{"id": "FEDORA_2015-4457.NASL", "bulletinFamily": "scanner", "title": "Fedora 21 : kernel-3.19.2-201.fc21 (2015-4457)", "description": "The 3.19.2 stable update contains a number of important fixes across\nthe tree.1205244\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "published": "2015-03-30T00:00:00", "modified": "2015-03-30T00:00:00", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "href": "https://www.tenable.com/plugins/nessus/82311", "reporter": "This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.", "references": ["http://www.nessus.org/u?2e5eac86", "https://bugzilla.redhat.com/show_bug.cgi?id=1204722"], "cvelist": ["CVE-2015-2666"], "type": "nessus", "lastseen": "2021-01-12T10:13:34", "edition": 17, "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2015-2666"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310123040", "OPENVAS:1361412562310842191", "OPENVAS:1361412562310869136", "OPENVAS:1361412562310842185", "OPENVAS:1361412562310842184", "OPENVAS:1361412562310882238", "OPENVAS:1361412562310871423", "OPENVAS:1361412562310869284", "OPENVAS:1361412562310850926", "OPENVAS:1361412562310842188"]}, {"type": "ubuntu", "idList": ["USN-2588-1", "USN-2589-1", "USN-2587-1", "USN-2590-1"]}, {"type": "nessus", "idList": ["FEDORA_2015-5024.NASL", "ORACLELINUX_ELSA-2015-1534.NASL", "REDHAT-RHSA-2015-1534.NASL", "UBUNTU_USN-2588-1.NASL", "UBUNTU_USN-2587-1.NASL", "CENTOS_RHSA-2015-1534.NASL", "UBUNTU_USN-2590-1.NASL", "REDHAT-RHSA-2015-1565.NASL", "SL_20150805_KERNEL_ON_SL7_X.NASL", "UBUNTU_USN-2589-1.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14436", "SECURITYVULNS:DOC:31984"]}, {"type": "redhat", "idList": ["RHSA-2015:1565", "RHSA-2015:1534"]}, {"type": "centos", "idList": ["CESA-2015:1534"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-1534"]}, {"type": "suse", "idList": ["SUSE-SU-2015:1071-1", "OPENSUSE-SU-2016:0301-1"]}, {"type": "fedora", "idList": ["FEDORA:33D8860877E1", "FEDORA:B9C4760130DC", "FEDORA:C26F460906BA", "FEDORA:60B8C60918D5", "FEDORA:0777460874C8", "FEDORA:CE3236087E07", "FEDORA:92F5160877B4", "FEDORA:51EB2601616F", "FEDORA:4375D611D164", "FEDORA:D0CC960762B3"]}], "modified": "2021-01-12T10:13:34", "rev": 2}, "score": {"value": 5.2, "vector": "NONE", "modified": "2021-01-12T10:13:34", "rev": 2}, "vulnersScore": 5.2}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-4457.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82311);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-2666\");\n script_xref(name:\"FEDORA\", value:\"2015-4457\");\n\n script_name(english:\"Fedora 21 : kernel-3.19.2-201.fc21 (2015-4457)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 3.19.2 stable update contains a number of important fixes across\nthe tree.1205244\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1204722\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-March/153329.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2e5eac86\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"kernel-3.19.2-201.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "naslFamily": "Fedora Local Security Checks", "pluginID": "82311", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:21"], "scheme": null}

{"cve": [{"lastseen": "2021-02-02T06:21:23", "description": "Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to the initrd.", "edition": 6, "cvss3": {}, "published": "2015-05-27T10:59:00", "title": "CVE-2015-2666", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2666"], "modified": "2016-12-31T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.19.8"], "id": "CVE-2015-2666", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2666", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.19.8:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2019-05-29T18:36:58", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2922", "CVE-2015-2666"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2015-05-01T00:00:00", "id": "OPENVAS:1361412562310842191", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842191", "type": "openvas", "title": "Ubuntu Update for linux-lts-trusty USN-2587-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-lts-trusty USN-2587-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842191\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-05-01 05:50:29 +0200 (Fri, 01 May 2015)\");\n script_cve_id(\"CVE-2015-2666\", \"CVE-2015-2922\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-lts-trusty USN-2587-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-trusty'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"A stack overflow was discovered in the the\nmicrocode loader for the intel x86 platform. A local attacker could exploit this\nflaw to cause a denial of service (kernel crash) or to potentially execute code\nwith kernel privileges. (CVE-2015-2666)\n\nIt was discovered that the Linux kernel's IPv6 networking stack has a flaw\nthat allows using route advertisement (RA) messages to set the 'hop_limit'\nto values that are too low. An unprivileged attacker on a local network\ncould exploit this flaw to cause a denial of service (IPv6 messages\ndropped). (CVE-2015-2922)\");\n script_tag(name:\"affected\", value:\"linux-lts-trusty on Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2587-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2587-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-51-generic\", ver:\"3.13.0-51.84~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-51-generic-lpae\", ver:\"3.13.0-51.84~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2922", "CVE-2015-2666"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2015-05-01T00:00:00", "id": "OPENVAS:1361412562310842188", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842188", "type": "openvas", "title": "Ubuntu Update for linux USN-2588-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux USN-2588-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842188\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-05-01 05:50:25 +0200 (Fri, 01 May 2015)\");\n script_cve_id(\"CVE-2015-2666\", \"CVE-2015-2922\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux USN-2588-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"A stack overflow was discovered in the the\nmicrocode loader for the intel x86 platform. A local attacker could exploit this\nflaw to cause a denial of service (kernel crash) or to potentially execute code\nwith kernel privileges. (CVE-2015-2666)\n\nIt was discovered that the Linux kernel's IPv6 networking stack has a flaw\nthat allows using route advertisement (RA) messages to set the 'hop_limit'\nto values that are too low. An unprivileged attacker on a local network\ncould exploit this flaw to cause a denial of service (IPv6 messages\ndropped). (CVE-2015-2922)\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2588-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2588-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-51-generic\", ver:\"3.13.0-51.84\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-51-generic-lpae\", ver:\"3.13.0-51.84\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-51-lowlatency\", ver:\"3.13.0-51.84\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-51-powerpc-e500\", ver:\"3.13.0-51.84\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-51-powerpc-e500mc\", ver:\"3.13.0-51.84\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-51-powerpc-smp\", ver:\"3.13.0-51.84\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-51-powerpc64-emb\", ver:\"3.13.0-51.84\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-51-powerpc64-smp\", ver:\"3.13.0-51.84\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:35", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2830", "CVE-2015-2922", "CVE-2015-2150", "CVE-2015-2666"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2015-05-01T00:00:00", "id": "OPENVAS:1361412562310842185", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842185", "type": "openvas", "title": "Ubuntu Update for linux USN-2590-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux USN-2590-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842185\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-05-01 05:50:13 +0200 (Fri, 01 May 2015)\");\n script_cve_id(\"CVE-2015-2150\", \"CVE-2015-2666\", \"CVE-2015-2830\", \"CVE-2015-2922\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux USN-2590-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Jan Beulich discovered the Xen virtual\nmachine subsystem of the Linux kernel did not properly restrict access to PCI\ncommand registers. A local guest user could exploit this flaw to cause a denial\nof service (host crash). (CVE-2015-2150)\n\nA stack overflow was discovered in the the microcode loader for the intel\nx86 platform. A local attacker could exploit this flaw to cause a denial of\nservice (kernel crash) or to potentially execute code with kernel\nprivileges. (CVE-2015-2666)\n\nA privilege escalation was discovered in the fork syscal vi the int80 entry\non 64 bit kernels with 32 bit emulation support. An unprivileged local\nattacker could exploit this flaw to increase their privileges on the\nsystem. (CVE-2015-2830)\n\nIt was discovered that the Linux kernel's IPv6 networking stack has a flaw\nthat allows using route advertisement (RA) messages to set the 'hop_limit'\nto values that are too low. An unprivileged attacker on a local network\ncould exploit this flaw to cause a denial of service (IPv6 messages\ndropped). (CVE-2015-2922)\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 14.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2590-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2590-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.10\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-36-generic\", ver:\"3.16.0-36.48\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-36-generic-lpae\", ver:\"3.16.0-36.48\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-36-lowlatency\", ver:\"3.16.0-36.48\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-36-powerpc-e500mc\", ver:\"3.16.0-36.48\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-36-powerpc-smp\", ver:\"3.16.0-36.48\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-36-powerpc64-emb\", ver:\"3.16.0-36.48\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-36-powerpc64-smp\", ver:\"3.16.0-36.48\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2830", "CVE-2015-2922", "CVE-2015-2150", "CVE-2015-2666"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2015-05-01T00:00:00", "id": "OPENVAS:1361412562310842184", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842184", "type": "openvas", "title": "Ubuntu Update for linux-lts-utopic USN-2589-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-lts-utopic USN-2589-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842184\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-05-01 05:50:08 +0200 (Fri, 01 May 2015)\");\n script_cve_id(\"CVE-2015-2150\", \"CVE-2015-2666\", \"CVE-2015-2830\", \"CVE-2015-2922\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-lts-utopic USN-2589-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-utopic'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Jan Beulich discovered the Xen virtual\nmachine subsystem of the Linux kernel did not properly restrict access to PCI\ncommand registers. A local guest user could exploit this flaw to cause a denial\nof service (host crash). (CVE-2015-2150)\n\nA stack overflow was discovered in the the microcode loader for the intel\nx86 platform. A local attacker could exploit this flaw to cause a denial of\nservice (kernel crash) or to potentially execute code with kernel\nprivileges. (CVE-2015-2666)\n\nA privilege escalation was discovered in the fork syscal vi the int80 entry\non 64 bit kernels with 32 bit emulation support. An unprivileged local\nattacker could exploit this flaw to increase their privileges on the\nsystem. (CVE-2015-2830)\n\nIt was discovered that the Linux kernel's IPv6 networking stack has a flaw\nthat allows using route advertisement (RA) messages to set the 'hop_limit'\nto values that are too low. An unprivileged attacker on a local network\ncould exploit this flaw to cause a denial of service (IPv6 messages\ndropped). (CVE-2015-2922)\");\n script_tag(name:\"affected\", value:\"linux-lts-utopic on Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2589-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2589-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-36-generic\", ver:\"3.16.0-36.48~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-36-generic-lpae\", ver:\"3.16.0-36.48~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-36-lowlatency\", ver:\"3.16.0-36.48~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-36-powerpc-e500mc\", ver:\"3.16.0-36.48~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-36-powerpc-smp\", ver:\"3.16.0-36.48~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-36-powerpc64-emb\", ver:\"3.16.0-36.48~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-36-powerpc64-smp\", ver:\"3.16.0-36.48~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-9715", "CVE-2015-2922", "CVE-2015-3636", "CVE-2015-2666"], "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2015-08-06T00:00:00", "id": "OPENVAS:1361412562310871423", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871423", "type": "openvas", "title": "RedHat Update for kernel RHSA-2015:1534-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2015:1534-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871423\");\n script_version(\"$Revision: 12380 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:03:48 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-08-06 07:00:18 +0200 (Thu, 06 Aug 2015)\");\n script_cve_id(\"CVE-2014-9715\", \"CVE-2015-2666\", \"CVE-2015-2922\", \"CVE-2015-3636\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for kernel RHSA-2015:1534-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n * An integer overflow flaw was found in the way the Linux kernel's\nnetfilter connection tracking implementation loaded extensions. An attacker\non a local network could potentially send a sequence of specially crafted\npackets that would initiate the loading of a large number of extensions,\ncausing the targeted system in that network to crash. (CVE-2014-9715,\nModerate)\n\n * A stack-based buffer overflow flaw was found in the Linux kernel's early\nload microcode functionality. On a system with UEFI Secure Boot enabled, a\nlocal, privileged user could use this flaw to increase their privileges to\nthe kernel (ring0) level, bypassing intended restrictions in place.\n(CVE-2015-2666, Moderate)\n\n * It was found that the Linux kernel's ping socket implementation did not\nproperly handle socket unhashing during spurious disconnects, which could\nlead to a use-after-free flaw. On x86-64 architecture systems, a local user\nable to create ping sockets could use this flaw to crash the system.\nOn non-x86-64 architecture systems, a local user able to create ping\nsockets could use this flaw to escalate their privileges on the system.\n(CVE-2015-3636, Moderate)\n\n * It was found that the Linux kernel's TCP/IP protocol suite implementation\nfor IPv6 allowed the Hop Limit value to be set to a smaller value than the\ndefault one. An attacker on a local network could use this flaw to prevent\nsystems on that network from sending or receiving network packets.\n(CVE-2015-2922, Low)\n\nRed Hat would like to thank Nathan Hoad for reporting the CVE-2014-9715\nissue.\n\nThis update also fixes several bugs. Refer to the linked Knowledgebase\narticle for further information.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\");\n script_tag(name:\"affected\", value:\"kernel on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:1534-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-August/msg00007.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n script_xref(name:\"URL\", value:\"https://access.redhat.com/articles/1474193\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~3.10.0~229.11.