Larry Woodman) [1491970 1483747]\n- [fs] nfsv4: Ensure we don't re-test revoked and freed stateids (Dave Wysochanski) [1491969 1459733]\n- [netdrv] bonding: commit link status change after propose (Jarod Wilson) [1491121 1469790]\n- [mm] page_alloc: ratelimit PFNs busy info message (Jonathan Toppins) [1491120 1383179]\n- [netdrv] cxgb4: avoid crash on PCI error recovery path (Gustavo Duarte) [1489872 1456990]\n- [scsi] Add STARGET_CREATED_REMOVE state to scsi_target_state (Ewan Milne) [1489814 1468727]\n- [net] tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0 (Davide Caratti) [1488341 1487061] {CVE-2017-14106}\n- [net] tcp: fix 0 divide in __tcp_select_window() (Davide Caratti) [1488341 1487061] {CVE-2017-14106}\n- [net] sctp: Avoid out-of-bounds reads from address storage (Stefano Brivio) [1484356 1484355] {CVE-2017-7558}\n- [net] udp: consistently apply ufo or fragmentation (Davide Caratti) [1481530 1481535] {CVE-2017-1000112}\n- [net] udp: account for current skb length when deciding about UFO (Davide Caratti) [1481530 1481535] {CVE-2017-1000112}\n- [net] ipv4: Should use consistent conditional judgement for ip fragment in __ip_append_data and ip_finish_output (Davide Caratti) [1481530 1481535] {CVE-2017-1000112}\n- [net] udp: avoid ufo handling on IP payload compression packets (Stefano Brivio) [1490263 1464161]\n- [pci] hv: Use vPCI protocol version 1.2 (Vitaly Kuznetsov) [1478256 1459202]\n- [pci] hv: Add vPCI version protocol negotiation (Vitaly Kuznetsov) [1478256 1459202]\n- [pci] hv: Use page allocation for hbus structure (Vitaly Kuznetsov) [1478256 1459202]\n- [pci] hv: Fix comment formatting and use proper integer fields (Vitaly Kuznetsov) [1478256 1459202]\n- [net] ipv6: accept 64k - 1 packet length in ip6_find_1stfragopt() (Stefano Brivio) [1477007 1477010] {CVE-2017-7542}\n- [net] ipv6: avoid overflow of offset in ip6_find_1stfragopt (Sabrina Dubroca) [1477007 1477010] {CVE-2017-7542}\n- [net] xfrm_user: validate XFRM_MSG_NEWAE incoming ESN size harder (Hannes Frederic Sowa) [1435672 1435670] {CVE-2017-7184}\n- [net] xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window (Hannes Frederic Sowa) [1435672 1435670] {CVE-2017-7184}\n- [net] l2cap: prevent stack overflow on incoming bluetooth packet (Neil Horman) [1489788 1489789] {CVE-2017-1000251}\n[3.10.0-693.4.1.el7]\n- [fs] nfsv4: Add missing nfs_put_lock_context() (Benjamin Coddington) [1487271 1476826]\n- [fs] nfs: discard nfs_lockowner structure (Benjamin Coddington) [1487271 1476826]\n- [fs] nfsv4: enhance nfs4_copy_lock_stateid to use a flock stateid if there is one (Benjamin Coddington) [1487271 1476826]\n- [fs] nfsv4: change nfs4_select_rw_stateid to take a lock_context inplace of lock_owner (Benjamin Coddington) [1487271 1476826]\n- [fs] nfsv4: change nfs4_do_setattr to take an open_context instead of a nfs4_state (Benjamin Coddington) [1487271 1476826]\n- [fs] nfsv4: add flock_owner to open context (Benjamin Coddington) [1487271 1476826]\n- [fs] nfs: remove l_pid field from nfs_lockowner (Benjamin Coddington) [1487271 1476826]\n- [x86] platform/uv/bau: Disable BAU on single hub configurations (Frank Ramsay) [1487159 1487160 1472455 1473353]\n- [x86] platform/uv/bau: Fix congested_response_us not taking effect (Frank Ramsay) [1487159 1472455]\n- [fs] cifs: Disable encryption capability for RHEL 7.4 kernel (Sachin Prabhu) [1485445 1485445]\n- [fs] sunrpc: Handle EADDRNOTAVAIL on connection failures (Dave Wysochanski) [1484269 1479043]\n- [fs] include/linux/printk.h: include pr_fmt in pr_debug_ratelimited (Sachin Prabhu) [1484267 1472823]\n- [fs] printk: pr_debug_ratelimited: check state first to reduce 'callbacks suppressed' messages (Sachin Prabhu) [1484267 1472823]\n- [net] packet: fix tp_reserve race in packet_set_ring (Stefano Brivio) [1481938 1481940] {CVE-2017-1000111}\n- [fs] proc: revert /proc/\n/maps [stack:TID] annotation (Waiman Long) [1481724 1448534]\n- [net] ping: check minimum size on ICMP header length (Matteo Croce) [1481578 1481573] {CVE-2016-8399}\n- [ipc] mqueue: fix a use-after-free in sys_mq_notify() (Davide Caratti) [1476128 1476126] {CVE-2017-11176}\n- [netdrv] brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx() (Stanislaw Gruszka) [1474778 1474784] {CVE-2017-7541}\n[3.10.0-693.3.1.el7]\n- [block] blk-mq-tag: fix wakeup hang after tag resize (Ming Lei) [1487281 1472434]", "edition": 4, "reporter": "Oracle", "published": "2017-10-20T00:00:00", "title": "1 ", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2017-11176", "CVE-2017-7184", "CVE-2017-1000111", "CVE-2016-8399", "CVE-2017-14106", "CVE-2017-1000251", "CVE-2017-1000112", "CVE-2017-7558", "CVE-2017-7541", "CVE-2017-7542"], "modified": "2017-10-20T00:00:00", "id": "ELSA-2017-2930-1", "href": "http://linux.oracle.com/errata/ELSA-2017-2930-1.html", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:40:25", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.294.6.el5uek", "arch": "i686", "packageFilename": "kernel-uek-devel-2.6.39-400.294.6.el5uek.i686.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.294.6.el5uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.294.6.el5uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.294.6.el5uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.294.6.el5uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.294.6.el5uek", "arch": "i686", "packageFilename": "kernel-uek-debug-2.6.39-400.294.6.el5uek.i686.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.294.6.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.294.6.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.294.6.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.294.6.el5uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.294.6.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.294.6.el5uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.294.6.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.294.6.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.294.6.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.294.6.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.294.6.el5uek", "arch": "i686", "packageFilename": "kernel-uek-2.6.39-400.294.6.el5uek.i686.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.294.6.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-2.6.39-400.294.6.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.294.6.el6uek", "arch": "i686", "packageFilename": "kernel-uek-2.6.39-400.294.6.el6uek.i686.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.294.6.el6uek", "arch": "i686", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.294.6.el6uek.i686.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.294.6.el6uek", "arch": "i686", "packageFilename": "kernel-uek-devel-2.6.39-400.294.6.el6uek.i686.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.294.6.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.294.6.el5uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.294.6.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-2.6.39-400.294.6.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.294.6.el5uek", "arch": "i686", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.294.6.el5uek.i686.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.294.6.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-2.6.39-400.294.6.el6uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.294.6.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.294.6.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.294.6.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.294.6.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.294.6.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.294.6.el5uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.294.6.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.294.6.el5uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.294.6.el6uek", "arch": "i686", "packageFilename": "kernel-uek-debug-2.6.39-400.294.6.el6uek.i686.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.294.6.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-2.6.39-400.294.6.el5uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.294.6.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-2.6.39-400.294.6.el5uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.294.6.el6uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.294.6.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.294.6.el6uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.294.6.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.294.6.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-2.6.39-400.294.6.el5uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}], "description": "[2.6.39-400.294.6]\n- RHEL: complement upstream workaround for CVE-2016-10142. (Quentin Casasnovas) [Orabug: 25765786] {CVE-2016-10142} {CVE-2016-10142}\n[2.6.39-400.294.5]\n- net: ping: check minimum size on ICMP header length (Kees Cook) [Orabug: 25766914] {CVE-2016-8399}\n- ipv6: stop sending PTB packets for MTU < 1280 (Hagen Paul Pfeifer) [Orabug: 25765786] {CVE-2016-10142}\n- sg_write()/bsg_write() is not fit to be called under KERNEL_DS (Al Viro) [Orabug: 25765448] {CVE-2016-10088}\n- scsi: sg: check length passed to SG_NEXT_CMD_LEN (peter chang) [Orabug: 25752011] {CVE-2017-7187}\n[2.6.39-400.294.4]\n- tty: n_hdlc: get rid of racy n_hdlc.tbuf (Alexander Popov) [Orabug: 25696689] {CVE-2017-2636}\n- TTY: n_hdlc, fix lockdep false positive (Jiri Slaby) [Orabug: 25696689] {CVE-2017-2636}\n- drivers/tty/n_hdlc.c: replace kmalloc/memset by kzalloc (Fabian Frederick) [Orabug: 25696689] {CVE-2017-2636}\n- list: introduce list_first_entry_or_null (Jiri Pirko) [Orabug: 25696689] {CVE-2017-2636}\n- firewire: net: guard against rx buffer overflows (Stefan Richter) [Orabug: 25451538] {CVE-2016-8633}\n- x86/mm/32: Enable full randomization on i386 and X86_32 (Hector Marco-Gisbert) [Orabug: 25463929] {CVE-2016-3672}\n- x86 get_unmapped_area: Access mmap_legacy_base through mm_struct member (Radu Caragea) [Orabug: 25463929] {CVE-2016-3672}\n- sg_start_req(): make sure that there's not too many elements in iovec (Al Viro) [Orabug: 25490377] {CVE-2015-5707}\n- tcp: take care of truncations done by sk_filter() (Eric Dumazet) [Orabug: 25507232] {CVE-2016-8645}\n- rose: limit sk_filter trim to payload (Willem de Bruijn) [Orabug: 25507232] {CVE-2016-8645}\n- scsi: arcmsr: Buffer overflow in arcmsr_iop_message_xfer() (Dan Carpenter) [Orabug: 25507330] {CVE-2016-7425}\n- x86: bpf_jit: fix compilation of large bpf programs (Alexei Starovoitov) [Orabug: 25507375] {CVE-2015-4700}\n- net: fix a kernel infoleak in x25 module (Kangjie Lu) [Orabug: 25512417] {CVE-2016-4580}\n- USB: digi_acceleport: do sanity checking for the number of ports (Oliver Neukum) [Orabug: 25512472] {CVE-2016-3140}\n- net/llc: avoid BUG_ON() in skb_orphan() (Eric Dumazet) [Orabug: 25682437] {CVE-2017-6345}", "edition": 3, "reporter": "Oracle", "published": "2017-03-31T00:00:00", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-8633", "CVE-2016-8399", "CVE-2016-10088", "CVE-2017-2636", "CVE-2016-7425", "CVE-2017-6345", "CVE-2016-3140", "CVE-2017-7187", "CVE-2016-10142", "CVE-2015-5707", "CVE-2016-4580", "CVE-2016-3672", "CVE-2016-8645", "CVE-2015-4700"], "modified": "2017-03-31T00:00:00", "id": "ELSA-2017-3535", "href": "http://linux.oracle.com/errata/ELSA-2017-3535.html", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:42:17", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.18.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-3.8.13-118.18.2.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.18.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-3.8.13-118.18.2.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.18.2.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-3.8.13-118.18.2.el7uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.4.5-3.el7", "arch": "x86_64", "packageFilename": "dtrace-modules-3.8.13-118.18.2.el7uek-0.4.5-3.el7.x86_64.rpm", "packageName": "dtrace-modules-3.8.13-118.18.2.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.18.2.el7uek", "arch": "src", "packageFilename": "kernel-uek-3.8.13-118.18.2.el7uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.18.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-3.8.13-118.18.2.el6uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.4.5-3.el7", "arch": "src", "packageFilename": "dtrace-modules-3.8.13-118.18.2.el7uek-0.4.5-3.el7.src.rpm", "packageName": "dtrace-modules-3.8.13-118.18.2.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.18.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-3.8.13-118.18.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.18.2.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-3.8.13-118.18.2.el7uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.18.2.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-3.8.13-118.18.2.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.18.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-3.8.13-118.18.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.4.5-3.el6", "arch": "src", "packageFilename": "dtrace-modules-3.8.13-118.18.2.el6uek-0.4.5-3.el6.src.rpm", "packageName": "dtrace-modules-3.8.13-118.18.2.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.18.2.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-3.8.13-118.18.2.el7uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.18.2.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-3.8.13-118.18.2.el7uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.18.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-3.8.13-118.18.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.18.2.el6uek", "arch": "src", "packageFilename": "kernel-uek-3.8.13-118.18.2.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.4.5-3.el6", "arch": "x86_64", "packageFilename": "dtrace-modules-3.8.13-118.18.2.el6uek-0.4.5-3.el6.x86_64.rpm", "packageName": "dtrace-modules-3.8.13-118.18.2.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.18.2.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-3.8.13-118.18.2.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}], "description": "kernel-uek\n[3.8.13-118.18.2]\n- nfsd: stricter decoding of write-like NFSv2/v3 ops (J. Bruce Fields) [Orabug: 25986990] {CVE-2017-7895}\n[3.8.13-118.18.1]\n- fnic: Update fnic driver version to 1.6.0.24 (John Sobecki) [Orabug: 24448585] \n- xen-netfront: Rework the fix for Rx stall during OOM and network stress (Dongli Zhang) [Orabug: 25450703] \n- xen-netfront: Fix Rx stall during network stress and OOM (Dongli Zhang) [Orabug: 25450703] \n- ipv6: Skip XFRM lookup if dst_entry in socket cache is valid (Jakub Sitnicki) \n- uek-rpm: enable CONFIG_KSPLICE. (Jamie Iles) [Orabug: 25549809] \n- ksplice: add sysctls for determining Ksplice features. (Jamie Iles) [Orabug: 25549809] \n- signal: protect SIGNAL_UNKILLABLE from unintentional clearing. (Jamie Iles) [Orabug: 25549809] \n- VSOCK: Fix lockdep issue. (Dongli Zhang) [Orabug: 25559937] \n- VSOCK: sock_put wasn't safe to call in interrupt context (Dongli Zhang) [Orabug: 25559937] \n- IB/CORE: sync the resouce access in fmr_pool (Wengang Wang) [Orabug: 25677469] \n- KVM: x86: fix emulation of 'MOV SS, null selector' (Paolo Bonzini) [Orabug: 25719675] {CVE-2017-2583} {CVE-2017-2583}\n- ext4: validate s_first_meta_bg at mount time (Eryu Guan) [Orabug: 25719738] {CVE-2016-10208}\n- sctp: avoid BUG_ON on sctp_wait_for_sndbuf (Marcelo Ricardo Leitner) [Orabug: 25719810] {CVE-2017-5986}\n- tcp: avoid infinite loop in tcp_splice_read() (Eric Dumazet) [Orabug: 25720813] {CVE-2017-6214}\n- lpfc cannot establish connection with targets that send PRLI under P2P mode (Joe Jin) [Orabug: 25759083] \n- USB: visor: fix null-deref at probe (Johan Hovold) [Orabug: 25796594] {CVE-2016-2782}\n- ipc/shm: Fix shmat mmap nil-page protection (Davidlohr Bueso) [Orabug: 25797012] {CVE-2017-5669}\n- vhost: actually track log eventfd file (Marc-Andre Lureau) [Orabug: 25797052] {CVE-2015-6252}\n- xfrm_user: validate XFRM_MSG_NEWAE incoming ESN size harder (Andy Whitcroft) [Orabug: 25814663] {CVE-2017-7184}\n- xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window (Andy Whitcroft) [Orabug: 25814663] {CVE-2017-7184}\n- KEYS: Remove key_type::match in favour of overriding default by match_preparse (Aniket Alshi) [Orabug: 25823962] {CVE-2017-2647} {CVE-2017-2647}\n- USB: whiteheat: fix potential null-deref at probe (Johan Hovold) [Orabug: 25825105] {CVE-2015-5257} {CVE-2015-5257}\n- udf: Check path length when reading symlink (Jan Kara) [Orabug: 25871102] {CVE-2015-9731}\n- udp: properly support MSG_PEEK with truncated buffers (Eric Dumazet) [Orabug: 25876655] {CVE-2016-10229}\n- block: fix use-after-free in seq file (Vegard Nossum) [Orabug: 25877530] {CVE-2016-7910}\n- Revert 'fix minor infoleak in get_user_ex()' (Brian Maly) [Orabug: 25790392] {CVE-2016-9644}\n- net: ping: check minimum size on ICMP header length (Kees Cook) [Orabug: 25766911] {CVE-2016-8399}\n- ipv6: stop sending PTB packets for MTU < 1280 (Hagen Paul Pfeifer) [Orabug: 25765776] {CVE-2016-10142}\n- sg_write()/bsg_write() is not fit to be called under KERNEL_DS (Al Viro) [Orabug: 25765445] {CVE-2016-10088}\n- scsi: sg: check length passed to SG_NEXT_CMD_LEN (peter chang) [Orabug: 25751996] {CVE-2017-7187}", "edition": 3, "reporter": "Oracle", "published": "2017-05-16T00:00:00", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-10208", "CVE-2016-2782", "CVE-2017-7895", "CVE-2017-7184", "CVE-2016-7910", "CVE-2016-8399", "CVE-2016-10088", "CVE-2015-6252", "CVE-2015-9731", "CVE-2015-5257", "CVE-2017-2583", "CVE-2017-6214", "CVE-2017-5669", "CVE-2017-2647", "CVE-2017-5986", "CVE-2016-10229", "CVE-2017-7187", "CVE-2016-10142", "CVE-2016-9644"], "modified": "2017-05-16T00:00:00", "id": "ELSA-2017-3566", "href": "http://linux.oracle.com/errata/ELSA-2017-3566.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:39:40", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-2.6.32-696.el6.noarch.rpm", "packageName": "kernel-abi-whitelists", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-2.6.32-696.el6.noarch.rpm", "packageName": "kernel-abi-whitelists", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "x86_64", "packageFilename": "perf-2.6.32-696.el6.x86_64.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "i686", "packageFilename": "kernel-devel-2.6.32-696.el6.i686.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "src", "packageFilename": "kernel-2.6.32-696.el6.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "src", "packageFilename": "kernel-2.6.32-696.el6.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "noarch", "packageFilename": "kernel-doc-2.6.32-696.el6.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "noarch", "packageFilename": "kernel-doc-2.6.32-696.el6.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "x86_64", "packageFilename": "kernel-debug-2.6.32-696.el6.x86_64.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "i686", "packageFilename": "python-perf-2.6.32-696.el6.i686.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "x86_64", "packageFilename": "kernel-debug-devel-2.6.32-696.el6.x86_64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "i686", "packageFilename": "kernel-2.6.32-696.el6.i686.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "x86_64", "packageFilename": "kernel-headers-2.6.32-696.el6.x86_64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "x86_64", "packageFilename": "python-perf-2.6.32-696.el6.x86_64.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "x86_64", "packageFilename": "kernel-2.6.32-696.el6.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "noarch", "packageFilename": "kernel-firmware-2.6.32-696.el6.noarch.rpm", "packageName": "kernel-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "noarch", "packageFilename": "kernel-firmware-2.6.32-696.el6.noarch.rpm", "packageName": "kernel-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "i686", "packageFilename": "kernel-debug-2.6.32-696.el6.i686.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "i686", "packageFilename": "perf-2.6.32-696.el6.i686.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "i686", "packageFilename": "kernel-debug-devel-2.6.32-696.el6.i686.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "i686", "packageFilename": "kernel-debug-devel-2.6.32-696.el6.i686.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "x86_64", "packageFilename": "kernel-devel-2.6.32-696.el6.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-696.el6", "arch": "i686", "packageFilename": "kernel-headers-2.6.32-696.el6.i686.rpm", "packageName": "kernel-headers", "operator": "lt"}], "description": "[2.6.32-696.OL6]\n- Update genkey [bug 25599697]\n[2.6.32-696]\n- [net] dccp: fix freeing skb too early for IPV6_RECVPKTINFO (Hannes Frederic Sowa) [1424628] {CVE-2017-6074}\n[2.6.32-695]\n- [block] nvme: Dont poll device being removed (David Milburn) [1422521]\n[2.6.32-694]\n- [fs] posix_acl: Clear SGID bit when setting file permissions (Andreas Grunbacher) [1371252] {CVE-2016-7097}\n- [fs] switch posix_acl_equiv_mode() to umode_t * (Andreas Grunbacher) [1371252] {CVE-2016-7097}\n- [perf] sched latency: Fix thread pid reuse issue (Jiri Olsa) [1400743]\n- [fs] ext4: fix races of writeback with punch hole and zero range (Lukas Czerner) [1394786]\n- [fs] ext4: validate s_reserved_gdt_blocks on mount (Lukas Czerner) [1394786]\n- [fs] ext4: release bh in make_indexed_dir (Lukas Czerner) [1394786]\n- [fs] ext4: reinforce check of i_dtime when clearing high fields of uid and gid (Lukas Czerner) [1394786]\n- [fs] ext4: validate that metadata blocks do not overlap superblock (Lukas Czerner) [1394786]\n- [fs] ext4: short-cut orphan cleanup on error (Lukas Czerner) [1394786]\n- [fs] ext4: fix reference counting bug on block allocation error (Lukas Czerner) [1394786]\n- [fs] ext4: check for extents that wrap around (Lukas Czerner) [1394786]\n- [fs] ext4: silence UBSAN in ext4_mb_init() (Lukas Czerner) [1394786]\n- [fs] ext4: address UBSAN warning in mb_find_order_for_block() (Lukas Czerner) [1394786]\n- [fs] ext4: clean up error handling when orphan list is corrupted (Lukas Czerner) [1394786]\n- [fs] ext4: fix hang when processing corrupted orphaned inode list (Lukas Czerner) [1394786]\n- [fs] jbd2: Fix unreclaimed pages after truncate in data=journal mode (Lukas Czerner) [1394786]\n- [fs] ext4: Fix handling of extended tv_sec (Lukas Czerner) [1394786]\n- [fs] create and use seq_show_option for escaping (Lukas Czerner) [1394786]\n- [fs] ext4: replace open coded nofail allocation in ext4_free_blocks() (Lukas Czerner) [1394786]\n- [fs] ext4: Introduce EFSBADCRC and EFSCORRUPTED error codes (Lukas Czerner) [1394786]\n- [block] ensure request->part is valid (Jeff Moyer) [1416341]\n- [sound] alsa: hda - fix Lewisburg audio issue (Jaroslav Kysela) [1413134]\n[2.6.32-693]\n- [netdrv] sfc: Add efx_nic member with fixed netdev features (Jarod Wilson) [1419396]\n- [netdrv] sfc: Take mac_lock before calling efx_ef10_filter_table_probe (Jarod Wilson) [1419396]\n- [netdrv] sfc: Fix VLAN filtering feature if vPort has VLAN_RESTRICT flag (Jarod Wilson) [1419396]\n- [netdrv] sfc: clean fallbacks between promisc/normal in efx_ef10_filter_sync_rx_mode (Jarod Wilson) [1419396]\n- [netdrv] sfc: support cascaded multicast filters (Jarod Wilson) [1419396]\n- [netdrv] sfc: Make failed filter removal less noisy (Jarod Wilson) [1410750]\n- [netdrv] sfc: re-factor efx_ef10_filter_sync_rx_mode() (Jarod Wilson) [1410750]\n- [netdrv] sfc: refactor debug-or-warnings printks (Jarod Wilson) [1410750]\n- [net] implement netif_cond_dbg macro (Jarod Wilson) [1410750]\n[2.6.32-692]\n- [fs] gfs2: Limit number of transaction blocks requested for truncates (Robert S Peterson) [1401058]\n- [fs] revert 'sunrpc: make AF_LOCAL connect synchronous' (Benjamin Coddington) [1420044]\n[2.6.32-691]\n- [net] tcp: correct memory barrier usage in tcp_check_space() (Oleg Nesterov) [1386136]\n- [fs] epoll: prevent missed events on EPOLL_CTL_MOD (Oleg Nesterov) [1386136]\n- [acpi] acpica: Fix regression in FADT revision checks (Lenny Szubowicz) [1418339]\n- [net] ipv6: stop sending PTB packets for MTU < 1280 (Hannes Frederic Sowa) [1415931] {CVE-2016-10142}\n- [net] fix dst_ops_extend leaks (Sabrina Dubroca) [1399633]\n[2.6.32-690]\n- [drm] core: Do not preserve framebuffer on rmfb, v4 (Rob Clark) [1405267]\n- [scsi] mpt3sas: Fix for block device of raid exists even after deleting raid disk (Tomas Henzl) [1416552]\n[2.6.32-689]\n- [netdrv] be2net: fix initial MAC setting (Ivan Vecera) [1415905]\n[2.6.32-688]\n- [netdrv] sfc: fix missing mc_promisc setting (Jarod Wilson) [1410750]\n[2.6.32-687]\n- [netdrv] sfc: reduce severity of PIO buffer alloc failures (Jarod Wilson) [1410750]\n- [netdrv] sfc: avoid division by zero (Jarod Wilson) [1410750]\n- [netdrv] sfc: Insert multicast filters as well as mismatch filters in promiscuous mode (Jarod Wilson) [1410750]\n- [netdrv] sfc: get timer configuration from adapter (Jarod Wilson) [1410750]\n- [netdrv] sfc: warn if other functions have been reset by MCFW (Jarod Wilson) [1410750]\n- [netdrv] sfc: add output flag decoding to efx_mcdi_set_workaround (Jarod Wilson) [1410750]\n- [netdrv] sfc: get PIO buffer size from the NIC (Jarod Wilson) [1410750]\n- [netdrv] sfc: set interrupt moderation via MCDI (Jarod Wilson) [1410750]\n- [netdrv] sfc: allow asynchronous MCDI without completion function (Jarod Wilson) [1410750]\n- [netdrv] sfc: on MC reset, clear PIO buffer linkage in TXQs (Jarod Wilson) [1410750]\n- [netdrv] sfc: Downgrade EPERM messages from MCDI to debug (Jarod Wilson) [1410750]\n- [netdrv] sfc: cope with ENOSYS from efx_mcdi_get_workarounds() (Jarod Wilson) [1410750]\n- [netdrv] sfc: enable cascaded multicast filters in MCFW (Jarod Wilson) [1410750]\n- [netdrv] sfc: work around TRIGGER_INTERRUPT command not working on SFC9140 (Jarod Wilson) [1410750]\n- [dm] raid: fix transient device failure processing (Mike Snitzer) [1404425]\n[2.6.32-686]\n- [scsi] Add intermediate STARGET_REMOVE state to scsi_target_state (Ewan Milne) [1349623]\n- [scsi] restart list search after unlock in scsi_remove_target (Ewan Milne) [1349623]\n- [powerpc] pci: Support per-aperture memory offset (Laurent Vivier) [1413448]\n- [powerpc] pci: Dont add bogus empty resources to PHBs (Laurent Vivier) [1413448]\n- [mm] mmap.c: fix arithmetic overflow in __vm_enough_memory() (Jerome Marchand) [1413500]\n- [net] ping: check minimum size on ICMP header length (Mateusz Guzik) [1414202] {CVE-2016-8399}\n- [scsi] sg_write()/bsg_write() is not fit to be called under KERNEL_DS (Ewan Milne) [1414823] {CVE-2016-10088 CVE-2016-9576}\n[2.6.32-685]\n- [kernel] ftrace: Do not function trace inlined functions (Pratyush Anand) [1413456]\n- [x86] paravirt: Do not trace _paravirt_ident_*() functions (Pratyush Anand) [1413456]\n- [netdrv] i40e: Fix for long link down notification time (Stefan Assmann) [1414274]\n- [scsi] megaraid_sas: fix done in queue_command (Tomas Henzl) [1415192]\n- [scsi] megaraid: fixes (Tomas Henzl) [1415192]\n- [netdrv] ixgbe: Add support for new X557 device (Ken Cox) [1408509]\n- [netdrv] ixgbe: Add KR backplane support for x550em_a (Ken Cox) [1408509]\n- [netdrv] ixgbe: Add support for SGMII backplane interface (Ken Cox) [1408509]\n- [netdrv] ixgbe: Add support