Vulners
Lucene search
MiracleLinux 4 : kernel-2.6.32-131.12.1.el6 (AXSA:2011-489:04)
| Reporter | Title | Published | Views | Family All 1215 |
|---|---|---|---|---|
 | Security fix for the ALT Linux 6 package xen version 4.1.1-alt1 | 15 Jun 201100:00 | – | altlinux |
 | CentOS 5 : kernel (CESA-2011:0163) | 15 Apr 201100:00 | – | nessus |
| CentOS 5 : kernel (CESA-2011:0303) | 15 Apr 201100:00 | – | nessus |
| CentOS 5 : kernel (CESA-2011:0429) | 15 Apr 201100:00 | – | nessus |
| CentOS 5 : kernel (CESA-2011:0833) | 29 Jun 201300:00 | – | nessus |
| CentOS 5 : kernel (CESA-2011:0927) | 19 Jul 201100:00 | – | nessus |
| CentOS 5 : kernel (CESA-2011:1065) | 23 Sep 201100:00 | – | nessus |
| CentOS 5 : kernel (CESA-2011:1386) | 21 Oct 201100:00 | – | nessus |
| CentOS 5 : kernel (CESA-2011:1479) | 29 Jun 201300:00 | – | nessus |
| Debian DSA-2126-1 : linux-2.6 - privilege escalation/denial of service/information leak | 29 Nov 201000:00 | – | nessus |
10
10
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Miracle Linux Security Advisory AXSA:2011-489:04.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(284480);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/19");
script_cve_id(
"CVE-2010-4250",
"CVE-2010-4251",
"CVE-2010-4648",
"CVE-2010-4655",
"CVE-2010-4656",
"CVE-2011-0006",
"CVE-2011-0716",
"CVE-2011-0726",
"CVE-2011-1019",
"CVE-2011-1023",
"CVE-2011-1079",
"CVE-2011-1080",
"CVE-2011-1093",
"CVE-2011-1170",
"CVE-2011-1171",
"CVE-2011-1172",
"CVE-2011-1182",
"CVE-2011-1478",
"CVE-2011-1573",
"CVE-2011-1576"
);
script_name(english:"MiracleLinux 4 : kernel-2.6.32-131.12.1.el6 (AXSA:2011-489:04)");
script_set_attribute(attribute:"synopsis", value:
"The remote MiracleLinux host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the
AXSA:2011-489:04 advisory.
The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The
kernel handles the basic functions of the operating system: memory allocation, process allocation, device
input and output, etc.
Security issues fixed with this release:
CVE-2011-1593
Multiple integer overflows in the next_pidmap function in kernel/pid.c in
the Linux kernel before 2.6.38.4 allow local users to cause a denial of service
(system crash) via a crafted (1) getdents or (2) readdir system call.
CVE-2011-1898
Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough on Intel VT-d chipsets that do not
have interrupt remapping, allows guest OS users to gain host OS privileges by using DMA to generate MSI
interrupts by writing to the interrupt injection registers.
CVE-2011-2492
The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data
structures, which allows local users to obtain potentially sensitive information from kernel memory via a
crafted getsockopt system call, related to (1) the l2cap_sock_getsockopt_old function in
net/bluetooth/l2cap_sock.c and (2) the rfcomm_sock_getsockopt_old function in net/bluetooth/rfcomm/sock.c.
CVE-2011-2689
The gfs2_fallocate function in fs/gfs2/file.c in the Linux kernel before 3.0-rc1 does not ensure that the
size of a chunk allocation is a multiple of the block size, which allows local users to cause a denial of
service (BUG and system crash) by arranging for all resource groups to have too little free space.
CVE-2011-2695
Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local users to
cause a denial of service (BUG_ON and system crash) by accessing a sparse file in extent format with a
write operation involving a block number corresponding to the largest possible 32-bit unsigned
integer.
CVE-2011-0999
mm/huge_memory.c in the Linux kernel before 2.6.38-rc5 does not prevent creation of a transparent huge
page (THP) during the existence of a temporary stack for an exec system call, which allows local users to
cause a denial of service (memory consumption) or possibly have unspecified other impact via a crafted
application.
CVE-2011-1010
Buffer overflow in the mac_partition function in fs/partitions/mac.c in the Linux kernel before 2.6.37.2
allows local users to cause a denial of service (panic) or possibly have unspecified other impact via a
malformed Mac OS partition table.
CVE-2011-1082
fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file descriptors within other epoll data
structures without properly checking for (1) closed loops or (2) deep chains, which allows local users to
cause a denial of service (deadlock or stack memory consumption) via a crafted application that makes
epoll_create and epoll_ctl system calls.