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~3.10.0~229.11.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~229.11.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~229.11.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~3.10.0~229.11.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~229.11.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~3.10.0~229.11.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~3.10.0~229.11.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~229.11.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~229.11.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~229.11.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-debuginfo\", rpm:\"kernel-tools-debuginfo~3.10.0~229.11.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~229.11.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~229.11.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~3.10.0~229.11.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~3.10.0~229.11.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:51", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-9715", "CVE-2015-2922", "CVE-2015-3636", "CVE-2015-2666"], "description": "Check the version of kernel", "modified": "2019-03-11T00:00:00", "published": "2015-08-06T00:00:00", "id": "OPENVAS:1361412562310882238", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882238", "type": "openvas", "title": "CentOS Update for kernel CESA-2015:1534 centos7", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2015:1534 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882238\");\n script_version(\"$Revision: 14095 $\");\n script_cve_id(\"CVE-2014-9715\", \"CVE-2015-2666\", \"CVE-2015-2922\", \"CVE-2015-3636\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-11 14:54:56 +0100 (Mon, 11 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-08-06 07:01:30 +0200 (Thu, 06 Aug 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for kernel CESA-2015:1534 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of kernel\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n * An integer overflow flaw was found in the way the Linux kernel's\nnetfilter connection tracking implementation loaded extensions. An attacker\non a local network could potentially send a sequence of specially crafted\npackets that would initiate the loading of a large number of extensions,\ncausing the targeted system in that network to crash. (CVE-2014-9715,\nModerate)\n\n * A stack-based buffer overflow flaw was found in the Linux kernel's early\nload microcode functionality. On a system with UEFI Secure Boot enabled, a\nlocal, privileged user could use this flaw to increase their privileges to\nthe kernel (ring0) level, bypassing intended restrictions in place.\n(CVE-2015-2666, Moderate)\n\n * It was found that the Linux kernel's ping socket implementation did not\nproperly handle socket unhashing during spurious disconnects, which could\nlead to a use-after-free flaw. On x86-64 architecture systems, a local user\nable to create ping sockets could use this flaw to crash the system.\nOn non-x86-64 architecture systems, a local user able to create ping\nsockets could use this flaw to escalate their privileges on the system.\n(CVE-2015-3636, Moderate)\n\n * It was found that the Linux kernel's TCP/IP protocol suite implementation\nfor IPv6 allowed the Hop Limit value to be set to a smaller value than the\ndefault one. An attacker on a local network could use this flaw to prevent\nsystems on that network from sending or receiving network packets.\n(CVE-2015-2922, Low)\n\nRed Hat would like to thank Nathan Hoad for reporting the CVE-2014-9715\nissue.\n\nThis update also fixes several bugs. Refer to the linked Knowledgebase\narticle for further information.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\");\n script_tag(name:\"affected\", value:\"kernel on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1534\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-August/021297.html\");\n script_xref(name:\"URL\", value:\"https://access.redhat.com/articles/1474193\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~229.11.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~3.10.0~229.11.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~229.11.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~229.11.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~229.11.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~3.10.0~229.11.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~229.11.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~229.11.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~229.11.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~229.11.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~229.11.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~229.11.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-9715", "CVE-2015-2922", "CVE-2015-3636", "CVE-2015-2666"], "description": "Oracle Linux Local Security Checks ELSA-2015-1534", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123040", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123040", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-1534", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-1534.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123040\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 13:58:35 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-1534\");\n script_tag(name:\"insight\", value:\"ELSA-2015-1534 - kernel security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-1534\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-1534.html\");\n script_cve_id(\"CVE-2015-2922\", \"CVE-2015-3636\", \"CVE-2014-9715\", \"CVE-2015-2666\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~229.11.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~3.10.0~229.11.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~229.11.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~229.11.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~229.11.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~3.10.0~229.11.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~229.11.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~229.11.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~229.11.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~229.11.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~229.11.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~229.11.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:37:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2830", "CVE-2015-3332", "CVE-2015-2922", "CVE-2015-3339", "CVE-2014-3647", "CVE-2015-3331", "CVE-2015-1465", "CVE-2014-8159", "CVE-2015-3636", "CVE-2014-8086", "CVE-2015-2041", "CVE-2015-2042", "CVE-2015-2666"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2015-10-16T00:00:00", "id": "OPENVAS:1361412562310850926", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850926", "type": "openvas", "title": "SUSE: Security Advisory for kernel (SUSE-SU-2015:1071-1)", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850926\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-16 14:32:44 +0200 (Fri, 16 Oct 2015)\");\n script_cve_id(\"CVE-2014-3647\", \"CVE-2014-8086\", \"CVE-2014-8159\", \"CVE-2015-1465\",\n \"CVE-2015-2041\", \"CVE-2015-2042\", \"CVE-2015-2666\", \"CVE-2015-2830\",\n \"CVE-2015-2922\", \"CVE-2015-3331\", \"CVE-2015-3332\", \"CVE-2015-3339\",\n \"CVE-2015-3636\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for kernel (SUSE-SU-2015:1071-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The SUSE Linux Enterprise 12 kernel was updated to version 3.12.43 to\n receive various security and bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2014-3647: arch/x86/kvm/emulate.c in the KVM subsystem in the Linux\n kernel through 3.17.2 did not properly perform RIP changes, which\n allowed guest OS users to cause a denial of service (guest OS crash) via\n a crafted application (bsc#899192).\n\n - CVE-2014-8086: Race condition in the ext4_file_write_iter function in\n fs/ext4/file.c in the Linux kernel through 3.17 allowed local users to\n cause a denial of service (file unavailability) via a combination of a\n write action and an F_SETFL fcntl operation for the O_DIRECT flag\n (bsc#900881).\n\n - CVE-2014-8159: The InfiniBand (IB) implementation did not properly\n restrict use of User Verbs for registration of memory regions, which\n allowed local users to access arbitrary physical memory locations, and\n consequently cause a denial of service (system crash) or gain\n privileges, by leveraging permissions on a uverbs device under\n /dev/infiniband/ (bsc#914742).\n\n - CVE-2015-1465: The IPv4 implementation in the Linux kernel before 3.18.8\n did not properly consider the length of the Read-Copy Update (RCU) grace\n period for redirecting lookups in the absence of caching, which allowed\n remote attackers to cause a denial of service (memory consumption or\n system crash) via a flood of packets (bsc#916225).\n\n - CVE-2015-2041: net/llc/sysctl_net_llc.c in the Linux kernel before 3.19\n used an incorrect data type in a sysctl table, which allowed local users\n to obtain potentially sensitive information from kernel memory or\n possibly have unspecified other impact by accessing a sysctl entry\n (bsc#919007).\n\n - CVE-2015-2042: net/rds/sysctl.c in the Linux kernel before 3.19 used an\n incorrect data type in a sysctl table, which allowed local users to\n obtain potentially sensitive information from kernel memory or possibly\n have unspecified other impact by accessing a sysctl entry (bsc#919018).\n\n - CVE-2015-2666: Fixed a flaw that allowed crafted microcode to overflow\n the kernel stack (bsc#922944).\n\n - CVE-2015-2830: Fixed int80 fork from 64-bit tasks mishandling\n (bsc#926240).\n\n - CVE-2015-2922: Fixed possible denial of service (DoS) attack against\n IPv6 network stacks due to improper handling of Router Advertisements\n (bsc#922583).\n\n - CVE-2015-3331: Fixed buffer overruns in RFC4106 implementation using\n AESNI (bsc#927257).\n\n - CVE-2015-3332: Fixed TCP Fast Open local DoS (bsc#928135).\n\n - CVE-2015-3339: Fixed race condition f ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"affected\", value:\"kernel on SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Desktop 12\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2015:1071-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(SLED12\\.0SP0|SLES12\\.0SP0)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLED12.0SP0\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~3.12.43~52.6.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~3.12.43~52.6.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~3.12.43~52.6.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~3.12.43~52.6.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-extra\", rpm:\"kernel-default-extra~3.12.43~52.6.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-extra-debuginfo\", rpm:\"kernel-default-extra-debuginfo~3.12.43~52.6.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~3.12.43~52.6.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~3.12.43~52.6.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~3.12.43~52.6.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-debugsource\", rpm:\"kernel-xen-debugsource~3.12.43~52.6.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~3.12.43~52.6.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.12.43~52.6.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-macros\", rpm:\"kernel-macros~3.12.43~52.6.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~3.12.43~52.6.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"SLES12.0SP0\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~3.12.43~52.6.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~3.12.43~52.6.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~3.12.43~52.6.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~3.12.43~52.6.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~3.12.43~52.6.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~3.12.43~52.6.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~3.12.43~52.6.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~3.12.43~52.6.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~3.12.43~52.6.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-base-debuginfo\", rpm:\"kernel-xen-base-debuginfo~3.12.43~52.6.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~3.12.43~52.6.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-debugsource\", rpm:\"kernel-xen-debugsource~3.12.43~52.6.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~3.12.43~52.6.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.12.43~52.6.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-macros\", rpm:\"kernel-macros~3.12.43~52.6.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~3.12.43~52.6.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-man\", rpm:\"kernel-default-man~3.12.43~52.6.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-9529", "CVE-2014-8134", "CVE-2015-1593", "CVE-2014-9090", "CVE-2014-8989", "CVE-2015-1421", "CVE-2014-8159", "CVE-2014-8559", "CVE-2015-0239", "CVE-2015-0275", "CVE-2015-2150", "CVE-2014-9428", "CVE-2014-8133", "CVE-2014-9419", "CVE-2014-9585", "CVE-2015-2042", "CVE-2015-2666"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-03-30T00:00:00", "id": "OPENVAS:1361412562310869136", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869136", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2015-4457", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2015-4457\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869136\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-03-30 07:00:09 +0200 (Mon, 30 Mar 2015)\");\n script_cve_id(\"CVE-2015-2666\", \"CVE-2014-8159\", \"CVE-2015-2150\", \"CVE-2015-2042\",\n \"CVE-2015-1421\", \"CVE-2015-0275\", \"CVE-2015-1593\", \"CVE-2015-0239\",\n \"CVE-2014-9585\", \"CVE-2014-9529\", \"CVE-2014-9419\", \"CVE-2014-9428\",\n \"CVE-2014-8989\", \"CVE-2014-8559\", \"CVE-2014-8133\", \"CVE-2014-8134\",\n \"CVE-2014-9090\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2015-4457\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-4457\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-March/153329.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.19.2~201.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-9529", "CVE-2014-8134", "CVE-2015-1593", "CVE-2014-9090", "CVE-2015-2922", "CVE-2014-8989", "CVE-2015-1421", "CVE-2014-8159", "CVE-2014-8559", "CVE-2015-0239", "CVE-2015-0275", "CVE-2015-2150", "CVE-2014-9428", "CVE-2014-8133", "CVE-2014-9419", "CVE-2014-9585", "CVE-2015-2042", "CVE-2015-2666"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-04-23T00:00:00", "id": "OPENVAS:1361412562310869284", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869284", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2015-6320", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2015-6320\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869284\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-04-23 07:30:38 +0200 (Thu, 23 Apr 2015)\");\n script_cve_id(\"CVE-2015-2150\", \"CVE-2015-2666\", \"CVE-2014-8159\", \"CVE-2015-2042\",\n \"CVE-2015-1421\", \"CVE-2015-0275\", \"CVE-2015-1593\", \"CVE-2015-0239\",\n \"CVE-2014-9585\", \"CVE-2014-9529\", \"CVE-2014-9419\", \"CVE-2014-9428\",\n \"CVE-2014-8989\", \"CVE-2014-8559\", \"CVE-2014-8133\", \"CVE-2014-8134\",\n \"CVE-2014-9090\", \"CVE-2015-2922\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2015-6320\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-6320\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-April/155854.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.19.4~200.