for SFPs with retimer (Ken Cox) [1408509]\n- [netdrv] ixgbe: Introduce function to control MDIO speed (Ken Cox) [1408509]\n- [netdrv] ixgbe: Read and set instance id (Ken Cox) [1408509]\n- [netdrv] ixgbe: Add support for x550em_a 10G MAC type (Ken Cox) [1408509]\n- [netdrv] ixgbe: Use method pointer to access IOSF devices (Ken Cox) [1408509]\n- [netdrv] ixgbe: Add support for single-port X550 device (Ken Cox) [1408509]\n- [netdrv] ixgbe: Clean up interface for firmware commands (Ken Cox) [1408509]\n- [netdrv] ixgbe: Change the lan_id and func fields to a u8 to avoid casts (Ken Cox) [1408509]\n- [netdrv] ixgbe: Fix flow control for Xeon D KR backplane (Ken Cox) [1408509]\n- [netdrv] ixgbe: Make all unchanging ops structures const (Ken Cox) [1408509]\n- [netdrv] ixgbe: Update PTP to support X550EM_x devices (Ken Cox) [1408509]\n- [netdrv] ixgbe: convert to CYCLECOUNTER_MASK macro (Ken Cox) [1408509]\n- [netdrv] ixgbevf: add VF support for new hardware (Ken Cox) [1408507]\n- [netdrv] ixgbevf: Support Windows hosts (Hyper-V) (Ken Cox) [1408507]\n- [netdrv] ixgbevf: Add the device IDs presented while running on Hyper-V (Ken Cox) [1408507]\n- [netdrv] ixgbevf: Move API negotiation function into mac_ops (Ken Cox) [1408507]\n- [x86] tsc: Reset cycle_last after resume from S3/S4 (Lenny Szubowicz) [1406468]\n- [kernel] hung_task: allow hung_task_panic when hung_task_warnings is 0 (Waiman Long) [1410297]\n[2.6.32-684]\n- [s390] kernel/ap: Fix hang condition on crypto card config-off (Hendrik Brueckner) [1413552]\n- [s390] zcrypt: Improved invalid domain response handling (Hendrik Brueckner) [1406389]\n- [infiniband] ucm: Fix bitmap wrap when devnum > IB_UCM_MAX_DEVICES (Slava Shwartsman) [1413476]\n- [netdrv] mlx5e: Copy all L2 headers into inline segment (Kamal Heib) [1408937]\n- [netdrv] be2net: fix MAC addr setting on privileged BE3 VFs (Ivan Vecera) [1406659]\n- [netdrv] be2net: dont delete MAC on close on unprivileged BE3 VFs (Ivan Vecera) [1406659]\n- [netdrv] be2net: fix status check in be_cmd_pmac_add() (Ivan Vecera) [1406659]\n- [acpi] acpica: Tables: Update FADT handling (Lenny Szubowicz) [1408401]\n- [acpi] acpica: ACPI 6.0: Add changes for FADT table (Lenny Szubowicz) [1408401]\n- [acpi] acpica: Basic support for FADT version 5 (Lenny Szubowicz) [1408401]\n- [acpi] acpica: Remove use of unreliable FADT revision field (Lenny Szubowicz) [1408401]\n[2.6.32-683]\n- [netdrv] sfc: include size-binned TX stats on sfn8542q (Jarod Wilson) [1411279]\n- [netdrv] sfc: retrieve second word of datapath capabilities (Jarod Wilson) [1411279]\n- [netdrv] sfc: update MCDI protocol headers (Jarod Wilson) [1411279]\n- [netdrv] sfc: Update MCDI protocol definitions (Jarod Wilson) [1411279]\n- [net] mlx4_en: Fix type mismatch for 32-bit systems (Slava Shwartsman) [1399239]\n- [net] mlx4_en: Resolve dividing by zero in 32-bit system (Slava Shwartsman) [1399239]\n- [netdrv] e1000e: Initial support for KabeLake (Jarod Wilson) [1406917]\n- [netdrv] e1000e: Clear ULP configuration register on ULP exit (Jarod Wilson) [1406917]\n- [netdrv] e1000e: Set HW FIFO minimum pointer gap for non-gig speeds (Jarod Wilson) [1406917]\n- [netdrv] e1000e: Increase PHY PLL clock gate timing (Jarod Wilson) [1406917]\n- [netdrv] e1000e: Increase ULP timer (Jarod Wilson) [1406917]\n- [netdrv] e1000e: initial support for i219-LM (3) (Jarod Wilson) [1406917]\n- [netdrv] be2net: fix unicast list filling (Ivan Vecera) [1408247]\n- [netdrv] be2net: fix accesses to unicast list (Ivan Vecera) [1408247]\n- [netdrv] sfc: Downgrade or remove some error messages (Jarod Wilson) [1410750]\n- [netdrv] be2net: call be_set_uc_list() unconditionally (Ivan Vecera) [1402679]\n- [netdrv] mlx5e: Use hw_features through netdev_extended macro (Kamal Heib) [1385318]\n- [block] nvme: Dont stop kthread while clearing queues (David Milburn) [1399431]\n- [fs] dlm: Fix saving of NULL callbacks (Robert S Peterson) [1264492]\n[2.6.32-682]\n- [x86] kdump: Fix several bound checking error of crashkernel reserving (Baoquan He) [1349069]\n- [x86] kdump: Crashkernel auto reservation failed on large system (Baoquan He) [1349069]\n- [kdump] Fix wrong dmi_present argument in case efi_smbios_addr being used (Dave Young) [1404984]\n- [kdump] Add error check in case dmi_get_system_info return null (Dave Young) [1404984]\n- [netdrv] bnxt_en: Improve the delay logic for firmware response (John Linville) [1406129]\n- [netdrv] bnxt_en: Implement proper firmware message padding (John Linville) [1406129]\n- [netdrv] bnxt_en: Refactor _hwrm_send_message() (John Linville) [1406129]\n- [netdrv] bnxt_en: Fix dmesg log firmware error messages (John Linville) [1406129]\n- [netdrv] bnxt_en: Use firmware provided message timeout value (John Linville) [1406129]\n- [fs] nfs: Allow getattr to also report readdirplus cache hits (Scott Mayhew) [1325766]\n- [fs] nfs: Be more targeted about readdirplus use when doing lookup/revalidation (Scott Mayhew) [1325766]\n- [fs] nfs: Fix a performance regression in readdir (Scott Mayhew) [1325766]\n[2.6.32-681]\n- [net] udplite: fast-path computation of checksum coverage (Hangbin Liu) [1404127]\n- [ata] libata: fix sff host state machine locking while polling (Cathy Avery) [1390972]\n- [ata] libata-sff: use WARN instead of BUG on illegal host state machine state (Cathy Avery) [1390972]\n- [x86] hyperv: Handle unknown NMIs on one CPU when unknown_nmi_panic (Vitaly Kuznetsov) [1400428]\n- [fs] nfsd4: zero op arguments beyond the 8th compound op (J. Bruce Fields) [1409002]\n- [fs] nfsd: fix deadlock secinfo+readdir compound (J. Bruce Fields) [1314505]\n- [fs] nfsd4: f i x r e c o v e r y - d i r l e a k o n n f s d s t a r t u p f a i l u r e ( J . B r u c e F i e l d s ) [ 1 2 6 6 4 0 5 ] b r > - [ x 8 6 ] M a r k S k y l a k e p r o c e s s o r s w i t h K a b y L a k e P C H a s u n s u p p o r t e d ( D a v i d A r c a r i ) [ 1 4 0 5 4 5 9 ] b r > - [ i n f i n i b a n d ] i p o i b : R e m o v e c a n t u s e G F P _ N O I O w a r n i n g ( S l a v a S h w a r t s m a n ) [ 1 3 2 1 5 2 9 ] b r > - [ n e t d r v ] v e t h : a l l o w c h a n g i n g t h e m a c a d d r e s s w h i l e i n t e r f a c e i s u p ( D a v i d A r c a r i ) [ 1 4 0 2 6 9 6 ] b r > - [ k e r n e l ] t r a c i n g : P r o t e c t t r a c e r f l a g s w i t h t r a c e _ t y p e s _ l o c k ( S t e v e n R o s t e d t ) [ 1 3 9 7 6 6 1 ] b r > - [ a c p i ] a c p i c a : P r e v e n t c i r c u l a r o b j e c t l i s t i n a c p i _ n s _ e x e c _ m o d u l e _ c o d e ( L e n n y S z u b o w i c z ) [ 1 4 0 1 7 7 6 ] b r > - [ a c p i ] a c p i c a : F i x p o s s i b l e m e m o r y l e a k f o r m o d u l e - l e v e l c o d e e x e c u t i o n ( L e n n y S z u b o w i c z ) [ 1 4 0 1 7 7 6 ] b r > - [ a c p i ] a c p i c a : A d d a d d i t i o n a l m o d u l e - l e v e l c o d e s u p p o r t ( L e n n y S z u b o w i c z ) [ 1 4 0 1 7 7 6 ] b r > - [ f s ] x f s : g r o w f s : u s e u n c a c h e d b u f f e r s f o r n e w h e a d e r s ( B i l l O D o n n e l l ) [ 1 1 3 4 3 1 4 ] b r > - [ f s ] x f s : c a t c h i n v a l i d n e g a t i v e b l k n o s i n _ x f s _ b u f _ f i n d ( ) ( B i l l O D o n n e l l ) [ 1 1 3 4 3 1 4 ] b r > - [ f s ] x f s : f i x _ x f s _ b u f _ f i n d o o p s o n b l o c k s b e y o n d t h e f i l e s y s t e m e n d ( B i l l O D o n n e l l ) [ 1 1 3 4 3 1 4 ] b r > b r > [ 2 . 6 . 3 2 - 6 8 0 ] b r > - [ s c s i ] b e 2 i s c s i : A d d c h e c k s t o v a l i d a t e c o m p l e t i o n s ( M a u r i z i o L o m b a r d i ) [ 1 3 9 7 8 0 7 ] b r > b r > [ 2 . 6 . 3 2 - 6 7 9 ] b r > - [ m m ] R e v e r t ' m m : F i x s l a b g r o w i n g o u t o f b o u n d w i t h i n a c p u s e t ' ( L a r r y W o o d m a n ) [ 1 4 0 2 7 1 3 ] b r > - [ n e t d r v ] c x g b 4 : u p d a t e l a t e s t f i r m w a r e v e r s i o n s u p p o r t e d ( S a i V e m u r i ) [ 1 3 8 1 3 8 2 ] b r > - [ k e r n e l ] a u d i t : c o r r e c t l y r e c o r d f i l e n a m e s w i t h d i f f e r e n t p a t h n a m e t y p e s ( P a u l M o o r e ) [ 1 3 0 5 1 0 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : d r i v e r v e r s i o n u p g r a d e ( T o m a s H e n z l ) [ 1 3 0 6 4 5 7 ] b r > - [ s c s i ] m e g a r a i d _ s a s : I m p l e m e n t t h e P D M a p s u p p o r t f o r S A S 3 . 5 G e n e r i c M e g a r a i d C o n t r o l l e r s ( T o m a s H e n z l ) [ 1 3 0 6 4 5 7 ] b r > - [ s c s i ] m e g a r a i d _ s a s : l d i o _ o u t s t a n d i n g v a r i a b l e i s n o t d e c r e m e n t e d i n c o m p l e t i o n p a t h ( T o m a s H e n z l ) [ 1 3 0 6 4 5 7 ] b r > - [ s c s i ] m e g a r a i d _ s a s : E n a b l e o r D i s a b l e F a s t p a t h b a s e d o n t h e P C I T h r e s h o l d B a n d w i d t h ( T o m a s H e n z l ) [ 1 3 0 6 4 5 7 ] b r > - [ s c s i ] m e g a r a i d _ s a s : A d d t h e S u p p o r t f o r S A S 3 . 5 G e n e r i c M e g a r a i d C o n t r o l l e r s C a p a b i l i t i e s ( T o m a s H e n z l ) [ 1 3 0 6 4 5 7 ] b r > - [ s c s i ] m e g a r a i d _ s a s : D y n a m i c R a i d M a p C h a n g e s f o r S A S 3 . 5 G e n e r i c M e g a r a i d C o n t r o l l e r s ( T o m a s H e n z l ) [ 1 3 0 6 4 5 7 ] b r > - [ s c s i ] m e g a r a i d _ s a s : S A S 3 . 5 G e n e r i c M e g a r a i d C o n t r o l l e r s F a s t P a t h f o r R A I D 1 / 1 0 W r i t e s ( T o m a s H e n z l ) [ 1 3 0 6 4 5 7 ] b r > - [ s c s i ] m e g a r a i d _ s a s : S A S 3 . 5 G e n e r i c M e g a r a i d C o n t r o l l e r s S t r e a m D e t e c t i o n a n d I O C o a l e s c i n g ( T o m a s H e n z l ) [ 1 3 0 6 4 5 7 ] b r > - [ s c s i ] m e g a r a i d _ s a s : E E D P E s c a p e M o d e S u p p o r t f o r S A S 3 . 5 G e n e r i c M e g a r a i d C o n t r o l l e r s ( T o m a s H e n z l ) [ 1 3 0 6 4 5 7 ] b r > - [ s c s i ] m e g a r a i d _ s a s : 1 2 8 M S I X S u p p o r t ( T o m a s H e n z l ) [ 1 3 0 6 4 5 7 ] b r > - [ s c s i ] m e g a r a i d _ s a s : A d d n e w p c i d e v i c e I d s f o r S A S 3 . 5 G e n e r i c M e g a r a i d C o n t r o l l e r s ( T o m a s H e n z l ) [ 1 3 0 6 4 5 7 ] b r > b r > [ 2 . 6 . 3 2 - 6 7 8 ] b r > - [ n e t d r v ] R D M A / i w _ c x g b 4 : F i x b a r 2 v i r t a d d r c a l c u l a t i o n f o r T 4 c h i p s ( S a i V e m u r i ) [ 1 3 8 1 3 8 2 ] b r > - [ n e t d r v ] c x g b 4 : S t o p R x Q u e u e s b e f o r e f r e e i n g i t u p ( S a i V e m u r i ) [ 1 3 8 1 3 8 2 ] b r > - [ n e t d r v ] i w _ c x g b 4 : A d d e d ' F a i l ' c o l u m n i n d e b u g i w _ c x g b 4 s t a t s ( S a i V e m u r i ) [ 1 3 8 1 3 8 2 ] b r > - [ n e t d r v ] c x g b 4 : A d d i n f o p r i n t t o d i s p l a y n u m b e r o f M S I - X v e c t o r s a l l o c a t e d ( S a i V e m u r i ) [ 1 3 8 1 3 8 2 ] b r > - [ n e t d r v ] i w p m : c r a s h f i x f o r l a r g e c o n n e c t i o n s t e s t ( S a i V e m u r i ) [ 1 3 8 1 3 8 2 ] b r > - [ n e t d r v ] c x g b 4 / c x g b 4 v f : U s e v l a n _ g r o _ f r a g s _ g r ( ) f o r V L A N s ( S a i V e m u r i ) [ 1 3 8 1 3 8 2 ] b r > - [ n e t d r v ] c x g b 4 v f : U s i n g R H E L 6 p r o v i d e d n a p i _ g r o _ f r a g s _ g r ( ) A P I w h i c h r e t u r n s ( e n u m g r o _ r e s u l t ) v a l u e s ( S a i V e m u r i ) [ 1 3 8 1 3 8 2 ] b r > - [ s e r i a l ] 8 2 5 0 _ p c i : D e t a c h l o w - l e v e l d r i v e r d u r i n g P C I e r r o r r e c o v e r y ( G u s t a v o D u a r t e ) [ 1 4 0 0 5 0 8 ] b r > - [ d r m ] r e s e r v a t i o n : R e m o v e s h a d o w i n g l o c a l v a r i a b l e ' r e t ' ( R o b C l a r k ) [ 1 3 9 8 0 8 4 ] b r > - [ n e t ] s c t p : v a l i d a t e c h u n k l e n b e f o r e a c t u a l l y u s i n g i t ( H a n g b i n L i u ) [ 1 3 9 9 4 5 7 ] { C V E - 2 0 1 6 - 9 5 5 5 } b r > - [ n e t ] i p v 6 : a d d m t u l o c k c h e c k i n _ _ i p 6 _ r t _ u p d a t e _ p m t u ( X i n L o n g ) [ 1 3 9 7 2 9 5 ] b r > - [ n e t ] R e d u c e q u e u e a l l o c a t i o n t o o n e i n k d u m p k e r n e l ( S a i V e m u r i ) [ 1 3 2 1 3 1 5 ] b r > - [ n e t d r v ] c x g b 4 : F o r c e c x g b 4 d r i v e r a s M A S T E R i n k d u m p k e r n e l ( S a i V e m u r i ) [ 1 3 2 1 3 1 5 ] b r > b r > [ 2 . 6 . 3 2 - 6 7 7 ] b r > - [ n e t d r v ] c x g b 4 : A d d c x g b 4 T 4 / T 5 f i r m w a r e v e r s i o n 1 . 1 5 . 3 7 . 0 ( S a i V e m u r i ) [ 1 3 4 9 1 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : f i x l o c k i n g ( I v a n V e c e r a ) [ 1 3 9 7 9 1 5 ] b r > - [ p e r f ] t o o l s : I n i t i a l i z e r e f e r e n c e c o u n t s i n m a p _ _ c l o n e ( ) ( J i r i O l s a ) [ 1 3 5 9 1 0 0 ] b r > - [ p e r f ] t o o l s : R e p l a c e m a p - > r e f e r e n c e d & m a p s - > r e m o v e d _ m a p s w i t h m a p - > r e f c n t ( J i r i O l s a ) [ 1 3 5 9 1 0 0 ] b r > - [ m d ] r a i d 1 0 : a d d r c u p r o t e c t i o n t o r d e v a c c e s s i n r a i d 1 0 _ s y n c _ r e q u e s t ( X i a o N i ) [ 1 3 9 5 0 4 8 ] b r > - [ m d ] r a i d 1 0 : a d d r c u p r o t e c t i o n i n r a i d 1 0 _ s t a t u s ( X i a o N i ) [ 1 3 9 5 0 4 8 ] b r > - [ m d ] r a i d 1 0 : f i x r e f o u n c t i m b a l a n c e w h e n r e s y n c i n g a n a r r a y w i t h a r e p l a c e m e n t d e v i c e ( X i a o N i ) [ 1 3 9 5 0 4 8 ] b r > - [ n e t d r v ] q l c n i c : a d d w m b ( ) c a l l i n t r a n s m i t d a t a p a t h ( H a r i s h P a t i l ) [ 1 3 4 2 6 5 9 ] b r > - [ x 8 6 ] A C P I : a d d d y n a m i c _ d e b u g s u p p o r t ( P r a r i t B h a r g a v a ) [ 1 2 5 2 6 7 4 ] b r > - [ m m ] h u g e t l b : f i x h u g e _ p t e _ a l l o c B U G _ O N ( D a v e A n d e r s o n ) [ 1 3 9 7 2 5 0 ] b r > b r > [ 2 . 6 . 3 2 - 6 7 6 ] b r > - [ s c s i ] m e g a r a i d _ s a s : d r i v e r v e r s i o n u p g r a d e ( T o m a s H e n z l ) [ 1 3 9 6 5 6 7 ] b r > - [ s c s i ] m e g a r a i d _ s a s : a d d i n m i s s i n g w h i t e s p a c e s i n e r r o r m e s s a g e s t e x t ( T o m a s H e n z l ) [ 1 3 9 6 5 6 7 ] b r > - [ s c s i ] m e g a r a i d _ s a s : D o n o t s e t M P I 2 _ T Y P E _ C U D A f o r J B O D F P p a t h f o r F W w h i c h d o e s n o t s u p p o r t J B O D s e q u e n c e m a p ( T o m a s H e n z l ) [ 1 3 9 7 8 7 3 ] b r > - [ s c s i ] m e g a r a i d _ s a s : S e n d S Y N C H R O N I Z E _ C A C H E f o r V D t o f i r m w a r e ( T o m a s H e n z l ) [ 1 3 9 2 4 9 9 ] b r > - [ s c s i ] m e g a r a i d _ s a s : D o n o t f i r e D C M D s d u r i n g P C I s h u t d o w n / d e t a c h ( T o m a s H e n z l ) [ 1 3 9 6 5 6 7 ] b r > - [ s c s i ] m e g a r a i d _ s a s : S e n d c o r r e c t P h y s A r m t o F W f o r R 1 V D d o w n g r a d e ( T o m a s H e n z l ) [ 1 3 9 6 5 6 7 ] b r > - [ s c s i ] m e g a r a i d _ s a s : F o r S R I O V e n a b l e d f i r m w a r e , e n s u r e V F d r i v e r w a i t s f o r 3 0 s e c s b e f o r e r e s e t ( T o m a s H e n z l ) [ 1 3 9 6 5 6 7 ] b r > - [ s c s i ] m e g a r a i d _ s a s : F i x d a t a i n t e g r i t y f a i l u r e f o r J B O D ( p a s s t h r o u g h ) d e v i c e s ( T o m a s H e n z l ) [ 1 3 9 2 4 9 9 ] b r > - [ s c s i ] m e g a r a i d _ s a s : f i x m a c r o M E G A S A S _ I S _ L O G I C A L t o a v o i d r e g r e s s i o n ( T o m a s H e n z l ) [ 1 3 9 2 4 9 9 ] b r > - [ s c s i ] m e g a r a i d _ s a s : c l e a n f u n c t i o n d e c l a r a t i o n s i n m e g a r a i d _ s a s _ b a s e . c u p ( T o m a s H e n z l ) [ 1 3 9 6 5 6 7 ] b r > - [ s c s i ] m e g a r a i d _ s a s : a d d i n m i s s i n g w h i t e s p a c e i n e r r o r m e s s a g e t e x t ( T o m a s H e n z l ) [ 1 3 9 6 5 6 7 ] b r > - [ s c s i ] m e g a r a i d _ s a s : F i x t h e s e a r c h o f f i r s t m e m o r y b a r ( T o m a s H e n z l ) [ 1 3 9 6 5 6 7 ] b r > - [ s c s i ] m e g a r a i d _ s a s : U s e m e m d u p _ u s e r ( ) r a t h e r t h a n d u p l i c a t i n g i t s i m p l e m e n t a t i o n ( T o m a s H e n z l ) [ 1 3 9 6 5 6 7 ] b r > - [ s c s i ] m e g a r a i d _ s a s : F i x p r o b i n g c a r d s w i t h o u t i o p o r t ( T o m a s H e n z l ) [ 1 3 9 6 5 6 7 ] b r > - [ s c s i ] m e g a r a i d _ s a s : D o w n g r a d e t w o s u c c e s s m e s s a g e s t o i n f o ( T o m a s H e n z l ) [ 1 3 9 6 5 6 7 ] b r > - [ s c s i ] m e g a r a i d _ s a s : d r i v e r v e r s i o n u p g r a d e ( T o m a s H e n z l ) [ 1 3 9 6 5 6 7 ] b r > - [ s c s i ] m e g a r a i d _ s a s : t a s k m a n a g e m e n t c o d e o p t i m i z a t i o n s ( T o m a s H e n z l ) [ 1 3 9 6 5 6 7 ] b r > - [ s c s i ] m e g a r a i d _ s a s : c a l l I S R f u n c t i o n t o c l e a n u p p e n d i n g r e p l i e s i n O C R p a t h ( T o m a s H e n z l ) [ 1 3 9 6 5 6 7 ] b r > - [ s c s i ] m e g a r a i d _ s a s : r e d u c e m e m o r y f o o t p r i n t s i n k d u m p m o d e ( T o m a s H e n z l ) [ 1 3 9 6 5 6 7 ] b r > - [ s c s i ] m e g a r a i d _ s a s : a d d m i s s i n g c u r l y b r a c e s i n i o c t l h a n d l e r ( T o m a s H e n z l ) [ 1 3 9 6 5 6 7 ] b r > - [ s c s i ] m p t 3 s a s : B u m p d r i v e r v e r s i o n a s ' 1 4 . 1 0 1 . 0 0 . 0 0 ' ( T o m a s H e n z l ) [ 1 3 0 6 4 6 9 ] b r > - [ s c s i ] m p t 3 s a s : F i x f o r E n d i a n n e s s i s s u e ( T o m a s H e n z l ) [ 1 3 0 6 4 6 9 ] b r > - [ s c s i ] m p t 3 s a s : U s e t h e n e w M P I 2 . 6 3 2 - b i t A t o m i c R e q u e s t D e s c r i p t o r s f o r S A S 3 5 d e v i c e s ( T o m a s H e n z l ) [ 1 3 0 6 4 6 9 ] b r > - [ s c s i ] m p t 3 s a s : s e t E E D P - e s c a p e - f l a g s f o r S A S 3 5 d e v i c e s ( T o m a s H e n z l ) [ 1 3 0 6 4 6 9 ] b r > - [ s c s i ] m p t 3 s a s : I n c r e a s e d / A d d i t i o n a l M S I X s u p p o r t f o r S A S 3 5 d e v i c e s ( T o m a s H e n z l ) [ 1 3 0 6 4 6 9 ] b r > - [ s c s i ] m p t 3 s a s : A d d e d D e v i c e I D s f o r S A S 3 5 d e v i c e s a n d u p d a t e d M P I h e a d e r ( T o m a s H e n z l ) [ 1 3 0 6 4 6 9 ] b r > - [ s c s i ] m p t 3 s a s : D o n t s p a m l o g s i f l o g g i n g l e v e l i s 0 ( T o m a s H e n z l ) [ 1 3 0 6 4 6 9 ] b r > - [ s c s i ] m p t 3 s a s : F i x w a r n i n g s e x p o s e d b y W = 1 ( T o m a s H e n z l ) [ 1 3 0 6 4 6 9 ] b r > - [ s c s i ] m p t 3 s a s : E l i m i n a t e d e a d s l e e p _ f l a g c o d e ( T o m a s H e n z l ) [ 1 3 0 6 4 6 9 ] b r > - [ s c s i ] m p t 3 s a s : E l i m i n a t e c o n d i t i o n a l l o c k i n g i n m p t 3 s a s _ s c s i h _ i s s u e _ t m ( ) ( T o m a s H e n z l ) [ 1 3 0 6 4 6 9 ] b r > - [ s c s i ] m p t 3 s a s : E n s u r e t h e c o n n e c t o r _ n a m e s t r i n g i s N U L - t e r m i n a t e d ( T o m a s H e n z l ) [ 1 3 0 6 4 6 9 ] b r > - [ s c s i ] m p t 3 s a s : B u m p d r i v e r v e r s i o n a s ' 1 4 . 1 0 0 . 0 0 . 0 0 ' ( T o m a s H e n z l ) [ 1 3 0 6 4 6 9 ] b r > - [ s c s i ] m p t 3 s a s : R e m o v e u n u s e d m a c r o ' M P T _ D E V I C E _ T L R _ O N ' ( T o m a s H e n z l ) [ 1 3 0 6 4 6 9 ] b r > - [ s c s i ] m p t 3 s a s : I m p l e m e n t d e v i c e _ r e m o v e _ i n _ p r o g r e s s c h e c k i n I O C T L p a t h ( T o m a s H e n z l ) [ 1 3 0 6 4 6 9 ] b r > - [ s c s i ] m p t 3 s a s : F i x f o r i n c o r r e c t n u m b e r s f o r M S I X v e c t o r s e n a b l e d w h e n n o n R D P Q c a r d i s e n u m e r a t e d f i r s t ( T o m a s H e n z l ) [ 1 3 0 6 4 6 9 ] b r > - [ s c s i ] m p t 3 s a s : F i x f o r i m p r o p e r i n f o d i s p l a y e d i n v a r l o g , w h i l e b l o c k i n g o r u n b l o c k i n g t h e d e v i c e ( T o m a s H e n z l ) [ 1 3 0 6 4 6 9 ] b r > - [ n e t ] i n c r e a s e x m i t R E C U R S I O N _ L I M I T t o 1 0 ( S a b r i n a D u b r o c a ) [ 1 3 9 2 6 6 0 ] b r > - [ n e t ] a d d a r e c u r s i o n l i m i t i n x m i t p a t h ( S a b r i n a D u b r o c a ) [ 1 3 9 2 6 6 0 ] b r > - [ n e t ] n e t f i l t e r : e b t a b l e s : p u t m o d u l e r e f e r e n c e w h e n a n i n c o r r e c t e x t e n s i o n i s f o u n d ( S a b r i n a D u b r o c a ) [ 1 3 9 0 0 6 1 ] b r > - [ n e t ] n e t f i l t e r : e b t a b l e s : F i x e x t e n s i o n l o o k u p w i t h i d e n t i c a l n a m e ( S a b r i n a D u b r o c a ) [ 1 3 9 0 0 6 1 ] b r > - [ n e t ] i p v 6 : i p v 6 _ f i n d _ h d r r e s t o r e p r e v f u n c t i o n a l i t y ( P a o l o A b e n i ) [ 1 3 9 2 9 7 5 ] b r > b r > [ 2 . 6 . 3 2 - 6 7 5 ] b r > - [ k e r n e l ] a u d i t : f i x a d o u b l e f e t c h i n a u d i t _ l o g _ s i n g l e _ e x e c v e _ a r g ( ) ( P a u l M o o r e ) [ 1 3 5 9 3 0 4 ] { C V E - 2 0 1 6 - 6 1 3 6 } b r > - [ f s ] n f s : K i l l f s c a c h e w a r n i n g s w h e n m o u n t i n g w i t h o u t - o f s c ( D a v i d H o w e l l s ) [ 1 3 5 3 8 4 4 ] b r > - [ f s ] n f s : F i x a c o m p i l e i s s u e w h e n C O N F I G _ N F S _ F S C A C H E w a s u n d e f i n e d ( D a v i d H o w e l l s ) [ 1 3 5 3 8 4 4 ] b r > - [ f s ] n f s : D o n t p a s s m o u n t d a t a t o n f s _ f s c a c h e _ g e t _ s u p e r _ c o o k i e ( ) ( D a v i d H o w e l l s ) [ 1 3 5 3 8 4 4 ] b r > - [ f s ] d l m : D o n t s a v e c a l l b a c k s a f t e r a c c e p t ( R o b e r t S P e t e r s o n ) [ 1 2 6 4 4 9 2 ] b r > - [ f s ] d l m : S a v e a n d r e s t o r e s o c k e t c a l l b a c k s p r o p e r l y ( R o b e r t S P e t e r s o n ) [ 1 2 6 4 4 9 2 ] b r > - [ f s ] d l m : R e p l a c e n o d e i d _ t o _ a d d r w i t h k e r n e l _ g e t p e e r n a m e ( R o b e r t S P e t e r s o n ) [ 1 2 6 4 4 9 2 ] b r > - [ f s ] d l m : p r i n t k e r n e l m e s s a g e w h e n w e g e t a n e r r o r f r o m k e r n e l _ s e n d p a g e ( R o b e r t S P e t e r s o n ) [ 1 2 6 4 4 9 2 ] b r > - [ f s ] n f s d : h a n d l e f i l e i d w r a p a r o u n d ( D a v e W y s o c h a n s k i ) [ 1 3 9 7 5 5 2 ] b r > - [ h v ] s t o r v s c : P a y l o a d b u f f e r i n c o r r e c t l y s i z e d f o r 3 2 b i t k e r n e l s ( C a t h y A v e r y ) [ 1 3 9 4 7 5 6 ] b r > - [ f s ] x f s : f i x u n b a l a n c e d i n o d e r e c l a i m f l u s h l o c k i n g ( B r i a n F o s t e r ) [ 1 3 8 4 5 6 4 ] b r > - [ s c s i ] h p s a : c o r r e c t l o g i c a l r e s e t s ( J o s e p h S z c z y p e k ) [ 1 0 8 3 1 1 0 ] b r > - [ s c s i ] h p s a : g e n e r a t e a c o n t r o l l e r N M I ( J o s e p h S z c z y p e k ) [ 1 0 8 3 1 1 0 ] b r > - [ s c s i ] h p s a : u p d a t e d r i v e r v e r s i o n t o 3 . 4 . 1 0 - 0 - R H 3 ( J o s e p h S z c z y p e k ) [ 1 0 8 3 1 1 0 ] b r > - [ s c s i ] h p s a : C h e c k f o r n u l l d e v i c e s i n i o a c c e l s u b m i s s i o n p a t c h ( J o s e p h S z c z y p e k ) [ 1 0 8 3 1 1 0 ] b r > - [ s c s i ] h p s a : c h e c k f o r n u l l d e v i c e p o i n t e r s ( J o s e p h S z c z y p e k ) [ 1 0 8 3 1 1 0 ] b r > - [ s c s i ] h p s a : c o r r e c t s k i p p i n g m a s k e d p e r i p h e r a l s ( J o s e p h S z c z y p e k ) [ 1 0 8 3 1 1 0 ] b r > - [ s c s i ] h p s a : g e n e r a l i z e e x t e r n a l a r r a y s ( J o s e p h S z c z y p e k ) [ 1 0 8 3 1 1 0 ] b r > - [ s c s i ] v m w _ p v s c s i : r e t u r n S U C C E S S f o r s u c c e s s f u l c o m m a n d a b o r t s ( E w a n M i l n e ) [ 1 3 7 2 4 6 5 ] b r > b r > [ 2 . 6 . 3 2 - 6 7 4 ] b r > - [ f s ] e x t 4 : f i x e x t e n t t r e e c o r r u p t i o n c a u s e d b y h o l e p u n c h ( L u k a s C z e r n e r ) [ 1 3 5 1 7 9 8 ] b r > - [ x 8 6 ] M a r k I n t e l P u r l e y s u p p o r t e d ( S t e v e B e s t ) [ 1 2 7 1 8 6 6 ] b r > - [ p n p ] P r e v e n t a t t a c h i n g t o A C P I I P M I d e v i c e ( C h a r l e s R o s e ) [ 8 5 7 1 5 0 ] b r > b r > [ 2 . 6 . 3 2 - 6 7 3 ] b r > - [ n e t d r v ] e h e a : f i x o p e r a t i o n s t a t e r e p o r t ( G u s t a v o D u a r t e ) [ 1 0 8 9 1 3 4 ] b r > - [ b l o c k ] n v m e : A l w a y s u s e M S I / M S I - x i n t e r r u p t s ( D a v i d M i l b u r n ) [ 1 3 7 2 0 2 3 ] b r > - [ f s ] a i o : a i o _ n r d e c r e m e n t s d o n t n e e d t o b e d e l a y e d ( J i r i O l s a ) [ 1 3 8 6 2 1 6 ] b r > - [ f s ] a i o : d o n t b o t h e r w i t h a s y n c f r e e i n g o n f a i l u r e i n i o c t x _ a l l o c ( ) ( J i r i O l s a ) [ 1 3 8 6 2 1 6 ] b r > - [ f s ] e p o l l : e p _ u n r e g i s t e r _ p o l l w a i t ( ) c a n u s e t h e f r e e d p w q - > w h e a d ( L a u r o R a m o s V e n a n c i o ) [ 1 3 9 2 3 7 2 ] b r > - [ f s ] e p o l l : i n t r o d u c e P O L L F R E E t o f l u s h - > s i g n a l f d _ w q h b e f o r e k f r e e ( ) ( L a u r o R a m o s V e n a n c i o ) [ 1 3 9 2 3 7 2 ] b r > b r > [ 2 . 6 . 3 2 - 6 7 2 ] b r > - [ s c h e d ] F i x r q - > n r _ u n i n t e r r u p t i b l e u p d a t e r a c e ( A a r o n T o m l i n ) [ 1 3 7 7 2 9 2 ] b r > - [ s e c u r i t y ] k e y s : F i x s h o r t s p r i n t f b u f f e r i n / p r o c / k e y s s h o w f u n c t i o n ( F r a n t i s e k H r b a t a ) [ 1 3 7 5 2 0 8 ] { C V E - 2 0 1 6 - 7 0 4 2 } b r > - [ n e t ] b r i d g e : f i x s w i t c h e d i n t e r v a l f o r M L D Q u e r y t y p e s ( H a n g b i n L i u ) [ 1 3 9 2 3 2 7 ] b r > - [ n e t ] n e t f i l t e r : i p v 6 : m o v e P O S T R O U T I N G i n v o c a t i o n b e f o r e f r a g m e n t a t i o n ( E r i c G a r v e r ) [ 1 3 9 1 2 4 0 ] b r > - [ n e t ] F i x u s e a f t e r f r e e i n t h e r e c v m m s g e x i t p a t h ( D a v i d e C a r a t t i ) [ 1 3 9 0 0 4 6 ] { C V E - 2 0 1 6 - 7 1 1 7 } b r > - [ n e t ] v l a n : P r o p a g a t e M A C a d d r e s s t o V L A N s ( J a r o d W i l s o n ) [ 1 3 8 1 5 8 5 ] b r > - [ n e t ] t c p : f i x u s e a f t e r f r e e i n t c p _ x m i t _ r e t r a n s m i t _ q u e u e ( ) ( M a t e u s z G u z i k ) [ 1 3 7 9 5 2 9 ] { C V E - 2 0 1 6 - 6 8 2 8 } b r > - [ n e t ] n e t f i l t e r : x _ t a b l e s : c h e c k f o r b o g u s t a r g e t o f f s e t ( M a t e u s z G u z i k ) [ 1 3 5 1 4 2 2 ] { C V E - 2 0 1 6 - 4 9 9 8 } b r > - [ n e t ] n e t f i l t e r : x _ t a b l e s : v a l i d a t e e - > t a r g e t _ o f f s e t e a r l y ( M a t e u s z G u z i k ) [ 1 3 5 1 4 2 2 ] { C V E - 2 0 1 6 - 4 9 9 8 } b r > - [ n e t ] n e t f i l t e r : x _ t a b l e s : m a k e s u r e e - > n e x t _ o f f s e t c o v e r s r e m a i n i n g b l o b s i z e ( M a t e u s z G u z i k ) [ 1 3 5 1 4 2 2 ] { C V E - 2 0 1 6 - 4 9 9 8 } b r > - [ n e t ] t c p : e n a b l e p e r - s o c k e t r a t e l i m i t i n g o f a l l ' c h a l l e n g e a c k s ' ( F l o r i a n W e s t p h a l ) [ 1 3 8 8 2 8 7 ] b r > - [ n e t ] t c p : u n i n l i n e t c p _ o o w _ r a t e _ l i m i t e d ( ) ( F l o r i a n W e s t p h a l ) [ 1 3 8 8 2 8 7 ] b r > - [ n e t ] t c p : m i t i g a t e A C K l o o p s f o r c o n n e c t i o n s a s t c p _ t i m e w a i t _ s o c k ( F l o r i a n W e s t p h a l ) [ 1 3 8 8 2 8 7 ] b r > - [ n e t ] t c p : m i t i g a t e A C K l o o p s f o r c o n n e c t i o n s a s t c p _ s o c k ( F l o r i a n W e s t p h a l ) [ 1 3 8 8 2 8 7 ] b r > - [ n e t ] t c p : m i t i g a t e A C K l o o p s f o r c o n n e c t i o n s a s t c p _ r e q u e s t _ s o c k ( F l o r i a n W e s t p h a l ) [ 1 3 8 8 2 8 7 ] b r > - [ n e t ] t c p : h e l p e r s t o m i t i g a t e A C K l o o p s b y r a t e - l i m i t i n g o u t - o f - w i n d o w d u p a c k s ( F l o r i a n W e s t p h a l ) [ 1 3 8 8 2 8 7 ] b r > - [ n e t ] i p v 6 : D o n t c h a n g e d s t - > f l a g s u s i n g a s s i g n m e n t s ( M a r c e l o L e i t n e r ) [ 1 3 8 9 4 7 8 ] b r > - [ s c s i ] m e g a r a i d - s a s : r e q u e s t i r q s l a t e r ( T o m a s H e n z l ) [ 1 3 8 5 0 8 8 ] b r > b r > [ 2 . 