{"id": "ORACLELINUX_ELSA-2014-0475.NASL", "bulletinFamily": "scanner", "title": "Oracle Linux 6 : kernel (ELSA-2014-0475)", "description": "From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "published": "2014-05-09T00:00:00", "modified": "2018-07-18T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=73936", "reporter": "Tenable", "references": ["https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html"], "cvelist": ["CVE-2013-6383", "CVE-2014-0077", "CVE-2014-2523"], "type": "nessus", "lastseen": "2019-02-21T01:21:09", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-firmware", "p-cpe:/a:oracle:linux:python-perf"], "cvelist": ["CVE-2013-6383", "CVE-2014-0077", "CVE-2014-2523"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol\n(DCCP) packets used the skb_header_pointer() function. A remote\nattacker could use this flaw to send a specially crafted DCCP packet\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID\ncontroller (aacraid) checked permissions of compat IOCTLs. A local\nattacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged\nguest user could use this flaw to crash the host or corrupt QEMU\nprocess memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red\nHat.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.", "edition": 6, "enchantments": {"dependencies": {"modified": "2019-01-16T20:18:22", "references": [{"idList": ["RHSA-2014:0476", "RHSA-2014:0629", "RHSA-2014:0634", "RHSA-2014:0593", "RHSA-2014:0475"], "type": "redhat"}, {"idList": ["OPENVAS:1361412562310871165", "OPENVAS:1361412562310841783", "OPENVAS:1361412562310120205", "OPENVAS:1361412562310123413", "OPENVAS:1361412562310123416", "OPENVAS:881932", "OPENVAS:1361412562310123414", "OPENVAS:1361412562310881932", "OPENVAS:1361412562310123415", "OPENVAS:871165"], "type": "openvas"}, {"idList": ["SECURITYVULNS:DOC:30757", "SECURITYVULNS:DOC:30535"], "type": "securityvulns"}, {"idList": ["USN-2225-1", "USN-2226-1", "USN-2228-1", "USN-2173-1", "USN-2174-1", "USN-2221-1", "USN-2108-1", "USN-2223-1", "USN-2224-1", "USN-2107-1"], "type": "ubuntu"}, {"idList": ["ELSA-2014-3016", "ELSA-2014-3023", "ELSA-2014-3034", "ELSA-2014-3021", "ELSA-2014-3015", "ELSA-2014-3014", "ELSA-2014-0475", "ELSA-2014-3022"], "type": "oraclelinux"}, {"idList": ["CVE-2013-6383", "CVE-2014-0077", "CVE-2014-2523"], "type": "cve"}, {"idList": ["CESA-2014:0285", "CESA-2014:0475"], "type": "centos"}, {"idList": ["ALAS-2014-328"], "type": "amazon"}, {"idList": ["ORACLELINUX_ELSA-2014-3023.NASL", "REDHAT-RHSA-2014-0634.NASL", "CENTOS_RHSA-2014-0475.NASL", "REDHAT-RHSA-2014-0475.NASL", "ALA_ALAS-2014-328.NASL", "SL_20140507_KERNEL_ON_SL6_X.NASL", "REDHAT-RHSA-2014-0476.NASL", "ORACLELINUX_ELSA-2014-3021.NASL", "REDHAT-RHSA-2014-0593.NASL", "ORACLELINUX_ELSA-2014-3022.NASL"], "type": "nessus"}, {"idList": ["SSV:62091", "SSV:61843"], "type": "seebug"}]}, "score": {"value": 7.2, "vector": "NONE"}}, "hash": "6d14a301fa45a7628e940c402269278133b45c3663ebc2d5af92892097a65b00", "hashmap": [{"hash": "cd0d1badcd4640189cb6e6c8f485a193", "key": "cpe"}, {"hash": "35d7d8d7f02f683cc4a314396a72d4ec", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "4ff832ec2a49c4b49f130b2c0694d10b", "key": "title"}, {"hash": "d41b0395d0888bb9dd5fbd2b8f1a402d", "key": "cvelist"}, {"hash": "2e3c438f66403fd816adabf5a1b82b29", "key": "modified"}, {"hash": "1364128531cd25441fabfa2a3aa246b9", "key": "description"}, {"hash": "bada1467fd8a94b0a36d09ec60e935bc", "key": "pluginID"}, {"hash": "95f0d0ae70dcd0f0128672fc2b3db69b", "key": "href"}, {"hash": "e31ed89ab0cbb68ce2c40f17ec1e5483", "key": "naslFamily"}, {"hash": "7ea8316fbaf9e8df2d54cca1786807fc", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "6e6c9fb8a4a77bba78fc4ca5150a412d", "key": "references"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=73936", "id": "ORACLELINUX_ELSA-2014-0475.NASL", "lastseen": "2019-01-16T20:18:22", "modified": "2018-07-18T00:00:00", "naslFamily": "Oracle Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "73936", "published": "2014-05-09T00:00:00", "references": ["https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:0475 and \n# Oracle Linux Security Advisory ELSA-2014-0475 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73936);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/18 17:43:57\");\n\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_bugtraq_id(63888, 65943, 66279, 66441, 66678);\n script_xref(name:\"RHSA\", value:\"2014:0475\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2014-0475)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol\n(DCCP) packets used the skb_header_pointer() function. A remote\nattacker could use this flaw to send a specially crafted DCCP packet\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID\ncontroller (aacraid) checked permissions of compat IOCTLs. A local\nattacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged\nguest user could use this flaw to crash the host or corrupt QEMU\nprocess memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red\nHat.