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-02T11:34:23", "bulletinFamily": "unix", "cvelist": ["CVE-2015-2922", "CVE-2015-2666"], "description": "A stack overflow was discovered in the the microcode loader for the intel \nx86 platform. A local attacker could exploit this flaw to cause a denial of \nservice (kernel crash) or to potentially execute code with kernel \nprivileges. (CVE-2015-2666)\n\nIt was discovered that the Linux kernel's IPv6 networking stack has a flaw \nthat allows using route advertisement (RA) messages to set the 'hop_limit' \nto values that are too low. An unprivileged attacker on a local network \ncould exploit this flaw to cause a denial of service (IPv6 messages \ndropped). (CVE-2015-2922)", "edition": 5, "modified": "2015-04-30T00:00:00", "published": "2015-04-30T00:00:00", "id": "USN-2588-1", "href": "https://ubuntu.com/security/notices/USN-2588-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-02T11:39:54", "bulletinFamily": "unix", "cvelist": ["CVE-2015-2922", "CVE-2015-2666"], "description": "A stack overflow was discovered in the the microcode loader for the intel \nx86 platform. A local attacker could exploit this flaw to cause a denial of \nservice (kernel crash) or to potentially execute code with kernel \nprivileges. (CVE-2015-2666)\n\nIt was discovered that the Linux kernel's IPv6 networking stack has a flaw \nthat allows using route advertisement (RA) messages to set the 'hop_limit' \nto values that are too low. An unprivileged attacker on a local network \ncould exploit this flaw to cause a denial of service (IPv6 messages \ndropped). (CVE-2015-2922)", "edition": 5, "modified": "2015-04-30T00:00:00", "published": "2015-04-30T00:00:00", "id": "USN-2587-1", "href": "https://ubuntu.com/security/notices/USN-2587-1", "title": "Linux kernel (Trusty HWE) vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:26:02", "bulletinFamily": "unix", "cvelist": ["CVE-2015-2830", "CVE-2015-2922", "CVE-2015-2150", "CVE-2015-2666"], "description": "Jan Beulich discovered the Xen virtual machine subsystem of the Linux \nkernel did not properly restrict access to PCI command registers. A local \nguest user could exploit this flaw to cause a denial of service (host \ncrash). (CVE-2015-2150)\n\nA stack overflow was discovered in the the microcode loader for the intel \nx86 platform. A local attacker could exploit this flaw to cause a denial of \nservice (kernel crash) or to potentially execute code with kernel \nprivileges. (CVE-2015-2666)\n\nA privilege escalation was discovered in the fork syscal vi the int80 entry \non 64 bit kernels with 32 bit emulation support. An unprivileged local \nattacker could exploit this flaw to increase their privileges on the \nsystem. (CVE-2015-2830)\n\nIt was discovered that the Linux kernel's IPv6 networking stack has a flaw \nthat allows using route advertisement (RA) messages to set the 'hop_limit' \nto values that are too low. An unprivileged attacker on a local network \ncould exploit this flaw to cause a denial of service (IPv6 messages \ndropped). (CVE-2015-2922)", "edition": 5, "modified": "2015-04-30T00:00:00", "published": "2015-04-30T00:00:00", "id": "USN-2590-1", "href": "https://ubuntu.com/security/notices/USN-2590-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-02T11:43:02", "bulletinFamily": "unix", "cvelist": ["CVE-2015-2830", "CVE-2015-2922", "CVE-2015-2150", "CVE-2015-2666"], "description": "Jan Beulich discovered the Xen virtual machine subsystem of the Linux \nkernel did not properly restrict access to PCI command registers. A local \nguest user could exploit this flaw to cause a denial of service (host \ncrash). (CVE-2015-2150)\n\nA stack overflow was discovered in the the microcode loader for the intel \nx86 platform. A local attacker could exploit this flaw to cause a denial of \nservice (kernel crash) or to potentially execute code with kernel \nprivileges. (CVE-2015-2666)\n\nA privilege escalation was discovered in the fork syscall via the int80 \nentry on 64 bit kernels with 32 bit emulation support. An unprivileged \nlocal attacker could exploit this flaw to increase their privileges on the \nsystem. (CVE-2015-2830)\n\nIt was discovered that the Linux kernel's IPv6 networking stack has a flaw \nthat allows using route advertisement (RA) messages to set the 'hop_limit' \nto values that are too low. An unprivileged attacker on a local network \ncould exploit this flaw to cause a denial of service (IPv6 messages \ndropped). (CVE-2015-2922)", "edition": 5, "modified": "2015-04-30T00:00:00", "published": "2015-04-30T00:00:00", "id": "USN-2589-1", "href": "https://ubuntu.com/security/notices/USN-2589-1", "title": "Linux kernel (Utopic HWE) vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-20T15:28:51", "description": "A stack overflow was discovered in the the microcode loader for the\nintel x86 platform. A local attacker could exploit this flaw to cause\na denial of service (kernel crash) or to potentially execute code with\nkernel privileges. (CVE-2015-2666)\n\nIt was discovered that the Linux kernel's IPv6 networking stack has a\nflaw that allows using route advertisement (RA) messages to set the\n'hop_limit' to values that are too low. An unprivileged attacker on a\nlocal network could exploit this flaw to cause a denial of service\n(IPv6 messages dropped). (CVE-2015-2922).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2015-05-01T00:00:00", "title": "Ubuntu 14.04 LTS : linux vulnerabilities (USN-2588-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2922", "CVE-2015-2666"], "modified": "2015-05-01T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2588-1.NASL", "href": "https://www.tenable.com/plugins/nessus/83179", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2588-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83179);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-2666\", \"CVE-2015-2922\");\n script_bugtraq_id(73183, 74315);\n script_xref(name:\"USN\", value:\"2588-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux vulnerabilities (USN-2588-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A stack overflow was discovered in the the microcode loader for the\nintel x86 platform. A local attacker could exploit this flaw to cause\na denial of service (kernel crash) or to potentially execute code with\nkernel privileges. (CVE-2015-2666)\n\nIt was discovered that the Linux kernel's IPv6 networking stack has a\nflaw that allows using route advertisement (RA) messages to set the\n'hop_limit' to values that are too low. An unprivileged attacker on a\nlocal network could exploit this flaw to cause a denial of service\n(IPv6 messages dropped). (CVE-2015-2922).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2588-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.13-generic,\nlinux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-2666\", \"CVE-2015-2922\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2588-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-51-generic\", pkgver:\"3.13.0-51.84\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-51-generic-lpae\", pkgver:\"3.13.0-51.84\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-51-lowlatency\", pkgver:\"3.13.0-51.84\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae / etc\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T15:28:51", "description": "A stack overflow was discovered in the the microcode loader for the\nintel x86 platform. A local attacker could exploit this flaw to cause\na denial of service (kernel crash) or to potentially execute code with\nkernel privileges. (CVE-2015-2666)\n\nIt was discovered that the Linux kernel's IPv6 networking stack has a\nflaw that allows using route advertisement (RA) messages to set the\n'hop_limit' to values that are too low. An unprivileged attacker on a\nlocal network could exploit this flaw to cause a denial of service\n(IPv6 messages dropped). (CVE-2015-2922).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2015-05-01T00:00:00", "title": "Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2587-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2922", "CVE-2015-2666"], "modified": "2015-05-01T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2587-1.NASL", "href": "https://www.tenable.com/plugins/nessus/83178", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2587-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83178);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-2666\", \"CVE-2015-2922\");\n script_bugtraq_id(73183, 74315);\n script_xref(name:\"USN\", value:\"2587-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2587-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A stack overflow was discovered in the the microcode loader for the\nintel x86 platform. A local attacker could exploit this flaw to cause\na denial of service (kernel crash) or to potentially execute code with\nkernel privileges. (CVE-2015-2666)\n\nIt was discovered that the Linux kernel's IPv6 networking stack has a\nflaw that allows using route advertisement (RA) messages to set the\n'hop_limit' to values that are too low. An unprivileged attacker on a\nlocal network could exploit this flaw to cause a denial of service\n(IPv6 messages dropped). (CVE-2015-2922).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2587-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.13-generic and / or\nlinux-image-3.13-generic-lpae packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-2666\", \"CVE-2015-2922\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2587-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-51-generic\", pkgver:\"3.13.0-51.84~precise1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-51-generic-lpae\", pkgver:\"3.13.0-51.84~precise1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:48:54", "description": "* An integer overflow flaw was found in the way the Linux kernel's\nnetfilter connection tracking implementation loaded extensions. An\nattacker on a local network could potentially send a sequence of\nspecially crafted packets that would initiate the loading of a large\nnumber of extensions, causing the targeted system in that network to\ncrash. (CVE-2014-9715, Moderate)\n\n* A stack-based buffer overflow flaw was found in the Linux kernel's\nearly load microcode functionality. On a system with UEFI Secure Boot\nenabled, a local, privileged user could use this flaw to increase\ntheir privileges to the kernel (ring0) level, bypassing intended\nrestrictions in place. (CVE-2015-2666, Moderate)\n\n* It was found that the Linux kernel's ping socket implementation did\nnot properly handle socket unhashing during spurious disconnects,\nwhich could lead to a use-after-free flaw. On x86-64 architecture\nsystems, a local user able to create ping sockets could use this flaw\nto crash the system. On non-x86-64 architecture systems, a local user\nable to create ping sockets could use this flaw to escalate their\nprivileges on the system. (CVE-2015-3636, Moderate)\n\n* It was found that the Linux kernel's TCP/IP protocol suite\nimplementation for IPv6 allowed the Hop Limit value to be set to a\nsmaller value than the default one. An attacker on a local network\ncould use this flaw to prevent systems on that network from sending or\nreceiving network packets. (CVE-2015-2922, Low)\n\nThis update also fixes several bugs.\n\nThe system must be rebooted for this update to take effect.", "edition": 15, "published": "2015-08-07T00:00:00", "title": "Scientific Linux Security Update : kernel on SL7.x x86_64 (20150805)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-9715", "CVE-2015-2922", "CVE-2015-3636", "CVE-2015-2666"], "modified": "2015-08-07T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-abi-whitelists", "p-cpe:/a:fermilab:scientific_linux:kernel", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo", "p-cpe:/a:fermilab:scientific_linux:python-perf-debuginfo", "p-cpe:/a:fermilab:scientific_linux:perf-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-debug", "p-cpe:/a:fermilab:scientific_linux:kernel-headers", "p-cpe:/a:fermilab:scientific_linux:python-perf", "p-cpe:/a:fermilab:scientific_linux:kernel-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-tools-libs-devel", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:kernel-doc", "p-cpe:/a:fermilab:scientific_linux:perf", "p-cpe:/a:fermilab:scientific_linux:kernel-tools-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-tools", "p-cpe:/a:fermilab:scientific_linux:kernel-tools-libs"], "id": "SL_20150805_KERNEL_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/85264", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85264);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-9715\", \"CVE-2015-2666\", \"CVE-2015-2922\", \"CVE-2015-3636\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL7.x x86_64 (20150805)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"* An integer overflow flaw was found in the way the Linux kernel's\nnetfilter connection tracking implementation loaded extensions. An\nattacker on a local network could potentially send a sequence of\nspecially crafted packets that would initiate the loading of a large\nnumber of extensions, causing the targeted system in that network to\ncrash. (CVE-2014-9715, Moderate)\n\n* A stack-based buffer overflow flaw was found in the Linux kernel's\nearly load microcode functionality. On a system with UEFI Secure Boot\nenabled, a local, privileged user could use this flaw to increase\ntheir privileges to the kernel (ring0) level, bypassing intended\nrestrictions in place. (CVE-2015-2666, Moderate)\n\n* It was found that the Linux kernel's ping socket implementation did\nnot properly handle socket unhashing during spurious disconnects,\nwhich could lead to a use-after-free flaw. On x86-64 architecture\nsystems, a local user able to create ping sockets could use this flaw\nto crash the system. On non-x86-64 architecture systems, a local user\nable to create ping sockets could use this flaw to escalate their\nprivileges on the system. (CVE-2015-3636, Moderate)\n\n* It was found that the Linux kernel's TCP/IP protocol suite\nimplementation for IPv6 allowed the Hop Limit value to be set to a\nsmaller value than the default one. An attacker on a local network\ncould use this flaw to prevent systems on that network from sending or\nreceiving network packets. (CVE-2015-2922, Low)\n\nThis update also fixes several bugs.\n\nThe system must be rebooted for this update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1508&L=scientific-linux-errata&F=&S=&P=9022\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?34879fa5\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"kernel-abi-whitelists-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"kernel-doc-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"perf-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"perf-debuginfo-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-3.10.0-229.11.1.el7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T15:28:51", "description": "Jan Beulich discovered the Xen virtual machine subsystem of the Linux\nkernel did not properly restrict access to PCI command registers. A\nlocal guest user could exploit this flaw to cause a denial of service\n(host crash). (CVE-2015-2150)\n\nA stack overflow was discovered in the the microcode loader for the\nintel x86 platform. A local attacker could exploit this flaw to cause\na denial of service (kernel crash) or to potentially execute code with\nkernel privileges. (CVE-2015-2666)\n\nA privilege escalation was discovered in the fork syscal vi the int80\nentry on 64 bit kernels with 32 bit emulation support. An unprivileged\nlocal attacker could exploit this flaw to increase their privileges on\nthe system. (CVE-2015-2830)\n\nIt was discovered that the Linux kernel's IPv6 networking stack has a\nflaw that allows using route advertisement (RA) messages to set the\n'hop_limit' to values that are too low. An unprivileged attacker on a\nlocal network could exploit this flaw to cause a denial of service\n(IPv6 messages dropped). (CVE-2015-2922).