6 . 3 2 - 6 7 1 ] b r > - [ p e r f ] l i s t : F i x r N N N N l i s t o u t p u t t o a p p e a r o n l y o n c e ( J i r i O l s a ) [ 1 2 9 1 2 5 6 1 3 7 4 4 1 1 ] b r > - [ p e r f ] s y m b o l s : C h e c k k p t r _ r e s t r i c t f o r r o o t ( J i r i O l s a ) [ 1 2 9 1 2 5 6 1 3 7 4 4 1 1 ] b r > - [ f s ] S U N R P C : F i x a r e g r e s s i o n w h e n r e c o n n e c t i n g ( B e n j a m i n C o d d i n g t o n ) [ 1 3 2 3 8 0 1 ] b r > - [ f s ] S U N R P C : C l e a r t h e r e q u e s t r q _ b y t e s _ s e n t f i e l d i n x p r t _ r e l e a s e _ w r i t e ( B e n j a m i n C o d d i n g t o n ) [ 1 3 2 3 8 0 1 ] b r > - [ f s ] S U N R P C : L o c k t h e t r a n s p o r t l a y e r o n s h u t d o w n ( B e n j a m i n C o d d i n g t o n ) [ 1 3 2 3 8 0 1 ] b r > - [ v i r t ] k v m : x 8 6 e m u l a t o r : i m p l e m e n t I M U L R E G , R / M ( o p c o d e 0 F A F ) ( R a d i m K r c m a r ) [ 1 3 1 3 4 6 8 ] b r > - [ v i r t ] k v m : x 8 6 e m u l a t o r : i m p l e m e n t I M U L R E G , R / M , I M M ( o p c o d e 6 9 ) ( R a d i m K r c m a r ) [ 1 3 1 3 4 6 8 ] b r > - [ v i r t ] k v m : x 8 6 e m u l a t o r : i m p l e m e n t I M U L R E G , R / M , i m m 8 ( o p c o d e 6 B ) ( R a d i m K r c m a r ) [ 1 3 1 3 4 6 8 ] b r > - [ v i r t ] k v m : x 8 6 e m u l a t o r : U s e a r e g i s t e r f o r _ _ _ _ e m u l a t e _ 2 o p ( ) d e s t i n a t i o n ( R a d i m K r c m a r ) [ 1 3 1 3 4 6 8 ] b r > - [ v i r t ] k v m : x 8 6 e m u l a t o r : p a s s d e s t i n a t i o n t y p e t o _ _ _ _ e m u l a t e _ 2 o p ( ) ( R a d i m K r c m a r ) [ 1 3 1 3 4 6 8 ] b r > - [ v i r t ] k v m : x 8 6 e m u l a t o r : a d d S r c 2 I m m d e c o d i n g ( R a d i m K r c m a r ) [ 1 3 1 3 4 6 8 ] b r > - [ v i r t ] k v m : x 8 6 e m u l a t o r : c o n s o l i d a t e i m m e d i a t e d e c o d e i n t o a f u n c t i o n ( R a d i m K r c m a r ) [ 1 3 1 3 4 6 8 ] b r > - [ h v ] n e t v s c : f i x i n c o r r e c t r e c e i v e c h e c k s u m o f f l o a d i n g ( V i t a l y K u z n e t s o v ) [ 1 3 8 8 7 0 1 ] b r > - [ h v ] d o n o t l o s e p e n d i n g h e a r t b e a t v m b u s p a c k e t s ( V i t a l y K u z n e t s o v ) [ 1 3 7 8 6 1 4 ] b r > - [ h v ] v m b u s : F i x s i g n a l i n g l o g i c i n h v _ n e e d _ t o _ s i g n a l _ o n _ r e a d ( ) ( V i t a l y K u z n e t s o v ) [ 1 3 1 9 0 5 4 ] b r > - [ h v ] v m b u s : E l i m i n a t e t h e s p i n l o c k o n t h e r e a d p a t h ( V i t a l y K u z n e t s o v ) [ 1 3 1 9 0 5 4 ] b r > - [ h v ] r i n g _ b u f f e r : e l i m i n a t e h v _ r i n g b u f f e r _ p e e k ( ) ( V i t a l y K u z n e t s o v ) [ 1 3 1 9 0 5 4 ] b r > - [ h v ] r e m o v e c o d e d u p l i c a t i o n b e t w e e n v m b u s _ r e c v p a c k e t ( ) / v m b u s _ r e c v p a c k e t _ r a w ( ) ( V i t a l y K u z n e t s o v ) [ 1 3 1 9 0 5 4 ] b r > - [ h v ] r i n g _ b u f f e r : r e m o v e c o d e d u p l i c a t i o n f r o m h v _ r i n g b u f f e r _ p e e k / r e a d ( ) ( V i t a l y K u z n e t s o v ) [ 1 3 1 9 0 5 4 ] b r > - [ h v ] r i n g _ b u f f e r . c : f i x c o m m e n t s t y l e ( V i t a l y K u z n e t s o v ) [ 1 3 1 9 0 5 4 ] b r > - [ h v ] n e t v s c : s e t n v d e v l i n k a f t e r p o p u l a t i n g c h n _ t a b l e ( V i t a l y K u z n e t s o v ) [ 1 3 2 0 0 9 4 1 3 3 5 9 2 6 ] b r > - [ h v ] n e t v s c : s y n c h r o n i z e n e t v s c _ c h a n g e _ m t u ( ) / n e t v s c _ s e t _ c h a n n e l s ( ) w i t h n e t v s c _ r e m o v e ( ) ( V i t a l y K u z n e t s o v ) [ 1 3 2 0 0 9 4 1 3 3 5 9 2 6 ] b r > - [ h v ] n e t v s c : g e t r i d o f s t r u c t n e t _ d e v i c e p o i n t e r i n s t r u c t n e t v s c _ d e v i c e ( V i t a l y K u z n e t s o v ) [ 1 3 2 0 0 9 4 1 3 3 5 9 2 6 ] b r > - [ h v ] n e t v s c : u n t a n g l e t h e p o i n t e r m e s s ( V i t a l y K u z n e t s o v ) [ 1 3 2 0 0 9 4 1 3 3 5 9 2 6 ] b r > - [ h v ] n e t v s c : u s e s t a r t _ r e m o v e f l a g t o p r o t e c t n e t v s c _ l i n k _ c h a n g e ( ) ( V i t a l y K u z n e t s o v ) [ 1 3 2 0 0 9 4 1 3 3 5 9 2 6 ] b r > - [ h v ] n e t v s c : m o v e s t a r t _ r e m o v e f l a g t o n e t _ d e v i c e _ c o n t e x t ( V i t a l y K u z n e t s o v ) [ 1 3 2 0 0 9 4 1 3 3 5 9 2 6 ] b r > - [ h v ] n e t v s c : M o v e s u b c h a n n e l w a i t i n g t o r n d i s _ f i l t e r _ d e v i c e _ r e m o v e ( ) ( V i t a l y K u z n e t s o v ) [ 1 3 2 0 0 9 4 1 3 3 5 9 2 6 ] b r > - [ h v ] n e t v s c : W a i t f o r s u b - c h a n n e l s t o b e p r o c e s s e d d u r i n g p r o b e ( V i t a l y K u z n e t s o v ) [ 1 3 2 0 0 9 4 1 3 3 5 9 2 6 ] b r > - [ h v ] n e t v s c : P r o p e r l y s i z e t h e v r s s q u e u e s ( V i t a l y K u z n e t s o v ) [ 1 3 2 0 0 9 4 1 3 3 5 9 2 6 ] b r > - [ h v ] n e t v s c : A d d c l o s e o f R N D I S f i l t e r i n t o c h a n g e m t u c a l l ( V i t a l y K u z n e t s o v ) [ 1 3 2 0 0 9 4 1 3 3 5 9 2 6 ] b r > - [ h v ] h v _ n e t v s c : A d d s u p p o r t t o s e t M T U r e s e r v a t i o n f r o m g u e s t s i d e ( V i t a l y K u z n e t s o v ) [ 1 3 5 2 1 0 5 ] b r > - [ p e r f ] p r o b e : C l e a r p r o b e _ t r a c e _ e v e n t w h e n a d d _ p r o b e _ t r a c e _ e v e n t ( ) f a i l s ( J i r i O l s a ) [ 1 2 9 1 5 1 0 ] b r > - [ p e r f ] p r o b e : M o v e f t r a c e p r o b e - e v e n t o p e r a t i o n s t o p r o b e - f i l e . c ( J i r i O l s a ) [ 1 2 9 1 5 1 0 ] b r > - [ b l o c k ] l o o p : f i x c o m m e n t t y p o i n l o o p _ c o n f i g _ d i s c a r d ( L u k a s C z e r n e r ) [ 8 1 8 5 9 7 ] b r > - [ b l o c k ] l o o p : L i m i t t h e n u m b e r o f r e q u e s t s i n t h e b i o l i s t ( L u k a s C z e r n e r ) [ 8 1 8 5 9 7 ] b r > - [ f s ] e x t 4 : o p t i m i z e t e s t _ r o o t ( ) ( L u k a s C z e r n e r ) [ 1 2 3 6 0 4 7 ] b r > - [ f s ] e x t 4 : v e r i f y g r o u p n u m b e r i n v e r i f y _ g r o u p _ i n p u t ( ) b e f o r e u s i n g i t ( L u k a s C z e r n e r ) [ 1 2 3 6 0 4 7 ] b r > - [ f s ] n f s d : u s e s h o r t r e a d a s w e l l a s i _ s i z e t o s e t e o f ( B e n j a m i n C o d d i n g t o n ) [ 1 3 0 2 4 1 5 ] b r > - [ f s ] x f s : x f s _ a l l o c _ f i x _ m i n l e f t c a n u n d e r f l o w n e a r E N O S P C ( C a r l o s M a i o l i n o ) [ 1 2 5 9 4 9 3 ] b r > - [ f s ] x f s : F i x r o u n d i n g i n x f s _ a l l o c _ f i x _ l e n ( ) ( C a r l o s M a i o l i n o ) [ 1 2 5 9 4 9 3 ] b r > - [ f s ] j b d : d o n t B U G b u t r e t u r n E N O S P C i f a h a n d l e r u n s o u t o f s p a c e ( L u k a s C z e r n e r ) [ 1 2 9 1 0 1 5 ] b r > - [ f s ] j b d 2 : d o n t B U G b u t r e t u r n E N O S P C i f a h a n d l e r u n s o u t o f s p a c e ( L u k a s C z e r n e r ) [ 1 2 9 1 0 1 5 ] b r > b r > [ 2 . 6 . 3 2 - 6 7 0 ] b r > - [ p o w e r p c ] p p c 6 4 : F i x i n c o r r e c t r e t u r n v a l u e f r o m _ _ c o p y _ t o f r o m _ u s e r ( G u s t a v o D u a r t e ) [ 1 3 8 7 2 4 3 ] b r > - [ m i s c ] h p i l o : C h a n g e s t o s u p p o r t n e w s e c u r i t y s t a t e s i n i L O 5 F W ( J o s e p h S z c z y p e k ) [ 1 3 7 6 5 8 4 ] b r > - [ m i s c ] h p i l o : C h a n g e e - m a i l a d d r e s s f r o m h p . c o m t o h p e . c o m ( J o s e p h S z c z y p e k ) [ 1 3 7 6 5 8 4 ] b r > - [ m i s c ] h p i l o : c l e a n u p h p i l o ( J o s e p h S z c z y p e k ) [ 1 3 7 6 5 8 4 ] b r > - [ m m ] m e m o r y _ h o t p l u g . c : c h a n g e n o r m a l m e s s a g e t o u s e p r _ d e b u g ( J e r e m y M c N i c o l l ) [ 1 2 5 5 2 7 2 ] b r > - [ a c p i ] m e m _ h o t p l u g : s e t m e m o r y i n f o c o r r e c t l y w h e n p r o b l e m s f o r c i n g m e m o n l i n e ( J e r e m y M c N i c o l l ) [ 1 2 5 5 2 7 2 ] b r > - [ f s ] b i o : N e e d t o f r e e i n t e g r i t y p a y l o a d i f t h e s p l i t b i o g e t s m e m o r y b y i t s e l f ( X i a o N i ) [ 1 2 6 8 4 3 4 ] b r > - [ m d ] a d d r d e v r e f e r e n c e f o r s u p e r w r i t e ( X i a o N i ) [ 1 3 6 5 7 1 8 ] b r > - [ n e t d r v ] r t l w i f i : f i x m e m o r y l e a k f o r U S B d e v i c e ( S t a n i s l a w G r u s z k a ) [ 1 3 6 4 5 9 7 ] b r > - [ f s ] N F S v 4 : F i x a u s e - a f t e r - f r e e s i t u a t i o n i n _ n f s 4 _ p r o c _ g e t l k ( ) ( B e n j a m i n C o d d i n g t o n ) [ 1 3 5 3 2 7 2 ] b r > - [ d r m ] n o u v e a u / k m s : t a k e m o d e _ c o n f i g m u t e x i n c o n n e c t o r h o t p l u g p a t h ( B e n S k e g g s ) [ 1 3 4 9 9 7 8 ] b r > - [ k e r n e l ] c l o c k s o u r c e : D e f e r o v e r r i d e i n v a l i d a t i o n u n l e s s c l o c k i s u n s t a b l e ( P r a r i t B h a r g a v a ) [ 1 3 5 6 2 3 1 ] b r > - [ k e r n e l ] c l o c k s o u r c e : R e s e l e c t c l o c k s o u r c e w h e n w a t c h d o g v a l i d a t e d h i g h - r e s c a p a b i l i t y ( P r a r i t B h a r g a v a ) [ 1 3 5 6 2 3 1 ] b r > - [ f s ] n f s 4 : c l n t : r e s p e c t n o r e s v p o r t w h e n e s t a b l i s h i n g c o n n e c t i o n s t o D S e s ( B e n j a m i n C o d d i n g t o n ) [ 1 3 4 6 0 4 1 ] b r > - [ f s ] n f s : A d d n f s _ c l i e n t b e h a v i o r f l a g s ( B e n j a m i n C o d d i n g t o n ) [ 1 3 4 6 0 4 1 ] b r > - [ b l o c k ] f i x / p r o c / d i s k s t a t s i n - f l i g h t - k A B I w o r k a r o u n d ( J e r o m e M a r c h a n d ) [ 1 2 7 3 3 3 9 1 3 0 6 8 7 9 ] b r > - [ b l o c k ] a d d i n t e r n a l h d p a r t t a b l e r e f e r e n c e s ( J e r o m e M a r c h a n d ) [ 1 2 7 3 3 3 9 1 3 0 6 8 7 9 ] b r > - [ b l o c k ] f i x a c c o u n t i n g b u g o n c r o s s p a r t i t i o n m e r g e s ( J e r o m e M a r c h a n d ) [ 1 2 7 3 3 3 9 1 3 0 6 8 7 9 ] b r > - [ b l o c k ] k r e f : a d d k r e f _ t e s t _ a n d _ g e t ( J e r o m e M a r c h a n d ) [ 1 2 7 3 3 3 9 1 3 0 6 8 7 9 ] b r > - [ b l o c k ] R e v e r t ' b l o c k : f i x a c c o u n t i n g b u g o n c r o s s p a r t i t i o n m e r g e s ' ( J e r o m e M a r c h a n d ) [ 1 2 7 3 3 3 9 1 3 0 6 8 7 9 ] b r > - [ p e r f ] t h r e a d : F i x r e f e r e n c e c o u n t i n i t i a l s t a t e ( J i r i O l s a ) [ 1 3 5 9 1 0 0 ] b r > - [ p e r f ] t o o l s : R e f e r e n c e c o u n t s t r u c t m a p ( J i r i O l s a ) [ 1 3 5 9 1 0 0 ] b r > - [ p e r f ] t o o l s : C h e c k i f a m a p i s s t i l l i n u s e w h e n d e l e t i n g i t ( J i r i O l s a ) [ 1 3 5 9 1 0 0 ] b r > - [ p e r f ] t o o l s : P r o t e c t a c c e s s e s t h e m a p r b t r e e s w i t h a r w l o c k ( J i r i O l s a ) [ 1 3 5 9 1 0 0 ] b r > - [ p e r f ] t o o l s : I n t r o d u c e s t r u c t m a p s ( J i r i O l s a ) [ 1 3 5 9 1 0 0 ] b r > - [ p e r f ] t o o l s : A s s i g n d e f a u l t v a l u e f o r s o m e p o i n t e r s ( J i r i O l s a ) [ 1 3 5 9 1 0 0 ] b r > - [ p e r f ] t o o l s : U s e m a p s _ _ f i r s t ( ) / m a p _ _ n e x t ( ) ( J i r i O l s a ) [ 1 3 5 9 1 0 0 ] b r > - [ p e r f ] t o o l s : L e a v e D S O d e s t r u c t i o n t o t h e m a p d e s t r u c t i o n ( J i r i O l s a ) [ 1 3 5 9 1 0 0 ] b r > - [ p e r f ] m a c h i n e : M a r k r e m o v e d t h r e a d s a s s u c h ( J i r i O l s a ) [ 1 3 5 9 1 0 0 ] b r > - [ p e r f ] t o o l s : I m p o r t r b _ e r a s e _ i n i t f r o m b l o c k / i n t h e k e r n e l s o u r c e s ( J i r i O l s a ) [ 1 3 5 9 1 0 0 ] b r > - [ p e r f ] t o o l s : N u k e u n u s e d m a p _ g r o u p s _ _ f l u s h ( ) ( J i r i O l s a ) [ 1 3 5 9 1 0 0 ] b r > - [ p e r f ] t o o l s : R e m o v e r e d u n d a n t i n i t i a l i z a t i o n o f t h r e a d l i n k a g e m e m b e r s ( J i r i O l s a ) [ 1 3 5 9 1 0 0 ] b r > - [ p e r f ] t o o l s : R e n a m e m a p s _ _ n e x t ( J i r i O l s a ) [ 1 3 5 9 1 0 0 ] b r > - [ p e r f ] m a c h i n e : D o n o t c a l l m a p _ g r o u p s _ _ d e l e t e ( ) , d r o p r e f c n t i n s t e a d ( J i r i O l s a ) [ 1 3 5 9 1 0 0 ] b r > - [ p e r f ] h i s t s : R e n a m e a d d _ h i s t _ e n t r y t o h i s t s _ _ f i n d n e w _ e n t r y ( J i r i O l s a ) [ 1 3 5 9 1 0 0 ] b r > - [ p e r f ] t o o l s : U s e a t o m i c . h f o r t h e m a p _ g r o u p s r e f c o u n t ( J i r i O l s a ) [ 1 3 5 9 1 0 0 ] b r > - [ p e r f ] t e s t s : F i x m a p _ g r o u p s r e f c o u n t t e s t ( J i r i O l s a ) [ 1 3 5 9 1 0 0 ] b r > - [ p e r f ] m a c h i n e : N o n e e d t o k e e p a r e f c n t f o r l a s t _ m a t c h ( J i r i O l s a ) [ 1 3 5 9 1 0 0 ] b r > - [ p e r f ] t e s t s : S h o w r e f c o u n t i n g b r o k e n e x p e c t a t i o n s i n t h r e a d - m g - s h a r e t e s t ( J i r i O l s a ) [ 1 3 5 9 1 0 0 ] b r > - [ p e r f ] m a c h i n e : P r o t e c t t h e m a c h i n e - > t h r e a d s w i t h a r w l o c k ( J i r i O l s a ) [ 1 3 5 9 1 0 0 ] b r > - [ v i d e o ] e f i f b : p r e v e n t n u l l - d e r e f w h e n i t e r a t i n g d m i _ l i s t ( R o b C l a r k ) [ 1 3 6 0 9 8 2 ] b r > - [ v i d e o ] c o n f i g s : u p d a t e s f o r f b b a c k p o r t ( R o b C l a r k ) [ 1 3 6 0 9 8 2 ] b r > - [ v i d e o ] f b d e v : e f i f b : b i n d t o e f i - f r a m e b u f f e r ( R o b C l a r k ) [ 1 3 6 0 9 8 2 ] b r > - [ v i d e o ] f b d e v : v e s a f b : b i n d t o p l a t f o r m - f r a m e b u f f e r d e v i c e ( R o b C l a r k ) [ 1 3 6 0 9 8 2 ] b r > - [ v i d e o ] f b d e v : s i m p l e f b : a d d c o m m o n x 8 6 R G B f o r m a t s ( R o b C l a r k ) [ 1 3 6 0 9 8 2 ] b r > - [ v i d e o ] x 8 6 : s y s f b : m o v e E F I q u i r k s f r o m e f i f b t o s y s f b ( R o b C l a r k ) [ 1 3 6 0 9 8 2 ] b r > - [ v i d e o ] x 8 6 : p r o v i d e p l a t f o r m - d e v i c e s f o r b o o t - f r a m e b u f f e r s ( R o b C l a r k ) [ 1 3 6 0 9 8 2 ] b r > - [ v i d e o ] f b d e v : s i m p l e f b : m a r k a s f w a n d a l l o c a t e a p e r t u r e s ( R o b C l a r k ) [ 1 3 6 0 9 8 2 ] b r > - [ v i d e o ] f b d e v : s i m p l e f b : a d d i n i t t h r o u g h p l a t f o r m _ d a t a ( R o b C l a r k ) [ 1 3 6 0 9 8 2 ] b r > - [ v i d e o ] d r i v e r s / v i d e o : i m p l e m e n t a s i m p l e f r a m e b u f f e r d r i v e r ( R o b C l a r k ) [ 1 3 6 0 9 8 2 ] b r > - [ v i d e o ] v e s a f b : f i x m e m o r y l e a k ( R o b C l a r k ) [ 1 3 6 0 9 8 2 ] b r > - [ v i d e o ] u v e s a f b , v e s a f b : c r e a t e W C o r W B P A T - e n t r i e s ( R o b C l a r k ) [ 1 3 6 0 9 8 2 ] b r > - [ v i d e o ] v e s a f b : f i x c o m m e n t a t y p o ( R o b C l a r k ) [ 1 3 6 0 9 8 2 ] b r > - [ v i d e o ] v e s a f b : u s e p l a t f o r m _ d r i v e r _ p r o b e ( ) i n s t e a d o f p l a t f o r m _ d r i v e r _ r e g i s t e r ( ) ( R o b C l a r k ) [ 1 3 6 0 9 8 2 ] b r > - [ v i d e o ] e f i f b : F i x c a l l t o w r o n g u n r e g i s t e r f u n c t i o n ( R o b C l a r k ) [ 1 3 6 0 9 8 2 ] b r > - [ v i d e o ] e f i f b : D i s a l l o w m a n u a l b i n d a n d u n b i n d ( R o b C l a r k ) [ 1 3 6 0 9 8 2 ] b r > - [ v i d e o ] e f i f b : F i x m i s m a t c h e d r e q u e s t / r e l e a s e _ m e m _ r e g i o n ( R o b C l a r k ) [ 1 3 6 0 9 8 2 ] b r > - [ v i d e o ] e f i f b : f i x i n t t o p o i n t e r c a s t w a r n i n g ( R o b C l a r k ) [ 1 3 6 0 9 8 2 ] b r > - [ v i d e o ] e f i f b : A d d o v e r r i d e f o r 1 1 M a c b o o k A i r 3 , 1 ( R o b C l a r k ) [ 1 3 6 0 9 8 2 ] b r > - [ v i d e o ] e f i f b : S u p p o r t o v e r r i d i n g f i e l d s F W t e l l s u s w i t h t h e D M I d a t a ( R o b C l a r k ) [ 1 3 6 0 9 8 2 ] b r > - [ v i d e o ] e f i f b : s u p p o r t A M D R a d e o n H D 6 4 9 0 ( R o b C l a r k ) [ 1 3 6 0 9 8 2 ] b r > - [ v i d e o ] e f i f b : s u p p o r t t h e E F I f r a m e b u f f e r o n m o r e A p p l e h a r d w a r e ( R o b C l a r k ) [ 1 3 6 0 9 8 2 ] b r > - [ v i d e o ] e f i f b : c h e c k t h a t t h e b a s e a d d r e s s i s p l a u s i b l e o n p c i s y s t e m s ( R o b C l a r k ) [ 1 3 6 0 9 8 2 ] b r > - [ v i d e o ] d r i v e r s / v i d e o / e f i f b . c : s u p p o r t f r a m e b u f f e r f o r N V I D I A 9 4 0 0 M i n M a c B o o k P r o 5 , 1 ( R o b C l a r k ) [ 1 3 6 0 9 8 2 ] b r > b r > [ 2 . 6 . 3 2 - 6 6 9 ] b r > - [ n e t d r v ] s f c : f i x p o t e n t i a l s t a c k c o r r u p t i o n f r o m r u n n i n g p a s t s t a t b i t m a s k ( J a r o d W i l s o n ) [ 1 3 7 4 0 6 7 ] b r > - [ n e t d r v ] c x g b 4 : E n a b l e S R - I O V c o n f i g u r a t i o n v i a P C I s y s f s i n t e r f a c e ( S a i V e m u r i ) [ 1 2 2 2 7 5 1 ] b r > - [ n e t d r v ] b n x 2 x : d o n t w a i t f o r T x c o m p l e t i o n o n r e c o v e r y ( M i c h a l S c h m i d t ) [ 1 3 0 0 6 8 1 ] b r > - [ p m ] h i b e r n a t e : O n l y c r a s h i f n e c e s s a r y i n c r e a t e / f r e e _ b a s i c _ m e m o r y _ b i t m a p s ( ) ( J e r r y S n i t s e l a a r ) [ 1 3 7 4 3 7 8 ] b r > - [ n e t d r v ] i x g b e : a d d W o L s u p p o r t f o r s o m e 8 2 5 9 9 s u b d e v i c e I D s ( K e n C o x ) [ 1 3 1 6 8 4 5 ] b r > - [ k e r n e l ] c g r o u p : i m p r o v e o l d c g r o u p h a n d l i n g i n c g r o u p _ a t t a c h _ p r o c ( ) ( L a u r o R a m o s V e n a n c i o ) [ 1 3 7 2 0 8 5 ] b r > - [ w a t c h d o g ] h p w d t : a d d s u p p o r t f o r i L O 5 ( L i n d a K n i p p e r s ) [ 1 3 8 2 4 9 6 ] b r > - [ w a t c h d o g ] h p w d t : H P r e b r a n d i n g ( L i n d a K n i p p e r s ) [ 1 3 8 8 1 7 0 ] b r > - [ d o c u m e n t a t i o n ] F i x h p w d t d o c u m e n t a t i o n t o m a t c h R H E L 6 ( L i n d a K n i p p e r s ) [ 1 3 8 8 1 7 0 ] b r > - [ a c p i ] a c p i c a : F i x f o r a S t o r e - > A r g X w h e n A r g X c o n t a i n s a r e f e r e n c e t o a f i e l d ( L e n n y S z u b o w i c z ) [ 1 3 2 4 6 9 7 ] b r > - [ a c p i ] a c p i c a : S t a n d a r d i z e a l l s w i t c h ( ) b l o c k s ( L e n n y S z u b o w i c z ) [ 1 3 2 4 6 9 7 ] b r > - [ a c p i ] a c p i c a : I n t e r p r e t e r : F i x S t o r e ( ) w h e n i m p l i c i t c o n v e r s i o n i s n o t p o s s i b l e ( L e n n y S z u b o w i c z ) [ 1 3 2 4 6 9 7 ] b r > - [ f s ] b a c k i n g - d e v : f i x w a k e u p t i m e r r a c e s w i t h b d i _ u n r e g i s t e r ( ) ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] b a c k i n g - d e v : e n s u r e w a k e u p _ t i m e r i s d e l e t e d ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : F i x l o s t w a k e - u p s h u t t i n g d o w n w r i t e b a c k t h r e a d ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : d o n o t l o s e w a k e u p e v e n t s w h e n f o r k i n g b d i t h r e a d s ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : f i x b a d _ b h s p i n l o c k n e s t i n g ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : c l e a n u p b d i _ r e g i s t e r ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : r e m o v e u n n e c e s s a r y i n i t _ t i m e r c a l l ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : o p t i m i z e p e r i o d i c b d i t h r e a d w a k e u p s ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : p r e v e n t u n n e c e s s a r y b d i t h r e a d s w a k e u p s ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : m o v e b d i t h r e a d s e x i t i n g l o g i c t o t h e f o r k e r t h r e a d ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : r e s t r u c t u r e b d i f o r k e r l o o p a l i t t l e ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : m o v e l a s t _ a c t i v e t o b d i ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : d o n o t r e m o v e b d i f r o m b d i _ l i s t ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : s i m p l i f y b d i c o d e a l i t t l e ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : d o n o t l o s e w a k e - u p s i n b d i t h r e a d s ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : d o n o t l o s e w a k e - u p s i n t h e f o r k e r t h r e a d - 2 ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : d o n o t l o s e w a k e - u p s i n t h e f o r k e r t h r e a d - 1 ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : f i x p o s s i b l e r a c e w h e n c r e a t i n g b d i t h r e a d s ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : h a r m o n i z e w r i t e b a c k t h r e a d s n a m i n g ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : m e r g e b d i _ w r i t e b a c k _ t a s k a n d b d i _ s t a r t _ f n ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : b d i _ w r i t e b a c k _ t a s k ( ) m u s t s e t t a s k s t a t e b e f o r e c a l l i n g s c h e d u l e ( ) ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ f s ] w r i t e b a c k : r e m o v e w b _ l i s t ( J e f f M o y e r ) [ 1 1 1 1 6 8 3 ] b r > - [ s 3 9 0 ] z f c p : c l o s e w i n d o w w i t h u n b l o c k e d r p o r t d u r i n g r p o r t g o n e ( H e n d r i k B r u e c k n e r ) [ 1 3 8 3 9 8 0 ] b r > - [ s 3 9 0 ] z f c p : f i x E L S / G S r e q u e s t &r e s p o n s e l e n g t h f o r h a r d w a r e d a t a r o u t e r ( H e n d r i k B r u e c k n e r ) [ 1 3 8 3 9 8 1 ] b r > - [ s 3 9 0 ] z f c p : f i x f c _ h o s t p o r t _ t y p e w i t h N P I V ( H e n d r i k B r u e c k n e r ) [ 1 3 8 3 9 8 2 ] b r > - [ s 3 9 0 ] z c r y p t : t o l e r a t i o n o f n e w c r y p t o a d a p t e r h a r d w a r e w i t h t y p e 1 2 ( H e n d r i k B r u e c k n e r ) [ 1 3 4 4 0 4 1 ] b r > - [ s 3 9 0 ] t i m e : L P A R o f f s e t h a n d l i n g ( H e n d r i k B r u e c k n e r ) [ 1 3 8 1 5 6 4 ] b r > - [ s 3 9 0 ] t i m e : m o v e P T F F d e f i n i t i o n s ( H e n d r i k B r u e c k n e r ) [ 1 3 8 1 5 6 4 ] b r > - [ s c s i ] l i b f c : D o n t h a v e f c _ e x c h _ f i n d l o g e r r o r s o n a n e w e x c h a n g e ( C h r i s L e e c h ) [ 1 3 6 8 1 7 5 ] b r > - [ s c s i ] l i b f c : R e v e r t : u s e o f f l o a d E M i n s t a n c e a g a i n ( C h r i s L e e c h ) [ 1 3 8 3 0 7 8 ] b r > - [ s c s i ] l i b f c : d o n t a d v a n c e s t a t e m a c h i n e f o r i n c o m i n g F L O G I ( C h r i s L e e c h ) [ 1 3 6 8 1 7 5 ] b r > - [ s c s i ] l i b f c : D o n o t l o g i n i f t h e p o r t i s a l r e a d y s t a r t e d ( C h r i s L e e c h ) [ 1 3 6 8 1 7 5 ] b r > - [ s c s i ] l i b f c : D o n o t d r o p d o w n t o F L O G I f o r f c _ r p o r t _ l o g i n ( ) ( C h r i s L e e c h ) [ 1 3 6 8 1 7 5 ] b r > - [ s c s i ] l i b f c : D o n o t t a k e r d a t a - > r p _ m u t e x w h e n p r o c e s s i n g a ( C h r i s L e e c h ) [ 1 3 6 8 1 7 5 ] b r > - [ s c s i ] l i b f c : F i x u p d i s c _ m u t e x h a n d l i n g ( C h r i s L e e c h ) [ 1 3 6 8 1 7 5 ] b r > - [ s c s i ] l i b f c : R e v i s i t k r e f h a n d l i n g ( C h r i s L e e c h ) [ 1 3 6 8 1 7 5 ] b r > - [ s c s i ] f c o e : S t o p f c _ r p o r t _ p r i v s t r u c t u r e l e a k ( C h r i s L e e c h ) [ 1 3 6 8 1 7 5 ] b r > - [ s c s i ] l i b f c : d o n o t s e n d A B T S w h e n r e s e t t i n g e x c h a n g e s ( C h r i s L e e c h ) [ 1 3 6 8 1 7 5 ] b r > - [ s c s i ] l i b f c : r e s e t e x c h a n g e m a n a g e r d u r i n g L O G O h a n d l i n g ( C h r i s L e e c h ) [ 1 3 6 8 1 7 5 ] b r > - [ s c s i ] l i b f c : s e n d L O G O f o r P L O G I f a i l u r e ( C h r i s L e e c h ) [ 1 3 6 8 1 7 5 ] b r > - [ s c s i ] l i b f c : I s s u e P R L I a f t e r a P R L O h a s b e e n r e c e i v e d ( C h r i s L e e c h ) [ 1 3 6 8 1 7 5 ] b r > - [ s c s i ] l i b f c : f i x s e c o n d s _ s i n c e _ l a s t _ r e s e t c a l c u l a t i o n ( C h r i s L e e c h ) [ 1 3 6 8 1 7 5 ] b r > - [ s c s i ] l i b f c : U p d a t e r p o r t r e f e r e n c e c o u n t i n g ( C h r i s L e e c h ) [ 1 3 6 8 1 7 5 ] b r > - [ s c s i ] l i b f c : X e n S e r v e r f a i l s t o m o u n t r o o t f i l e s y s t e m ( C h r i s L e e c h ) [ 1 3 6 8 1 7 5 ] b r > b r > [ 2 . 6 . 