CVE-2011-1090
The __nfs4_proc_set_acl function in fs/nfs/nfs4proc.c in the Linux kernel before 2.6.38 stores NFSv4 ACL
data in memory that is allocated by kmalloc but not properly freed, which allows local users to cause a
denial of service (panic) via a crafted attempt to set an ACL.
CVE-2011-1163
The osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly
handle an invalid number of partitions, which might allow local users to obtain potentially sensitive
information from kernel heap memory via vectors related to partition-table parsing.
CVE-2011-1494
Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux
kernel 2.6.38 and earlier might allow local users to gain privileges or cause a denial of service (memory
corruption) via an ioctl call specifying a crafted value that triggers a heap-based buffer overflow.
CVE-2011-1495
drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and
(2) offset values before performing memory copy operations, which might allow local users to gain
privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel
memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions.
CVE-2010-3296
The cxgb_extension_ioctl function in drivers/net/cxgb3/cxgb3_main.c in the Linux kernel before 2.6.36-rc5
does not properly initialize a certain structure member, which allows local users to obtain potentially
sensitive information from kernel stack memory via a CHELSIO_GET_QSET_NUM ioctl call.
CVE-2010-4346
The install_special_mapping function in mm/mmap.c in the Linux kernel before 2.6.37-rc6 does not make an
expected security_file_mmap function call, which allows local users to bypass intended mmap_min_addr
restrictions and possibly conduct NULL pointer dereference attacks via a crafted assembly-language
application.
CVE-2010-4526
Race condition in the sctp_icmp_proto_unreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2
through 2.6.33 allows remote attackers to cause a denial of service (panic) via an ICMP unreachable
message to a socket that is already locked by a user, which causes the socket to be freed and triggers
list corruption, related to the sctp_wait_for_connect function.
CVE-2011-0521
The dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in the Linux kernel before 2.6.38-rc2
does not check the sign of a certain integer field, which allows local users to cause a denial of service
(memory corruption) or possibly have unspecified other impact via a negative value.
CVE-2011-0695
Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in
Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending an InfiniBand
request while other request handlers are still running, which triggers an invalid pointer dereference.
CVE-2011-0710
The task_show_regs function in arch/s390/kernel/traps.c in the Linux kernel before
2.6.38-rc4-next-20110216 on the s390 platform allows local users to obtain the values of the registers of
an arbitrary process by reading a status file under /proc/.
CVE-2010-4565
The bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area Network (CAN)
implementation in the Linux kernel 2.6.36 and earlier creates a publicly accessible file with a filename
containing a kernel memory address, which allows local users to obtain potentially sensitive information
about kernel memory use by listing this filename.
CVE-2010-4649
Integer overflow in the ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux
kernel before 2.6.37 allows local users to cause a denial of service (memory corruption) or possibly have
unspecified other impact via a large value of a certain structure member.
CVE-2011-0711
The xfs_fs_geometry function in fs/xfs/xfs_fsops.c in the Linux kernel before 2.6.38-rc6-git3 does not
initialize a certain structure member, which allows local users to obtain potentially sensitive
information from kernel stack memory via an FSGEOMETRY_V1 ioctl call.
CVE-2011-0712
Multiple buffer overflows in the caiaq Native Instruments USB audio functionality in the Linux kernel
before 2.6.38-rc4-next-20110215 might allow attackers to cause a denial of service or possibly have
unspecified other impact via a long USB device name, related to (1) the snd_usb_caiaq_audio_init function
in sound/usb/caiaq/audio.c and (2) the snd_usb_caiaq_midi_init function in sound/usb/caiaq/midi.c.
CVE-2011-1013
Integer signedness error in the drm_modeset_ctl function in (1) drivers/gpu/drm/drm_irq.c in the Direct
Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.38 and (2) sys/dev/pci/drm/drm_irq.c in
the kernel in OpenBSD before 4.9 allows local users to trigger out-of-bounds write operations, and
consequently cause a denial of service (system crash) or possibly have unspecified other impact, via a
crafted num_crtcs (aka vb_num) structure member in an ioctl argument.
CVE-2011-1016
The Radeon GPU drivers in the Linux kernel before 2.6.38-rc5 do not properly validate data related to the
AA resolve registers, which allows local users to write to arbitrary memory locations associated with (1)
Video RAM (aka VRAM) or (2) the Graphics Translation Table (GTT) via crafted values.
CVE-2011-1044
The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37
does not initialize a certain response buffer, which allows local users to obtain potentially sensitive
information from kernel memory via vectors that cause this buffer to be only partially filled, a different
vulnerability than CVE-2010-4649.
CVE-2010-3858
The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN
is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment
for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of service
(system crash) via a crafted exec system call, a related issue to CVE-2010-2240.