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2015-05-01T00:00:00", "title": "Ubuntu 14.04 LTS : linux-lts-utopic vulnerabilities (USN-2589-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2830", "CVE-2015-2922", "CVE-2015-2150", "CVE-2015-2666"], "modified": "2015-05-01T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2589-1.NASL", "href": "https://www.tenable.com/plugins/nessus/83180", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2589-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83180);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-2150\", \"CVE-2015-2666\", \"CVE-2015-2830\", \"CVE-2015-2922\");\n script_bugtraq_id(73014, 73183, 73699, 74315);\n script_xref(name:\"USN\", value:\"2589-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-utopic vulnerabilities (USN-2589-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jan Beulich discovered the Xen virtual machine subsystem of the Linux\nkernel did not properly restrict access to PCI command registers. A\nlocal guest user could exploit this flaw to cause a denial of service\n(host crash). (CVE-2015-2150)\n\nA stack overflow was discovered in the the microcode loader for the\nintel x86 platform. A local attacker could exploit this flaw to cause\na denial of service (kernel crash) or to potentially execute code with\nkernel privileges. (CVE-2015-2666)\n\nA privilege escalation was discovered in the fork syscal vi the int80\nentry on 64 bit kernels with 32 bit emulation support. An unprivileged\nlocal attacker could exploit this flaw to increase their privileges on\nthe system. (CVE-2015-2830)\n\nIt was discovered that the Linux kernel's IPv6 networking stack has a\nflaw that allows using route advertisement (RA) messages to set the\n'hop_limit' to values that are too low. An unprivileged attacker on a\nlocal network could exploit this flaw to cause a denial of service\n(IPv6 messages dropped). (CVE-2015-2922).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2589-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.16-generic,\nlinux-image-3.16-generic-lpae and / or linux-image-3.16-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-2150\", \"CVE-2015-2666\", \"CVE-2015-2830\", \"CVE-2015-2922\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2589-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-36-generic\", pkgver:\"3.16.0-36.48~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-36-generic-lpae\", pkgver:\"3.16.0-36.48~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-36-lowlatency\", pkgver:\"3.16.0-36.48~14.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.16-generic / linux-image-3.16-generic-lpae / etc\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-02-01T05:32:20", "description": "Updated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An integer overflow flaw was found in the way the Linux kernel's\nnetfilter connection tracking implementation loaded extensions. An\nattacker on a local network could potentially send a sequence of\nspecially crafted packets that would initiate the loading of a large\nnumber of extensions, causing the targeted system in that network to\ncrash. (CVE-2014-9715, Moderate)\n\n* A stack-based buffer overflow flaw was found in the Linux kernel's\nearly load microcode functionality. On a system with UEFI Secure Boot\nenabled, a local, privileged user could use this flaw to increase\ntheir privileges to the kernel (ring0) level, bypassing intended\nrestrictions in place. (CVE-2015-2666, Moderate)\n\n* It was found that the Linux kernel's ping socket implementation did\nnot properly handle socket unhashing during spurious disconnects,\nwhich could lead to a use-after-free flaw. On x86-64 architecture\nsystems, a local user able to create ping sockets could use this flaw\nto crash the system. On non-x86-64 architecture systems, a local user\nable to create ping sockets could use this flaw to escalate their\nprivileges on the system. (CVE-2015-3636, Moderate)\n\n* It was found that the Linux kernel's TCP/IP protocol suite\nimplementation for IPv6 allowed the Hop Limit value to be set to a\nsmaller value than the default one. An attacker on a local network\ncould use this flaw to prevent systems on that network from sending or\nreceiving network packets. (CVE-2015-2922, Low)\n\nRed Hat would like to thank Nathan Hoad for reporting the\nCVE-2014-9715 issue.\n\nThis update also fixes several bugs. Refer to the following\nKnowledgebase article for further information :\n\nhttps://access.redhat.com/articles/1474193\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.", "edition": 30, "published": "2015-08-06T00:00:00", "title": "RHEL 7 : kernel (RHSA-2015:1534)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-9715", "CVE-2015-2922", "CVE-2015-3636", "CVE-2015-2666"], "modified": "2021-02-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "cpe:/o:redhat:enterprise_linux:7.4", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "cpe:/o:redhat:enterprise_linux:7.1", "cpe:/o:redhat:enterprise_linux:7.7", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "cpe:/o:redhat:enterprise_linux:7.5", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "cpe:/o:redhat:enterprise_linux:7.3", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel", "cpe:/o:redhat:enterprise_linux:7.2", "cpe:/o:redhat:enterprise_linux:7.6", "p-cpe:/a:redhat:enterprise_linux:python-perf", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:kernel-doc"], "id": "REDHAT-RHSA-2015-1534.NASL", "href": "https://www.tenable.com/plugins/nessus/85248", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1534. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85248);\n script_version(\"2.16\");\n script_cvs_date(\"Date: 2019/10/24 15:35:40\");\n\n script_cve_id(\"CVE-2014-9715\", \"CVE-2015-2666\", \"CVE-2015-2922\", \"CVE-2015-3636\");\n script_xref(name:\"RHSA\", value:\"2015:1534\");\n\n script_name(english:\"RHEL 7 : kernel (RHSA-2015:1534)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An integer overflow flaw was found in the way the Linux kernel's\nnetfilter connection tracking implementation loaded extensions. An\nattacker on a local network could potentially send a sequence of\nspecially crafted packets that would initiate the loading of a large\nnumber of extensions, causing the targeted system in that network to\ncrash. (CVE-2014-9715, Moderate)\n\n* A stack-based buffer overflow flaw was found in the Linux kernel's\nearly load microcode functionality. On a system with UEFI Secure Boot\nenabled, a local, privileged user could use this flaw to increase\ntheir privileges to the kernel (ring0) level, bypassing intended\nrestrictions in place. (CVE-2015-2666, Moderate)\n\n* It was found that the Linux kernel's ping socket implementation did\nnot properly handle socket unhashing during spurious disconnects,\nwhich could lead to a use-after-free flaw. On x86-64 architecture\nsystems, a local user able to create ping sockets could use this flaw\nto crash the system. On non-x86-64 architecture systems, a local user\nable to create ping sockets could use this flaw to escalate their\nprivileges on the system. (CVE-2015-3636, Moderate)\n\n* It was found that the Linux kernel's TCP/IP protocol suite\nimplementation for IPv6 allowed the Hop Limit value to be set to a\nsmaller value than the default one. An attacker on a local network\ncould use this flaw to prevent systems on that network from sending or\nreceiving network packets. (CVE-2015-2922, Low)\n\nRed Hat would like to thank Nathan Hoad for reporting the\nCVE-2014-9715 issue.\n\nThis update also fixes several bugs. Refer to the following\nKnowledgebase article for further information :\n\nhttps://access.redhat.com/articles/1474193\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/articles/1474193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:1534\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-2922\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3636\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-2666\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-9715\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2014-9715\", \"CVE-2015-2666\", \"CVE-2015-2922\", \"CVE-2015-3636\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2015:1534\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:1534\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"kernel-abi-whitelists-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-devel-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debuginfo-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-devel-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"kernel-doc-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-headers-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-devel-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"perf-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"perf-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"perf-debuginfo-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"perf-debuginfo-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"python-perf-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"python-perf-debuginfo-3.10.0-229.11.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-3.10.0-229.11.1.el7\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T15:28:51", "description": "Jan Beulich discovered the Xen virtual machine subsystem of the Linux\nkernel did not properly restrict access to PCI command registers. A\nlocal guest user could exploit this flaw to cause a denial of service\n(host crash). (CVE-2015-2150)\n\nA stack overflow was discovered in the the microcode loader for the\nintel x86 platform. A local attacker could exploit this flaw to cause\na denial of service (kernel crash) or to potentially execute code with\nkernel privileges. (CVE-2015-2666)\n\nA privilege escalation was discovered in the fork syscal vi the int80\nentry on 64 bit kernels with 32 bit emulation support. An unprivileged\nlocal attacker could exploit this flaw to increase their privileges on\nthe system. (CVE-2015-2830)\n\nIt was discovered that the Linux kernel's IPv6 networking stack has a\nflaw that allows using route advertisement (RA) messages to set the\n'hop_limit' to values that are too low. An unprivileged attacker on a\nlocal network could exploit this flaw to cause a denial of service\n(IPv6 messages dropped). (CVE-2015-2922).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2015-05-01T00:00:00", "title": "Ubuntu 14.10 : linux vulnerabilities (USN-2590-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2830", "CVE-2015-2922", "CVE-2015-2150", "CVE-2015-2666"], "modified": "2015-05-01T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.10"], "id": "UBUNTU_USN-2590-1.NASL", "href": "https://www.tenable.com/plugins/nessus/83181", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2590-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83181);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-2150\", \"CVE-2015-2666\", \"CVE-2015-2830\", \"CVE-2015-2922\");\n script_bugtraq_id(73014, 73183, 73699, 74315);\n script_xref(name:\"USN\", value:\"2590-1\");\n\n script_name(english:\"Ubuntu 14.10 : linux vulnerabilities (USN-2590-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jan Beulich discovered the Xen virtual machine subsystem of the Linux\nkernel did not properly restrict access to PCI command registers. A\nlocal guest user could exploit this flaw to cause a denial of service\n(host crash). (CVE-2015-2150)\n\nA stack overflow was discovered in the the microcode loader for the\nintel x86 platform. A local attacker could exploit this flaw to cause\na denial of service (kernel crash) or to potentially execute code with\nkernel privileges. (CVE-2015-2666)\n\nA privilege escalation was discovered in the fork syscal vi the int80\nentry on 64 bit kernels with 32 bit emulation support. An unprivileged\nlocal attacker could exploit this flaw to increase their privileges on\nthe system. (CVE-2015-2830)\n\nIt was discovered that the Linux kernel's IPv6 networking stack has a\nflaw that allows using route advertisement (RA) messages to set the\n'hop_limit' to values that are too low. An unprivileged attacker on a\nlocal network could exploit this flaw to cause a denial of service\n(IPv6 messages dropped). (CVE-2015-2922).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2590-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.16-generic,\nlinux-image-3.16-generic-lpae and / or linux-image-3.16-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-2150\", \"CVE-2015-2666\", \"CVE-2015-2830\", \"CVE-2015-2922\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2590-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.10\", pkgname:\"linux-image-3.16.0-36-generic\", pkgver:\"3.16.0-36.48\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"linux-image-3.16.0-36-generic-lpae\", pkgver:\"3.16.0-36.48\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"linux-image-3.16.0-36-lowlatency\", pkgver:\"3.16.0-36.48\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.16-generic / linux-image-3.16-generic-lpae / etc\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:50:07", "description": "From Red Hat Security Advisory 2015:1534 :\n\nUpdated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An integer overflow flaw was found in the way the Linux kernel's\nnetfilter connection tracking implementation loaded extensions. An\nattacker on a local network could potentially send a sequence of\nspecially crafted packets that would initiate the loading of a large\nnumber of extensions, causing the targeted system in that network to\ncrash. (CVE-2014-9715, Moderate)\n\n* A stack-based buffer overflow flaw was found in the Linux kernel's\nearly load microcode functionality. On a system with UEFI Secure Boot\nenabled, a local, privileged user could use this flaw to increase\ntheir privileges to the kernel (ring0) level, bypassing intended\nrestrictions in place. (CVE-2015-2666, Moderate)\n\n* It was found that the Linux kernel's ping socket implementation did\nnot properly handle socket unhashing during spurious disconnects,\nwhich could lead to a use-after-free flaw. On x86-64 architecture\nsystems, a local user able to create ping sockets could use this flaw\nto crash the system. On non-x86-64 architecture systems, a local user\nable to create ping sockets could use this flaw to escalate their\nprivileges on the system. (CVE-2015-3636, Moderate)\n\n* It was found that the Linux kernel's TCP/IP protocol suite\nimplementation for IPv6 allowed the Hop Limit value to be set to a\nsmaller value than the default one. An attacker on a local network\ncould use this flaw to prevent systems on that network from sending or\nreceiving network packets. (CVE-2015-2922, Low)\n\nRed Hat would like to thank Nathan Hoad for reporting the\nCVE-2014-9715 issue.\n\nThis update also fixes several bugs. Refer to the following\nKnowledgebase article for further information :\n\nhttps://access.redhat.com/articles/1474193\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.", "edition": 26, "published": "2015-08-06T00:00:00", "title": "Oracle Linux 7 : kernel (ELSA-2015-1534)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-9715", "CVE-2015-2922", "CVE-2015-3636", "CVE-2015-2666"], "modified": "2015-08-06T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-tools", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-tools-libs", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:kernel-tools-libs-devel", "p-cpe:/a:oracle:linux:python-perf"], "id": "ORACLELINUX_ELSA-2015-1534.NASL", "href": "https://www.tenable.com/plugins/nessus/85247", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:1534 and \n# Oracle Linux Security Advisory ELSA-2015-1534 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85247);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-9715\", \"CVE-2015-2666\", \"CVE-2015-2922\", \"CVE-2015-3636\");\n script_xref(name:\"RHSA\", value:\"2015:1534\");\n\n script_name(english:\"Oracle Linux 7 : kernel (ELSA-2015-1534)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:1534 :\n\nUpdated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An integer overflow flaw was found in the way the Linux kernel's\nnetfilter connection tracking implementation loaded extensions. An\nattacker on a local network could potentially send a sequence of\nspecially crafted packets that would initiate the loading of a large\nnumber of extensions, causing the targeted system in that network to\ncrash. (CVE-2014-9715, Moderate)\n\n* A stack-based buffer overflow flaw was found in the Linux kernel's\nearly load microcode functionality. On a system with UEFI Secure Boot\nenabled, a local, privileged user could use this flaw to increase\ntheir privileges to the kernel (ring0) level, bypassing intended\nrestrictions in place. (CVE-2015-2666, Moderate)\n\n* It was found that the Linux kernel's ping socket implementation did\nnot properly handle socket unhashing during spurious disconnects,\nwhich could lead to a use-after-free flaw. On x86-64 architecture\nsystems, a local user able to create ping sockets could use this flaw\nto crash the system. On non-x86-64 architecture systems, a local user\nable to create ping sockets could use this flaw to escalate their\nprivileges on the system. (CVE-2015-3636, Moderate)\n\n* It was found that the Linux kernel's TCP/IP protocol suite\nimplementation for IPv6 allowed the Hop Limit value to be set to a\nsmaller value than the default one. An attacker on a local network\ncould use this flaw to prevent systems on that network from sending or\nreceiving network packets. (CVE-2015-2922, Low)\n\nRed Hat would like to thank Nathan Hoad for reporting the\nCVE-2014-9715 issue.