3 2 - 6 6 8 ] b r > - [ n e t d r v ] m l x 5 e : F i x m i n i m u m M T U ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 5 e : D e v i c e s m t u f i e l d i s u 1 6 a n d n o t i n t ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 _ e n : F i x e n d i a n n e s s b u g i n I P V 6 c s u m c a l c u l a t i o n ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 _ c o r e : A l l o w r e s e t t i n g V F a d m i n m a c t o z e r o ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 5 e : C o r r e c t l y h a n d l e R S S i n d i r e c t i o n t a b l e w h e n c h a n g i n g n u m b e r o f c h a n n e l s ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 5 e : F i x e t h t o o l R X h a s h f u n c c o n f i g u r a t i o n c h a n g e ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 5 e : F i x L R O m o d i f y ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 5 e : R e m o v e w r o n g p o l l C Q o p t i m i z a t i o n ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 _ c o r e : D o n o t B U G _ O N d u r i n g r e s e t w h e n P C I i s o f f l i n e ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 _ e n : C o u n t H W b u f f e r o v e r r u n o n l y o n c e ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 5 : F i x R C t r a n s p o r t s e n d q u e u e o v e r h e a d c o m p u t a t i o n ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 : f i x s o m e e r r o r h a n d l i n g i n m l x 4 _ m u l t i _ f u n c _ i n i t ( ) ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 : R e m o v e u n u s e d m a c r o ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 : I n i t i a l i z e h o p _ l i m i t w h e n c r e a t i n g a d d r e s s h a n d l e ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 5 : E x p o s e c o r r e c t m a x i m u m n u m b e r o f C Q E c a p a c i t y ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 : R e p l a c e k f r e e w i t h k v f r e e i n m l x 4 _ i b _ d e s t r o y _ s r q ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 _ c o r e : f i x h a n d l i n g r e t u r n v a l u e o f m l x 4 _ s l a v e _ c o n v e r t _ p o r t ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 : U s e v m a l l o c f o r W R b u f f e r s w h e n n e e d e d ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 : U s e c o r r e c t o r d e r o f v a r i a b l e s i n l o g m e s s a g e ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 : E x p o s e c o r r e c t m a x _ s g e _ r d l i m i t ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 _ c o r e : A v o i d r e t u r n i n g s u c c e s s i n c a s e o f a n e r r o r f l o w ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 _ c o r e : R e p l a c e V F z e r o m a c w i t h r a n d o m m a c i n m l x 4 _ c o r e ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 _ c o r e : F i x r e s o u r c e t r a c k e r e r r o r f l o w i n a d d _ r e s _ r a n g e ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 : C o p y / s e t o n l y s i z e o f s t r u c t m l x 4 _ e q e b y t e s ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 _ e n : r e a l l y a l l o w t o c h a n g e R S S k e y ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 5 : F i x i n c o r r e c t w c p k e y _ i n d e x a s s i g n m e n t f o r G S I m e s s a g e s ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 : F i x i n c o r r e c t c q f l u s h i n g i n e r r o r s t a t e ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 : U s e c o r r e c t S L o n A H q u e r y u n d e r R o C E ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 : F o r b i d u s i n g s y s f s t o c h a n g e R o C E p k e y s ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 : D e m o t e m c g m e s s a g e f r o m w a r n i n g t o d e b u g ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 : F i x p o t e n t i a l d e a d l o c k w h e n s e n d i n g m a d t o w i r e ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 , m l x 5 , m t h c a : E x p o s e m a x _ s g e _ r d c o r r e c t l y ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 _ c o r e : A d d e x t r a c h e c k f o r t o t a l v f s f o r S R I O V ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 _ e n : R e m o v e B U G _ O N a s s e r t w h e n c h e c k i n g i f r i n g i s f u l l ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 _ c o r e : R e l i e v e c p u l o a d a v e r a g e o n t h e p o r t s e n d i n g f l o w ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 _ c o r e : F i x w r o n g i n d e x i n p r o p a g a t i n g p o r t c h a n g e e v e n t t o V F s ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 : F i x m e m o r y l e a k i n d o _ s l a v e _ i n i t ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 : D i s a b l e H A f o r S R I O V P F R o C E d e v i c e s ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 _ e n : R e l e a s e T X Q P w h e n d e s t r o y i n g T X r i n g ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 _ c o r e : D i s a b l e G r a n u l a r Q o S p e r V F u n d e r I B / E t h V P I c o n f i g u r a t i o n ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 _ c o r e : f i x t y p o i n m l x 4 _ s e t _ v f _ m a c ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 _ c o r e : n e e d t o c a l l c l o s e f w i f a l l o c i c m i s c a l l e d t w i c e ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] m l x 4 _ c o r e : d o u b l e f r e e o f d e v _ v f s ( S l a v a S h w a r t s m a n ) [ 1 3 3 3 6 5 7 1 3 8 4 2 1 2 1 3 8 4 5 3 1 1 3 8 5 3 1 4 1 3 8 5 3 1 7 1 3 8 5 3 1 8 1 3 8 5 3 1 9 ] b r > - [ n e t d r v ] b n x 2 x : d o n t r e s e t c h i p o n c l e a n u p i f P C I f u n c t i o n i s o f f l i n e ( M i c h a l S c h m i d t ) [ 1 3 8 6 1 9 9 ] b r > - [ n e t d r v ] b n x 2 x : a l l o w a d d i n g V L A N s w h i l e i n t e r f a c e i s d o w n ( M i c h a l S c h m i d t ) [ 1 3 8 6 1 9 9 ] b r > - [ n e t d r v ] b n x 2 x : a v o i d l e a k i n g m e m o r y o n b n x 2 x _ i n i t _ o n e ( ) f a i l u r e s ( M i c h a l S c h m i d t ) [ 1 3 8 6 1 9 9 ] b r > - [ n e t d r v ] b n x 2 x : P r e v e n t f a l s e w a r n i n g f o r l a c k o f F C N P I V ( M i c h a l S c h m i d t ) [ 1 3 8 6 1 9 9 ] b r > - [ n e t d r v ] b n x 2 x : f i x r e c e i v e o f V F - > P F m a i l b o x m e s s a g e s b y t h e P F o n b i g - e n d i a n ( M i c h a l S c h m i d t ) [ 1 3 8 6 1 9 9 ] b r > - [ n e t d r v ] b n x 2 x : f i x s e n d i n g V F - > P F m e s s a g e s o n b i g - e n d i a n ( M i c h a l S c h m i d t ) [ 1 3 8 6 1 9 9 ] b r > - [ n e t d r v ] b n x 2 x : F i x 8 4 8 3 3 p h y c o m m a n d h a n d l e r ( M i c h a l S c h m i d t ) [ 1 3 8 6 1 9 9 ] b r > - [ n e t d r v ] b n x 2 x : F i x l e d s e t t i n g f o r 8 4 8 5 8 p h y ( M i c h a l S c h m i d t ) [ 1 3 8 6 1 9 9 ] b r > - [ n e t d r v ] b n x 2 x : C o r r e c t 8 4 8 5 8 P H Y f w v e r s i o n ( M i c h a l S c h m i d t ) [ 1 3 8 6 1 9 9 ] b r > - [ n e t d r v ] b n x 2 x : F i x 8 4 8 3 3 R X C R C ( M i c h a l S c h m i d t ) [ 1 3 8 6 1 9 9 ] b r > - [ n e t d r v ] b n x 2 x : F i x l i n k - f o r c i n g f o r K R 2 ( M i c h a l S c h m i d t ) [ 1 3 8 6 1 9 9 ] b r > - [ n e t d r v ] b n x 2 x : W a r n a b o u t g r c t i m e o u t s i n r e g i s t e r d u m p ( M i c h a l S c h m i d t ) [ 1 3 8 6 1 9 9 ] b r > - [ n e t d r v ] b e 2 n e t : E n a b l e V F l i n k s t a t e s e t t i n g f o r B E 3 ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : F i x T X s t a t s f o r T S O p a c k e t s ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : N C S I F W s e c t i o n s h o u l d b e p r o p e r l y u p d a t e d w i t h e t h t o o l f o r B E 3 ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : P r o v i d e a n a l t e r n a t e w a y t o r e a d p f _ n u m f o r B E x c h i p s ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : F i x m a c a d d r e s s c o l l i s i o n i n s o m e c o n f i g u r a t i o n s ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : A v o i d r e d u n d a n t a d d i t i o n o f m a c a d d r e s s i n H W ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : A d d p r i v i l e g e l e v e l c h e c k f o r O P C O D E _ C O M M O N _ G E T _ E X T _ F A T _ C A P A B I L I T I E S S L I c m d ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : I s s u e C O M M O N _ R E S E T _ F U N C T I O N c m d d u r i n g d r i v e r u n l o a d ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : S u p p o r t U E r e c o v e r y i n B E x / S k y h a w k a d a p t e r s ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : r e p l a c e p o l l i n g w i t h s l e e p i n g i n t h e F W c o m p l e t i o n p a t h ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : d o n o t r e m o v e v i d s f r o m d r i v e r t a b l e i f b e _ v i d _ c o n f i g ( ) f a i l s ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : c l e a r v l a n - p r o m i s c s e t t i n g b e f o r e p r o g r a m m i n g t h e v l a n l i s t ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : p e r f o r m t e m p e r a t u r e q u e r y i n a d a p t e r r e g a r d l e s s o f i t s i n t e r f a c e s t a t e ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : F i x b r o a d c a s t e c h o e s f r o m E V B i n B E 3 ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : f i x d e f i n i t i o n o f b e _ m a x _ e q s ( ) ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : F i x p r o v i s i o n i n g o f R S S f o r V F s i n m u l t i - p a r t i t i o n c o n f i g u r a t i o n s ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : E n a b l e W a k e - O n - L A N f r o m s h u t d o w n f o r S k y h a w k ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : u s e m a x - T X Q s l i m i t t o o w h i l e p r o v i s i o n i n g V F q u e u e p a i r s ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e n e t : b e _ r e s u m e n e e d s t o p r o t e c t b e _ o p e n w i t h r t n l _ l o c k ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : D o n t l e a k i o m a p p e d m e m o r y o n r e m o v a l ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : F i x a U E c a u s e d b y p a s s i n g l a r g e f r a m e s t o t h e A S I C ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : F i x p c i e e r r o r r e c o v e r y i n c a s e o f N I C + R o C E a d a p t e r s ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : I n t e r p r e t a n d l o g n e w d a t a t h a t s a d d e d t o t h e p o r t m i s c o n f i g u r e a s y n c e v e n t ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : R e q u e s t R S S c a p a b i l i t y o f R x i n t e r f a c e d e p e n d i n g o n n u m b e r o f R x r i n g s ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : F i x i n t e r v a l c a l c u l a t i o n i n i n t e r r u p t m o d e r a t i o n ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : A d d r e t r y i n c a s e o f e r r o r r e c o v e r y f a i l u r e ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : F i x L a n c e r e r r o r r e c o v e r y ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : D o n t r u n e t h t o o l s e l f - t e s t s f o r V F s ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : S R I O V Q u e u e d i s t r i b u t i o n s h o u l d f a c t o r i n E Q - c o u n t o f V F s ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : F i x b e _ v l a n _ r e m _ v i d ( ) t o c h e c k v l a n i d b e i n g r e m o v e d ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : c h e c k f o r I N S U F F I C I E N T _ P R I V I L E G E S e r r o r ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : r e t u r n e r r o r s t a t u s f r o m b e _ s e t _ p h y s _ i d ( ) ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : f i x p o r t - r e s d e s c q u e r y o f G E T _ P R O F I L E _ C O N F I G F W c m d ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b e 2 n e t : f i x V F l i n k s t a t e t r a n s i t i o n f r o m d i s a b l e d t o a u t o ( I v a n V e c e r a ) [ 1 3 4 7 8 1 2 ] b r > - [ n e t d r v ] b n x 2 : f i x l o c k i n g w h e n n e t c o n s o l e i s u s e d ( I v a n V e c e r a ) [ 1 2 9 1 3 6 9 ] b r > - [ n e t d r v ] t g 3 : A v o i d N U L L p o i n t e r d e r e f e r e n c e i n t g 3 _ i o _ e r r o r _ d e t e c t e d ( ) ( I v a n V e c e r a ) [ 1 3 4 7 8 2 8 ] b r > - [ n e t d r v ] t g 3 : F i x f o r d i s a l l o w t x c o a l e s c i n g t i m e t o b e 0 ( I v a n V e c e r a ) [ 1 3 4 7 8 2 8 ] b r > - [ n e t d r v ] t g 3 : R e p o r t t h e c o r r e c t n u m b e r o f R S S q u e u e s t h r o u g h t g 3 _ g e t _ r x n f c ( I v a n V e c e r a ) [ 1 3 4 7 8 2 8 ] b r > - [ n e t d r v ] t g 3 : F i x f o r d i a s l l o w r x c o a l e s c i n g t i m e t o b e 0 ( I v a n V e c e r a ) [ 1 3 4 7 8 2 8 ] b r > - [ n e t d r v ] n e t : t g 3 : a v o i d u n i n i t i a l i z e d v a r i a b l e w a r n i n g ( I v a n V e c e r a ) [ 1 3 4 7 8 2 8 ] b r > - [ n e t ] i p v 6 : r e s t r i c t h o p _ l i m i t s y s c t l s e t t i n g t o r a n g e ( 1 ; 2 5 5 ) ( P a o l o A b e n i ) [ 1 3 1 4 3 0 5 ] b r > - [ n e t ] i p v 4 : a d d l i m i t s t o i p _ d e f a u l t _ t t l ( P a o l o A b e n i ) [ 1 3 1 4 3 0 5 ] b r > - [ n e t ] r o u t e : e n f o r c e h o p l i m i t m a x v a l u e ( P a o l o A b e n i ) [ 1 3 1 3 8 9 9 ] b r > f o r u s e r l a n d ( S a b r i n a D u b r o c a ) [ 1 3 1 7 6 9 7 ] b r > - [ n e t ] s c t p : u s e t h e s a m e c l o c k a s i f s o c k s o u r c e t i m e s t a m p s w e r e o n ( X i n L o n g ) [ 1 3 3 4 5 6 1 ] b r > - [ n e t ] s c t p : u p d a t e t h e n e t s t a m p _ n e e d e d c o u n t e r w h e n c o p y i n g s o c k e t s ( X i n L o n g ) [ 1 3 3 4 5 6 1 ] b r > - [ n e t ] s c t p : f i x t h e t r a n s p o r t s r o u n d r o b i n i s s u e w h e n i n i t i s r e t r a n s m i t t e d ( X i n L o n g ) [ 1 3 1 2 7 2 8 ] b r > - [ n e t ] p p p o e : f i x m e m o r y c o r r u p t i o n i n p a d t w o r k s t r u c t u r e ( B e n i a m i n o G a l v a n i ) [ 1 3 1 7 9 0 0 ] b r > - [ n e t ] p p p o e : d r o p p p p o e d e v i c e i n p p p o e _ u n b i n d _ s o c k _ w o r k ( B e n i a m i n o G a l v a n i ) [ 1 3 1 7 9 0 0 ] b r > - [ n e t ] p p p o e : U s e w o r k q u e u e t o d i e p r o p e r l y w h e n a P A D T i s r e c e i v e d ( B e n i a m i n o G a l v a n i ) [ 1 3 1 7 9 0 0 ] b r > - [ n e t ] i p v 6 : S k i p X F R M l o o k u p i f d s t _ e n t r y i n s o c k e t c a c h e i s v a l i d ( J a k u b S i t n i c k i ) [ 1 3 2 7 6 8 0 ] b r > - [ n e t ] i p v 6 : C o n s o l i d a t e r o u t e l o o k u p s e q u e n c e s ( J a k u b S i t n i c k i ) [ 1 3 2 7 6 8 0 ] b r > - [ n e t ] m a c v t a p : A d d s u p p o r t o f p a c k e t c a p t u r e o n m a c v t a p d e v i c e ( S a b r i n a D u b r o c a ) [ 1 3 7 3 1 0 0 ] b r > - [ s c s i ] f n i c : p c i _ d m a _ m a p p i n g _ e r r o r ( ) d o e s n t r e t u r n a n e r r o r c o d e ( M a u r i z i o L o m b a r d i ) [ 1 3 6 4 5 9 3 ] b r > - [ s c s i ] f n i c : U s i n g r p o r t - > d d _ d a t a t o c h e c k r p o r t o n l i n e i n s t e a d o f r p o r t _ l o o k u p ( M a u r i z i o L o m b a r d i ) [ 1 3 6 4 5 9 3 ] b r > - [ s c s i ] f n i c : C l e a n u p t h e I / O p e n d i n g w i t h f w a n d h a s t i m e d o u t a n d i s u s e d t o i s s u e L U N r e s e t ( M a u r i z i o L o m b a r d i ) [ 1 3 6 4 5 9 3 ] b r > - [ s c s i ] f n i c : m o v e p r i n t k ( ) s o u t s i d e o f t h e c r i t i c a l c o d e s e c t i o n ( M a u r i z i o L o m b a r d i ) [ 1 3 6 4 5 9 3 ] b r > - [ s c s i ] f n i c : c h e c k p c i _ m a p _ s i n g l e ( ) r e t u r n v a l u e ( M a u r i z i o L o m b a r d i ) [ 1 3 6 4 5 9 3 ] b r > - [ s c s i ] b e 2 i s c s i : D r i v e r v e r s i o n : 1 1 . 1 . 0 . 0 ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 5 ] b r > - [ s c s i ] b e 2 i s c s i : R e p l a c e _ b h w i t h _ i r q s a v e / i r q r e s t o r e ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 5 ] b r > - [ s c s i ] b e 2 i s c s i : R e m o v e r e d u n d a n t i s c s i _ w r b d e s c m e m s e t ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 5 ] b r > - [ s c s i ] b e 2 i s c s i : F i x b a d W R B i n d e x e r r o r ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 5 ] b r > - [ s c s i ] b e 2 i s c s i : F i x a s y n c P D U h a n d l i n g p a t h ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 5 ] b r > - [ s c s i ] b e 2 i s c s i : A d d l o c k t o p r o t e c t W R B a l l o c a n d f r e e ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 5 ] b r > - [ s c s i ] b e 2 i s c s i : _ b h f o r i o _ s g l _ l o c k a n d m g m t _ s g l _ l o c k ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 5 ] b r > - [ s c s i ] b e 2 i s c s i : R e d u c e d r i v e r l o a d / u n l o a d t i m e ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 5 ] b r > - [ s c s i ] b e 2 i s c s i : F i x E x p S t a t S n i n m a n a g e m e n t t a s k s ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 5 ] b r > - [ s c s i ] b e 2 i s c s i : U p d a t e t h e d r i v e r v e r s i o n ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 5 ] b r > - [ s c s i ] b e 2 i s c s i : F i x W R B l e a k i n l o g i n / l o g o u t p a t h ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 5 ] b r > - [ s c s i ] b e 2 i s c s i : F i x a s y n c l i n k e v e n t p r o c e s s i n g ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 5 ] b r > - [ s c s i ] b e 2 i s c s i : F i x t o p r o c e s s 2 5 G l i n k s p e e d i n f o f r o m F W ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 5 ] b r > - [ s c s i ] s c s i _ t r a n s p o r t _ i s c s i : A d d 2 5 G a n d 4 0 G s p e e d d e f i n i t i o n ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 5 ] b r > - [ s c s i ] b e 2 i s c s i : F i x I O P O L L i m p l e m e n t a t i o n ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 5 ] b r > - [ s c s i ] b e 2 i s c s i : F i x r e t u r n v a l u e f o r M C C c o m p l e t i o n ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 5 ] b r > - [ s c s i ] b e 2 i s c s i : A d d F W c o n f i g v a l i d a t i o n ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 5 ] b r > - [ s c s i ] b e 2 i s c s i : F i x t o h a n d l e m i s c o n f i g u r e d o p t i c s e v e n t s ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 5 ] b r > - [ s c s i ] b e 2 i s c s i : F i x V L A N s u p p o r t f o r I P v 6 n e t w o r k ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 5 ] b r > - [ s c s i ] b e 2 i s c s i : F i x t o r e m o v e s h u t d o w n e n t r y p o i n t ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 5 ] b r > - [ s c s i ] b e 2 i s c s i : A d d e d r e t u r n v a l u e c h e c k f o r m g m t _ g e t _ a l l _ i f _ i d ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 5 ] b r > - [ s c s i ] b e 2 i s c s i : S e t m b o x t i m e o u t t o 3 0 s ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 5 ] b r > - [ s c s i ] b e 2 i s c s i : F i x t o s y n c h r o n i z e t a g a l l o c a t i o n u s i n g s p i n _ l o c k ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 5 ] b r > - [ s c s i ] b e 2 i s c s i : F i x t o u s e a t o m i c b i t o p e r a t i o n s f o r t a g _ s t a t e ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 5 ] b r > - [ s c s i ] b e 2 i s c s i : F i x m b o x s y n c h r o n i z a t i o n r e p l a c i n g s p i n l o c k w i t h m u t e x ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 5 ] b r > - [ s c s i ] b e 2 i s c s i : F i x s o f t l o c k u p i n m g m t _ g e t _ a l l _ i f _ i d p a t h u s i n g b m b x ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 5 ] b r > - [ s c s i ] s c s i _ d e b u g : f i x l o g i c a l b l o c k p r o v i s i o n i n g s u p p o r t w h e n u n m a p _ a l i g n m e n t ! = 0 ( M a u r i z i o L o m b a r d i ) [ 1 3 8 8 0 9 6 ] b r > - [ s c s i ] s c s i _ d e b u g : f i x l o g i c a l b l o c k p r o v i s i o n i n g s u p p o r t ( M a u r i z i o L o m b a r d i ) [ 1 3 8 8 0 9 6 ] b r > - [ s c s i ] m p t 3 s a s : F i x r e s u m e o n W a r p D r i v e f l a s h c a r d s ( T o m a s H e n z l ) [ 1 3 2 9 3 5 3 ] b r > - [ s c s i ] m p t 3 s a s : a v o i d m p t 3 s a s _ t r a n s p o r t _ p o r t _ a d d N U L L p a r e n t _ d e v ( T o m a s H e n z l ) [ 1 3 2 9 3 5 3 ] b r > - [ s c s i ] m p t 3 s a s : s e t n u m _ p h y s a f t e r a l l o c a t i n g p h y s p a c e ( T o m a s H e n z l ) [ 1 3 2 9 3 5 3 ] b r > - [ s c s i ] m p t 3 s a s : a d d m i s s i n g c u r l y b r a c e s ( T o m a s H e n z l ) [ 1 3 2 9 3 5 3 ] b r > - [ s c s i ] m p t 3 s a s : U s e d ' s y n c h r o n i z e _ i r q ( ) ' A P I t o s y n c h r o n i z e t i m e d - o u t I O & T M s ( T o m a s H e n z l ) [ 1 3 2 9 3 5 3 ] b r > - [ s c s i ] m p t 3 s a s : S e t m a x i m u m t r a n s f e r l e n g t h p e r I O t o 4 M B f o r V D s ( T o m a s H e n z l ) [ 1 3 2 9 3 5 3 ] b r > - [ s c s i ] m p t 3 s a s : U p d a t i n g m p t 3 s a s d r i v e r v e r s i o n t o 1 3 . 1 0 0 . 0 0 . 0 0 ( T o m a s H e n z l ) [ 1 3 2 9 3 5 3 ] b r > - [ s c s i ] m p t 3 s a s : H a n d l e a c t i v e c a b l e e x c e p t i o n e v e n t ( T o m a s H e n z l ) [ 1 3 2 9 3 5 3 ] b r > - [ s c s i ] m p t 3 s a s : U p d a t e M P I h e a d e r t o 2 . 0 0 . 4 2 ( T o m a s H e n z l ) [ 1 3 2 9 3 5 3 ] b r > - [ s c s i ] m p t 3 s a s : r e m o v e u n u s e d f w _ e v e n t _ w o r k e l e m e n t s ( T o m a s H e n z l ) [ 1 3 2 9 3 5 3 ] b r > - [ s c s i ] m p t 3 s a s : R e m o v e u s a g e o f ' s t r u c t t i m e v a l ' ( T o m a s H e n z l ) [ 1 3 2 9 3 5 3 ] b r > - [ s c s i ] m p t 3 s a s : D o n t o v e r r e a c h i o c - > r e p l y _ p o s t d u r i n g i n i t i a l i z a t i o n ( T o m a s H e n z l ) [ 1 3 2 9 3 5 3 ] b r > - [ s c s i ] m p t 3 s a s : R e m o v e u n n e c e s s a r y s y n c h r o n i z e _ i r q ( ) b e f o r e f r e e _ i r q ( ) ( T o m a s H e n z l ) [ 1 3 2 9 3 5 3 ] b r > - [ s c s i ] m p t 3 s a s : F r e e m e m o r y p o o l s b e f o r e r e t r y i n g t o a l l o c a t e w i t h d i f f e r e n t v a l u e ( T o m a s H e n z l ) [ 1 3 2 9 3 5 3 ] b r > - [ s c s i ] m p t 3 s a s : R e m o v e c p u m a s k _ c l e a r f o r z a l l o c _ c p u m a s k _ v a r a n d d o n t f r e e f r e e _ c p u _ m a s k _ v a r b e f o r e r e p l y _ q ( T o m a s H e n z l ) [ 1 3 2 9 3 5 3 ] b r > - [ s c s i ] m p t 3 s a s : U p d a t i n g m p t 3 s a s d r i v e r v e r s i o n t o 1 2 . 1 0 0 . 0 0 . 0 0 ( T o m a s H e n z l ) [ 1 3 2 9 3 5 3 ] b r > - [ s c s i ] m p t 3 s a s : F i x f o r A s y n c h r o n o u s c o m p l e t i o n o f t i m e d o u t I O a n d t a s k a b o r t o f t i m e d o u t I O ( T o m a s H e n z l ) [ 1 3 2 9 3 5 3 ] b r > - [ s c s i ] m p t 3 s a s : U p d a t e d M P I H e a d e r t o 2 . 0 0 . 4 2 ( T o m a s H e n z l ) [ 1 3 2 9 3 5 3 ] b r > - [ s c s i ] m p t 3 s a s : A d d s u p p o r t f o r c o n f i g u r a b l e C h a i n F r a m e S i z e ( T o m a s H e n z l ) [ 1 3 2 9 3 5 3 ] b r > - [ s c s i ] m p t 3 s a s : A d d e d s m p _ a f f i n i t y _ e n a b l e m o d u l e p a r a m e t e r ( T o m a s H e n z l ) [ 1 3 2 9 3 5 3 ] b r > - [ s c s i ] m p t 3 s a s : M a k e u s e o f a d d i t i o n a l H i g h P r i o r i t y c r e d i t m e s s a g e f r a m e s f o r s e n d i n g S C S I I O s ( T o m a s H e n z l ) [ 1 3 2 9 3 5 3 ] b r > - [ s c s i ] m p t 3 s a s : N e v e r b l o c k t h e E n c l o s u r e d e v i c e ( T o m a s H e n z l ) [ 1 3 2 9 3 5 3 ] b r > - [ s c s i ] m p t 3 s a s : F i x s t a t i c a n a l y z e r ( c o v e r i t y ) t o o l i d e n t i f i e d d e f e c t s ( T o m a s H e n z l ) [ 1 3 2 9 3 5 3 ] b r > - [ s c s i ] m p t 3 s a s : U s e d I E E E S G L i n s t e a d o f M P I S G L w h i l e f r a m i n g a S M P P a s s t h r o u g h r e q u e s t m e s s a g e ( T o m a s H e n z l ) [ 1 3 2 9 3 5 3 ] b r > - [ s c s i ] m p t 3 s a s : A d d e d s u p p o r t f o r h i g h p o r t c o u n t H B A v a r i a n t s ( T o m a s H e n z l ) [ 1 3 2 9 3 5 3 ] b r > - [ s c s i ] b n x 2 f c : U p d a t e v e r s i o n n u m b e r t o 2 . 1 0 . 3 ( M a u r i z i o L o m b a r d i ) [ 1 3 8 0 3 8 5 ] b r > - [ s c s i ] b n x 2 f c : C h e c k s c _ c m d d e v i c e a n d h o s t p o i n t e r b e f o r e r e t u r n i n g t h e c o m m a n d t o t h e m i d - l a y e r ( M a u r i z i o L o m b a r d i ) [ 1 3 8 0 3 8 5 ] b r > - [ s c s i ] b n x 2 f c : P r i n t n e t d e v d e v i c e n a m e w h e n F C o E i s s u c c e s s f u l l y i n i t i a l i z e d ( M a u r i z i o L o m b a r d i ) [ 1 3 8 0 3 8 5 ] b r > - [ s c s i ] b n x 2 f c : P r i n t w h e n w e s e n d a f i p k e e p a l i v e ( M a u r i z i o L o m b a r d i ) [ 1 3 8 0 3 8 5 ] b r > - [ s c s i ] b n x 2 f c : b n x 2 f c _ e h _ a b o r t ( ) : f i x w r o n g r e t u r n c o d e ( M a u r i z i o L o m b a r d i ) [ 1 3 8 0 3 8 5 ] b r > - [ s c s i ] b n x 2 f c : S h o w i n f o r m a t i o n a b o u t l o g l e v e l s i n ' m o d i n f o ' ( M a u r i z i o L o m b a r d i ) [ 1 3 8 0 3 8 5 ] b r > - [ s c s i ] h p s a : u p d a t e d r i v e r r e v i s i o n t o 3 . 4 . 1 0 - 0 - R H 2 ( J o s e p h S z c z y p e k ) [ 1 3 7 7 8 9 2 ] b r > - [ s c s i ] h p s a : c o r r e c t s c s i 6 b y t e l b a c a l c u l a t i o n ( J o s e p h S z c z y p e k ) [ 1 3 7 7 8 9 2 ] b r > - [ s c s i ] l p f c : r e m o v e u n k n o w n E L S m e s s a g e w a r n i n g s f o r R D P ( M a u r i z i o L o m b a r d i ) [ 1 3 4 7 8 1 1 ] b r > - [ s c s i ] s m a r t p q i : a d d t o c o n f i g - g e n e r i c ( S c o t t B e n e s h ) [ 1 3 4 3 7 4 3 ] b r > - [ s c s i ] s m a r t p q i : r a i d b y p a s s l b a c a l c u l a t i o n f i x ( S c o t t B e n e s h ) [ 1 3 4 3 7 4 3 ] b r > - [ s c s i ] s m a r t p q i : b u m p d r i v e r v e r s i o n ( S c o t t B e n e s h ) [ 1 3 4 3 7 4 3 ] b r > - [ s c s i ] s m a r t p q i : a d d s m a r t p q i . t x t ( S c o t t B e n e s h ) [ 1 3 4 3 7 4 3 ] b r > - [ s c s i ] s m a r t p q i : u p d a t e K c o n f i g ( S c o t t B e n e s h ) [ 1 3 4 3 7 4 3 ] b r > - [ s c s i ] s m a r t p q i : r e m o v e t i m e o u t f o r c a c h e f l u s h o p e r a t i o n s ( S c o t t B e n e s h ) [ 1 3 4 3 7 4 3 ] b r > - [ s c s i ] s m a r t p q i : s c s i q u e u e c o m m a n d c l e a n u p ( S c o t t B e n e s h ) [ 1 3 4 3 7 4 3 ] b r > - [ s c s i ] s m a r t p q i : m i n o r t w e a k s t o u p d a t e t i m e s u p p o r t ( S c o t t B e n e s h ) [ 1 3 4 3 7 4 3 ] b r > - [ s c s i ] s m a r t p q i : m i n o r f u n c t i o n r e f o r m a t i n g ( S c o t t B e n e s h ) [ 1 3 4 3 7 4 3 ] b r > - [ s c s i ] s m a r t p q i : c o r r e c t e v e n t a c k n o w l e d g e m e n t t i m e o u t i s s u e ( S c o t t B e n e s h ) [ 1 3 4 3 7 4 3 ] b r > - [ s c s i ] s m a r t p q i : c o r r e c t c o n t r o l l e r o f f l i n e i s s u e ( S c o t t B e n e s h ) [ 1 3 4 3 7 4 3 ] b r > - [ s c s i ] s m a r t p q i : a d d k d u m p s u p p o r t ( S c o t t B e n e s h ) [ 1 3 4 3 7 4 3 ] b r > - [ s c s i ] s m a r t p q i : e n h a n c e r e s e t l o g i c ( S c o t t B e n e s h ) [ 1 3 4 3 7 4 3 ] b r > - [ s c s i ] s m a r t p q i : e n h a n c e d r i v e o f f l i n e i n f o r m a t i o n a l m e s s a g e ( S c o t t B e n e s h ) [ 1 3 4 3 7 4 3 ] b r > - [ s c s i ] s m a r t p q i : s i m p l i f y s p a n n i n g ( S c o t t B e n e s h ) [ 1 3 4 3 7 4 3 ] b r > - [ s c s i ] s m a r t p q i : c h a n g e t m f m a c r o n a m e s ( S c o t t B e n e s h ) [ 1 3 4 3 7 4 3 ] b r > - [ s c s i ] s m a r t p q i : c h a n g e a i o s g p r o c e s s i n g ( S c o t t B e n e s h ) [ 1 3 4 3 7 4 3 ] b r > - [ s c s i ] a a c r a i d : r e m o v e w i l d c a r d f o r s e r i e s 9 c o n t r o l l e r s ( S c o t t B e n e s h ) [ 1 3 4 3 7 4 3 ] b r > - [ s c s i ] s m a r t p q i : i n i t i a l c o m m i t o f M i c r o s e m i s m a r t p q i d r i v e r ( S c o t t B e n e s h ) [ 1 3 4 3 7 4 3 ] b r > b r > [ 2 . 6 . 