CVE-2011-1598
The bcm_release function in net/can/bcm.c in the Linux kernel before 2.6.39-rc6 does not properly validate
a socket data structure, which allows local users to cause a denial of service (NULL pointer dereference)
or possibly have unspecified other impact via a crafted release operation.
CVE-2011-1748
The raw_release function in net/can/raw.c in the Linux kernel before 2.6.39-rc6 does not properly validate
a socket data structure, which allows local users to cause a denial of service (NULL pointer dereference)
or possibly have unspecified other impact via a crafted release operation.
CVE-2010-4250
CVE-2010-4251
CVE-2010-4648
CVE-2010-4655
CVE-2010-4656
CVE-2011-0006
CVE-2011-0716
CVE-2011-0726
CVE-2011-1019
CVE-2011-1023
CVE-2011-1079
CVE-2011-1080
CVE-2011-1093
CVE-2011-1170
CVE-2011-1171
CVE-2011-1172
CVE-2011-1182
CVE-2011-1478
CVE-2011-1573
CVE-2011-1576
CVE-2011-1581
CVE-2011-1767
CVE-2011-1768
CVE-2011-1770
CVE-2011-1771
CVE-2011-1776
CVE-2011-2183
CVE-2011-2213
CVE-2011-2479
CVE-2011-2491
CVE-2011-2495
CVE-2011-2497
CVE-2011-2517
No information available at the time of writing, please refer to the CVE links below.
Fixed bugs:
Too many to list everything here, see the changelog
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3296
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3858
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4250
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4251
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4346
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4526
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4565
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4648
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4649
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4655
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4656
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0006
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0521
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0695
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0710
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0711
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0712
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0716
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0726
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0999
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1013
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1016
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1019
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1023
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1044
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1079
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1080
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1082
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1090
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1093
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1170
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1171
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1172
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1182
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1478
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1495
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1573
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1576
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1581
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1593
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1598
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1748
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1767
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1768
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1770
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1771
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1776
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1898
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2183
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2213
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2479
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2491
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2492
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2495
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2497
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2517
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2689
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2695
Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://tsn.miraclelinux.com/en/node/2204");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2010-4656");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vendor_severity", value:"High");
script_set_attribute(attribute:"vuln_publication_date", value:"2010/03/02");
script_set_attribute(attribute:"patch_publication_date", value:"2011/12/28");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/14");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-debug");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-debug-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-headers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:perf");
script_set_attribute(attribute:"cpe", value:"cpe:/o:miracle:linux:4");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Miracle Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/MiracleLinux/release", "Host/MiracleLinux/rpm-list", "Host/cpu");
exit(0);
}
include('rpm2.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'MIRACLE LINUX' >!< os_product) audit(AUDIT_OS_NOT, 'MIRACLE LINUX');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'MIRACLE LINUX');
if (! preg(pattern:"^4([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'MiracleLinux 4.x', 'MIRACLE LINUX ' + os_version);
if (!get_kb_item('Host/MiracleLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'ppc' >!< cpu && 's390' >!< cpu && 'x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'MIRACLE LINUX', cpu);
var constraints = [
{
'release': '4',
'pkgs': [
{'reference':'kernel-2.6.32-131.12.1.el6', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-2.6.32-131.12.1.el6', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-debug-2.6.32-131.12.1.el6', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-debug-2.6.32-131.12.1.el6', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-debug-devel-2.6.32-131.12.1.el6', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-debug-devel-2.6.32-131.12.1.el6', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-devel-2.6.32-131.12.1.el6', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-devel-2.6.32-131.12.1.el6', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-firmware-2.6.32-131.12.1.el6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-headers-2.6.32-131.12.1.el6', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-headers-2.6.32-131.12.1.el6', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'perf-2.6.32-131.12.1.el6', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'perf-2.6.32-131.12.1.el6', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'}
]
}
];
var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');
var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
# Check that the target release is equal to the affected release
if (!empty_or_null(constraint['release'])){
if (constraint['release'] != os_release) continue;
}
if (!empty_or_null(constraint['sp'])){
if (constraint['sp'] != os_sp) continue;
}
foreach var pkg ( constraint['pkgs'] ) {
reference = NULL;
sp = NULL;
_cpu = NULL;
el_string = NULL;
rpm_spec_vers_cmp = NULL;
epoch = NULL;
allowmaj = NULL;
exists_check = NULL;
cves = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
if (reference &&
## (no known rpm to check OR known rpm_exists)
(!exists_check || rpm_exists(rpm:exists_check)) &&
rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel / kernel-debug / kernel-debug-devel / kernel-devel / etc');
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
19 Jan 2026 00:00Current
7.6High risk
Vulners AI Score7.6
CVSS 27.8
CVSS 3.17.8
EPSS0.0215