\n\nThis update also fixes several bugs. Refer to the following\nKnowledgebase article for further information :\n\nhttps://access.redhat.com/articles/1474193\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-August/005294.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2014-9715\", \"CVE-2015-2666\", \"CVE-2015-2922\", \"CVE-2015-3636\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2015-1534\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"3.10\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-abi-whitelists-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-abi-whitelists-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-debug-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-debug-devel-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-devel-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-doc-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-doc-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-headers-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-tools-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-tools-libs-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-tools-libs-devel-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"perf-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-229.11.1.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-02-01T05:32:20", "description": "Updated kernel-rt packages that fix multiple security issues, several\nbugs, and add various enhancements are now available for Red Hat\nEnterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An integer overflow flaw was found in the way the Linux kernel's\nnetfilter connection tracking implementation loaded extensions. An\nattacker on a local network could potentially send a sequence of\nspecially crafted packets that would initiate the loading of a large\nnumber of extensions, causing the targeted system in that network to\ncrash. (CVE-2014-9715, Moderate)\n\n* A stack-based buffer overflow flaw was found in the Linux kernel's\nearly load microcode functionality. On a system with UEFI Secure Boot\nenabled, a local, privileged user could use this flaw to increase\ntheir privileges to the kernel (ring0) level, bypassing intended\nrestrictions in place. (CVE-2015-2666, Moderate)\n\n* It was found that the Linux kernel's ping socket implementation did\nnot properly handle socket unhashing during spurious disconnects,\nwhich could lead to a use-after-free flaw. On x86-64 architecture\nsystems, a local user able to create ping sockets could use this flaw\nto crash the system. On non-x86-64 architecture systems, a local user\nable to create ping sockets could use this flaw to escalate their\nprivileges on the system. (CVE-2015-3636, Moderate)\n\n* It was found that the Linux kernel's TCP/IP protocol suite\nimplementation for IPv6 allowed the Hop Limit value to be set to a\nsmaller value than the default one. An attacker on a local network\ncould use this flaw to prevent systems on that network from sending or\nreceiving network packets. (CVE-2015-2922, Low)\n\nRed Hat would like to thank Nathan Hoad for reporting the\nCVE-2014-9715 issue.\n\nThe kernel-rt packages have been upgraded to version 3.10.0-229.11.1,\nwhich provides a number of bug fixes and enhancements over the\nprevious version, including :\n\n* drbg: Add stdrng alias and increase priority\n\n* seqiv / eseqiv / chainiv: Move IV seeding into init function\n\n* ipv4: kABI fix for 0bbf87d backport\n\n* ipv4: Convert ipv4.ip_local_port_range to be per netns\n\n* libceph: tcp_nodelay support\n\n* ipr: Increase default adapter init stage change timeout\n\n* fix use-after-free bug in usb_hcd_unlink_urb()\n\n* libceph: fix double __remove_osd() problem\n\n* ext4: fix data corruption caused by unwritten and delayed extents\n\n* sunrpc: Add missing support for RPC_CLNT_CREATE_NO_RETRANS_TIMEOUT\n\n* nfs: Fixing lease renewal (Benjamin Coddington)\n\n* control hard lockup detection default\n\n* Fix print-once on enable\n\n* watchdog: update watchdog_thresh properly and watchdog attributes\natomically\n\n* module: Call module notifier on failure after complete_formation()\n\n(BZ#1234470)\n\nThis update also fixes the following bugs :\n\n* The megasas driver used the smp_processor_id() function within a\npreemptible context, which caused warning messages to be returned to\nthe console. The function has been changed to raw_smp_processor_id()\nso that a lock is held while getting the processor ID. As a result,\ncorrect operations are now allowed without any console warnings being\nproduced. (BZ#1235304)\n\n* In the NFSv4 file system, non-standard usage of the\nwrite_seqcount_{begin,end}() functions were used, which caused the\nrealtime code to try to sleep while locks were held. As a consequence,\nthe 'scheduling while atomic' error messages were returned. The\nunderlying source code has been modified to use the\n__write_seqcount_{begin,end}() functions that do not hold any locks,\nallowing correct execution of realtime. (BZ#1235301)\n\nAll kernel-rt users are advised to upgrade to these updated packages,\nwhich correct these issues and add these enhancements. The system must\nbe rebooted for this update to take effect.", "edition": 28, "published": "2015-08-31T00:00:00", "title": "RHEL 7 : kernel-rt (RHSA-2015:1565)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-9715", "CVE-2015-2922", "CVE-2015-3636", "CVE-2015-2666"], "modified": "2021-02-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:kernel-rt", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo"], "id": "REDHAT-RHSA-2015-1565.NASL", "href": "https://www.tenable.com/plugins/nessus/85705", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1565. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85705);\n script_version(\"2.9\");\n script_cvs_date(\"Date: 2019/10/24 15:35:40\");\n\n script_cve_id(\"CVE-2014-9715\", \"CVE-2015-2666\", \"CVE-2015-2922\", \"CVE-2015-3636\");\n script_xref(name:\"RHSA\", value:\"2015:1565\");\n\n script_name(english:\"RHEL 7 : kernel-rt (RHSA-2015:1565)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel-rt packages that fix multiple security issues, several\nbugs, and add various enhancements are now available for Red Hat\nEnterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An integer overflow flaw was found in the way the Linux kernel's\nnetfilter connection tracking implementation loaded extensions. An\nattacker on a local network could potentially send a sequence of\nspecially crafted packets that would initiate the loading of a large\nnumber of extensions, causing the targeted system in that network to\ncrash. (CVE-2014-9715, Moderate)\n\n* A stack-based buffer overflow flaw was found in the Linux kernel's\nearly load microcode functionality. On a system with UEFI Secure Boot\nenabled, a local, privileged user could use this flaw to increase\ntheir privileges to the kernel (ring0) level, bypassing intended\nrestrictions in place. (CVE-2015-2666, Moderate)\n\n* It was found that the Linux kernel's ping socket implementation did\nnot properly handle socket unhashing during spurious disconnects,\nwhich could lead to a use-after-free flaw. On x86-64 architecture\nsystems, a local user able to create ping sockets could use this flaw\nto crash the system. On non-x86-64 architecture systems, a local user\nable to create ping sockets could use this flaw to escalate their\nprivileges on the system. (CVE-2015-3636, Moderate)\n\n* It was found that the Linux kernel's TCP/IP protocol suite\nimplementation for IPv6 allowed the Hop Limit value to be set to a\nsmaller value than the default one. An attacker on a local network\ncould use this flaw to prevent systems on that network from sending or\nreceiving network packets. (CVE-2015-2922, Low)\n\nRed Hat would like to thank Nathan Hoad for reporting the\nCVE-2014-9715 issue.\n\nThe kernel-rt packages have been upgraded to version 3.10.0-229.11.1,\nwhich provides a number of bug fixes and enhancements over the\nprevious version, including :\n\n* drbg: Add stdrng alias and increase priority\n\n* seqiv / eseqiv / chainiv: Move IV seeding into init function\n\n* ipv4: kABI fix for 0bbf87d backport\n\n* ipv4: Convert ipv4.ip_local_port_range to be per netns\n\n* libceph: tcp_nodelay support\n\n* ipr: Increase default adapter init stage change timeout\n\n* fix use-after-free bug in usb_hcd_unlink_urb()\n\n* libceph: fix double __remove_osd() problem\n\n* ext4: fix data corruption caused by unwritten and delayed extents\n\n* sunrpc: Add missing support for RPC_CLNT_CREATE_NO_RETRANS_TIMEOUT\n\n* nfs: Fixing lease renewal (Benjamin Coddington)\n\n* control hard lockup detection default\n\n* Fix print-once on enable\n\n* watchdog: update watchdog_thresh properly and watchdog attributes\natomically\n\n* module: Call module notifier on failure after complete_formation()\n\n(BZ#1234470)\n\nThis update also fixes the following bugs :\n\n* The megasas driver used the smp_processor_id() function within a\npreemptible context, which caused warning messages to be returned to\nthe console. The function has been changed to raw_smp_processor_id()\nso that a lock is held while getting the processor ID. As a result,\ncorrect operations are now allowed without any console warnings being\nproduced. (BZ#1235304)\n\n* In the NFSv4 file system, non-standard usage of the\nwrite_seqcount_{begin,end}() functions were used, which caused the\nrealtime code to try to sleep while locks were held. As a consequence,\nthe 'scheduling while atomic' error messages were returned. The\nunderlying source code has been modified to use the\n__write_seqcount_{begin,end}() functions that do not hold any locks,\nallowing correct execution of realtime. (BZ#1235301)\n\nAll kernel-rt users are advised to upgrade to these updated packages,\nwhich correct these issues and add these enhancements. The system must\nbe rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:1565\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-9715\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-2666\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-2922\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3636\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2014-9715\", \"CVE-2015-2666\", \"CVE-2015-2922\", \"CVE-2015-3636\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2015:1565\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:1565\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-3.10.0-229.11.1.rt56.141.11.el7_1\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debug-3.10.0-229.11.1.rt56.141.11.el7_1\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debug-debuginfo-3.10.0-229.11.1.rt56.141.11.el7_1\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debug-devel-3.10.0-229.11.1.rt56.141.11.el7_1\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-3.10.0-229.11.1.rt56.141.11.el7_1\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-common-x86_64-3.10.0-229.11.1.rt56.141.11.el7_1\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-devel-3.10.0-229.11.1.rt56.141.11.el7_1\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"kernel-rt-doc-3.10.0-229.11.1.rt56.141.11.el7_1\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-trace-3.10.0-229.11.1.rt56.141.11.el7_1\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-trace-debuginfo-3.10.0-229.11.1.rt56.141.11.el7_1\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-trace-devel-3.10.0-229.11.1.rt56.141.11.el7_1\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-rt / kernel-rt-debug / kernel-rt-debug-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:30:18", "description": "Updated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An integer overflow flaw was found in the way the Linux kernel's\nnetfilter connection tracking implementation loaded extensions. An\nattacker on a local network could potentially send a sequence of\nspecially crafted packets that would initiate the loading of a large\nnumber of extensions, causing the targeted system in that network to\ncrash. (CVE-2014-9715, Moderate)\n\n* A stack-based buffer overflow flaw was found in the Linux kernel's\nearly load microcode functionality. On a system with UEFI Secure Boot\nenabled, a local, privileged user could use this flaw to increase\ntheir privileges to the kernel (ring0) level, bypassing intended\nrestrictions in place. (CVE-2015-2666, Moderate)\n\n* It was found that the Linux kernel's ping socket implementation did\nnot properly handle socket unhashing during spurious disconnects,\nwhich could lead to a use-after-free flaw. On x86-64 architecture\nsystems, a local user able to create ping sockets could use this flaw\nto crash the system. On non-x86-64 architecture systems, a local user\nable to create ping sockets could use this flaw to escalate their\nprivileges on the system. (CVE-2015-3636, Moderate)\n\n* It was found that the Linux kernel's TCP/IP protocol suite\nimplementation for IPv6 allowed the Hop Limit value to be set to a\nsmaller value than the default one. An attacker on a local network\ncould use this flaw to prevent systems on that network from sending or\nreceiving network packets. (CVE-2015-2922, Low)\n\nRed Hat would like to thank Nathan Hoad for reporting the\nCVE-2014-9715 issue.