3 2 - 6 6 7 ] b r > - [ h v ] g e t r i d o f i d i n s t r u c t v m b u s _ c h a n n e l ( V i t a l y K u z n e t s o v ) [ 1 3 2 2 8 0 2 ] b r > - [ h v ] m a k e V M B u s b u s i d s p e r s i s t e n t ( V i t a l y K u z n e t s o v ) [ 1 3 2 2 8 0 2 ] b r > - [ h v ] s t o r v s c : F i x p o t e n t i a l m e m o r y l e a k ( C a t h y A v e r y ) [ 1 3 2 2 9 2 8 1 3 5 2 8 2 4 ] b r > - [ h v ] s t o r v s c : F i l t e r o u t s t o r v s c m e s s a g e s C D - R O M m e d i u m n o t p r e s e n t ( C a t h y A v e r y ) [ 1 3 2 2 9 2 8 1 3 5 2 8 2 4 ] b r > - [ h v ] s t o r v s c : f i x S R B _ S T A T U S _ A B O R T E D h a n d l i n g ( C a t h y A v e r y ) [ 1 3 2 2 9 2 8 1 3 5 2 8 2 4 ] b r > - [ h v ] s t o r v s c : a d d l o g g i n g f o r e r r o r / w a r n i n g m e s s a g e s ( C a t h y A v e r y ) [ 1 3 2 2 9 2 8 1 3 5 2 8 2 4 ] b r > - [ h v ] s t o r v s c : F i x a b u g i n t h e h a n d l i n g o f S R B s t a t u s f l a g s ( C a t h y A v e r y ) [ 1 3 2 2 9 2 8 1 3 5 2 8 2 4 ] b r > - [ h v ] s t o r v s c : D o n t s e t t h e S R B _ F L A G S _ Q U E U E _ A C T I O N _ E N A B L E f l a g ( C a t h y A v e r y ) [ 1 3 2 2 9 2 8 1 3 5 2 8 2 4 ] b r > - [ h v ] s t o r v s c : S e t t h e t a b l e s i z e b a s e d o n t h e i n f o r m a t i o n g i v e n b y t h e h o s t ( C a t h y A v e r y ) [ 1 3 2 2 9 2 8 1 3 5 2 8 2 4 ] b r > - [ h v ] s t o r v s c : D o n t a s s u m e t h a t t h e s c a t t e r l i s t i s n o t c h a i n e d ( C a t h y A v e r y ) [ 1 3 2 2 9 2 8 1 3 5 2 8 2 4 ] b r > - [ h v ] s t o r v s c : R e t r i e v e i n f o r m a t i o n a b o u t t h e c a p a b i l i t y o f t h e t a r g e t ( C a t h y A v e r y ) [ 1 3 2 2 9 2 8 1 3 5 2 8 2 4 ] b r > - [ h v ] s t o r v s c : A l w a y s s e n d o n t h e s e l e c t e d o u t g o i n g c h a n n e l ( C a t h y A v e r y ) [ 1 3 2 2 9 2 8 1 3 5 2 8 2 4 ] b r > - [ h v ] v m b u s : S u p p o r t a v m b u s A P I f o r e f f i c i e n t l y s e n d i n g p a g e a r r a y s ( C a t h y A v e r y ) [ 1 3 2 2 9 2 8 1 3 5 2 8 2 4 ] b r > - [ h v ] b a l l o o n : r e p l a c e h a _ r e g i o n _ m u t e x w i t h s p i n l o c k ( V i t a l y K u z n e t s o v ) [ 1 3 2 6 9 9 9 1 3 8 1 6 1 7 ] b r > - [ h v ] b a l l o o n : a c c o u n t f o r g a p s i n h o t a d d r e g i o n s ( V i t a l y K u z n e t s o v ) [ 1 3 2 6 9 9 9 1 3 8 1 6 1 7 ] b r > - [ h v ] b a l l o o n : k e e p t r a c k o f w h e r e h a _ r e g i o n s t a r t s ( V i t a l y K u z n e t s o v ) [ 1 3 2 6 9 9 9 1 3 8 1 6 1 7 ] b r > - [ h v ] b a l l o o n : r e s e t h o s t _ s p e c i f i e d _ h a _ r e g i o n ( V i t a l y K u z n e t s o v ) [ 1 3 2 6 9 9 9 1 3 8 1 6 1 7 ] b r > - [ h v ] b a l l o o n : d o n t c r a s h w h e n m e m o r y i s a d d e d i n n o n - s o r t e d o r d e r ( V i t a l y K u z n e t s o v ) [ 1 3 2 6 9 9 9 1 3 8 1 6 1 7 ] b r > - [ h v ] b a l l o o n : c h e c k i f h a _ r e g i o n _ m u t e x w a s a c q u i r e d i n M E M _ C A N C E L _ O N L I N E c a s e ( V i t a l y K u z n e t s o v ) [ 1 3 2 6 9 9 9 1 3 8 1 6 1 7 ] b r > - [ h v ] d o n t l e a k m e m o r y i n v m b u s _ e s t a b l i s h _ g p a d l ( ) ( V i t a l y K u z n e t s o v ) [ 1 3 7 6 8 6 0 ] b r > - [ h v ] g e t r i d o f r e d u n d a n t m e s s a g e c o u n t i n c r e a t e _ g p a d l _ h e a d e r ( ) ( V i t a l y K u z n e t s o v ) [ 1 3 7 6 8 6 0 ] b r > - [ h v ] v m b u s : d o n t m a n i p u l a t e w i t h c l o c k s o u r c e s o n c r a s h ( C a t h y A v e r y ) [ 1 3 6 5 0 4 9 ] b r > - [ h v ] c o r r e c t t s c p a g e s e q u e n c e i n v a l i d v a l u e ( C a t h y A v e r y ) [ 1 3 6 5 0 4 9 ] b r > - [ h v ] v m b u s : f i x b u i l d w a r n i n g ( C a t h y A v e r y ) [ 1 3 6 5 0 4 9 ] b r > - [ h v ] v m b u s : I m p l e m e n t a c l o c k s o u r c e b a s e d o n t h e T S C p a g e ( C a t h y A v e r y ) [ 1 3 6 5 0 4 9 ] b r > - [ h v ] k v p : c a n c e l k v p _ h o s t _ h a n d s h a k e _ w o r k o n m o d u l e u n l o a d ( V i t a l y K u z n e t s o v ) [ 1 3 2 1 2 5 9 ] b r > - [ x 8 6 ] m m / x e n : S u p p r e s s h u g e t l b f s i n P V g u e s t s ( V i t a l y K u z n e t s o v ) [ 1 3 1 2 3 3 1 ] b r > - [ m m ] h u g e t l b : a l l o w h u g e p a g e s _ s u p p o r t e d t o b e a r c h i t e c t u r e s p e c i f i c ( V i t a l y K u z n e t s o v ) [ 1 3 1 2 3 3 1 ] b r > b r > [ 2 . 6 . 3 2 - 6 6 6 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : B u m p d r i v e r v e r s i o n f r o m 1 . 5 . 5 t o 1 . 5 . 1 0 ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e v f : R S S H a s h O p t i o n p a r a m e t e r s ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : R e m o v e H M C A Q A P I i m p l e m e n t a t i o n ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e v f : A d d d r i v e r s u p p o r t f o r p r o m i s c u o u s m o d e ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : O n l y o f f l o a d V L A N t a g i f e n a b l e d ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : A d d D e v i c e I D f o r X 7 2 2 Q S F P + ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : A d d d e v i c e c a p a b i l i t y w h i c h d e f i n e s i f u p d a t e i s a v a i l a b l e ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e v f : A l l o w P F d r i v e r t o c o n f i g u r e R S S ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : S p e c i f y A Q e v e n t o p c o d e t o w a i t f o r ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e v f : D o n t P a n i c ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : L i m i t T S O t o 7 d e s c r i p t o r s f o r p a y l o a d i n s t e a d o f 8 p e r p a c k e t ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e v f : p r o p e r l y h a n d l e V L A N f e a t u r e s ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : B u m p p a t c h f r o m 1 . 5 . 2 t o 1 . 5 . 5 ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : I n p u t s e t m a s k c o n s t a n t s f o r R S S , f l o w d i r e c t o r , a n d f l e x b y t e s ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : A d d R S S c o n f i g u r a t i o n t o v i r t u a l c h a n n e l ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : M o v e N V M v a r i a b l e o u t o f A Q s t r u c t ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : F a s t e r R X v i a a v o i d i n g F C o E ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : D r o p u n u s e d t x _ r i n g a r g u m e n t ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : B u m p p a t c h f r o m 1 . 5 . 1 t o 1 . 5 . 2 ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e v f : F i x g e t _ r s s _ a q ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e v f : A d d l o n g e r w a i t a f t e r r e m o v e m o d u l e ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : A d d n e w d e v i c e I D f o r X 7 2 2 ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e v f : F i x V L A N f e a t u r e s ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : B u m p p a t c h f r o m 1 . 4 . 2 5 t o 1 . 5 . 1 ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e v f : A d d a d d i t i o n a l c h e c k f o r r e s e t ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : F i x h a n d l i n g o f b o o l e a n l o g i c i n p o l l i n g r o u t i n e s ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e v f : r e m o v e d e a d c o d e ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : A l l o w u p t o 1 2 K b y t e s o f d a t a p e r T x d e s c r i p t o r i n s t e a d o f 8 K ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : B u m p i 4 0 e t o 1 . 4 . 2 5 a n d i 4 0 e v f t o 1 . 4 . 1 5 ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : i m p l e m e n t a n d u s e R x C T L h e l p e r f u n c t i o n s ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : a d d a d m i n q c o m m a n d s f o r R x C T L r e g i s t e r s ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : A d d f u n c t i o n s t o b l i n k l e d o n 1 0 G B a s e T P H Y ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : R e w r i t e l o g i c f o r 8 d e s c r i p t o r p e r p a c k e t c h e c k ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : B r e a k u p x m i t _ d e s c r i p t o r _ c o u n t f r o m m a y b e _ s t o p _ t x ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : U s e u 6 4 v a l u e s i n s t e a d o f c a s t i n g t h e m i n T S O f u n c t i o n ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : D r o p o u t e r c h e c k s u m o f f l o a d t h a t w a s n o t r e q u e s t e d ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : B u m p i 4 0 e t o 1 . 4 . 1 5 a n d i 4 0 e v f t o 1 . 4 . 1 1 ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : W h e n i n p r o m i s c m o d e a p p l y p r o m i s c m o d e t o T x T r a f f i c a s w e l l ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : c l e a n e v e n t d e s c r i p t o r b e f o r e u s e ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e v f : s e t a d a p t e r s t a t e o n r e s e t f a i l u r e ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : a v o i d a t o m i c s ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : A d d a S W w o r k a r o u n d f o r l o s t i n t e r r u p t s ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e v f : s u p p o r t p a c k e t s p l i t r e c e i v e ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : B u m p v e r s i o n ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : p r o p e r l y s h o w p a c k e t s p l i t s t a t u s i n d e b u g f s ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : u s e l o g i c a l o p e r a t o r s , n o t b i t w i s e ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : u s e _ _ G F P _ N O W A R N ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : t r y a g a i n a f t e r f a i l u r e ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : d o n t l o s e i n t e r r u p t s ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e v f : C h a n g e v f d r i v e r s t r i n g t o r e f l e c t a l l p r o d u c t s i 4 0 e v f s u p p o r t s ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : R e f a c t o r f o r c e _ w b a n d W B _ O N _ I T R f u n c t i o n a l i t y c o d e ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : b u m p v e r s i o n t o 1 . 4 . 1 2 / 1 . 4 . 8 ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : d o T S O o n l y i f C H E C K S U M _ P A R T I A L i s s e t ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : B u m p i 4 0 e t o 1 . 4 . 1 1 a n d i 4 0 e v f t o 1 . 4 . 7 ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e v f : e n a b l e b u s m a s t e r a f t e r r e s e t ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : f i x w r i t e - b a c k - o n - i t r t o w o r k w i t h l e g a c y i t r ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : B u m p A Q m i n o r v e r s i o n t o 1 . 5 f o r n e w F W f e a t u r e s ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : A Q t h e r m a l s e n s o r c o n t r o l s t r u c t ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : A Q A d d V X L A N - G P E t u n n e l t y p e ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : A Q A d d s e t _ s w i t c h _ c o n f i g ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : A Q S h a r e d r e s o u r c e f l a g s ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : A Q A d d e x t e r n a l p o w e r c l a s s t o g e t l i n k s t a t u s ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : A Q G e n e v e c l o u d t u n n e l t y p e ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : A Q A d d R u n P H Y A c t i v i t y s t r u c t ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : a d d n e w p r o x y - w o l b i t f o r X 7 2 2 ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : U s e p r i v a t e w o r k q u e u e ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e v f : a d d n e w w r i t e - b a c k m o d e ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : F i x f o r U D P / T C P R S S f o r X 7 2 2 ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e v f : n u l l o u t r i n g p o i n t e r s o n f r e e ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : d e f i n e f u n c t i o n c a p a b i l i t i e s i n o n l y o n e p l a c e ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e v f : a l l o w c h a n n e l b o n d i n g o f V F s ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : F i x R S S r x - f l o w - h a s h c o n f i g u r a t i o n t h r o u g h e t h t o o l ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] t r e e w i d e : F i x t y p o s i n p r i n t k ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : r e m o v e f o r e v e r u n u s e d I D ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : F i x R x h a s h r e p o r t e d t o t h e s t a c k b y o u r d r i v e r ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : B u m p i 4 0 e t o 1 . 4 . 8 a n d i 4 0 e v f t o 1 . 4 . 4 ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e v f : c h a n g e v e r s i o n s t r i n g g e n e r a t i o n ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : A d d a n e w o f f l o a d f o r R S S P C T Y P E V 2 f o r X 7 2 2 ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : O p c o d e a n d s t r u c t u r e s r e q u i r e d b y O E M P o s t U p d a t e A Q c o m m a n d a n d a d d n e w N V M a r q m e s s a g e ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e v f : c h e c k r i n g s b e f o r e f r e e i n g r e s o u r c e s ( S t e f a n A s s m a n n ) [ 1 3 6 0 1 7 9 ] b r > - [ n e t d r v ] i 4 0 e : F i x e r r o r s r e s u l t e d w h i l e t u r n i n g o f f T S O ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : u s e c o n f i g u r e d R S S k e y a n d l o o k u p t a b l e i n i 4 0 e _ v s i _ c o n f i g _ r s s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : f i x b r o k e n i 4 0 e _ c o n f i g _ r s s _ a q f u n c t i o n ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : m o v e i 4 0 e _ v s i _ c o n f i g _ r s s b e l o w i 4 0 e _ g e t _ r s s _ a q ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : R e m o v e r e d u n d a n t m e m s e t ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : c h e c k f o r a n d d e a l w i t h n o n - c o n t i g u o u s T C s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : B u m p d r i v e r v e r s i o n f r o m 1 . 5 . 5 t o 1 . 5 . 1 0 ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : U p d a t e d e v i c e i d s f o r X 7 2 2 ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : D r o p e x t r a c o p y o f f u n c t i o n ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : U s e c o n s i s t e n t t y p e f o r v f _ i d ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : P T P - a v o i d a g g r e g a t e r e t u r n w a r n i n g s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : F i x u n i n i t i a l i z e d v a r i a b l e ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : R e m o v e H M C A Q A P I i m p l e m e n t a t i o n ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e v f : A d d d r i v e r s u p p o r t f o r p r o m i s c u o u s m o d e ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : A d d V F p r o m i s c u o u s m o d e d r i v e r s u p p o r t ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : A d d p r o m i s c u o u s o n V L A N s u p p o r t ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : O n l y o f f l o a d V L A N t a g i f e n a b l e d ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : R e m o v e z e r o c h e c k ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : A d d D e v i c e I D f o r X 7 2 2 Q S F P + ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : A d d d e v i c e c a p a b i l i t y w h i c h d e f i n e s i f u p d a t e i s a v a i l a b l e ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : S p e c i f y A Q e v e n t o p c o d e t o w a i t f o r ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : C o d e c l e a n u p i n i 4 0 e _ a d d _ f d i r _ e t h t o o l ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : L i m i t T S O t o 7 d e s c r i p t o r s f o r p a y l o a d i n s t e a d o f 8 p e r p a c k e t ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : f i x e r r a n t P C I e b a n d w i d t h m e s s a g e ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : B u m p p a t c h f r o m 1 . 5 . 2 t o 1 . 5 . 5 ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : I n p u t s e t m a s k c o n s t a n t s f o r R S S , f l o w d i r e c t o r , a n d f l e x b y t e s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : M o v e N V M e v e n t w a i t c h e c k t o N V M c o d e ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : A d d R S S c o n f i g u r a t i o n t o v i r t u a l c h a n n e l ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : M o v e N V M v a r i a b l e o u t o f A Q s t r u c t ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : R e s t r i c t V F p o l l m o d e t o o n l y s i n g l e f u n c t i o n m o d e d e v i c e s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : F a s t e r R X v i a a v o i d i n g F C o E ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : D r o p u n u s e d t x _ r i n g a r g u m e n t ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : M o v e H W f l u s h ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : L e a v e d e b u g _ m a s k c l e a r e d a t i n i t ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : I n s e r t i n g a H W c a p a b i l i t y d i s p l a y i n f o ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : B u m p p a t c h f r o m 1 . 5 . 1 t o 1 . 5 . 2 ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : R e q u e s t P H Y m e d i a e v e n t a t r e s e t t i m e ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : L o w e r s o m e m e s s a g e l e v e l s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : F i x f o r s u p p o r t e d l i n k m o d e s i n 1 0 G B a s e T P H Y s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : D i s a b l e l i n k p o l l i n g ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : M a k e V F r e s e t s m o r e r e l i a b l e ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : A d d n e w d e v i c e I D f o r X 7 2 2 ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : R e m o v e u n u s e d v a r i a b l e ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : r e m o v e r e d u n d a n t c h e c k o n v s i - > a c t i v e _ v l a n s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : B u m p p a t c h f r o m 1 . 4 . 2 5 t o 1 . 5 . 1 ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : C h a n g e c o m m e n t t o r e f l e c t c o r r e c t f u n c t i o n n a m e ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : C h a n g e u n k n o w n e v e n t e r r o r m s g t o i g n o r e m e s s a g e ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : A d d e d c o d e t o p r e v e n t d o u b l e r e s e t s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : N o t i f y V F s o f a l l r e s e t s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : R e m o v e t i m e r a n d t a s k o n l y i f c r e a t e d ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : A s s u r e t h a t a d m i n q i s a l i v e i n d e b u g m o d e ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : R e m o v e M S I x o n l y i f c r e a t e d ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : F i x u p r e t u r n c o d e ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : S a v e o f f V S I r e s o u r c e c o u n t w h e n u p d a t i n g V S I ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : R e m o v e I 4 0 E _ M A X _ U S E R _ P R I O R I T Y d e f i n e ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : F i x h a n d l i n g o f b o o l e a n l o g i c i n p o l l i n g r o u t i n e s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : A l l o w u p t o 1 2 K b y t e s o f d a t a p e r T x d e s c r i p t o r i n s t e a d o f 8 K ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : c a l l n d o _ s t o p ( ) i n s t e a d o f d e v _ c l o s e ( ) w h e n r u n n i n g o f f l i n e s e l f t e s t ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : q u e u e - s p e c i f i c s e t t i n g s f o r i n t e r r u p t m o d e r a t i o n ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : B u m p i 4 0 e t o 1 . 4 . 2 5 a n d i 4 0 e v f t o 1 . 4 . 1 5 ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : l e t g o o f t h e p a s t ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : s u s p e n d s c h e d u l i n g d u r i n g d r i v e r u n l o a d ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : U s e t h e n e w r x c t l r e g i s t e r h e l p e r s . D o n t u s e A Q c a l l s f r o m c l e a r _ h w ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : i m p l e m e n t a n d u s e R x C T L h e l p e r f u n c t i o n s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : a d d a d m i n q c o m m a n d s f o r R x C T L r e g i s t e r s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : a d d c h e c k f o r n u l l V S I ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : E x p o s e s o m e r e g i s t e r s t o p r o g r a m p a r s e r , F D a n d R S S l o g i c ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : F i x f o r u n e x p e c t e d m e s s a g i n g ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : D o n o t w a i t f o r R x q u e u e d i s a b l e i n D C B r e c o n f i g ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : I n c r e a s e t i m e o u t w h e n c h e c k i n g G L G E N _ R S T A T _ D E V S T A T E b i t ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : F i x l e d b l i n k c a p a b i l i t y f o r 1 0 G B a s e T P H Y ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : A d d f u n c t i o n s t o b l i n k l e d o n 1 0 G B a s e T P H Y ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : R e w r i t e l o g i c f o r 8 d e s c r i p t o r p e r p a c k e t c h e c k ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : B r e a k u p x m i t _ d e s c r i p t o r _ c o u n t f r o m m a y b e _ s t o p _ t x ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : C l e a n - u p R x p a c k e t c h e c k s u m h a n d l i n g ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : S e t s k b - > c s u m _ l e v e l f o r e n c a p s u l a t e d c h e c k s u m ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : A d d e x c e p t i o n h a n d l i n g f o r T x c h e c k s u m ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : U s e u 6 4 v a l u e s i n s t e a d o f c a s t i n g t h e m i n T S O f u n c t i o n ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : D r o p o u t e r c h e c k s u m o f f l o a d t h a t w a s n o t r e q u e s t e d ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : B u m p i 4 0 e t o 1 . 4 . 1 5 a n d i 4 0 e v f t o 1 . 4 . 1 1 ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : W h e n i n p r o m i s c m o d e a p p l y p r o m i s c m o d e t o T x T r a f f i c a s w e l l ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : c l e a n e v e n t d e s c r i p t o r b e f o r e u s e ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : b e t t e r e r r o r r e p o r t i n g f o r n v m u p d a t e ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : e x p a n d c o m m e n t ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : D o n o t d i s a b l e q u e u e s i n t h e L e g a c y / M S I I n t e r r u p t h a n d l e r ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : a v o i d a t o m i c s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : R e m o v a l o f c o d e w h i c h r e l i e s o n B A S E V E B S E I D ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : F i x P R O M I S C m o d e f o r M u l t i - f u n c t i o n p e r p o r t ( M F P ) d e v i c e s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : A d d a S W w o r k a r o u n d f o r l o s t i n t e r r u p t s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : t r i v i a l : c l e a n u p u s e o f p f - > h w ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : d r o p u n u s e d d e b u g f s f i l e ' d u m p ' ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : g e t r i d o f m a g i c n u m b e r ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : B u m p v e r s i o n ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : p r o p e r l y s h o w p a c k e t s p l i t s t a t u s i n d e b u g f s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : u s e l o g i c a l o p e r a t o r s , n o t b i t w i s e ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : u s e _ _ G F P _ N O W A R N ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : d u m p d e s c r i p t o r i n d e x e s i n h e x ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : t r y a g a i n a f t e r f a i l u r e ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : d o n t l o s e i n t e r r u p t s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : R e f a c t o r f o r c e _ w b a n d W B _ O N _ I T R f u n c t i o n a l i t y c o d e ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : u s e n e w a d d _ v e b c a l l i n g w i t h V E B s t a t s c o n t r o l ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : a d d V E B s t a t c o n t r o l a n d r e m o v e L 2 c l o u d f i l t e r ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : s e t s h a r e d b i t f o r m u l t i c a s t f i l t e r s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : M a k e t h e D C B f i r m w a r e c h e c k s f o r X 7 1 0 / X L 7 1 0 o n l y ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : m o v e s y n c _ v s i _ f i l t e r s u p i n s e r v i c e _ t a s k ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : a d d p r i v f l a g f o r a u t o m a t i c r u l e e v i c t i o n ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : b u m p v e r s i o n t o 1 . 4 . 1 2 / 1 . 4 . 8 ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : a v o i d l a r g e m e m c p y b y a s s i g n i n g s t r u c t ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : c o u n t a l l o c a t i o n e r r o r s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : d r o p u n u s e d f u n c t i o n ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : n e g a t e P H Y i n t m a s k b i t s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : A P I s t o A d d / r e m o v e p o r t m i r r o r i n g r u l e s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : f i x : d o n o t s l e e p i n n e t d e v _ o p s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : a l l o c a t e m e m o r y s a f e r ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : d o T S O o n l y i f C H E C K S U M _ P A R T I A L i s s e t ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : t r i v i a l : f i x m i s s i n g s p a c e ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : t r i v i a l : d r o p d u p l i c a t e d e f i n i t i o n ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : B u m p i 4 0 e t o 1 . 4 . 1 1 a n d i 4 0 e v f t o 1 . 4 . 