Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

MiracleLinux 4 : kernel-2.6.32-504.12.2.el6 (AXSA:2015-106:03)

🗓️ 16 Jan 2026 00:00:00Reported by TenableType 
nessus
 nessus🔗 www.tenable.com👁 3 Views

MiracleLinux 4 kernel has multiple vulnerabilities per AXSA:2015-106:03 including CVEs 2014-7822, 2014-8160, 2014-8369 and reserved 2014-8159.

Related
Refs
Code
ReporterTitlePublishedViews
Family
IBM Security Bulletins		Security Bulletin: Multiple Kernel vulnerabilities affect PowerKVM (Multiple CVEs)
18 Jun 201801:28
ibm
ATTACKERKB		CVE-2014-8369
10 Nov 201411:55
attackerkb
Amazon		Medium: kernel
11 Feb 201500:00
amazon
Tenable Nessus		Amazon Linux AMI : kernel (ALAS-2015-476)
13 Feb 201500:00
nessus
Tenable Nessus		CentOS 7 : kernel (CESA-2015:0102)
30 Jan 201500:00
nessus
Tenable Nessus		CentOS 5 : kernel (CESA-2015:0164)
11 Feb 201500:00
nessus
Tenable Nessus		CentOS 7 : kernel (CESA-2015:0290)
18 Mar 201500:00
nessus
Tenable Nessus		CentOS 6 : kernel (CESA-2015:0674)
13 Mar 201500:00
nessus
Tenable Nessus		CentOS 7 : kernel (CESA-2015:0726)
1 Apr 201500:00
nessus
Tenable Nessus		CentOS 5 : kernel (CESA-2015:0783)
8 Apr 201500:00
nessus
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Miracle Linux Security Advisory AXSA:2015-106:03.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(289957);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/19");

  script_cve_id(
    "CVE-2014-7822",
    "CVE-2014-8159",
    "CVE-2014-8160",
    "CVE-2014-8369"
  );

  script_name(english:"MiracleLinux 4 : kernel-2.6.32-504.12.2.el6 (AXSA:2015-106:03)");

  script_set_attribute(attribute:"synopsis", value:
"The remote MiracleLinux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the
AXSA:2015-106:03 advisory.

    Description:
    The kernel package contains the Linux kernel (vmlinuz), the core of any
    Linux operating system. The kernel handles the basic functions
    of the operating system: memory allocation, process allocation, device
    input and output, etc.
    Security issues fixed with this release:
    CVE-2014-7822
    ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when
    announcing a new security problem. When the candidate has been publicized, the details for this candidate
    will be provided.
    CVE-2014-8159
    ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when
    announcing a new security problem. When the candidate has been publicized, the details for this candidate
    will be provided.
    CVE-2014-8160
    net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack
    entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols,
    which allows remote attackers to bypass intended access restrictions via packets with disallowed port
    numbers.
    CVE-2014-8369
    The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the
    number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of
    service (host OS page unpinning) or possibly have unspecified other impact by leveraging guest OS
    privileges. NOTE: this vulnerability exists because of an incorrect fix for CVE-2014-3601.
    Fixed bugs:
    * The maximum amount of entries in the IPv6 route table (net.ipv6.route.max_size) was 4096, and every
    route towards this maximum size limit was counted. Communication to more systems was impossible when the
    limit was exceeded. Now, only cached routes are counted, which guarantees that the kernel does not run out
    of memory, but the user can now install as many routes as the memory allows until the kernel indicates it
    can no longer handle the amount of memory and returns an error message.
    In addition, the default net.ipv6.route.max_size value has been increased to 16384 for performance
    improvement reasons.
    * When the user attempted to scan for an FCOE-served Logical Unit Number (LUN), after an initial LUN scan,
    a kernel panic occurred in bnx2fc_init_task. With this update, fixed it.
    * Under certain conditions, such as when attempting to scan the network for LUNs, a race condition in the
    bnx2fc driver could trigger a kernel panic in bnx2fc_init_task. With this update, fixed it.
    * Previously, it was not possible to boot the kernel on Xen hypervisor in PVHVM mode if more than 32 vCPUs
    were specified in the guest configuration. Support for more than 32 vCPUs has been added, and fixed it.
    * When the NVMe driver allocated a namespace queue, it indicated that it was a request-based driver when
    it was actually a block I/O-based driver. So, when NVMe driver was loaded along with a request-based dm
    device, the system could terminate unexpectedly or become unresponsive when attempting to access data.
    With this update, fixed it.
    * If a user attempted to apply an NVRAM firmware update when running the tg3 module provided with Asianux
    Server 4 SP4 kernels, the update could fail. So, the Network Interface Card (NIC) could stay in an
    unusable state and this could prevent the entire system from booting. With this update, fixed it.
    * Support for key sizes of 256 and 192 bits has been added to AES-NI.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://tsn.miraclelinux.com/en/node/5445");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-7822");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2014-8369");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"vendor_severity", value:"High");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/09/25");
  script_set_attribute(attribute:"patch_publication_date", value:"2015/04/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/16");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-abi-whitelists");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-debug-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-firmware");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:perf");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:miracle:linux:4");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Miracle Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/MiracleLinux/release", "Host/MiracleLinux/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'MIRACLE LINUX' >!< os_product) audit(AUDIT_OS_NOT, 'MIRACLE LINUX');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'MIRACLE LINUX');
if (! preg(pattern:"^4([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'MiracleLinux 4.x', 'MIRACLE LINUX ' + os_version);

if (!get_kb_item('Host/MiracleLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'ppc' >!< cpu && 's390' >!< cpu && 'x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'MIRACLE LINUX', cpu);

var constraints = [
  {
    'release': '4',
    'pkgs': [
      {'reference':'kernel-2.6.32-504.12.2.el6', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-2.6.32-504.12.2.el6', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-abi-whitelists-2.6.32-504.12.2.el6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-debug-2.6.32-504.12.2.el6', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-debug-2.6.32-504.12.2.el6', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-debug-devel-2.6.32-504.12.2.el6', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-debug-devel-2.6.32-504.12.2.el6', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-devel-2.6.32-504.12.2.el6', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-devel-2.6.32-504.12.2.el6', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-firmware-2.6.32-504.12.2.el6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-headers-2.6.32-504.12.2.el6', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-headers-2.6.32-504.12.2.el6', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'perf-2.6.32-504.12.2.el6', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'perf-2.6.32-504.12.2.el6', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}
if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel / kernel-abi-whitelists / kernel-debug / kernel-debug-devel / etc');
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
19 Jan 2026 00:00Current
6.8Medium risk
Vulners AI Score6.8
CVSS 27.2
CVSS 3.17.8
EPSS0.02449
miraclelinux fourkernel vulnerabilitiescve 2014 7822cve 2014 8160cve 2014 8369reserved cve 2014 8159
3