\n\nThis update also fixes several bugs. Refer to the following\nKnowledgebase article for further information :\n\nhttps://access.redhat.com/articles/1474193\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.", "edition": 29, "published": "2015-08-11T00:00:00", "title": "CentOS 7 : kernel (CESA-2015:1534)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-9715", "CVE-2015-2922", "CVE-2015-3636", "CVE-2015-2666"], "modified": "2015-08-11T00:00:00", "cpe": ["p-cpe:/a:centos:centos:perf", "p-cpe:/a:centos:centos:python-perf", "p-cpe:/a:centos:centos:kernel-doc", "cpe:/o:centos:centos:7", "p-cpe:/a:centos:centos:kernel-tools-libs-devel", "p-cpe:/a:centos:centos:kernel-tools", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-tools-libs", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:kernel-abi-whitelists", "p-cpe:/a:centos:centos:kernel-debug-devel"], "id": "CENTOS_RHSA-2015-1534.NASL", "href": "https://www.tenable.com/plugins/nessus/85305", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1534 and \n# CentOS Errata and Security Advisory 2015:1534 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85305);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-9715\", \"CVE-2015-2666\", \"CVE-2015-2922\", \"CVE-2015-3636\");\n script_xref(name:\"RHSA\", value:\"2015:1534\");\n\n script_name(english:\"CentOS 7 : kernel (CESA-2015:1534)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An integer overflow flaw was found in the way the Linux kernel's\nnetfilter connection tracking implementation loaded extensions. An\nattacker on a local network could potentially send a sequence of\nspecially crafted packets that would initiate the loading of a large\nnumber of extensions, causing the targeted system in that network to\ncrash. (CVE-2014-9715, Moderate)\n\n* A stack-based buffer overflow flaw was found in the Linux kernel's\nearly load microcode functionality. On a system with UEFI Secure Boot\nenabled, a local, privileged user could use this flaw to increase\ntheir privileges to the kernel (ring0) level, bypassing intended\nrestrictions in place. (CVE-2015-2666, Moderate)\n\n* It was found that the Linux kernel's ping socket implementation did\nnot properly handle socket unhashing during spurious disconnects,\nwhich could lead to a use-after-free flaw. On x86-64 architecture\nsystems, a local user able to create ping sockets could use this flaw\nto crash the system. On non-x86-64 architecture systems, a local user\nable to create ping sockets could use this flaw to escalate their\nprivileges on the system. (CVE-2015-3636, Moderate)\n\n* It was found that the Linux kernel's TCP/IP protocol suite\nimplementation for IPv6 allowed the Hop Limit value to be set to a\nsmaller value than the default one. An attacker on a local network\ncould use this flaw to prevent systems on that network from sending or\nreceiving network packets. (CVE-2015-2922, Low)\n\nRed Hat would like to thank Nathan Hoad for reporting the\nCVE-2014-9715 issue.\n\nThis update also fixes several bugs. Refer to the following\nKnowledgebase article for further information :\n\nhttps://access.redhat.com/articles/1474193\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-August/021297.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d4646204\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-2666\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-abi-whitelists-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-doc-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"perf-3.10.0-229.11.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-229.11.1.el7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / kernel-debug-devel / etc\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:13:36", "description": "The 3.19.3 rebase contains improved hardware support, a number of new\nfeatures, and many important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 18, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2015-04-08T00:00:00", "title": "Fedora 20 : kernel-3.19.3-100.fc20 (2015-5024)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8159", "CVE-2015-2672", "CVE-2015-2150", "CVE-2015-2042", "CVE-2015-2666"], "modified": "2015-04-08T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2015-5024.NASL", "href": "https://www.tenable.com/plugins/nessus/82630", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-5024.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82630);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-8159\", \"CVE-2015-2042\", \"CVE-2015-2150\", \"CVE-2015-2666\", \"CVE-2015-2672\");\n script_xref(name:\"FEDORA\", value:\"2015-5024\");\n\n script_name(english:\"Fedora 20 : kernel-3.19.3-100.fc20 (2015-5024)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 3.19.3 rebase contains improved hardware support, a number of new\nfeatures, and many important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1181166\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1195355\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1196266\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1204722\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1204729\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-April/154402.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?52d64341\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"kernel-3.19.3-100.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:58", "bulletinFamily": "software", "cvelist": ["CVE-2015-2830", "CVE-2015-2922", "CVE-2015-2150", "CVE-2015-2666"], "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2590-1\r\nApril 30, 2015\r\n\r\nlinux vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 14.10\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in the kernel.\r\n\r\nSoftware Description:\r\n- linux: Linux kernel\r\n\r\nDetails:\r\n\r\nJan Beulich discovered the Xen virtual machine subsystem of the Linux\r\nkernel did not properly restrict access to PCI command registers. A local\r\nguest user could exploit this flaw to cause a denial of service &#40;host\r\ncrash&#41;. &#40;CVE-2015-2150&#41;\r\n\r\nA stack overflow was discovered in the the microcode loader for the intel\r\nx86 platform. A local attacker could exploit this flaw to cause a denial of\r\nservice &#40;kernel crash&#41; or to potentially execute code with kernel\r\nprivileges. &#40;CVE-2015-2666&#41;\r\n\r\nA privilege escalation was discovered in the fork syscal vi the int80 entry\r\non 64 bit kernels with 32 bit emulation support. An unprivileged local\r\nattacker could exploit this flaw to increase their privileges on the\r\nsystem. &#40;CVE-2015-2830&#41;\r\n\r\nIt was discovered that the Linux kernel&#39;s IPv6 networking stack has a flaw\r\nthat allows using route advertisement &#40;RA&#41; messages to set the &#39;hop_limit&#39;\r\nto values that are too low. An unprivileged attacker on a local network\r\ncould exploit this flaw to cause a denial of service &#40;IPv6 messages\r\ndropped&#41;. &#40;CVE-2015-2922&#41;\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 14.10:\r\n linux-image-3.16.0-36-generic 3.16.0-36.48\r\n linux-image-3.16.0-36-generic-lpae 3.16.0-36.48\r\n linux-image-3.16.0-36-lowlatency 3.16.0-36.48\r\n linux-image-3.16.0-36-powerpc-e500mc 3.16.0-36.48\r\n linux-image-3.16.0-36-powerpc-smp 3.16.0-36.48\r\n linux-image-3.16.0-36-powerpc64-emb 3.16.0-36.48\r\n linux-image-3.16.0-36-powerpc64-smp 3.16.0-36.48\r\n\r\nAfter a standard system update you need to reboot your computer to make\r\nall the necessary changes.\r\n\r\nATTENTION: Due to an unavoidable ABI change the kernel updates have\r\nbeen given a new version number, which requires you to recompile and\r\nreinstall all third party kernel modules you might have installed. If\r\nyou use linux-restricted-modules, you have to update that package as\r\nwell to get modules which work with the new kernel version. Unless you\r\nmanually uninstalled the standard kernel metapackages &#40;e.g. linux-generic,\r\nlinux-server, linux-powerpc&#41;, a standard system upgrade will automatically\r\nperform this as well.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2590-1\r\n CVE-2015-2150, CVE-2015-2666, CVE-2015-2830, CVE-2015-2922\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/linux/3.16.0-36.48\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "edition": 1, "modified": "2015-05-05T00:00:00", "published": "2015-05-05T00:00:00", "id": "SECURITYVULNS:DOC:31984", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31984", "title": "[USN-2590-1] Linux kernel vulnerabilities", "type": "securityvulns", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:00", "bulletinFamily": "software", "cvelist": ["CVE-2014-9715", "CVE-2015-2830", "CVE-2015-3332", "CVE-2015-2922", "CVE-2015-3339", "CVE-2015-3331", "CVE-2015-2150", "CVE-2014-9710", "CVE-2015-2666"], "description": "DoS, privilege escalation, protection bypass.", "edition": 1, "modified": "2015-05-10T00:00:00", "published": "2015-05-10T00:00:00", "id": "SECURITYVULNS:VULN:14436", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14436", "title": "Linux kernel multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2019-12-20T18:28:26", "bulletinFamily": "unix", "cvelist": ["CVE-2014-9715", "CVE-2015-2922", "CVE-2015-3636", "CVE-2015-2666"], "description": "**CentOS Errata and Security Advisory** CESA-2015:1534\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An integer overflow flaw was found in the way the Linux kernel's\nnetfilter connection tracking implementation loaded extensions. An attacker\non a local network could potentially send a sequence of specially crafted\npackets that would initiate the loading of a large number of extensions,\ncausing the targeted system in that network to crash. (CVE-2014-9715,\nModerate)\n\n* A stack-based buffer overflow flaw was found in the Linux kernel's early\nload microcode functionality. On a system with UEFI Secure Boot enabled, a\nlocal, privileged user could use this flaw to increase their privileges to\nthe kernel (ring0) level, bypassing intended restrictions in place.\n(CVE-2015-2666, Moderate)\n\n* It was found that the Linux kernel's ping socket implementation did not\nproperly handle socket unhashing during spurious disconnects, which could\nlead to a use-after-free flaw. On x86-64 architecture systems, a local user\nable to create ping sockets could use this flaw to crash the system.\nOn non-x86-64 architecture systems, a local user able to create ping\nsockets could use this flaw to escalate their privileges on the system.\n(CVE-2015-3636, Moderate)\n\n* It was found that the Linux kernel's TCP/IP protocol suite implementation\nfor IPv6 allowed the Hop Limit value to be set to a smaller value than the\ndefault one. An attacker on a local network could use this flaw to prevent\nsystems on that network from sending or receiving network packets.\n(CVE-2015-2922, Low)\n\nRed Hat would like to thank Nathan Hoad for reporting the CVE-2014-9715\nissue.\n\nThis update also fixes several bugs. Refer to the following Knowledgebase\narticle for further information:\n\nhttps://access.redhat.com/articles/1474193\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2015-August/033335.html\n\n**Affected packages:**\nkernel\nkernel-abi-whitelists\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-tools\nkernel-tools-libs\nkernel-tools-libs-devel\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-1534.html", "edition": 3, "modified": "2015-08-06T04:42:16", "published": "2015-08-06T04:42:16", "href": "http://lists.centos.org/pipermail/centos-announce/2015-August/033335.html", "id": "CESA-2015:1534", "title": "kernel, perf, python security update", "type": "centos", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:44:48", "bulletinFamily": "unix", "cvelist": ["CVE-2014-9715", "CVE-2015-2666", "CVE-2015-2922", "CVE-2015-3636"], "description": "The kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An integer overflow flaw was found in the way the Linux kernel's\nnetfilter connection tracking implementation loaded extensions. An attacker\non a local network could potentially send a sequence of specially crafted\npackets that would initiate the loading of a large number of extensions,\ncausing the targeted system in that network to crash. (CVE-2014-9715,\nModerate)\n\n* A stack-based buffer overflow flaw was found in the Linux kernel's early\nload microcode functionality. On a system with UEFI Secure Boot enabled, a\nlocal, privileged user could use this flaw to increase their privileges to\nthe kernel (ring0) level, bypassing intended restrictions in place.\n(CVE-2015-2666, Moderate)\n\n* It was found that the Linux kernel's ping socket implementation did not\nproperly handle socket unhashing during spurious disconnects, which could\nlead to a use-after-free flaw. On x86-64 architecture systems, a local user\nable to create ping sockets could use this flaw to crash the system.\nOn non-x86-64 architecture systems, a local user able to create ping\nsockets could use this flaw to escalate their privileges on the system.\n(CVE-2015-3636, Moderate)\n\n* It was found that the Linux kernel's TCP/IP protocol suite implementation\nfor IPv6 allowed the Hop Limit value to be set to a smaller value than the\ndefault one. An attacker on a local network could use this flaw to prevent\nsystems on that network from sending or receiving network packets.\n(CVE-2015-2922, Low)\n\nRed Hat would like to thank Nathan Hoad for reporting the CVE-2014-9715\nissue.\n\nThe kernel-rt packages have been upgraded to version 3.10.0-229.11.1, which\nprovides a number of bug fixes and enhancements over the previous version,\nincluding:\n\n* drbg: Add stdrng alias and increase priority\n* seqiv / eseqiv / chainiv: Move IV seeding into init function\n* ipv4: kABI fix for 0bbf87d backport\n* ipv4: Convert ipv4.ip_local_port_range to be per netns\n* libceph: tcp_nodelay support\n* ipr: Increase default adapter init stage change timeout\n* fix use-after-free bug in usb_hcd_unlink_urb()\n* libceph: fix double __remove_osd() problem\n* ext4: fix data corruption caused by unwritten and delayed extents\n* sunrpc: Add missing support for RPC_CLNT_CREATE_NO_RETRANS_TIMEOUT\n* nfs: Fixing lease renewal (Benjamin Coddington)\n* control hard lockup detection default\n* Fix print-once on enable\n* watchdog: update watchdog_thresh properly and watchdog attributes\n atomically\n* module: Call module notifier on failure after complete_formation()\n\n(BZ#1234470)\n\nThis update also fixes the following bugs:\n\n* The megasas driver used the smp_processor_id() function within a\npreemptible context, which caused warning messages to be returned to the\nconsole. The function has been changed to raw_smp_processor_id() so that a\nlock is held while getting the processor ID. As a result, correct\noperations are now allowed without any console warnings being produced.\n(BZ#1235304)\n\n* In the NFSv4 file system, non-standard usage of the\nwrite_seqcount_{begin,end}() functions were used, which caused the realtime\ncode to try to sleep while locks were held. As a consequence, the\n\"scheduling while atomic\" error messages were returned. The underlying\nsource code has been modified to use the __write_seqcount_{begin,end}()\nfunctions that do not hold any locks, allowing correct execution of\nrealtime. (BZ#1235301)\n\nAll kernel-rt users are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements. The system must be\nrebooted for this update to take effect.", "modified": "2018-03-19T16:29:53", "published": "2015-07-03T13:57:44", "id": "RHSA-2015:1565", "href": "https://access.redhat.com/errata/RHSA-2015:1565", "type": "redhat", "title": "(RHSA-2015:1565) Moderate: kernel-rt security, bug fix, and enhancement update", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:47:05", "bulletinFamily": "unix", "cvelist": ["CVE-2014-9715", "CVE-2015-2666", "CVE-2015-2922", "CVE-2015-3636"], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An integer overflow flaw was found in the way the Linux kernel's\nnetfilter connection tracking implementation loaded extensions. An attacker\non a local network could potentially send a sequence of specially crafted\npackets that would initiate the loading of a large number of extensions,\ncausing the targeted system in that network to crash. (CVE-2014-9715,\nModerate)\n\n* A stack-based buffer overflow flaw was found in the Linux kernel's early\nload microcode functionality. On a system with UEFI Secure Boot enabled, a\nlocal, privileged user could use this flaw to increase their privileges to\nthe kernel (ring0) level, bypassing intended restrictions in place.\n(CVE-2015-2666, Moderate)\n\n* It was found that the Linux kernel's ping socket implementation did not\nproperly handle socket unhashing during spurious disconnects, which could\nlead to a use-after-free flaw. On x86-64 architecture systems, a local user\nable to create ping sockets could use this flaw to crash the system.\nOn non-x86-64 architecture systems, a local user able to create ping\nsockets could use this flaw to escalate their privileges on the system.\n(CVE-2015-3636, Moderate)\n\n* It was found that the Linux kernel's TCP/IP protocol suite implementation\nfor IPv6 allowed the Hop Limit value to be set to a smaller value than the\ndefault one. An attacker on a local network could use this flaw to prevent\nsystems on that network from sending or receiving network packets.\n(CVE-2015-2922, Low)\n\nRed Hat would like to thank Nathan Hoad for reporting the CVE-2014-9715\nissue.