7 ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : t r i v i a l : r e m o v e u n n e c e s s a r y l o c a l v a r ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : r e m o v e V F d e v i c e I D s f r o m P F ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : a d d n e t d e v i n f o t o V S I d u m p ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : a d d a l i t t l e m o r e t o a n N V M u p d a t e d e b u g m e s s a g e ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : r e f a c t o r D C B f u n c t i o n ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : a d d 2 0 G s p e e d f o r T x b a n d w i d t h c a l c u l a t i o n s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : a d d c o u n t e r f o r a r q o v e r f l o w s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : f i x w r i t e - b a c k - o n - i t r t o w o r k w i t h l e g a c y i t r ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : S t o r e l a n _ v s i _ i d x a n d l a n _ v s i _ i d i n t h e r i g h t s i z e ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : B u m p A Q m i n o r v e r s i o n t o 1 . 5 f o r n e w F W f e a t u r e s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : A Q t h e r m a l s e n s o r c o n t r o l s t r u c t ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : A Q A d d V X L A N - G P E t u n n e l t y p e ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : A Q A d d s e t _ s w i t c h _ c o n f i g ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : A Q S h a r e d r e s o u r c e f l a g s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : a d d 1 0 0 M b e t h t o o l r e p o r t i n g ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : A Q A d d R u n P H Y A c t i v i t y s t r u c t ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : L i m i t D C B F W v e r s i o n c h e c k s t o X 7 1 0 / X L 7 1 0 d e v i c e s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : a d d n e w p r o x y - w o l b i t f o r X 7 2 2 ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : U s e p r i v a t e w o r k q u e u e ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e v f : a d d n e w w r i t e - b a c k m o d e ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : F i x f o r U D P / T C P R S S f o r X 7 2 2 ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : E x t e n d e t h t o o l R S S h o o k s f o r X 7 2 2 ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : a d d n e w d e v i c e I D s f o r X 7 2 2 ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : b u m p v e r s i o n t o 1 . 4 . 1 0 ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : C l e a n u p t h e c o d e w i t h r e s p e c t t o r e s t a r t i n g a u t o n e g ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : d e f i n e f u n c t i o n c a p a b i l i t i e s i n o n l y o n e p l a c e ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : R e p l a c e X 7 2 2 m a c c h e c k i n e t h t o o l g e t _ s e t t i n g s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : F i x R S S r x - f l o w - h a s h c o n f i g u r a t i o n t h r o u g h e t h t o o l ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : A d d m a c _ f i l t e r _ e l e m e n t a t t h e e n d o f t h e l i s t i n s t e a d o f H E A D ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : r e m o v e f o r e v e r u n u s e d I D ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : F i x R x h a s h r e p o r t e d t o t h e s t a c k b y o u r d r i v e r ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : a l l o w z e r o M A C a d d r e s s f o r V F s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : c h a n g e l o g m e s s a g e s a n d e r r o r r e t u r n s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : B u m p i 4 0 e t o 1 . 4 . 8 a n d i 4 0 e v f t o 1 . 4 . 4 ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : c l e a n w h o l e m a c f i l t e r l i s t ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e / i 4 0 e v f : A d d a n e w o f f l o a d f o r R S S P C T Y P E V 2 f o r X 7 2 2 ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : h u s h l i t t l e w a r n i n g s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : O p c o d e a n d s t r u c t u r e s r e q u i r e d b y O E M P o s t U p d a t e A Q c o m m a n d a n d a d d n e w N V M a r q m e s s a g e ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : u s e e x p l i c i t c a s t f r o m u 1 6 t o u 8 ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : d o n t a d d z e r o M A C f i l t e r ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : p r o p e r l y d e l e t e V F M A C f i l t e r s ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > - [ n e t d r v ] i 4 0 e : c h o m p t h e B I T ( _ U L L ) ( S t e f a n A s s m a n n ) [ 1 2 4 9 2 5 0 1 3 1 0 4 0 2 1 3 4 6 9 7 8 ] b r > / p > \n \n \n b r > h 2 > R e l a t e d C V E s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 6 - 9 5 7 6 . h t m l \" > C V E - 2 0 1 6 - 9 5 7 6 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 6 - 1 0 0 8 8 . h t m l \" > C V E - 2 0 1 6 - 1 0 0 8 8 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 6 - 7 0 9 7 . h t m l \" > C V E - 2 0 1 6 - 7 0 9 7 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 6 - 8 3 9 9 . h t m l \" > C V E - 2 0 1 6 - 8 3 9 9 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 6 - 1 0 1 4 2 . h t m l \" > C V E - 2 0 1 6 - 1 0 1 4 2 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 6 - 7 0 4 2 . h t m l \" > C V E - 2 0 1 6 - 7 0 4 2 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 6 - 2 3 8 4 . h t m l \" > C V E - 2 0 1 6 - 2 3 8 4 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 6 - 6 4 8 0 . h t m l \" > C V E - 2 0 1 6 - 6 4 8 0 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 6 - 2 0 6 9 . h t m l \" > C V E - 2 0 1 6 - 2 0 6 9 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n b r > h 2 > U p d a t e d P a c k a g e s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r s t y l e = \" c o l o r : # F F 0 0 0 0 ; \" > t d > b > R e l e a s e / A r c h i t e c t u r e / b > t d > b > F i l e n a m e / b > / t d > t d > b > M D 5 s u m / b > / t d > t d > b > S u p e r s e d e d B y A d v i s o r y / b > / t d > / t r > \n t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 6 ( i 3 8 6 ) / t d > t d > k e r n e l - 2 . 6 . 3 2 - 6 9 6 . e l 6 . s r c . r p m / t d > t d > 7 8 6 1 1 4 0 0 1 4 0 6 c c b a f 3 0 7 d a 8 e 6 d 3 0 7 4 d a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - 2 . 6 . 3 2 - 6 9 6 . e l 6 . i 6 8 6 . r p m / t d > t d > 4 4 6 2 0 b c 3 d 0 0 9 2 7 2 5 6 e a 7 8 1 a 4 d d 8 8 e 3 5 7 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - a b i - w h i t e l i s t s - 2 . 6 . 3 2 - 6 9 6 . e l 6 . n o a r c h . r p m / t d > t d > 4 6 f d 8 e 7 7 6 c 9 0 3 f c 9 c 9 6 0 4 9 7 d e 4 c 2 6 c f 9 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - 2 . 6 . 3 2 - 6 9 6 . e l 6 . i 6 8 6 . r p m / t d > t d > c 6 e f a e 9 e 3 3 e 2 8 7 0 3 2 2 b d 2 c 1 b f c 0 4 7 f 7 7 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - d e v e l - 2 . 6 . 3 2 - 6 9 6 . e l 6 . i 6 8 6 . r p m / t d > t d > b b d 2 a 6 0 c 3 b 1 f 8 8 a c c 0 8 6 f 8 9 3 5 d 6 9 e 8 3 9 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e v e l - 2 . 6 . 3 2 - 6 9 6 . e l 6 . i 6 8 6 . r p m / t d > t d > a 5 3 b 7 f 0 4 4 0 8 f 9 d d e 6 4 e 5 0 3 9 5 5 9 4 d f d 6 f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d o c - 2 . 6 . 3 2 - 6 9 6 . e l 6 . n o a r c h . r p m / t d > t d > 6 9 3 a 8 2 c 6 e 9 c 3 a 5 5 7 0 6 0 a f 0 b 9 5 1 1 9 f c d 1 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - f i r m w a r e - 2 . 6 . 3 2 - 6 9 6 . e l 6 . n o a r c h . r p m / t d > t d > 1 2 b 9 c e f d 0 d 4 4 f 7 c 7 6 2 d 9 4 e d 9 2 5 6 f 1 b 5 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - h e a d e r s - 2 . 6 . 3 2 - 6 9 6 . e l 6 . i 6 8 6 . r p m / t d > t d > 8 1 b 0 0 8 2 b b 7 7 e 3 9 5 2 f 2 a b c a f 9 4 2 f 0 d 1 3 7 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > p e r f - 2 . 6 . 3 2 - 6 9 6 . e l 6 . i 6 8 6 . r p m / t d > t d > 0 1 4 9 b 2 4 7 2 8 0 3 c 8 d 4 d 1 b c f a b 3 7 7 a 1 2 3 8 9 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > p y t h o n - p e r f - 2 . 6 . 3 2 - 6 9 6 . e l 6 . i 6 8 6 . r p m / t d > t d > a 2 a 4 0 7 1 9 8 d a 9 e 5 f 8 7 e 8 3 2 8 a a 8 9 4 b 9 5 8 e / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 6 ( x 8 6 _ 6 4 ) / t d > t d > k e r n e l - 2 . 6 . 3 2 - 6 9 6 . e l 6 . s r c . r p m / t d > t d > 7 8 6 1 1 4 0 0 1 4 0 6 c c b a f 3 0 7 d a 8 e 6 d 3 0 7 4 d a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - 2 . 6 . 3 2 - 6 9 6 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > 0 d c 8 4 9 d 7 3 a 0 5 2 e 9 f 7 4 5 e e 8 4 b 8 2 f 0 f 4 0 b / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - a b i - w h i t e l i s t s - 2 . 6 . 3 2 - 6 9 6 . e l 6 . n o a r c h . r p m / t d > t d > 4 6 f d 8 e 7 7 6 c 9 0 3 f c 9 c 9 6 0 4 9 7 d e 4 c 2 6 c f 9 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - 2 . 6 . 3 2 - 6 9 6 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > 1 4 0 b 0 1 1 4 b b d 1 b f 8 3 8 f 5 0 e 7 a 1 7 4 c a 1 1 1 8 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - d e v e l - 2 . 6 . 3 2 - 6 9 6 . e l 6 . i 6 8 6 . r p m / t d > t d > b b d 2 a 6 0 c 3 b 1 f 8 8 a c c 0 8 6 f 8 9 3 5 d 6 9 e 8 3 9 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - d e v e l - 2 . 6 . 3 2 - 6 9 6 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > 9 d 5 4 8 0 d 3 4 c 1 2 1 b 0 b e b 9 8 9 0 a f a e 0 5 b c 5 d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e v e l - 2 . 6 . 3 2 - 6 9 6 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > 3 8 3 6 7 7 5 5 1 7 b a 2 3 7 2 2 e 0 c f d c e c 8 d 8 5 5 e 5 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d o c - 2 . 6 . 3 2 - 6 9 6 . e l 6 . n o a r c h . r p m / t d > t d > 6 9 3 a 8 2 c 6 e 9 c 3 a 5 5 7 0 6 0 a f 0 b 9 5 1 1 9 f c d 1 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - f i r m w a r e - 2 . 6 . 3 2 - 6 9 6 . e l 6 . n o a r c h . r p m / t d > t d > 1 2 b 9 c e f d 0 d 4 4 f 7 c 7 6 2 d 9 4 e d 9 2 5 6 f 1 b 5 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - h e a d e r s - 2 . 6 . 3 2 - 6 9 6 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > 5 1 3 f 7 b c e 7 d 2 0 8 8 6 6 a e 1 2 e 8 e 9 4 a e 3 b 4 4 d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > p e r f - 2 . 6 . 3 2 - 6 9 6 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > 4 6 e f b a d 9 7 3 b 9 2 9 2 b 5 8 2 f 2 8 d 8 f d 4 f 7 3 2 a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > t r > t d > / t d > t d > p y t h o n - p e r f - 2 . 6 . 3 2 - 6 9 6 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > 5 a 1 f 0 4 c d 3 4 2 a f 6 c c c 0 1 4 3 a 8 f b 9 e 5 e 0 2 f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 7 2 3 . h t m l \" > E L S A - 2 0 1 7 - 1 7 2 3 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n \n b r > b r > \n b r > p > \n T h i s p a g e i s g e n e r a t e d a u t o m a t i c a l l y a n d h a s n o t b e e n c h e c k e d f o r e r r o r s o r o m i s s i o n s . F o r c l a r i f i c a t i o n \n o r c o r r e c t i o n s p l e a s e c o n t a c t t h e a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / \" > O r a c l e L i n u x U L N t e a m / a > / p > \n \n \n \n / d i v > \n ! - - \n / d i v > \n - - > \n / d i v > \n / d i v > \n \n \n d i v i d = \" m c 1 6 \" c l a s s = \" m c 1 6 v 0 \" > \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > T e c h n i c a l i n f o r m a t i o n / h 2 > \n u l > \n l i > a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / h a r d w a r e - c e r t i f i c a t i o n s \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x C e r t i f i e d H a r d w a r e / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / l i b r a r y / e l s p - l i f e t i m e - 0 6 9 3 3 8 . p d f \" > O r a c l e L i n u x S u p p o r t e d R e l e a s e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > O r a c l e L i n u x S u p p o r t / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / t e c h n o l o g i e s / l i n u x / O r a c l e L i n u x S u p p o r t / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x S u p p o r t / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / p r e m i e r / s e r v e r s - s t o r a g e / o v e r v i e w / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e P r e m i e r S u p p o r t f o r S y s t e m s / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / a d v a n c e d - c u s t o m e r - s e r v i c e s / o v e r v i e w / \" > A d v a n c e d C u s t o m e r S e r v i c e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 2 \" > \n h 2 > C o n n e c t / h 2 > \n u l > \n l i c l a s s = \" f b i c o n \" > a h r e f = \" h t t p : / / w w w . f a c e b o o k . c o m / o r a c l e l i n u x \" t i t l e = \" F a c e b o o k \" n a m e = \" F a c e b o o k \" t a r g e t = \" _ b l a n k \" i d = \" F a c e b o o k \" > F a c e b o o k / a > / l i > \n l i c l a s s = \" t w i c o n \" > a h r e f = \" h t t p : / / w w w . t w i t t e r . c o m / O r a c l e L i n u x \" t i t l e = \" T w i t t e r \" n a m e = \" T w i t t e r \" t a r g e t = \" _ b l a n k \" i d = \" T w i t t e r \" > T w i t t e r / a > / l i > \n l i c l a s s = \" i n i c o n \" > a h r e f = \" h t t p : / / w w w . l i n k e d i n . c o m / g r o u p s ? g i d = 1 2 0 2 3 8 \" t i t l e = \" L i n k e d I n \" n a m e = \" L i n k e d I n \" t a r g e t = \" _ b l a n k \" i d = \" L i n k e d I n \" > L i n k e d I n / a > / l i > \n l i c l a s s = \" y t i c o n \" > a h r e f = \" h t t p : / / w w w . y o u t u b e . c o m / o r a c l e l i n u x c h a n n e l \" t i t l e = \" Y o u T u b e \" n a m e = \" Y o u T u b e \" t a r g e t = \" _ b l a n k \" i d = \" Y o u T u b e \" > Y o u T u b e / a > / l i > \n l i c l a s s = \" b l o g i c o n \" > a h r e f = \" h t t p : / / b l o g s . o r a c l e . c o m / l i n u x \" t i t l e = \" B l o g \" n a m e = \" B l o g \" > B l o g / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 3 \" > \n h 2 > C o n t a c t U s / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / c o r p o r a t e / c o n t a c t / g l o b a l - 0 7 0 5 1 1 . h t m l \" > G l o b a l c o n t a c t s / a > / l i > \n l i > O r a c l e 1 - 8 0 0 - 6 3 3 - 0 6 9 1 / l i > \n / u l > \n / d i v > \n / d i v > \n / d i v > \n \n d i v i d = \" m c 0 4 \" c l a s s = \" m c 0 4 v 1 \" > \n d i v c l a s s = \" m c 0 4 w 1 \" > \n a h r e f = \" h t t p : / / o r a c l e . c o m \" > i m g s r c = \" / / w w w . o r a c l e i m g . c o m / a s s e t s / m c 0 4 - f o o t e r - l o g o . p n g \" b o r d e r = \" 0 \" a l t = \" s o f t w a r e . h a r d w a r e . c o m p l e t e \" / > / a > \n / d i v > \n \n d i v c l a s s = \" m c 0 4 w 2 \" > \n a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / s u b s c r i b e / i n d e x . h t m l \" > S u b s c r i b e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / e m p l o y m e n t / i n d e x . h t m l \" > C a r e e r s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / c o n t a c t / i n d e x . h t m l \" > C o n t a c t U s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / c o p y r i g h t . h t m l \" > L e g a l N o t i c e s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / t e r m s . h t m l \" > T e r m s o f U s e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / p r i v a c y . h t m l \" > Y o u r P r i v a c y R i g h t s / a > \n / d i v > \n / d i v > \n / d i v > \n / b o d y > \n / h t m l > \n ", "edition": 4, "reporter": "Oracle", "published": "2017-03-27T00:00:00", "title": "kernel security, bug fix, and enhancement update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-2384", "CVE-2016-7097", "CVE-2017-6074", "CVE-2016-8399", "CVE-2016-7117", "CVE-2016-6480", "CVE-2016-2069", "CVE-2016-10088", "CVE-2016-9555", "CVE-2016-6136", "CVE-2016-6828", "CVE-2016-9576", "CVE-2016-10142", "CVE-2016-4998", "CVE-2016-7042"], "modified": "2017-03-27T00:00:00", "id": "ELSA-2017-0817", "href": "http://linux.oracle.com/errata/ELSA-2017-0817.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:43:46", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.33.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-4.1.12-61.1.33.el7uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.5.3-2.el7", "arch": "src", "packageFilename": "dtrace-modules-4.1.12-61.1.33.el7uek-0.5.3-2.el7.src.rpm", "packageName": "dtrace-modules-4.1.12-61.1.33.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.5.3-2.el7", "arch": "x86_64", "packageFilename": "dtrace-modules-4.1.12-61.1.33.el7uek-0.5.3-2.el7.x86_64.rpm", "packageName": "dtrace-modules-4.1.12-61.1.33.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.33.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-4.1.12-61.1.33.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.5.3-2.el6", "arch": "x86_64", "packageFilename": "dtrace-modules-4.1.12-61.1.33.el6uek-0.5.3-2.el6.x86_64.rpm", "packageName": "dtrace-modules-4.1.12-61.1.33.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.33.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-4.1.12-61.1.33.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.33.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-4.1.12-61.1.33.el7uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.33.el7uek", "arch": "src", "packageFilename": "kernel-uek-4.1.12-61.1.33.el7uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.33.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-4.1.12-61.1.33.el7uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.33.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-4.1.12-61.1.33.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.33.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-4.1.12-61.1.33.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.33.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-4.1.12-61.1.33.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.5.3-2.el6", "arch": "src", "packageFilename": "dtrace-modules-4.1.12-61.1.33.el6uek-0.5.3-2.el6.src.rpm", "packageName": "dtrace-modules-4.1.12-61.1.33.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.33.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-4.1.12-61.1.33.el7uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.33.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-4.1.12-61.1.33.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.33.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-4.1.12-61.1.33.el6uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.33.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-4.1.12-61.1.33.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.33.el6uek", "arch": "src", "packageFilename": "kernel-uek-4.1.12-61.1.33.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}], "description": "kernel-uek\n[4.1.12-61.1.33]\n- Revert 'x86/mm: Expand the exception table logic to allow new handling options' (Brian Maly) [Orabug: 25790387] {CVE-2016-9644}\n- Revert 'fix minor infoleak in get_user_ex()' (Brian Maly) [Orabug: 25790387] {CVE-2016-9644}\n[4.1.12-61.1.32]\n- x86/mm: Expand the exception table logic to allow new handling options (Tony Luck) [Orabug: 25790387] {CVE-2016-9644}\n[4.1.12-61.1.31]\n- rebuild bumping release\n[4.1.12-61.1.30]\n- net: ping: check minimum size on ICMP header length (Kees Cook) [Orabug: 25766898] {CVE-2016-8399} {CVE-2016-8399}\n- sg_write()/bsg_write() is not fit to be called under KERNEL_DS (Al Viro) [Orabug: 25765436] {CVE-2016-10088}\n- scsi: sg: check length passed to SG_NEXT_CMD_LEN (peter chang) [Orabug: 25751984] {CVE-2017-7187}\n[4.1.12-61.1.29]\n- tty: n_hdlc: get rid of racy n_hdlc.tbuf (Alexander Popov) [Orabug: 25696677] {CVE-2017-2636}\n- TTY: n_hdlc, fix lockdep false positive (Jiri Slaby) [Orabug: 25696677] {CVE-2017-2636}\n- If Slot Status indicates changes in both Data Link Layer Status and Presence Detect, prioritize the Link status change. (Jack Vogel) [Orabug: 25353783] \n- PCI: pciehp: Leave power indicator on when enabling already-enabled slot (Ashok Raj) [Orabug: 25353783] \n- firewire: net: guard against rx buffer overflows (Stefan Richter) [Orabug: 25451520] {CVE-2016-8633}\n- usbnet: cleanup after bind() in probe() (Oliver Neukum) [Orabug: 25463898] {CVE-2016-3951}\n- cdc_ncm: do not call usbnet_link_change from cdc_ncm_bind (Bjorn Mork) [Orabug: 25463898] {CVE-2016-3951}\n- cdc_ncm: Add support for moving NDP to end of NCM frame (Enrico Mioso) [Orabug: 25463898] {CVE-2016-3951}\n- x86/mm/32: Enable full randomization on i386 and X86_32 (Hector Marco-Gisbert) [Orabug: 25463918] {CVE-2016-3672}\n- kvm: fix page struct leak in handle_vmon (Paolo Bonzini) [Orabug: 25507133] {CVE-2017-2596}\n- crypto: mcryptd - Check mcryptd algorithm compatibility (tim) [Orabug: 25507153] {CVE-2016-10147}\n- kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF) (Jim Mattson) [Orabug: 25507188] {CVE-2016-9588}\n- KVM: x86: drop error recovery in em_jmp_far and em_ret_far (Radim Krcmar) [Orabug: 25507213] {CVE-2016-9756}\n- tcp: take care of truncations done by sk_filter() (Eric Dumazet) [Orabug: 25507226] {CVE-2016-8645}\n- rose: limit sk_filter trim to payload (Willem de Bruijn) [Orabug: 25507226] {CVE-2016-8645}\n- tipc: check minimum bearer MTU (Michal Kubecek) [Orabug: 25507239] {CVE-2016-8632} {CVE-2016-8632}\n- fix minor infoleak in get_user_ex() (Al Viro) [Orabug: 25507269] {CVE-2016-9178}\n- scsi: arcmsr: Simplify user_len checking (Borislav Petkov) [Orabug: 25507319] {CVE-2016-7425}\n- scsi: arcmsr: Buffer overflow in arcmsr_iop_message_xfer() (Dan Carpenter) [Orabug: 25507319] {CVE-2016-7425}\n- tmpfs: clear S_ISGID when setting posix ACLs (Gu Zheng) [Orabug: 25507341] {CVE-2016-7097} {CVE-2016-7097}\n- posix_acl: Clear SGID bit when setting file permissions (Jan Kara) [Orabug: 25507341] {CVE-2016-7097} {CVE-2016-7097}\n- ext2: convert to mbcache2 (Jan Kara) [Orabug: 25512366] {CVE-2015-8952}\n- ext4: convert to mbcache2 (Jan Kara) [Orabug: 25512366] {CVE-2015-8952}\n- mbcache2: reimplement mbcache (Jan Kara) [Orabug: 25512366] {CVE-2015-8952}\n- USB: digi_acceleport: do sanity checking for the number of ports (Oliver Neukum) [Orabug: 25512466] {CVE-2016-3140}\n- net/llc: avoid BUG_ON() in skb_orphan() (Eric Dumazet) [Orabug: 25682419] {CVE-2017-6345}\n- net/mlx4_core: Disallow creation of RAW QPs on a VF (Eli Cohen) [Orabug: 25697847] \n- ipv4: keep skb->dst around in presence of IP options (Eric Dumazet) [Orabug: 25698300] {CVE-2017-5970}\n- perf/core: Fix concurrent sys_perf_event_open() vs. 'move_group' race (Peter Zijlstra) [Orabug: 25698751] {CVE-2017-6001}\n- ip6_gre: fix ip6gre_err() invalid reads (Eric Dumazet) [Orabug: 25699015] {CVE-2017-5897}\n- mpt3sas: Dont spam logs if logging level is 0 (Johannes Thumshirn) [Orabug: 25699035] \n- xen-netfront: cast grant table reference first to type int (Dongli Zhang) \n- xen-netfront: do not cast grant table reference to signed short (Dongli Zhang)", "edition": 3, "reporter": "Oracle", "published": "2017-03-31T00:00:00", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-7097", "CVE-2016-8633", "CVE-2016-8399", "CVE-2016-10088", "CVE-2017-6001", "CVE-2017-5970", "CVE-2015-8952", "CVE-2017-2636", "CVE-2016-8632", "CVE-2016-9178", "CVE-2016-7425", "CVE-2016-3951", "CVE-2016-10147", "CVE-2016-9756", "CVE-2017-6345", "CVE-2017-2596", "CVE-2016-9588", "CVE-2016-3140", "CVE-2017-7187", "CVE-2016-9644", "CVE-2016-3672", "CVE-2016-8645", "CVE-2017-5897"], "modified": "2017-03-31T00:00:00", "id": "ELSA-2017-3533", "href": "http://linux.oracle.com/errata/ELSA-2017-3533.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:47:20", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.17.4.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-3.8.13-118.17.4.el7uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.17.4.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-3.8.13-118.17.4.el7uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.4.5-3.el7", "arch": "src", "packageFilename": "dtrace-modules-3.8.13-118.17.4.el7uek-0.4.5-3.el7.src.rpm", "packageName": "dtrace-modules-3.8.13-118.17.4.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.17.4.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-3.8.13-118.17.4.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.17.4.el6uek", "arch": "src", "packageFilename": "kernel-uek-3.8.13-118.17.4.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.4.5-3.el7", "arch": "x86_64", "packageFilename": "dtrace-modules-3.8.13-118.17.4.el7uek-0.4.5-3.el7.x86_64.rpm", "packageName": "dtrace-modules-3.8.13-118.17.4.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.17.4.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-3.8.13-118.17.4.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.17.4.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-3.8.13-118.17.4.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.17.4.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-3.8.13-118.17.4.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.4.5-3.el6", "arch": "src", "packageFilename": "dtrace-modules-3.8.13-118.17.4.el6uek-0.4.5-3.el6.src.rpm", "packageName": "dtrace-modules-3.8.13-118.17.4.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.17.4.el7uek", "arch": "src", "packageFilename": "kernel-uek-3.8.13-118.17.4.el7uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.17.4.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-3.8.13-118.17.4.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.4.5-3.el6", "arch": "x86_64", "packageFilename": "dtrace-modules-3.8.13-118.17.4.el6uek-0.4.5-3.el6.x86_64.rpm", "packageName": "dtrace-modules-3.8.13-118.17.4.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.17.4.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-3.8.13-118.17.4.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.17.4.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-3.8.13-118.17.4.el7uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.17.4.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-3.8.13-118.17.4.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.17.4.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-3.8.13-118.17.4.el6uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.17.4.