\n\nThis update also fixes several bugs. Refer to the following Knowledgebase\narticle for further information:\n\nhttps://access.redhat.com/articles/1474193\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "modified": "2018-04-12T03:32:44", "published": "2015-08-05T04:00:00", "id": "RHSA-2015:1534", "href": "https://access.redhat.com/errata/RHSA-2015:1534", "type": "redhat", "title": "(RHSA-2015:1534) Moderate: kernel security and bug fix update", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:34:30", "bulletinFamily": "unix", "cvelist": ["CVE-2014-9715", "CVE-2015-2922", "CVE-2015-3636", "CVE-2015-2666", "CVE-2015-1805"], "description": "[3.10.0-229.11.1]\n- Oracle Linux certificates (Alexey Petrenko)\n[3.10.0-229.11.1]\n- [fs] Fixing lease renewal (Steve Dickson) [1226328 1205048]\n- [fs] revert 'nfs: Fixing lease renewal' (Carlos Maiolino) [1226328 1205048]\n- [redhat] spec: Update dracut dependency to 033-241.|ael7b]_1.5 (Phillip Lougher) [1241571 1241344]\n[3.10.0-229.10.1]\n- [redhat] spec: Update dracut dependency to pull in drbg module (Phillip Lougher) [1241571 1241344]\n[3.10.0-229.9.1]\n- [crypto] krng: Remove krng (Herbert Xu) [1238210 1229738]\n- [crypto] drbg: Add stdrng alias and increase priority (Herbert Xu) [1238210 1229738]\n- [crypto] seqiv: Move IV seeding into init function (Herbert Xu) [1238210 1229738]\n- [crypto] eseqiv: Move IV seeding into init function (Herbert Xu) [1238210 1229738]\n- [crypto] chainiv: Move IV seeding into init function (Herbert Xu) [1238210 1229738]\n- [s390] crypto: ghash - Fix incorrect ghash icv buffer handling (Herbert Xu) [1238211 1207598]\n- [kernel] module: Call module notifier on failure after complete_formation() (Bandan Das) [1238937 1236273]\n- [net] ipv4: kABI fix for 0bbf87d backport (Aristeu Rozanski) [1238208 1184764]\n- [net] ipv4: Convert ipv4.ip_local_port_range to be per netns (Aristeu Rozanski) [1238208 1184764]\n- [of] Eliminate of_allnodes list (Gustavo Duarte) [1236983 1210533]\n- [scsi] ipr: Increase default adapter init stage change timeout (Steve Best) [1236139 1229217]\n- [fs] libceph: fix double __remove_osd() problem (Sage Weil) [1236462 1229488]\n- [fs] ext4: fix data corruption caused by unwritten and delayed extents (Lukas Czerner) [1235563 1213487]\n- [kernel] watchdog: update watchdog_thresh properly (Ulrich Obergfell) [1223924 1216074]\n- [kernel] watchdog: update watchdog attributes atomically (Ulrich Obergfell) [1223924 1216074]\n- [virt] kvm: ensure hard lockup detection is disabled by default (Andrew Jones) [1236461 1111262]\n- [watchdog] control hard lockup detection default (Andrew Jones) [1236461 1111262]\n- [watchdog] Fix print-once on enable (Andrew Jones) [1236461 1111262]\n[3.10.0-229.8.1]\n- [fs] fs-cache: The retrieval remaining-pages counter needs to be atomic_t (David Howells) [1231809 1130457]\n- [net] libceph: tcp_nodelay support (Sage Weil) [1231803 1197952]\n- [powerpc] pseries: Simplify check for suspendability during suspend/migration (Gustavo Duarte) [1231638 1207295]\n- [powerpc] pseries: Introduce api_version to migration sysfs interface (Gustavo Duarte) [1231638 1207295]\n- [powerpc] pseries: Little endian fixes for post mobility device tree update (Gustavo Duarte) [1231638 1207295]\n- [fs] sunrpc: Add missing support for RPC_CLNT_CREATE_NO_RETRANS_TIMEOUT (Steve Dickson) [1227825 1111712]\n- [fs] nfs: Fixing lease renewal (Benjamin Coddington) [1226328 1205048]\n- [powerpc] iommu: ddw: Fix endianness (Steve Best) [1224406 1189040]\n- [usb] fix use-after-free bug in usb_hcd_unlink_urb() (Don Zickus) [1223239 1187256]\n- [net] ipv4: Missing sk_nulls_node_init() in ping_unhash() (Denys Vlasenko) [1218104 1218105] {CVE-2015-3636}\n- [net] nf_conntrack: reserve two bytes for nf_ct_ext->len (Marcelo Leitner) [1211096 1206164] {CVE-2014-9715}\n- [net] ipv6: Don't reduce hop limit for an interface (Denys Vlasenko) [1208494 1208496] {CVE-2015-2922}\n- [x86] kernel: execution in the early microcode loader (Jacob Tanenbaum) [1206829 1206830] {CVE-2015-2666}\n- [fs] pipe: fix pipe corruption and iovec overrun on partial copy (Seth Jennings) [1202861 1198843] {CVE-2015-1805}", "edition": 4, "modified": "2015-08-05T00:00:00", "published": "2015-08-05T00:00:00", "id": "ELSA-2015-1534", "href": "http://linux.oracle.com/errata/ELSA-2015-1534.html", "title": "kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2016-09-04T12:06:22", "bulletinFamily": "unix", "cvelist": ["CVE-2015-2830", "CVE-2015-3332", "CVE-2015-2922", "CVE-2015-3339", "CVE-2014-3647", "CVE-2015-3331", "CVE-2015-1465", "CVE-2014-8159", "CVE-2015-3636", "CVE-2014-8086", "CVE-2015-2041", "CVE-2015-2042", "CVE-2015-2666"], "edition": 1, "description": "The SUSE Linux Enterprise 12 kernel was updated to version 3.12.43 to\n receive various security and bugfixes.\n\n Following security bugs were fixed:\n\n - CVE-2014-3647: arch/x86/kvm/emulate.c in the KVM subsystem in the Linux\n kernel through 3.17.2 did not properly perform RIP changes, which\n allowed guest OS users to cause a denial of service (guest OS crash) via\n a crafted application (bsc#899192).\n - CVE-2014-8086: Race condition in the ext4_file_write_iter function in\n fs/ext4/file.c in the Linux kernel through 3.17 allowed local users to\n cause a denial of service (file unavailability) via a combination of a\n write action and an F_SETFL fcntl operation for the O_DIRECT flag\n (bsc#900881).\n - CVE-2014-8159: The InfiniBand (IB) implementation did not properly\n restrict use of User Verbs for registration of memory regions, which\n allowed local users to access arbitrary physical memory locations, and\n consequently cause a denial of service (system crash) or gain\n privileges, by leveraging permissions on a uverbs device under\n /dev/infiniband/ (bsc#914742).\n - CVE-2015-1465: The IPv4 implementation in the Linux kernel before 3.18.8\n did not properly consider the length of the Read-Copy Update (RCU) grace\n period for redirecting lookups in the absence of caching, which allowed\n remote attackers to cause a denial of service (memory consumption or\n system crash) via a flood of packets (bsc#916225).\n - CVE-2015-2041: net/llc/sysctl_net_llc.c in the Linux kernel before 3.19\n used an incorrect data type in a sysctl table, which allowed local users\n to obtain potentially sensitive information from kernel memory or\n possibly have unspecified other impact by accessing a sysctl entry\n (bsc#919007).\n - CVE-2015-2042: net/rds/sysctl.c in the Linux kernel before 3.19 used an\n incorrect data type in a sysctl table, which allowed local users to\n obtain potentially sensitive information from kernel memory or possibly\n have unspecified other impact by accessing a sysctl entry (bsc#919018).\n - CVE-2015-2666: Fixed a flaw that allowed crafted microcode to overflow\n the kernel stack (bsc#922944).\n - CVE-2015-2830: Fixed int80 fork from 64-bit tasks mishandling\n (bsc#926240).\n - CVE-2015-2922: Fixed possible denial of service (DoS) attack against\n IPv6 network stacks due to improper handling of Router Advertisements\n (bsc#922583).\n - CVE-2015-3331: Fixed buffer overruns in RFC4106 implementation using\n AESNI (bsc#927257).\n - CVE-2015-3332: Fixed TCP Fast Open local DoS (bsc#928135).\n - CVE-2015-3339: Fixed race condition flaw between the chown() and\n execve() system calls which could have lead to local privilege\n escalation (bsc#928130).\n - CVE-2015-3636: Fixed use-after-free in ping sockets which could have\n lead to local privilege escalation (bsc#929525).\n\n The following non-security bugs were fixed:\n\n - /proc/stat: convert to single_open_size() (bsc#928122).\n - ACPI / sysfs: Treat the count field of counter_show() as unsigned\n (bsc#909312).\n - Automatically Provide/Obsolete all subpackages of old flavors\n (bsc#925567)\n - Btrfs: btrfs_release_extent_buffer_page did not free pages of dummy\n extent (bsc#930226).\n - Btrfs: fix inode eviction infinite loop after cloning into it\n (bsc#930224).\n - Btrfs: fix inode eviction infinite loop after extent_same ioctl\n (bsc#930224).\n - Btrfs: fix log tree corruption when fs mounted with -o discard\n (bsc#927116).\n - Btrfs: fix up bounds checking in lseek (bsc#927115).\n - Fix rtworkqueues crash. Calling __sched_setscheduler() in interrupt\n context is forbidden, and destroy_worker() did so in the timer interrupt\n with a nohz_full config. Preclude that possibility for both boot options.\n - Input: psmouse - add psmouse_matches_pnp_id helper function (bsc#929092).\n - Input: synaptics - fix middle button on Lenovo 2015 products\n (bsc#929092).\n - Input: synaptics - handle spurious release of trackstick buttons\n (bsc#929092).\n - Input: synaptics - re-route tracksticks buttons on the Lenovo 2015\n series (bsc#929092).\n - Input: synaptics - remove TOPBUTTONPAD property for Lenovos 2015\n (bsc#929092).\n - Input: synaptics - retrieve the extended capabilities in query $10\n (bsc#929092).\n - NFS: Add attribute update barriers to nfs_setattr_update_inode()\n (bsc#920262).\n - NFS: restore kabi after change to nfs_setattr_update_inode (bsc#920262).\n - af_iucv: fix AF_IUCV sendmsg() errno (bsc#927308, LTC#123304).\n - audit: do not reject all AUDIT_INODE filter types (bsc#927455).\n - bnx2x: Fix kdump when iommu=on (bsc#921769).\n - cpufreq: fix a NULL pointer dereference in __cpufreq_governor()\n (bsc#924664).\n - dasd: Fix device having no paths after suspend/resume (bsc#927308,\n LTC#123896).\n - dasd: Fix inability to set a DASD device offline (bsc#927308,\n LTC#123905).\n - dasd: Fix unresumed device after suspend/resume (bsc#927308, LTC#123892).\n - dasd: Missing partition after online processing (bsc#917125, LTC#120565).\n - drm/radeon/cik: Add macrotile mode array query (bsc#927285).\n - drm/radeon: fix display tiling setup on SI (bsc#927285).\n - drm/radeon: set correct number of banks for CIK chips in DCE\n (bsc#927285).\n - iommu/amd: Correctly encode huge pages in iommu page tables (bsc#931014).\n - iommu/amd: Optimize alloc_new_range for new fetch_pte interface\n (bsc#931014).\n - iommu/amd: Optimize amd_iommu_iova_to_phys for new fetch_pte interface\n (bsc#931014).\n - iommu/amd: Optimize iommu_unmap_page for new fetch_pte interface\n (bsc#931014).\n - iommu/amd: Return the pte page-size in fetch_pte (bsc#931014).\n - ipc/shm.c: fix overly aggressive shmdt() when calls span multiple\n segments (ipc fixes).\n - ipmi: Turn off all activity on an idle ipmi interface (bsc#915540).\n - ixgbe: fix detection of SFP+ capable interfaces (bsc#922734).\n - kgr: add error code to the message in kgr_revert_replaced_funs.\n - kgr: add kgraft annotations to kthreads wait_event_freezable() API calls.\n - kgr: correct error handling of the first patching stage.\n - kgr: handle the delayed patching of the modules.\n - kgr: handle the failure of finalization stage.\n - kgr: return error in kgr_init if notifier registration fails.\n - kgr: take switching of the fops out of kgr_patch_code to new function.\n - kgr: use for_each_process_thread (bsc#929883).\n - kgr: use kgr_in_progress for all threads (bnc#929883).\n - libata: Blacklist queued TRIM on Samsung SSD 850 Pro (bsc#926156).\n - mlx4: Call dev_kfree_skby_any instead of dev_kfree_skb (bsc#928708).\n - mm, numa: really disable NUMA balancing by default on single node\n machines (Automatic NUMA Balancing).\n - mm: vmscan: do not throttle based on pfmemalloc reserves if node has no\n reclaimable pages (bsc#924803, VM Functionality).\n - net/mlx4: Cache line CQE/EQE stride fixes (bsc#927084).\n - net/mlx4_core: Cache line EQE size support (bsc#927084).\n - net/mlx4_core: Enable CQE/EQE stride support (bsc#927084).\n - net/mlx4_en: Add mlx4_en_get_cqe helper (bsc#927084).\n - perf/x86/amd/ibs: Update IBS MSRs and feature definitions.\n - powerpc/mm: Fix mmap errno when MAP_FIXED is set and mapping exceeds the\n allowed address space (bsc#930669).\n - powerpc/numa: Add ability to disable and debug topology updates\n (bsc#924809).\n - powerpc/numa: Enable CONFIG_HAVE_MEMORYLESS_NODES (bsc#924809).\n - powerpc/numa: Enable USE_PERCPU_NUMA_NODE_ID (bsc#924809).\n - powerpc/numa: check error return from proc_create (bsc#924809).\n - powerpc/numa: ensure per-cpu NUMA mappings are correct on topology\n update (bsc#924809).\n - powerpc/numa: use cached value of update-&amp;gt;cpu in update_cpu_topology\n (bsc#924809).\n - powerpc/perf: Cap 64bit userspace backtraces to PERF_MAX_STACK_DEPTH\n (bsc#928141).\n - powerpc/pseries: Introduce api_version to migration sysfs interface\n (bsc#926314).\n - powerpc/pseries: Little endian fixes for post mobility device tree\n update (bsc#926314).\n - powerpc/pseries: Simplify check for suspendability during\n suspend/migration (bsc#926314).\n - powerpc: Fix sys_call_table declaration to enable syscall tracing.\n - powerpc: Fix warning reported by verify_cpu_node_mapping() (bsc#924809).\n - powerpc: Only set numa node information for present cpus at boottime\n (bsc#924809).\n - powerpc: reorder per-cpu NUMA information initialization (bsc#924809).\n - powerpc: some changes in numa_setup_cpu() (bsc#924809).\n - quota: Fix use of units in quota getting / setting interfaces\n (bsc#913232).\n - rpm/kernel-binary.spec.in: Fix build if there is no *.crt file\n - rpm/kernel-obs-qa.spec.in: Do not fail if the kernel versions do not\n match\n - s390/bpf: Fix ALU_NEG (A = -A) (bsc#917125, LTC#121759).\n - s390/bpf: Fix JMP_JGE_K (A &gt;= K) and JMP_JGT_K (A &gt; K) (bsc#917125,\n LTC#121759).\n - s390/bpf: Fix JMP_JGE_X (A &gt; X) and JMP_JGT_X (A &gt;= X) (bsc#917125,\n LTC#121759).\n - s390/bpf: Fix offset parameter for skb_copy_bits() (bsc#917125,\n LTC#121759).\n - s390/bpf: Fix sk_load_byte_msh() (bsc#917125, LTC#121759).\n - s390/bpf: Fix skb_copy_bits() parameter passing (bsc#917125, LTC#121759).\n - s390/bpf: Zero extend parameters before calling C function (bsc#917125,\n LTC#121759).\n - s390/sclp: Consolidate early sclp init calls to sclp_early_detect()\n (bsc#917125, LTC#122429).\n - s390/sclp: Determine HSA size dynamically for zfcpdump (bsc#917125,\n LTC#122429).\n - s390/sclp: Move declarations for sclp_sdias into separate header file\n (bsc#917125, LTC#122429).\n - s390/sclp: Move early code from sclp_cmd.c to sclp_early.c (bsc#917125,\n LTC#122429).\n - s390/sclp: replace uninitialized early_event_mask_sccb variable with\n sccb_early (bsc#917125, LTC#122429).\n - s390/sclp: revert smp-detect-possible-cpus.patch (bsc#917125,\n LTC#122429).\n - s390/sclp_early: Add function to detect sclp console capabilities\n (bsc#917125, LTC#122429).\n - s390/sclp_early: Get rid of sclp_early_read_info_sccb_valid (bsc#917125,\n LTC#122429).\n - s390/sclp_early: Pass sccb pointer to every *_detect() function\n (bsc#917125, LTC#122429).\n - s390/sclp_early: Replace early_read_info_sccb with sccb_early\n (bsc#917125, LTC#122429).\n - s390/sclp_early: Return correct HSA block count also for zero\n (bsc#917125, LTC#122429).\n - s390/smp: limit number of cpus in possible cpu mask (bsc#917125,\n LTC#122429).\n - s390: kgr, change the kgraft state only if enabled.\n - sched, time: Fix lock inversion in thread_group_cputime()\n - sched: Fix potential near-infinite distribute_cfs_runtime() loop\n (bsc#930786)\n - sched: Robustify topology setup (bsc#924809).\n - seqlock: Add irqsave variant of read_seqbegin_or_lock() (Time\n scalability).\n - storvsc: Set the SRB flags correctly when no data transfer is needed\n (bsc#931130).\n - x86/apic/uv: Update the APIC UV OEM check (bsc#929145).\n - x86/apic/uv: Update the UV APIC HUB check (bsc#929145).\n - x86/apic/uv: Update the UV APIC driver check (bsc#929145).\n - x86/microcode/intel: Guard against stack overflow in the loader\n (bsc#922944).\n\n", "modified": "2015-06-16T14:05:03", "published": "2015-06-16T14:05:03", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00012.html", "id": "SUSE-SU-2015:1071-1", "type": "suse", "title": "Security update for the Linux Kernel (important)", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:56:09", "bulletinFamily": "unix", "cvelist": ["CVE-2014-9715", "CVE-2015-8551", "CVE-2015-2830", "CVE-2015-4003", "CVE-2015-4692", "CVE-2015-2925", "CVE-2014-9529", "CVE-2015-8215", "CVE-2015-1420", "CVE-2014-9090", "CVE-2015-5364", "CVE-2015-4002", "CVE-2015-2922", "CVE-2015-7550", "CVE-2015-3339", "CVE-2014-2568", "CVE-2014-9728", "CVE-2014-8989", "CVE-2015-1421", "CVE-2014-9730", "CVE-2015-4004", "CVE-2015-5366", "CVE-2015-7872", "CVE-2015-5307", "CVE-2015-8550", "CVE-2015-4001", "CVE-2015-8543", "CVE-2016-0728", "CVE-2015-7990", "CVE-2015-0777", "CVE-2014-9729", "CVE-2015-3636", "CVE-2015-7833", "CVE-2015-8767", "CVE-2015-3212", "CVE-2015-7799", "CVE-2014-9683", "CVE-2015-2150", "CVE-2015-5283", "CVE-2015-8575", "CVE-2015-8552", "CVE-2015-4167", "CVE-2015-8569", "CVE-2014-8133", "CVE-2015-2041", "CVE-2014-9419", "CVE-2015-0272", "CVE-2014-9731", "CVE-2015-5707", "CVE-2015-5157", "CVE-2015-7885", "CVE-2015-4036", "CVE-2015-2042", "CVE-2015-6937", "CVE-2015-8104", "CVE-2015-4700", "CVE-2015-2666"], "description": "The openSUSE 13.1 kernel was updated to receive various security and\n bugfixes.\n\n Following security bugs were fixed:\n - CVE-2016-0728: A reference leak in keyring handling with\n join_session_keyring() could lead to local attackers gain root\n privileges. (bsc#962075).\n - CVE-2015-7550: A local user could have triggered a race between read and\n revoke in keyctl (bnc#958951).\n - CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in\n drivers/net/ppp/pptp.c in the Linux kernel did not verify an address\n length, which allowed local users to obtain sensitive information from\n kernel memory and bypass the KASLR protection mechanism via a crafted\n application (bnc#959190).\n - CVE-2015-8543: The networking implementation in the Linux kernel did not\n validate protocol identifiers for certain protocol families, which\n allowed local users to cause a denial of service (NULL function pointer\n dereference and system crash) or possibly gain privileges by leveraging\n CLONE_NEWUSER support to execute a crafted SOCK_RAW application\n (bnc#958886).\n - CVE-2014-8989: The Linux kernel did not properly restrict dropping\n of supplemental group memberships in certain namespace scenarios, which\n allowed local users to bypass intended file permissions by leveraging a\n POSIX ACL containing an entry for the group category that is more\n restrictive than the entry for the other category, aka a &quot;negative\n groups&quot; issue, related to kernel/groups.c, kernel/uid16.c, and\n kernel/user_namespace.c (bnc#906545).\n - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel on the\n x86_64 platform mishandles IRET faults in processing NMIs that\n occurred during userspace execution, which might allow local users to\n gain privileges by triggering an NMI (bnc#937969).\n - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the\n Linux kernel through 4.2.3 did not ensure that certain slot numbers are\n valid, which allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl\n call (bnc#949936).\n - CVE-2015-8104: The KVM subsystem in the Linux kernel through 4.2.6, and\n Xen 4.3.x through 4.6.x, allowed guest OS users to cause a denial\n of service (host OS panic or hang) by triggering many #DB (aka Debug)\n exceptions, related to svm.c (bnc#954404).\n - CVE-2015-5307: The KVM subsystem in the Linux kernel through 4.2.6, and\n Xen 4.3.x through 4.6.x, allowed guest OS users to cause a denial\n of service (host OS panic or hang) by triggering many #AC (aka Alignment\n Check) exceptions, related to svm.c and vmx.c (bnc#953527).\n - CVE-2014-9529: Race condition in the key_gc_unused_keys function in\n security/keys/gc.c in the Linux kernel allowed local users to cause a\n denial of service (memory corruption or panic) or possibly have\n unspecified other impact via keyctl commands that trigger access to a\n key structure member during garbage collection of a key (bnc#912202).\n - CVE-2015-7990: Race condition in the rds_sendmsg function in\n net/rds/sendmsg.c in the Linux kernel allowed local users to cause a\n denial of service (NULL pointer dereference and system crash) or\n possibly have unspecified other impact by using a socket that was not\n properly bound. NOTE: this vulnerability exists because of an\n incomplete fix for CVE-2015-6937 (bnc#952384 953052).\n - CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in\n the Linux kernel allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) or possibly have unspecified\n other impact by using a socket that was not properly bound (bnc#945825).\n - CVE-2015-7885: The dgnc_mgmt_ioctl function in\n drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 did\n not initialize a certain structure member, which allowed local users to\n obtain sensitive information from kernel memory via a crafted\n application (bnc#951627).\n - CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel\n did not validate attempted changes to the MTU value, which allowed\n context-dependent attackers to cause a denial of service (packet loss)\n via a value that is (1) smaller than the minimum compliant value or (2)\n larger than the MTU of an interface, as demonstrated by a Router\n Advertisement (RA) message that is not validated by a daemon, a\n different vulnerability than CVE-2015-0272. NOTE: the scope of\n CVE-2015-0272 is limited to the NetworkManager product (bnc#955354).\n - CVE-2015-8767: A case can occur when sctp_accept() is called by the user\n during a heartbeat timeout event after the 4-way handshake. Since\n sctp_assoc_migrate() changes both assoc-&gt;base.sk and assoc-&gt;ep, the\n bh_sock_lock in sctp_generate_heartbeat_event() will be taken with the\n listening socket but released with the new association socket. The\n result is a deadlock on any future attempts to take the listening socket\n lock. (bsc#961509)\n - CVE-2015-8575: Validate socket address length in sco_sock_bind() to\n prevent information leak (bsc#959399).\n - CVE-2015-8551, CVE-2015-8552: xen/pciback: For\n XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled\n (bsc#957990).\n - CVE-2015-8550: Compiler optimizations in the XEN PV backend drivers\n could have lead to double fetch vulnerabilities, causing denial of\n service or arbitrary code execution (depending on the configuration)\n (bsc#957988).\n\n The following non-security bugs were fixed:\n - ALSA: hda - Disable 64bit address for Creative HDA controllers\n (bnc#814440).\n - ALSA: hda - Fix noise problems on Thinkpad T440s (boo#958504).\n - Input: aiptek - fix crash on detecting device without endpoints\n (bnc#956708).\n - KEYS: Make /proc/keys unconditional if CONFIG_KEYS=y (boo#956934).\n - KVM: x86: update masterclock values on TSC writes (bsc#961739).\n - NFS: Fix a NULL pointer dereference of migration recovery ops for v4.2\n client (bsc#960839).\n - apparmor: allow SYS_CAP_RESOURCE to be sufficient to prlimit another\n task (bsc#921949).\n - blktap: also call blkif_disconnect() when frontend switched to closed\n (bsc#952976).\n - blktap: refine mm tracking (bsc#952976).\n - cdrom: Random writing support for BD-RE media (bnc#959568).\n - genksyms: Handle string literals with spaces in reference files\n (bsc#958510).\n - ipv4: Do not increase PMTU with Datagram Too Big message (bsc#955224).\n - ipv6: distinguish frag queues by device for multicast and link-local\n packets (bsc#955422).\n - ipv6: fix tunnel error handling (bsc#952579).\n - route: Use ipv4_mtu instead of raw rt_pmtu (bsc#955224).\n - uas: Add response iu handling (bnc#954138).\n - usbvision fix overflow of interfaces array (bnc#950998).\n - x86/evtchn: make use of PHYSDEVOP_map_pirq.\n - xen/pciback: Do not allow MSI-X ops if PCI_COMMAND_MEMORY is not set\n (bsc#957990 XSA-157).\n\n", "edition": 1, "modified": "2016-02-01T16:11:19", "published": "2016-02-01T16:11:19", "id": "OPENSUSE-SU-2016:0301-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00000.html", "type": "suse", "title": "Security update for the Linux Kernel (important)", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-8133", "CVE-2014-8134", "CVE-2014-8159", "CVE-2014-8559", "CVE-2014-8989", "CVE-2014-9090", "CVE-2014-9419", "CVE-2014-9428", "CVE-2014-9529", "CVE-2014-9585", "CVE-2015-0239", "CVE-2015-0275", "CVE-2015-1421", "CVE-2015-1593", "CVE-2015-2042", "CVE-2015-2150", "CVE-2015-2666"], "description": "The kernel meta package ", "modified": "2015-03-29T04:31:39", "published": "2015-03-29T04:31:39", "id": "FEDORA:92F5160877B4", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: kernel-3.19.2-201.fc21", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-8133", "CVE-2014-8134", "CVE-2014-8159", "CVE-2014-8559", "CVE-2014-8989", "CVE-2014-9090", "CVE-2014-9419", "CVE-2014-9428", "CVE-2014-9529", "CVE-2014-9585", "CVE-2015-0239", "CVE-2015-0275", "CVE-2015-1421", "CVE-2015-1593", "CVE-2015-2042", "CVE-2015-2150", "CVE-2015-2666", "CVE-2015-2922"], "description": "The kernel meta package ", "modified": "2015-04-22T22:54:38", "published": "2015-04-22T22:54:38", "id": "FEDORA:B9C4760130DC", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: kernel-3.19.4-200.fc21", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2014-8133", "CVE-2014-8134", "CVE-2014-8159", "CVE-2014-8559", "CVE-2014-8989", "CVE-2014-9090", "CVE-2014-9419", "CVE-2014-9428", "CVE-2014-9529", "CVE-2014-9585", "CVE-2015-0239", "CVE-2015-0275", "CVE-2015-1421", "CVE-2015-1593", "CVE-2015-2042", "CVE-2015-2150", "CVE-2015-2666", "CVE-2015-3339", "CVE-2015-3636"], "description": "The kernel meta package ", "modified": "2015-06-01T17:07:06", "published": "2015-06-01T17:07:06", "id": "FEDORA:0777460874C8", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: kernel-4.0.4-202.fc21", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2014-8133", "CVE-2014-8134", "CVE-2014-8159", "CVE-2014-8559", "CVE-2014-8989", "CVE-2014-9090", "CVE-2014-9419", "CVE-2014-9428", "CVE-2014-9529", "CVE-2014-9585", "CVE-2015-0239", "CVE-2015-0275", "CVE-2015-1421", "CVE-2015-1593", "CVE-2015-2042", "CVE-2015-2150", "CVE-2015-2666", "CVE-2015-3339", "CVE-2015-3636"], "description": "The kernel meta package ", "modified": "2015-05-12T20:41:10", "published": "2015-05-12T20:41:10", "id": "FEDORA:D0CC960762B3", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: kernel-3.19.7-200.fc21", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2014-8133", "CVE-2014-8134", "CVE-2014-8159", "CVE-2014-8559", "CVE-2014-8989", "CVE-2014-9090", "CVE-2014-9419", "CVE-2014-9428", "CVE-2014-9529", "CVE-2014-9585", "CVE-2015-0239", "CVE-2015-0275", "CVE-2015-1420", "CVE-2015-1421", "CVE-2015-1593", "CVE-2015-2042", "CVE-2015-2150", "CVE-2015-2666", "CVE-2015-3339", "CVE-2015-3636"], "description": "The kernel meta package ", "modified": "2015-06-20T23:59:29", "published": "2015-06-20T23:59:29", "id": "FEDORA:51EB2601616F", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: kernel-4.0.5-200.fc21", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2014-8133", "CVE-2014-8134", "CVE-2014-8159", "CVE-2014-8559", "CVE-2014-8989", "CVE-2014-9090", "CVE-2014-9419", "CVE-2014-9428", "CVE-2014-9529", "CVE-2014-9585", "CVE-2015-0239", "CVE-2015-0275", "CVE-2015-1420", "CVE-2015-1421", "CVE-2015-1593", "CVE-2015-2042", "CVE-2015-2150", "CVE-2015-2666", "CVE-2015-3339", "CVE-2015-3636", "CVE-2015-4692"], "description": "The kernel meta package ", "modified": "2015-06-30T20:12:56", "published": "2015-06-30T20:12:56", "id": "FEDORA:CE3236087E07", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: kernel-4.0.6-200.fc21", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2014-8133", "CVE-2014-8134", "CVE-2014-8159", "CVE-2014-8559", "CVE-2014-8989", "CVE-2014-9090", "CVE-2014-9419", "CVE-2014-9428", "CVE-2014-9529", "CVE-2014-9585", "CVE-2015-0239", "CVE-2015-0275", "CVE-2015-1333", "CVE-2015-1420", "CVE-2015-1421", "CVE-2015-1593", "CVE-2015-2042", "CVE-2015-2150", "CVE-2015-2666", "CVE-2015-3290", "CVE-2015-3291", "CVE-2015-3339", "CVE-2015-3636", "CVE-2015-5697"], "description": "The kernel meta package ", "modified": "2015-08-12T07:05:31", "published": "2015-08-12T07:05:31", "id": "FEDORA:60B8C60918D5", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: kernel-4.1.4-100.fc21", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2014-8133", "CVE-2014-8134", "CVE-2014-8159", "CVE-2014-8559", "CVE-2014-8989", "CVE-2014-9090", "CVE-2014-9419", "CVE-2014-9428", "CVE-2014-9529", "CVE-2014-9585", "CVE-2015-0239", "CVE-2015-0275", "CVE-2015-1333", "CVE-2015-1420", "CVE-2015-1421", "CVE-2015-1593", "CVE-2015-2042", "CVE-2015-2150", "CVE-2015-2666", "CVE-2015-3290", "CVE-2015-3291", "CVE-2015-3339", "CVE-2015-3636", "CVE-2015-5697"], "description": "The kernel meta package ", "modified": "2015-08-19T08:12:07", "published": "2015-08-19T08:12:07", "id": "FEDORA:4375D611D164", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: kernel-4.1.5-100.fc21", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4579", "CVE-2013-4587", "CVE-2013-6367", "CVE-2013-6368", "CVE-2013-6376", "CVE-2014-0049", "CVE-2014-0055", "CVE-2014-0069", "CVE-2014-0077", "CVE-2014-0100", "CVE-2014-0101", "CVE-2014-0102", "CVE-2014-0131", "CVE-2014-0155", "CVE-2014-0181", "CVE-2014-0196", "CVE-2014-0206", "CVE-2014-1438", "CVE-2014-1446", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-1874", "CVE-2014-2039", "CVE-2014-2309", "CVE-2014-2523", "CVE-2014-2568", "CVE-2014-2580", "CVE-2014-2678", "CVE-2014-2851", "CVE-2014-3122", "CVE-2014-3144", "CVE-2014-3145", "CVE-2014-3153", "CVE-2014-3181", "CVE-2014-3186", "CVE-2014-3534", "CVE-2014-3610", "CVE-2014-3611", "CVE-2014-3631", "CVE-2014-3646", "CVE-2014-3673", "CVE-2014-3687", "CVE-2014-3688", "CVE-2014-3690", "CVE-2014-3917", "CVE-2014-3940", "CVE-2014-4014", "CVE-2014-4171", "CVE-2014-4508", "CVE-2014-4699", "CVE-2014-4715", "CVE-2014-4943", "CVE-2014-5045", "CVE-2014-5077", "CVE-2014-6410", "CVE-2014-7825", "CVE-2014-7826", "CVE-2014-7841", "CVE-2014-7842", "CVE-2014-7843", "CVE-2014-7970", "CVE-2014-7975", "CVE-2014-8086", "CVE-2014-8133", "CVE-2014-8134", "CVE-2014-8159", "CVE-2014-8160", "CVE-2014-8369", "CVE-2014-8559", "CVE-2014-8989", "CVE-2014-9090", "CVE-2014-9419", "CVE-2014-9428", "CVE-2014-9529", "CVE-2014-9585", "CVE-2015-0275", "CVE-2015-1421", "CVE-2015-1593", "CVE-2015-2042", "CVE-2015-2150", "CVE-2015-2666", "CVE-2015-2672"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2015-04-07T07:29:52", "published": "2015-04-07T07:29:52", "id": "FEDORA:33D8860877E1", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: kernel-3.19.3-100.fc20", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4579", "CVE-2013-4587", "CVE-2013-6367", "CVE-2013-6368", "CVE-2013-6376", "CVE-2014-0049", "CVE-2014-0055", "CVE-2014-0069", "CVE-2014-0077", "CVE-2014-0100", "CVE-2014-0101", "CVE-2014-0102", "CVE-2014-0131", "CVE-2014-0155", "CVE-2014-0181", "CVE-2014-0196", "CVE-2014-0206", "CVE-2014-1438", "CVE-2014-1446", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-1874", "CVE-2014-2039", "CVE-2014-2309", "CVE-2014-2523", "CVE-2014-2568", "CVE-2014-2580", "CVE-2014-2678", "CVE-2014-2851", "CVE-2014-3122", "CVE-2014-3144", "CVE-2014-3145", "CVE-2014-3153", "CVE-2014-3181", "CVE-2014-3186", "CVE-2014-3534", "CVE-2014-3610", "CVE-2014-3611", "CVE-2014-3631", "CVE-2014-3646", "CVE-2014-3673", "CVE-2014-3687", "CVE-2014-3688", "CVE-2014-3690", "CVE-2014-3917", "CVE-2014-3940", "CVE-2014-4014", "CVE-2014-4171", "CVE-2014-4508", "CVE-2014-4699", "CVE-2014-4715", "CVE-2014-4943", "CVE-2014-5045", "CVE-2014-5077", "CVE-2014-6410", "CVE-2014-7825", "CVE-2014-7826", "CVE-2014-7841", "CVE-2014-7842", "CVE-2014-7843", "CVE-2014-7970", "CVE-2014-7975", "CVE-2014-8086", "CVE-2014-8133", "CVE-2014-8134", "CVE-2014-8159", "CVE-2014-8160", "CVE-2014-8369", "CVE-2014-8559", "CVE-2014-8989", "CVE-2014-9090", "CVE-2014-9419", "CVE-2014-9428", "CVE-2014-9529", "CVE-2014-9585", "CVE-2015-0275", "CVE-2015-1421", "CVE-2015-1593", "CVE-2015-2042", "CVE-2015-2150", "CVE-2015-2666", "CVE-2015-2672", "CVE-2015-2922"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2015-04-22T22:46:59", "published": "2015-04-22T22:46:59", "id": "FEDORA:C26F460906BA", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: kernel-3.19.4-100.fc20", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}