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-3.8.13-118.17.4.el7uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}], "description": "kernel-uek\n[3.8.13-118.17.4]\n- Revert 'fix minor infoleak in get_user_ex()' (Brian Maly) [Orabug: 25790392] {CVE-2016-9644}\n[3.8.13-118.17.3]\n- net: ping: check minimum size on ICMP header length (Kees Cook) [Orabug: 25766911] {CVE-2016-8399}\n[3.8.13-118.17.2]\n- ipv6: stop sending PTB packets for MTU < 1280 (Hagen Paul Pfeifer) [Orabug: 25765776] {CVE-2016-10142}\n- sg_write()/bsg_write() is not fit to be called under KERNEL_DS (Al Viro) [Orabug: 25765445] {CVE-2016-10088}\n- scsi: sg: check length passed to SG_NEXT_CMD_LEN (peter chang) [Orabug: 25751996] {CVE-2017-7187}\n[3.8.13-118.17.1]\n- tty: n_hdlc: get rid of racy n_hdlc.tbuf (Alexander Popov) [Orabug: 25696686] {CVE-2017-2636}\n- TTY: n_hdlc, fix lockdep false positive (Jiri Slaby) [Orabug: 25696686] {CVE-2017-2636}\n- drivers/tty/n_hdlc.c: replace kmalloc/memset by kzalloc (Fabian Frederick) [Orabug: 25696686] {CVE-2017-2636}\n- x86: bpf_jit: fix compilation of large bpf programs (Alexei Starovoitov) [Orabug: 21305080] {CVE-2015-4700}\n- net: filter: return -EINVAL if BPF_S_ANC* operation is not supported (Daniel Borkmann) [Orabug: 22187148] \n- KEYS: request_key() should reget expired keys rather than give EKEYEXPIRED (David Howells) \n- KEYS: Increase root_maxkeys and root_maxbytes sizes (Steve Dickson) \n- firewire: net: guard against rx buffer overflows (Stefan Richter) [Orabug: 25451530] {CVE-2016-8633}\n- x86/mm/32: Enable full randomization on i386 and X86_32 (Hector Marco-Gisbert) [Orabug: 25463927] {CVE-2016-3672}\n- x86 get_unmapped_area: Access mmap_legacy_base through mm_struct member (Radu Caragea) [Orabug: 25463927] {CVE-2016-3672}\n- pptp: verify sockaddr_len in pptp_bind() and pptp_connect() (WANG Cong) [Orabug: 25490335] {CVE-2015-8569}\n- sg_start_req(): make sure that there's not too many elements in iovec (Al Viro) [Orabug: 25490372] {CVE-2015-5707}\n- kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF) (Jim Mattson) [Orabug: 25507195] {CVE-2016-9588}\n- tcp: take care of truncations done by sk_filter() (Eric Dumazet) [Orabug: 25507230] {CVE-2016-8645}\n- rose: limit sk_filter trim to payload (Willem de Bruijn) [Orabug: 25507230] {CVE-2016-8645}\n- fix minor infoleak in get_user_ex() (Al Viro) [Orabug: 25507281] {CVE-2016-9178}\n- scsi: arcmsr: Simplify user_len checking (Borislav Petkov) [Orabug: 25507328] {CVE-2016-7425}\n- scsi: arcmsr: Buffer overflow in arcmsr_iop_message_xfer() (Dan Carpenter) [Orabug: 25507328] {CVE-2016-7425}\n- net: fix a kernel infoleak in x25 module (Kangjie Lu) [Orabug: 25512413] {CVE-2016-4580}\n- USB: digi_acceleport: do sanity checking for the number of ports (Oliver Neukum) [Orabug: 25512471] {CVE-2016-3140}\n- ipv4: keep skb->dst around in presence of IP options (Eric Dumazet) [Orabug: 25543892] {CVE-2017-5970}\n- net/llc: avoid BUG_ON() in skb_orphan() (Eric Dumazet) [Orabug: 25682430] {CVE-2017-6345}\n- dccp: fix freeing skb too early for IPV6_RECVPKTINFO (Andrey Konovalov) {CVE-2017-6074}\n- crypto: algif_hash - Only export and import on sockets with data (Herbert Xu) [Orabug: 25417805] {CVE-2016-8646}\n- USB: usbfs: fix potential infoleak in devio (Kangjie Lu) [Orabug: 25462760] {CVE-2016-4482}\n- net: fix infoleak in llc (Kangjie Lu) [Orabug: 25462807] {CVE-2016-4485}\n- af_unix: Guard against other == sk in unix_dgram_sendmsg (Rainer Weikusat) [Orabug: 25463996] {CVE-2013-7446}\n- unix: avoid use-after-free in ep_remove_wait_queue (Rainer Weikusat) [Orabug: 25463996] {CVE-2013-7446}\n- net: avoid signed overflows for SO_{SND|RCV}BUFFORCE (Eric Dumazet) [Orabug: 25203623] {CVE-2016-9793}", "edition": 3, "reporter": "Oracle", "published": "2017-03-31T00:00:00", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-8633", "CVE-2017-6074", "CVE-2016-8399", "CVE-2016-9793", "CVE-2016-10088", "CVE-2017-5970", "CVE-2017-2636", "CVE-2016-9178", "CVE-2016-7425", "CVE-2016-4485", "CVE-2016-4482", "CVE-2017-6345", "CVE-2016-8646", "CVE-2016-9588", "CVE-2016-3140", "CVE-2013-7446", "CVE-2017-7187", "CVE-2015-8569", "CVE-2016-10142", "CVE-2016-9644", "CVE-2015-5707", "CVE-2016-4580", "CVE-2016-3672", "CVE-2016-8645", "CVE-2015-4700"], "modified": "2017-03-31T00:00:00", "id": "ELSA-2017-3534", "href": "http://linux.oracle.com/errata/ELSA-2017-3534.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:47:15", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-2.6.39-400.295.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-2.6.39-400.295.2.el5uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "i686", "packageFilename": "kernel-uek-devel-2.6.39-400.295.2.el5uek.i686.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.295.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-2.6.39-400.295.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.295.2.el5uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-2.6.39-400.295.2.el5uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "i686", "packageFilename": "kernel-uek-2.6.39-400.295.2.el6uek.i686.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "i686", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.295.2.el6uek.i686.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.295.2.el5uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.295.2.el5uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "i686", "packageFilename": "kernel-uek-debug-2.6.39-400.295.2.el5uek.i686.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.295.2.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.295.2.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "i686", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.295.2.el5uek.i686.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "i686", "packageFilename": "kernel-uek-devel-2.6.39-400.295.2.el6uek.i686.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "i686", "packageFilename": "kernel-uek-2.6.39-400.295.2.el5uek.i686.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-2.6.39-400.295.2.el6uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "i686", "packageFilename": "kernel-uek-debug-2.6.39-400.295.2.el6uek.i686.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.295.2.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.295.2.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.295.2.el5uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.295.2.el5uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.295.2.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.295.2.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.295.2.el5uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.295.2.el5uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-2.6.39-400.295.2.el5uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}], "description": "[2.6.39-400.295.2]\n- nfsd: stricter decoding of write-like NFSv2/v3 ops (J. Bruce Fields) [Orabug: 25986995] {CVE-2017-7895}\n[2.6.39-400.295.1]\n- ocfs2/o2net: o2net_listen_data_ready should do nothing if socket state is not TCP_LISTEN (Tariq Saeed) [Orabug: 25510857] \n- IB/CORE: sync the resouce access in fmr_pool (Wengang Wang) [Orabug: 23750748] \n- ipv6: Skip XFRM lookup if dst_entry in socket cache is valid (Jakub Sitnicki) [Orabug: 25534688] \n- uek-rpm: enable CONFIG_KSPLICE. (Jamie Iles) [Orabug: 25549845] \n- ksplice: add sysctls for determining Ksplice features. (Jamie Iles) [Orabug: 25549845] \n- signal: protect SIGNAL_UNKILLABLE from unintentional clearing. (Jamie Iles) [Orabug: 25549845] \n- KVM: x86: fix emulation of 'MOV SS, null selector' (Paolo Bonzini) [Orabug: 25719676] {CVE-2017-2583} {CVE-2017-2583}\n- sctp: avoid BUG_ON on sctp_wait_for_sndbuf (Marcelo Ricardo Leitner) [Orabug: 25719811] {CVE-2017-5986}\n- tcp: avoid infinite loop in tcp_splice_read() (Eric Dumazet) [Orabug: 25720815] {CVE-2017-6214}\n- USB: visor: fix null-deref at probe (Johan Hovold) [Orabug: 25796604] {CVE-2016-2782}\n- ipc/shm: Fix shmat mmap nil-page protection (Davidlohr Bueso) [Orabug: 25797014] {CVE-2017-5669}\n- vhost: actually track log eventfd file (Marc-Andre Lureau) [Orabug: 25797056] {CVE-2015-6252}\n- xfrm_user: validate XFRM_MSG_NEWAE incoming ESN size harder (Andy Whitcroft) [Orabug: 25814664] {CVE-2017-7184}\n- xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window (Andy Whitcroft) [Orabug: 25814664] {CVE-2017-7184}\n- KEYS: Remove key_type::match in favour of overriding default by match_preparse (David Howells) [Orabug: 25823965] {CVE-2017-2647} {CVE-2017-2647}\n- USB: whiteheat: fix potential null-deref at probe (Johan Hovold) [Orabug: 25825107] {CVE-2015-5257}\n- RDS: fix race condition when sending a message on unbound socket (Quentin Casasnovas) [Orabug: 25871048] {CVE-2015-6937} {CVE-2015-6937}\n- udf: Check path length when reading symlink (Jan Kara) [Orabug: 25871104] {CVE-2015-9731}\n- udf: Treat symlink component of type 2 as / (Jan Kara) [Orabug: 25871104] {CVE-2015-9731}\n- udp: properly support MSG_PEEK with truncated buffers (Eric Dumazet) [Orabug: 25874741] {CVE-2016-10229}\n- block: fix use-after-free in seq file (Vegard Nossum) [Orabug: 25877531] {CVE-2016-7910}\n- RHEL: complement upstream workaround for CVE-2016-10142. (Quentin Casasnovas) [Orabug: 25765786] {CVE-2016-10142} {CVE-2016-10142}\n- net: ping: check minimum size on ICMP header length (Kees Cook) [Orabug: 25766914] {CVE-2016-8399}\n- ipv6: stop sending PTB packets for MTU < 1280 (Hagen Paul Pfeifer) [Orabug: 25765786] {CVE-2016-10142}\n- sg_write()/bsg_write() is not fit to be called under KERNEL_DS (Al Viro) [Orabug: 25765448] {CVE-2016-10088}\n- scsi: sg: check length passed to SG_NEXT_CMD_LEN (peter chang) [Orabug: 25752011] {CVE-2017-7187}\n- tty: n_hdlc: get rid of racy n_hdlc.tbuf (Alexander Popov) [Orabug: 25696689] {CVE-2017-2636}\n- TTY: n_hdlc, fix lockdep false positive (Jiri Slaby) [Orabug: 25696689] {CVE-2017-2636}\n- drivers/tty/n_hdlc.c: replace kmalloc/memset by kzalloc (Fabian Frederick) [Orabug: 25696689] {CVE-2017-2636}\n- list: introduce list_first_entry_or_null (Jiri Pirko) [Orabug: 25696689] {CVE-2017-2636}\n- firewire: net: guard against rx buffer overflows (Stefan Richter) [Orabug: 25451538] {CVE-2016-8633}\n- x86/mm/32: Enable full randomization on i386 and X86_32 (Hector Marco-Gisbert) [Orabug: 25463929] {CVE-2016-3672}\n- x86 get_unmapped_area: Access mmap_legacy_base through mm_struct member (Radu Caragea) [Orabug: 25463929] {CVE-2016-3672}\n- sg_start_req(): make sure that there's not too many elements in iovec (Al Viro) [Orabug: 25490377] {CVE-2015-5707}\n- tcp: take care of truncations done by sk_filter() (Eric Dumazet) [Orabug: 25507232] {CVE-2016-8645}\n- rose: limit sk_filter trim to payload (Willem de Bruijn) [Orabug: 25507232] {CVE-2016-8645}\n- scsi: arcmsr: Buffer overflow in arcmsr_iop_message_xfer() (Dan Carpenter) [Orabug: 25507330] {CVE-2016-7425}\n- x86: bpf_jit: fix compilation of large bpf programs (Alexei Starovoitov) [Orabug: 25507375] {CVE-2015-4700}\n- net: fix a kernel infoleak in x25 module (Kangjie Lu) [Orabug: 25512417] {CVE-2016-4580}\n- USB: digi_acceleport: do sanity checking for the number of ports (Oliver Neukum) [Orabug: 25512472] {CVE-2016-3140}\n- net/llc: avoid BUG_ON() in skb_orphan() (Eric Dumazet) [Orabug: 25682437] {CVE-2017-6345}\n- dccp: fix freeing skb too early for IPV6_RECVPKTINFO (Andrey Konovalov) [Orabug: 25598277] {CVE-2017-6074}\n- vfs: read file_handle only once in handle_to_path (Sasha Levin) [Orabug: 25388709] {CVE-2015-1420}\n- crypto: algif_hash - Only export and import on sockets with data (Herbert Xu) [Orabug: 25417807] \n- USB: usbfs: fix potential infoleak in devio (Kangjie Lu) [Orabug: 25462763] {CVE-2016-4482}\n- net: fix infoleak in llc (Kangjie Lu) [Orabug: 25462811] {CVE-2016-4485}\n- af_unix: Guard against other == sk in unix_dgram_sendmsg (Rainer Weikusat) [Orabug: 25464000] {CVE-2013-7446}\n- unix: avoid use-after-free in ep_remove_wait_queue (Rainer Weikusat) [Orabug: 25464000] {CVE-2013-7446}", "edition": 3, "reporter": "Oracle", "published": "2017-05-16T00:00:00", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-2782", "CVE-2017-7895", "CVE-2017-7184", "CVE-2016-7910", "CVE-2016-8633", "CVE-2017-6074", "CVE-2016-8399", "CVE-2015-1420", "CVE-2016-10088", "CVE-2015-6252", "CVE-2015-9731", "CVE-2015-5257", "CVE-2017-2636", "CVE-2017-2583", "CVE-2016-7425", "CVE-2017-6214", "CVE-2016-4485", "CVE-2016-4482", "CVE-2017-6345", "CVE-2017-5669", "CVE-2017-2647", "CVE-2017-5986", "CVE-2016-3140", "CVE-2016-10229", "CVE-2013-7446", "CVE-2017-7187", "CVE-2016-10142", "CVE-2015-5707", "CVE-2016-4580", "CVE-2016-3672", "CVE-2016-8645", "CVE-2015-6937", "CVE-2015-4700"], "modified": "2017-05-16T00:00:00", "id": "ELSA-2017-3567", "href": "http://linux.oracle.com/errata/ELSA-2017-3567.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:42:39", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-103.3.8.el7uek", "arch": "src", "packageFilename": "kernel-uek-4.1.12-103.3.8.el7uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.6.1-3.el6", "arch": "x86_64", "packageFilename": "dtrace-modules-provider-headers-0.6.1-3.el6.x86_64.rpm", "packageName": "dtrace-modules-provider-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.6.1-3.el7", "arch": "x86_64", "packageFilename": "dtrace-modules-4.1.12-103.3.8.el7uek-0.6.1-3.el7.x86_64.rpm", "packageName": "dtrace-modules-4.1.12-103.3.8.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-103.3.8.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-4.1.12-103.3.8.el7uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-103.3.8.el6uek", "arch": "src", "packageFilename": "kernel-uek-4.1.12-103.3.8.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.6.1-3.el7", "arch": "x86_64", "packageFilename": "dtrace-modules-shared-headers-0.6.1-3.el7.x86_64.rpm", "packageName": "dtrace-modules-shared-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-103.3.8.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-4.1.12-103.3.8.el7uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-103.3.8.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-4.1.12-103.3.8.el6uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-103.3.8.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-4.1.12-103.3.8.el7uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-103.3.8.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-4.1.12-103.3.8.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-103.3.8.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-4.1.12-103.3.8.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-103.3.8.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-4.1.12-103.3.8.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-103.3.8.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-4.1.12-103.3.8.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.6.1-3.el7", "arch": "src", "packageFilename": "dtrace-modules-4.1.12-103.3.8.el7uek-0.6.1-3.el7.src.rpm", "packageName": "dtrace-modules-4.1.12-103.3.8.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-103.3.8.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-4.1.12-103.3.8.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-103.3.8.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-4.1.12-103.3.8.el7uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.6.1-3.el6", "arch": "src", "packageFilename": "dtrace-modules-4.1.12-103.3.8.el6uek-0.6.1-3.el6.src.rpm", "packageName": "dtrace-modules-4.1.12-103.3.8.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.6.1-3.el7", "arch": "x86_64", "packageFilename": "dtrace-modules-provider-headers-0.6.1-3.el7.x86_64.rpm", "packageName": "dtrace-modules-provider-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.6.1-3.el6", "arch": "x86_64", "packageFilename": "dtrace-modules-4.1.12-103.3.8.el6uek-0.6.1-3.el6.x86_64.rpm", "packageName": "dtrace-modules-4.1.12-103.3.8.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.6.1-3.el6", "arch": "x86_64", "packageFilename": "dtrace-modules-shared-headers-0.6.1-3.el6.x86_64.rpm", "packageName": "dtrace-modules-shared-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-103.3.8.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-4.1.12-103.3.8.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-103.3.8.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-4.1.12-103.3.8.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}], "description": "kernel-uek\n[4.1.12-103.3.8]\n- fs/exec.c: account for argv/envp pointers (Kees Cook) [Orabug: 26638900] {CVE-2017-1000365} {CVE-2017-1000365}\n[4.1.12-103.3.7]\n- i40e/i40evf: check for stopped admin queue (Mitch Williams) [Orabug: 26654222]\n[4.1.12-103.3.6]\n- xen: fix bio vec merging (Roger Pau Monne) [Orabug: 26645497]\n[4.1.12-103.3.5]\n- dentry name snapshots (Al Viro) [Orabug: 26630805] {CVE-2017-7533}\n[4.1.12-103.3.4]\n- mnt: Add a per mount namespace limit on the number of mounts (Eric W. Biederman) [Orabug: 26585933] {CVE-2016-6213} {CVE-2016-6213}\n- ipv6: fix out of bound writes in __ip6_append_data() (Eric Dumazet) [Orabug: 26578179] {CVE-2017-9242}\n- KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings (David Howells) [Orabug: 26585981] {CVE-2016-9604} {CVE-2016-9604}\n- l2tp: fix racy SOCK_ZAPPED flag check in l2tp_ip{,6}_bind() (Guillaume Nault) [Orabug: 26586030] {CVE-2016-10200}\n- ovl: move super block magic number to magic.h (Stephen Hemminger) [Orabug: 22876737] {CVE-2016-1575} {CVE-2016-1576}\n- ovl: use a minimal buffer in ovl_copy_xattr (Vito Caputo) [Orabug: 22876737] {CVE-2016-1575} {CVE-2016-1576}\n- ovl: allow zero size xattr (Miklos Szeredi) [Orabug: 22876737] {CVE-2016-1575} {CVE-2016-1576}\n- ovl: default permissions (Miklos Szeredi) [Orabug: 22876737] {CVE-2016-1575} {CVE-2016-1576}\n- scsi: megaraid_sas: handle dma_addr_t right on 32-bit (Arnd Bergmann) [Orabug: 26560952] \n- scsi: megaraid_sas: NVME fast path io support (Shivasharan S) [Orabug: 26560952] \n- scsi: megaraid_sas: NVME interface target prop added (Shivasharan S) [Orabug: 26560952] \n- scsi: megaraid_sas: NVME Interface detection and prop settings (Shivasharan S) [Orabug: 26560952] \n- scsi: megaraid_sas: Use synchronize_irq to wait for IRQs to complete (Shivasharan S) [Orabug: 26560952] \n- fs/fuse: fuse mount can cause panic with no memory numa node (Somasundaram Krishnasamy) [Orabug: 26151828] \n- Fix regression which breaks DFS mounting (Sachin Prabhu) [Orabug: 26335022] \n- ol7/spec: sync up linux-firmware version for ol74 (Ethan Zhao) [Orabug: 26567308] [Orabug: 26567283] \n- nfsd: encoders mustnt use unitialized values in error cases (J. Bruce Fields) [Orabug: 26572867] {CVE-2017-8797}\n- nfsd: fix undefined behavior in nfsd4_layout_verify (Ari Kauppi) [Orabug: 26572867] {CVE-2017-8797}\n- ol6/spec: sync up linux-firmware version for ol6 (Ethan Zhao) [Orabug: 26586911] [Orabug: 26586927]\n[4.1.12-103.3.2]\n- rds: tcp: cancel all worker threads before shutting down socket (Yuval Shaia) [Orabug: 26332905] \n- Revert 'ixgbevf: get rid of custom busy polling code' (Jack Vogel) [Orabug: 26560824] \n- Revert 'ixgbe: get rid of custom busy polling code' (Jack Vogel) [Orabug: 26560824] \n- xen: do not re-use pirq number cached in pci device msi msg data (Boris Ostrovsky) [Orabug: 26324865] \n- xsigo: PCA 2.3.1 Compute Node panics in xve_create_arp+430 (Pradeep Gopanapalli) [Orabug: 26520653] \n- ocfs2: fix deadlock caused by recursive locking in xattr (Eric Ren) [Orabug: 26554428] \n- ocfs2: fix deadlock issue when taking inode lock at vfs entry points (Eric Ren) [Orabug: 26554428] \n- ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock (Eric Ren) [Orabug: 26554428] \n- Revert 'add OCFS2_LOCK_RECURSIVE arg_flags to ocfs2_cluster_lock() to prevent hang' (Ashish Samant) [Orabug: 26554428] \n- MacSec: fix backporting error in patches for CVE-2017-7477 (Alexey Kodanev) [Orabug: 26481629] [Orabug: 26368162] {CVE-2017-7477} {CVE-2017-7477}\n- sg: Fix double-free when drives detach during SG_IO (Calvin Owens) [Orabug: 26492439] \n- ping: implement proper locking (Eric Dumazet) [Orabug: 26540266] {CVE-2017-2671}\n- PCI: Workaround wrong flags completions for IDT switch (James Puthukattukaran) [Orabug: 26362330] \n- xen-blkback: stop blkback thread of every queue in xen_blkif_disconnect (Annie Li)\n[4.1.12-103.3.1]\n- MSI: Dont assign MSI IRQ vector twice (Ashok Vairavan) [Orabug: 25982356] \n- IB/core: Remove stray semicolon in cma_init (Yuval Shaia) [Orabug: 26188883] \n- ipv6: Fix leak in ipv6_gso_segment(). (David S. Miller) [Orabug: 26403963] {CVE-2017-9074}\n- ipv6: xfrm: Handle errors reported by xfrm6_find_1stfragopt() (Ben Hutchings) [Orabug: 26403963] {CVE-2017-9074}\n- ipv6: Check ip6_find_1stfragopt() return value properly. (David S. Miller) [Orabug: 26403963] {CVE-2017-9074}\n- ipv6: Prevent overrun when parsing v6 header options (Craig Gallek) [Orabug: 26403963] {CVE-2017-9074}\n- scsi: libiscsi: use kvzalloc for iscsi_pool_init (Kyle Fortin) [Orabug: 26473220] \n- mm: introduce kv[mz]alloc helpers (Kyle Fortin) [Orabug: 26473220] \n- blk-mq: Export blk_mq_freeze_queue_wait (Keith Busch) [Orabug: 26486215] \n- blk-mq: Provide freeze queue timeout (Keith Busch) [Orabug: 26486215] \n- nvme: Complete all stuck requests (Keith Busch) [Orabug: 26486215] \n- nvme: Dont suspend admin queue that wasnt created (Gabriel Krisman Bertazi) [Orabug: 26486215] \n- nvme: Delete created IO queues on reset (Keith Busch) [Orabug: 26486215] \n- nvme: Suspend all queues before deletion (Gabriel Krisman Bertazi) [Orabug: 26486215] \n- nvme/pci: No special case for queue busy on IO (Keith Busch) [Orabug: 26486215] \n- Revert 'net/rds: Revert 'RDS: add reconnect retry scheme for stalled connections'' (Ajaykumar Hotchandani) [Orabug: 26497331] \n- Revert 'net/rds: use different workqueue for base_conn' (Ajaykumar Hotchandani) [Orabug: 26497331] \n- Revert 'net/rds: determine active/passive connection with IP addresses' (Ajaykumar Hotchandani) [Orabug: 26497331] \n- Revert 'net/rds: prioritize the base connection establishment' (Ajaykumar Hotchandani) [Orabug: 26497331] \n- net/sock: add WARN_ON(parent->sk) in sock_graft() (Sowmini Varadhan) [Orabug: 26243229] \n- rds: tcp: use sock_create_lite() to create the accept socket (Sowmini Varadhan) [Orabug: 26243229] \n- rds: tcp: set linger to 1 when unloading a rds-tcp (Sowmini Varadhan) [Orabug: 26236194] \n- rds: tcp: send handshake ping-probe from passive endpoint (Sowmini Varadhan) [Orabug: 26236194] \n- Revert 'SUNRPC: Refactor svc_set_num_threads()' (Dhaval Giani) [Orabug: 26450033] \n- Revert 'NFSv4: Fix callback server shutdown' (Dhaval Giani) [Orabug: 26450033] \n- mm: fix use-after-free if memory allocation failed in vma_adjust() (Kirill A. Shutemov) [Orabug: 25647067] \n- scsi: smartpqi: mark PM functions as __maybe_unused (Arnd Bergmann) [Orabug: 26191021] \n- scsi: smartpqi: bump driver version (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: remove writeq/readq function definitions (Corentin Labbe) [Orabug: 26191021] \n- scsi: smartpqi: add module parameters (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: cleanup list initialization (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: add raid level show (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: make ioaccel references consistent (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: enhance device add and remove messages (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: update timeout on admin commands (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: map more raid errors to SCSI errors (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: cleanup controller branding (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: update rescan worker (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: update device offline (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: correct aio error path (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: add lockup action (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: remove qdepth calculations for logical volumes (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: enhance kdump (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: change return value for LUN reset operations (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: add ptraid support (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: update copyright (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: cleanup messages (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: add new PCI device IDs (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: minor driver cleanup (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: correct BMIC identify physical drive (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: eliminate redundant error messages (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: add pqi_wait_for_completion_io (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: correct bdma hw bug (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: add heartbeat check (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: add suspend and resume support (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: enhance resets (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: add supporting events (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: ensure controller is in SIS mode at init (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: add in controller checkpoint for controller lockups. (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: set pci completion timeout (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: correct remove scsi devices (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: fix time handling (Arnd Bergmann) [Orabug: 26191021] \n- Btrfs: fix extent_same allowing destination offset beyond i_size (Filipe Manana) [Orabug: 26376770] \n- NVMe: Retain QUEUE_FLAG_SG_GAPS flag for bio vector alignment. (Ashok Vairavan) [Orabug: 26402457] \n- ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT (Takashi Iwai) [Orabug: 26403948] {CVE-2017-1000380}\n- ALSA: timer: Fix race between read and ioctl (Takashi Iwai) [Orabug: 26403948] {CVE-2017-1000380}\n- xfs: Timely free truncated dirty pages (Jan Kara) [Orabug: 26452559] \n- xfs: skip dirty pages in ->releasepage() (Brian Foster) [Orabug: 26452559] \n- sparc64: Convert non-fatal error print to a debug print (DAX driver) (Sanath Kumar) [Orabug: 26476370] \n- selftests: sparc64: memory: Add tests for privileged ADI driver (Tom Hromatka) [Orabug: 26359060] \n- memory: sparc64: Add privileged ADI driver (Tom Hromatka) [Orabug: 26359060] \n- sparc64: Export the adi_state structure (Tom Hromatka) [Orabug: 26359060] \n- sparc64: Use cpu_poke to resume idle cpu (Vijay Kumar) [Orabug: 26399224] \n- sparc64: Add a new hypercall CPU_POKE (Vijay Kumar) [Orabug: 26399224] \n- cpuset: consider dying css as offline (Tejun Heo) [Orabug: 26475766] \n- sparc64: Treat ERESTARTSYS as an acceptable error (DAX driver) (Sanath Kumar) [Orabug: 26475734] \n- sparc64: fix out of order spin_lock_irqsave and spin_unlock_restore (Thomas Tai) [Orabug: 26430325] \n- SPARC64: vcc: delay device removal until close() (Aaron Young) [Orabug: 26315957] \n- bnxt_en: Fix SRIOV on big-endian architecture. (Michael Chan) [Orabug: 26443303] \n- arch/sparc: Enable queued spinlock support for SPARC (Allen Pais) [Orabug: 26373790] \n- arch/sparc: Introduce xchg16 for SPARC (Babu Moger) [Orabug: 26373790] \n- arch/sparc: Enable queued rwlocks for SPARC (Allen Pais) [Orabug: 26373790] \n- arch/sparc: Introduce cmpxchg_u8 SPARC (Babu Moger) [Orabug: 26373790] \n- arch/sparc: Define config parameter CPU_BIG_ENDIAN (Allen Pais) [Orabug: 26373790] \n- kernel/locking: Fix compile error with qrwlock.c (Babu Moger) [Orabug: 26373790] \n- arch/sparc: Remove the check #ifndef __LINUX_SPINLOCK_TYPES_H (Babu Moger) [Orabug: 26373790] \n- locking/qrwlock: Fix write unlock bug on big endian systems (pan xinhui) [Orabug: 26373790] \n- locking/qrwlock: Implement queue_write_unlock() using smp_store_release() (Will Deacon) [Orabug: 26373790] \n- locking/qspinlock: Avoid redundant read of next pointer (Waiman Long) [Orabug: 26373790] \n- locking/qspinlock: Prefetch the next node cacheline (Waiman Long) [Orabug: 26373790] \n- locking/qrwlock: Reduce reader/writer to reader lock transfer latency (Waiman Long) [Orabug: 26373790] \n- locking/qrwlock: Better optimization for interrupt context readers (Waiman Long) [Orabug: 26373790] \n- locking/qrwlock: Rename functions to queued_*() (Waiman Long) [Orabug: 26373790] b r > - l o c k i n g / q r w l o c k : D o n t c o n t e n d w i t h r e a d e r s w h e n s e t t i n g _ Q W _ W A I T I N G ( W a i m a n L o n g ) [ O r a b u g : 2 6 3 7 3 7 9 0 ] b r > - l o c k i n g / q r w l o c k : R e n a m e Q U E U E _ R W L O C K t o Q U E U E D _ R W L O C K S ( B a b u M o g e r ) [ O r a b u g : 2 6 3 7 3 7 9 0 ] b r > - l o c k i n g / q s p i n l o c k : U s e a s i m p l e w r i t e t o g r a b t h e l o c k ( W a i m a n L o n g ) [ O r a b u g : 2 6 3 7 3 7 9 0 ] b r > - l o c k i n g / q s p i n l o c k : O p t i m i z e f o r s m a l l e r N R _ C P U S ( P e t e r Z i j l s t r a ( I n t e l ) ) [ O r a b u g : 2 6 3 7 3 7 9 0 ] b r > - l o c k i n g / q s p i n l o c k : E x t r a c t o u t c o d e s n i p p e t s f o r t h e n e x t p a t c h ( W a i m a n L o n g ) [ O r a b u g : 2 6 3 7 3 7 9 0 ] b r > - l o c k i n g / q s p i n l o c k : A d d p e n d i n g b i t ( P e t e r Z i j l s t r a ( I n t e l ) ) [ O r a b u g : 2 6 3 7 3 7 9 0 ] b r > - l o c k i n g / q s p i n l o c k : I n t r o d u c e a s i m p l e g e n e r i c 4 - b y t e q u e u e d s p i n l o c k ( W a i m a n L o n g ) [ O r a b u g : 2 6 3 7 3 7 9 0 ] b r > - q e d e : A d d s u p p o r t f o r i n g r e s s h e a d r o o m ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d e : U p d a t e r e c e i v e s t a t i s t i c o n c e p e r N A P I ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : M a k e O O O a r c h i p e l a g o s i n t o a n a r r a y ( M i c h a l K a l d e r o n ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : P r o v i d e i S C S I s t a t i s t i c s t o m a n a g e m e n t ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : I n f o r m q e d i t h e n u m b e r o f p o s s i b l e C Q s ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : A d d m i s s i n g s t a t f o r n e w i s l e s ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : D o n t c l o s e t h e O U T _ E N d u r i n g i n i t ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : C o n f i g u r e c a c h e l i n e s i z e i n H W ( T o m e r T a y a r ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : D o n t u s e m a i n - p t t i n u n r e l a t e d f l o w s ( R a h u l V e r m a ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : W a r n P T T u s a g e b y w r o n g h w - f u n c t i o n ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : C o r r e c t M S I - x f o r s t o r a g e ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : f i x m i s s i n g b r e a k i n O O O _ L B _ T C c a s e ( C o l i n I a n K i n g ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : A d d a m i s s i n g e r r o r c o d e ( D a n C a r p e n t e r ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : R o C E d o e s n t n e e d t o u s e S R C ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : C o r r e c t T M I L T l i n e s i n p r e s e n c e o f V F s ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : F i x T M b l o c k I L T a l l o c a t i o n ( M i c h a l K a l d e r o n ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : R e v i s e Q M c o f i g u r a t i o n ( A r i e l E l i o r ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : U s e B D Q r e s o u r c e f o r s t o r a g e p r o t o c o l s ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : U t i l i z e r e s o u r c e - l o c k b a s e d s c h e m e ( T o m e r T a y a r ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : S u p p o r t m a n a g e m e n t - b a s e d r e s o u r c e l o c k i n g ( T o m e r T a y a r ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : S e n d p f - f l r a s p a r t o f i n i t i a l i z a t i o n ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : M o v e t o n e w l o a d r e q u e s t s c h e m e ( T o m e r T a y a r ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : h w _ i n i t ( ) t o r e c e i v e p a r a m e t e r - s t r u c t ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : C o r r e c t H W s t o p f l o w ( T o m e r T a y a r ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : R e s e r v e V F f e a t u r e b e f o r e P F ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : D o n t w a s t e S B s u n u s e d b y R o C E ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : C o r r e c t e n d i a n o r d e r o f M A C p a s s e d t o M F W ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : P a s s s r c / d s t s i z e s w h e n i n t e r a c t i n g w i t h M F W ( T o m e r T a y a r ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : R e v i s e M F W c o m m a n d l o c k i n g ( T o m e r T a y a r ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : A l w a y s p u b l i s h V F l i n k f r o m l e a d i n g h w f n ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : R a i s e v e r b o s i t y o f M a l i c i o u s V F i n d i c a t i o n s ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : M a k e q e d _ i o v _ m a r k _ v f _ f l r ( ) r e t u r n b o o l ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : D e p r e c a t e V F m u l t i p l e q u e u e - s t o p ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : U n i f o r m I O V q u e u e v a l i d a t i o n ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : C o r r e c t d e f a u l t V F c o a l e s c i n g c o n f i g u r a t i o n ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : S e t H W - c h a n n e l t o r e a d y b e f o r e A C K i n g V F ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : C l e a n V F m a l i c i o u s i n d i c a t i o n w h e n d i s a b l i n g I O V ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : I n c r e a s e v e r b o s i t y o f V F - > P F e r r o r s ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d * : A d d s u p p o r t f o r Q L 4 1 x x x a d a p t e r s ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : E n a b l e i S C S I O u t - o f - O r d e r ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : C o r r e c t o u t - o f - b o u n d a c c e s s i n O O O h i s t o r y ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : F i x i n t e r r u p t f l a g s o n R x L L 2 ( R a m A m r a n i ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : F r e e p r e v i o u s c o n n e c t i o n s w h e n r e l e a s i n g i S C S I ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : F i x m a p p i n g l e a k o n L L 2 r x f l o w ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : P r e v e n t c r e a t i o n o f t o o - b i g u 3 2 - c h a i n s ( T o m e r T a y a r ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : A l i g n C I D s a c c o r d i n g t o D O R Q r e q u i r e m e n t ( R a m A m r a n i ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d * : U t i l i z e F i r m w a r e 8 . 1 5 . 3 . 0 ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d i : A d d P C I d e v i c e - I D f o r Q L 4 1 x x x a d a p t e r s . ( M a n i s h R a n g a n k a r ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : F i x c o p y o f u n i n i t i a l i z e d m e m o r y ( r o b e r t . f o s s @ c o l l a b o r a . c o m ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : D o n t u s e a t t e n t i o n P T T f o r c o n f i g u r i n g B W ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : F i x r a c e w i t h m u l t i p l e V F s ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d e : A d d d r i v e r s u p p o r t f o r P T P ( S u d a r s a n a R e d d y K a l l u r u ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d e : R e m o v e u n n e c e s s a r y d a t a p a t h d e r e f e r e n c e ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d e - m a r k S K B a s e n c a p s u l a t e d ( M a n i s h C h o p r a ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d e : P o s t p o n e r e a l l o c a t i o n u n t i l N A P I e n d ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d e : S p l i t f i l t e r i n g l o g i c t o i t s o w n f i l e ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d e : B r e a k d a t a p a t h l o g i c i n t o i t s o w n f i l e ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - S U N R P C : H a n d l e E A D D R N O T A V A I L o n c o n n e c t i o n f a i l u r e s ( T r o n d M y k l e b u s t ) [ O r a b u g : 2 6 2 7 6 0 6 7 ] b r > - b t r f s : i n t r o d u c e d e v i c e d e l e t e b y d e v i d ( A n a n d J a i n ) [ O r a b u g : 2 6 3 6 2 4 5 5 ] b r > - b t r f s : e n h a n c e b t r f s _ f i n d _ d e v i c e _ b y _ u s e r _ i n p u t ( ) t o c h e c k d e v i c e p a t h ( A n a n d J a i n ) [ O r a b u g : 2 6 3 6 2 4 5 5 ] b r > - b t r f s : m a k e u s e o f b t r f s _ f i n d _ d e v i c e _ b y _ u s e r _ i n p u t ( ) ( A n a n d J a i n ) [ O r a b u g : 2 6 3 6 2 4 5 5 ] b r > - b t r f s : c r e a t e h e l p e r b t r f s _ f i n d _ d e v i c e _ b y _ u s e r _ i n p u t ( ) ( A n a n d J a i n ) [ O r a b u g : 2 6 3 6 2 4 5 5 ] b r > - b t r f s : c l e a n u p a n d o p t i m i z e _ _ c h e c k _ r a i d _ m i n _ d e v i c e ( ) ( A n a n d J a i n ) [ O r a b u g : 2 6 3 6 2 4 5 5 ] b r > - b t r f s : c r e a t e h e l p e r f u n c t i o n _ _ c h e c k _ r a i d _ m i n _ d e v i c e s ( ) ( A n a n d J a i n ) [ O r a b u g : 2 6 3 6 2 4 5 5 ] b r > - R e v e r t ' m m : m e m i n i t : o n l y s e t p a g e r e s e r v e d i n t h e m e m b l o c k r e g i o n ' ( D h a v a l G i a n i ) [ O r a b u g : 2 5 8 7 9 2 9 5 ] b r > - R e v e r t ' m m : m e m i n i t : m o v e p a g e i n i t i a l i z a t i o n i n t o a s e p a r a t e f u n c t i o n ' ( D h a v a l G i a n i ) [ O r a b u g : 2 5 8 7 9 2 9 5 ] b r > - n e t / r d s : R e p l a c e p r i n t k i n T X p a t h w i t h s t a t v a r i a b l e ( Y u v a l S h a i a ) [ O r a b u g : 2 6 4 0 2 6 6 2 ] b r > - c h a r : l p : f i x p o s s i b l e i n t e g e r o v e r f l o w i n l p _ s e t u p ( ) ( W i l l y T a r r e a u ) [ O r a b u g : 2 6 4 0 3 9 3 6 ] { C V E - 2 0 1 7 - 1 0 0 0 3 6 3 } b r > - d r m / m g a g 2 0 0 : F i x t o a l w a y s s e t H i P r i f o r G 2 0 0 e 4 V 2 ( M a t h i e u L a r o u c h e ) [ O r a b u g : 2 6 4 0 8 7 3 1 ] b r > - d t r a c e : F B T m o d u l e s u p p o r t a n d S P A R C s r e t u r n p r o b e s ( T o m a s J e d l i c k a ) [ O r a b u g : 2 6 4 1 4 3 9 2 ] [ O r a b u g : 2 6 4 1 4 4 0 2 ] b r > - b n x 2 x : D o n t p o s t s t a t i s t i c s t o m a l i c i o u s V F s ( M i n t z , Y u v a l ) [ O r a b u g : 2 6 3 0 8 2 7 7 ] b r > - b n x 2 x : A l l o w v f s t o d i s a b l e t x v l a n o f f l o a d ( M i n t z , Y u v a l ) [ O r a b u g : 2 6 3 0 8 2 7 7 ] b r > - b n x 2 x : f i x p f 2 v f b u l l e t i n D M A m a p p i n g l e a k ( M i c h a l S c h m i d t ) [ O r a b u g : 2 6 3 0 8 2 7 7 ] b r > - b n x 2 x : F i x M u l t i - C o s ( M i n t z , Y u v a l ) [ O r a b u g : 2 6 3 0 8 2 7 7 ] b r > - b n x 2 x : a d d m i s s i n g c o n f i g u r a t i o n o f V F V L A N f i l t e r s ( M i c h a l S c h m i d t ) [ O r a b u g : 2 6 3 0 8 2 7 7 ] b r > - b n x 2 x : f i x i n c o r r e c t f i l t e r c o u n t i n a n e r r o r m e s s a g e ( M i c h a l S c h m i d t ) [ O r a b u g : 2 6 3 0 8 2 7 7 ] b r > - b n x 2 x : d o n o t r o l l b a c k V F M A C / V L A N f i l t e r s w e d i d n o t c o n f i g u r e ( M i c h a l S c h m i d t ) [ O r a b u g : 2 6 3 0 8 2 7 7 ] b r > - b n x 2 x : f i x d e t e c t i o n o f V L A N f i l t e r i n g f e a t u r e f o r V F ( M i c h a l S c h m i d t ) [ O r a b u g : 2 6 3 0 8 2 7 7 ] b r > - b n x 2 x : f i x p o s s i b l e o v e r r u n o f V F P F m u l t i c a s t a d d r e s s e s a r r a y ( M i c h a l S c h m i d t ) [ O r a b u g : 2 6 3 0 8 2 7 7 ] b r > - b n x 2 x : l o w e r v e r b o s i t y o f V F s t a t s d e b u g m e s s a g e s ( M i c h a l S c h m i d t ) [ O r a b u g : 2 6 3 0 8 2 7 7 ] b r > - b n x 2 x : p r e v e n t c r a s h w h e n a c c e s s i n g P T P w i t h i n t e r f a c e d o w n ( M i c h a l S c h m i d t ) [ O r a b u g : 2 6 3 0 8 2 7 7 ] b r > - N F S v 4 : F i x c a l l b a c k s e r v e r s h u t d o w n ( T r o n d M y k l e b u s t ) [ O r a b u g : 2 6 4 0 3 9 7 6 ] { C V E - 2 0 1 7 - 9 0 5 9 } b r > - S U N R P C : R e f a c t o r s v c _ s e t _ n u m _ t h r e a d s ( ) ( T r o n d M y k l e b u s t ) [ O r a b u g : 2 6 4 0 3 9 7 6 ] { C V E - 2 0 1 7 - 9 0 5 9 } b r > - i p v 6 / d c c p : d o n o t i n h e r i t i p v 6 _ m c _ l i s t f r o m p a r e n t ( W A N G C o n g ) [ O r a b u g : 2 6 4 0 3 9 9 8 ] { C V E - 2 0 1 7 - 9 0 7 7 } b r > - l p f c u p d a t e f o r u e k 4 1 1 . 4 . 0 . 2 ( r k e n n e d y ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - l p f c : D r i v e r r e s p o n d s L S _ R J T t o B e a c o n O f f ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - l p f c : F i x c r a s h a f t e r f i r m w a r e f l a s h w h e n ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - l p f c : V p o r t c r e a t i o n i s f a i l i n g w i t h L i n k ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - l p f c : N u l l p o i n t e r d e r e f e r e n c e w h e n ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - l p f c : F i x r e t u r n v a l u e o f b o a r d _ m o d e s t o r e ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - s c s i : l p f c : F i x P o r t g o i n g o f f l i n e a f t e r ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - s c s i : l p f c : f i x s p e l l i n g m i s t a k e ' e n t r y s ' ( C o l i n I a n K i n g ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - s c s i : l p f c : A d d M D S D i a g n o s t i c s u p p o r t . ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - s c s i : l p f c : F i x u s e d - R P I a c c o u n t i n g p r o b l e m . ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - s c s i : l p f c : F i x p a n i c o n B F S c o n f i g u r a t i o n ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - l p f c : F i x E x p r e s s l a n e q u e u e c r e a t i o n . ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - l p f c : F i x d r i v e r u s a g e o f 1 2 8 B W Q E s w h e n W Q _ C R E A T E i s ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - l p f c : A d d F a b r i c a s s i g n e d W W N s u p p o r t . ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - l p f c : F i x c r a s h a f t e r i s s u i n g l i p r e s e t ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - l p f c : R e m o v e N U L L p t r c h e c k b e f o r e k f r e e . ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - l p f c : F i x s p e l l i n g i n c o m m e n t s . ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - s c s i : l p f c : F i x P T 2 P T P R L I r e j e c t ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - s c s i : l p f c : c o r r e c t r d p d i a g p o r t n a m e s ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - s c s i : l p f c : F i x e h _ d e a d l i n e s e t t i n g f o r s l i 3 a d a p t e r s . ( r k e n n e d y ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - s c s i : l p f c : F i x c r a s h d u r i n g H a r d w a r e e r r o r r e c o v e r y o n S L I 3 a d a p t e r s ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - s c s i : l p f c : f i x m i s s i n g s p i n _ u n l o c k o n s q l _ l i s t _ l o c k ( C o l i n I a n K i n g ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - S i g n a t u r e v e r i f i c a t i o n s u p p o r t i n k e x e c _ f i l e _ l o a d ( A l e x e y P e t r e n k o ) [ O r a b u g : 2 6 4 0 2 2 8 1 ] b r > - b l k - m q : d o n t r e d i s t r i b u t e h a r d w a r e q u e u e s o n a C P U h o t p l u g e v e n t ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 6 0 3 9 5 3 9 ] b r > - R D S : P r i n t f a i l e d r d m a o p d e t a i l s i f f a i l u r e i s r e m o t e a c c e s s ( R a m a N i c h a n a m a t l u ) [ O r a b u g : 2 6 3 5 1 4 2 1 ] b r > - x e n - b l k f r o n t : f i x m q s t a r t / s t o p r a c e ( J u n x i a o B i ) [ O r a b u g : 2 6 3 5 1 6 4 9 ] b r > - b e 2 n e t : U p d a t e t h e d r i v e r v e r s i o n t o 1 1 . 4 . 0 . 0 ( S u r e s h R e d d y ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - b e 2 n e t : F i x U E d e t e c t i o n l o g i c f o r B E 3 ( S u r e s h R e d d y ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - b e 2 n e t : F i x o f f l o a d f e a t u r e s f o r Q - i n - Q p a c k e t s ( V l a d Y a s e v i c h ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - b e n e t : U s e t i m e _ b e f o r e _ e q f o r t i m e c o m p a r i s o n ( K a r i m E s h a p a ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - b e 2 n e t : F i x e n d i a n i s s u e i n l o g i c a l l i n k c o n f i g c o m m a n d ( S u r e s h R e d d y ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - b e 2 n e t : f i x i n i t i a l M A C s e t t i n g ( I v a n V e c e r a ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - d r i v e r s : n e t : g e n e r a l i z e n a p i _ c o m p l e t e _ d o n e ( ) ( E r i c D u m a z e t ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - b e 2 n e t : f i x M A C a d d r s e t t i n g o n p r i v i l e g e d B E 3 V F s ( I v a n V e c e r a ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - b e 2 n e t : f i x u n i c a s t l i s t f i l l i n g ( I v a n V e c e r a ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - b e 2 n e t : f i x a c c e s s e s t o u n i c a s t l i s t ( I v a n V e c e r a ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - b e 2 n e t : f i x n o n s t a t i c s y m b o l w a r n i n g s ( W e i Y o n g j u n ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - b e 2 n e t : A v o i d r e d u n d a n t a d d i t i o n o f m a c a d d r e s s i n H W ( S u r e s h R e d d y ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - b e 2 n e t : S u p p o r t U E r e c o v e r y i n B E x / S k y h a w k a d a p t e r s ( S r i h a r s h a B a s a v a p a t n a ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - b e 2 n e t : r e p l a c e p o l l i n g w i t h s l e e p i n g i n t h e F W c o m p l e t i o n p a t h ( S a t h y a P e r l a ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - b e 2 n e t : s u p p o r t a s y m m e t r i c r x / t x q u e u e c o u n t s ( S a t h y a P e r l a ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - n e t : p r o p e r l y r e l e a s e s k _ f r a g . p a g e ( E r i c D u m a z e t ) [ O r a b u g : 2 6 4 0 9 5 3 3 ] b r > - n e t / r d s : A d d m u t e x e x c l u s i o n f o r v e c t o r _ l o a d ( H a k o n B u g g e ) [ O r a b u g : 2 6 4 1 5 1 0 7 ] b r > - d t r a c e : A d d s u p p o r t f o r m a n u a l t r i g g e r e d c y c l i c s ( T o m a s J e d l i c k a ) [ O r a b u g : 2 6 3 8 4 8 0 3 ] b r > - d t r a c e : L O W l e v e l c y c l i c s s h o u l d u s e w o r k q u e u e s ( T o m a s J e d l i c k a ) [ O r a b u g : 2 6 3 8 4 7 7 9 ] b r > - s p a r c 6 4 : a d d D A X 2 s u p p o r t t o d a x d r i v e r ( A l l e n P a i s ) [ O r a b u g : 2 6 3 1 7 6 0 6 ] b r > - u e k - r p m : c h a n g e m e m o r y a l l o c a t o r f r o m s l a b t o s l u b ( A l l e n P a i s ) b r > - a r c h / s p a r c : A v o i d D C T I C o u p l e s ( A l l e n P a i s ) [ O r a b u g : 2 6 4 1 3 5 2 2 ] b r > - d r i v e r s / u s b : S k i p a u t o h a n d o f f f o r T I a n d R E N E S A S u s b c o n t r o l l e r s ( B a b u M o g e r ) [ O r a b u g : 2 6 3 8 9 7 5 6 ] b r > - s p a r c - c o n f i g : E n a b l e t i m e s t a m p i n d m e s g o u t p u t . ( A t i s h P a t r a ) [ O r a b u g : 2 6 3 8 9 7 0 9 ] b r > - s p a r c 6 4 : r t r a p m u s t s e t P S T A T E . m c d e b e f o r e h a n d l i n g o u t s t a n d i n g u s e r w o r k ( A n t h o n y Y z n a g a ) [ O r a b u g : 2 6 3 8 8 5 9 1 ] b r > - i 4 0 e : C o r r e c t t h e m a c r o s f o r s e t t i n g t h e D M A a t t r i b u t e s ( J a c k V o g e l ) [ O r a b u g : 2 6 3 8 6 3 2 3 ] b r > - s p a r c 6 4 : E x c l u d e p e r f u s e r c a l l c h a i n d u r i n g c r i t i c a l s e c t i o n s ( D a v e A l d r i d g e ) [ O r a b u g : 2 6 3 8 6 2 1 3 ] b r > - s u n v n e t : r e s t r i c t a d v e r t i z e d c h e c k s u m o f f l o a d s t o j u s t I P ( S h a n n o n N e l s o n ) [ O r a b u g : 2 6 3 3 8 7 0 9 ] b r > - s p a r c 6 4 : a d d c c b k i l l a n d i n f o t o D A X d r i v e r ( J o n a t h a n H e l m a n ) [ O r a b u g : 2 6 3 1 7 6 0 2 ] b r > - i 4 0 e : f i x a n n o y i n g m e s s a g e ( J e s s e B r a n d e b u r g ) [ O r a b u g : 2 6 4 2 0 2 9 0 ] b r > - w a t c h d o g : M o v e h a r d l o c k u p d e t e c t o r t o s e p a r a t e f i l e ( A l l e n P a i s ) [ O r a b u g : 2 6 4 2 0 3 1 0 ] b r > - w a t c h d o g : M o v e s h a r e d d e f i n i t i o n s t o n m i . h ( A l l e n P a i s ) [ O r a b u g : 2 6 4 2 0 3 1 0 ] b r > - s p a r c 6 4 : S u p p r e s s k m a l l o c ( D A X d r i v e r ) w a r n i n g d u e t o a l l o c a t i o n f a i l u r e ( S a n a t h K u m a r ) [ O r a b u g : 2 6 3 3 8 8 3 0 ] b r > - i 4 0 e v f : U s e l e 3 2 _ t o _ c p u b e f o r e e v a l u a t i n g H W d e s c f i e l d s . ( T u s h a r D a v e ) [ O r a b u g : 2 6 4 2 0 3 4 5 ] b r > - s p a r c 6 4 : r e v e r t p a u s e i n s t r u c t i o n p a t c h f o r a t o m i c b a c k o f f a n d c p u _ r e l a x ( ) ( B a b u M o g e r ) [ O r a b u g : 2 6 3 0 9 0 7 0 ] b r > - S P A R C 6 4 : C o r r e c t A T U I O T S B b i n d i n g f l o w ( T u s h a r D a v e ) [ O r a b u g : 2 6 4 1 9 9 5 7 ] b r > - S P A R C 6 4 : I n t r o d u c e I O M M U B Y P A S S m e t h o d ( T u s h a r D a v e ) [ O r a b u g : 2 6 4 2 0 2 0 9 ] b r > - i 4 0 e : R e v e r t i 4 0 e t e m p o r a r y w o r k a r o u n d ( T u s h a r D a v e ) [ O r a b u g : 2 1 1 4 9 3 1 6 ] b r > - s p a r c 6 4 : E n a b l e 6 4 - b i t D M A ( T u s h a r D a v e ) [ O r a b u g : 2 1 1 4 9 3 1 6 ] b r > - s p a r c 6 4 : E n a b l e s u n 4 v d m a o p s t o u s e I O M M U v 2 A P I s ( A l l e n P a i s ) [ O r a b u g : 2 1 1 4 9 3 1 6 ] b r > - s p a r c 6 4 : B i n d P C I e d e v i c e s t o u s e I O M M U v 2 s e r v i c e ( A l l e n P a i s ) [ O r a b u g : 2 1 1 4 9 3 1 6 ] b r > - s p a r c 6 4 : I n i t i a l i z e i o m m u _ m a p _ t a b l e a n d i o m m u _ p o o l ( T u s h a r D a v e ) [ O r a b u g : 2 1 1 4 9 3 1 6 ] b r > - s p a r c 6 4 : A d d A T U ( n e w I O M M U ) s u p p o r t ( A l l e n P a i s ) [ O r a b u g : 2 1 1 4 9 3 1 6 ] b r > - s p a r c 6 4 : M a k e F O R C E _ M A X _ Z O N E O R D E R t o 1 3 f o r A T U ( A l l e n P a i s ) [ O r a b u g : 2 1 1 4 9 3 1 6 ] b r > - R e v e r t ' s p a r c 6 4 : b y p a s s i o m m u t o u s e 6 4 b i t a d d r e s s s p a c e ' ( A l l e n P a i s ) [ O r a b u g : 2 1 1 4 9 3 1 6 ] b r > - [ P A T C H ] R D S : W h e n R D S s o c k e t i s c l o s e d , p r i n t u n r e l e a s e d M R s ( R a m a N i c h a n a m a t l u ) [ O r a b u g : 2 6 2 6 1 9 9 3 ] b r > - I B / I P o I B : i b X : f a i l e d t o c r e a t e m c g d e b u g f i l e ( S h a m i r R a b i n o v i t c h ) [ O r a b u g : 2 4 7 1 1 8 7 3 ] [ O r a b u g : 2 5 1 7 5 5 3 3 ] b r > - s c s i : q e d i : F i x m e m o r y l e a k i n t m f r e s p o n s e p r o c e s s i n g . ( D u p u i s , C h a d ) [ O r a b u g : 2 5 6 6 7 1 7 4 ] b r > - s c s i : q e d i : f i x b u i l d e r r o r w i t h o u t D E B U G _ F S ( A r n d B e r g m a n n ) [ O r a b u g : 2 5 6 6 7 1 7 4 ] b r > - s c s i : q e d i : f i x m i s s i n g r e t u r n e r r o r c o d e c h e c k o n c a l l t o q e d i _ s e t u p _ i n t ( C o l i n I a n K i n g ) [ O r a b u g : 2 5 6 6 7 1 7 4 ] b r > - s c s i : q e d i : F i x p o s s i b l e m e m o r y l e a k i n q e d i _ i s c s i _ u p d a t e _ c o n n ( ) ( W e i Y o n g j u n ) [ O r a b u g : 2 5 6 6 7 1 7 4 ] b r > - s c s i : q e d i : r e t u r n v i a v a _ e n d t o m a t c h c o r r e s p o n d i n g v a _ s t a r t ( C o l i n I a n K i n g ) [ O r a b u g : 2 5 6 6 7 1 7 4 ] b r > - s c s i : q e d i : f i x b u i l d , d e p e n d s o n U I O ( R a n d y D u n l a p ) [ O r a b u g : 2 5 6 6 7 1 7 4 ] b r > - s c s i : q e d i : A d d Q L o g i c F a s t L i n Q o f f l o a d i S C S I d r i v e r f r a m e w o r k . ( M a n i s h R a n g a n k a r ) [ O r a b u g : 2 5 6 6 7 1 7 4 ] b r > - d c c p / t c p : d o n o t i n h e r i t m c _ l i s t f r o m p a r e n t ( E r i c D u m a z e t ) [ O r a b u g : 2 6 1 0 7 4 7 2 ] { C V E - 2 0 1 7 - 8 8 9 0 } b r > - I n i t i a l i z e f i b l i n k l i s t h e a d d u r i n g f i b i n i t i a l i z a t i o n ( D a v e C a r r o l l ) [ O r a b u g : 2 6 2 9 1 2 7 2 ] b r > - a a c r a i d : U p d a t e s c s i _ h o s t _ t e m p l a t e t o u s e t a g g e d c o m m a n d s ( D a v e C a r r o l l ) [ O r a b u g : 2 6 2 9 1 2 7 2 ] b r > - I B / m l x 4 : S u p p r e s s w a r n i n g f o r n o t h a n d l e d p o r t m g m t e v e n t s u b t y p e ( M u k e s h K a c k e r ) [ O r a b u g : 2 6 4 0 9 7 2 2 ] b r > - b n x t _ e n : F i x n e t p o l l h a n d l i n g . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : A d d m i s s i n g l o g i c t o h a n d l e T P A e n d e r r o r c o n d i t i o n s . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : F i x x m i t _ m o r e w i t h B Q L . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : P a s s i n s h p a r a m e t e r t o b n x t _ s e t _ d f l t _ r i n g s ( ) . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : I m p l e m e n t x m i t _ m o r e . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : O p t i m i z e d o o r b e l l w r i t e o p e r a t i o n s f o r n e w e r c h i p s . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : A d d a d d i t i o n a l c h i p I D d e f i n i t i o n s . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : A d d a c a l l b a c k t o i n f o r m R D M A d r i v e r d u r i n g P C I s h u t d o w n . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : A d d P C I I D s f o r B C M 5 7 4 5 4 V F d e v i c e s . ( D e e p a k K h u n g a r ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : S u p p o r t f o r S h o r t F i r m w a r e M e s s a g e ( D e e p a k K h u n g a r ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : C h e c k s t a t u s o f f i r m w a r e D C B X a g e n t b e f o r e s e t t i n g D C B _ C A P _ D C B X _ H O S T . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : C a l l b n x t _ d c b _ i n i t ( ) a f t e r g e t t i n g f i r m w a r e D C B X c o n f i g u r a t i o n . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t : a d d d m a m a p p i n g a t t r i b u t e s ( S h a n n o n N e l s o n ) [ O r a b u g : 2 6 3 6 6 3 8 7 ] b r > - b n x t _ e n : a l l o c a t e e n o u g h s p a c e f o r - > n t p _ f l t r _ b m a p ( D a n C a r p e n t e r ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : R e s t