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-abi-whitelists-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-abi-whitelists-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-doc-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-firmware-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-headers-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"perf-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"python-perf-2.6.32-431.17.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "title": "Oracle Linux 6 : kernel (ELSA-2014-0475)", "type": "nessus", "viewCount": 1}, "differentElements": ["description"], "edition": 6, "lastseen": "2019-01-16T20:18:22"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-firmware", "p-cpe:/a:oracle:linux:python-perf"], "cvelist": ["CVE-2013-6383", "CVE-2014-0077", "CVE-2014-2523"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "edition": 5, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "379c1e8d911b927a29e8e1f9365e3f060049ce86aff284e371e6e6d8a8d1629b", "hashmap": [{"hash": "cd0d1badcd4640189cb6e6c8f485a193", "key": "cpe"}, {"hash": "35d7d8d7f02f683cc4a314396a72d4ec", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "4ff832ec2a49c4b49f130b2c0694d10b", "key": "title"}, {"hash": "d41b0395d0888bb9dd5fbd2b8f1a402d", "key": "cvelist"}, {"hash": "2e3c438f66403fd816adabf5a1b82b29", "key": "modified"}, {"hash": "bada1467fd8a94b0a36d09ec60e935bc", "key": "pluginID"}, {"hash": "95f0d0ae70dcd0f0128672fc2b3db69b", "key": "href"}, {"hash": "0fc042d9dc33aa8d068f5e386d2f1a2c", "key": "description"}, {"hash": "e31ed89ab0cbb68ce2c40f17ec1e5483", "key": "naslFamily"}, {"hash": "7ea8316fbaf9e8df2d54cca1786807fc", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "6e6c9fb8a4a77bba78fc4ca5150a412d", "key": "references"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=73936", "id": "ORACLELINUX_ELSA-2014-0475.NASL", "lastseen": "2018-09-02T00:04:05", "modified": "2018-07-18T00:00:00", "naslFamily": "Oracle Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "73936", "published": "2014-05-09T00:00:00", "references": ["https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:0475 and \n# Oracle Linux Security Advisory ELSA-2014-0475 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73936);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/18 17:43:57\");\n\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_bugtraq_id(63888, 65943, 66279, 66441, 66678);\n script_xref(name:\"RHSA\", value:\"2014:0475\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2014-0475)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol\n(DCCP) packets used the skb_header_pointer() function. A remote\nattacker could use this flaw to send a specially crafted DCCP packet\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID\ncontroller (aacraid) checked permissions of compat IOCTLs. A local\nattacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged\nguest user could use this flaw to crash the host or corrupt QEMU\nprocess memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red\nHat.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-abi-whitelists-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-abi-whitelists-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-doc-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-firmware-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-headers-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"perf-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"python-perf-2.6.32-431.17.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "title": "Oracle Linux 6 : kernel (ELSA-2014-0475)", "type": "nessus", "viewCount": 1}, "differentElements": ["description"], "edition": 5, "lastseen": "2018-09-02T00:04:05"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-firmware", "p-cpe:/a:oracle:linux:python-perf"], "cvelist": ["CVE-2013-6383", "CVE-2014-0077", "CVE-2014-2523"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "edition": 4, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "e94e070d0ad4a47dfb49e0d6d5d9333df8c12b36177d94833384f6abc31b8c3a", "hashmap": [{"hash": "cd0d1badcd4640189cb6e6c8f485a193", "key": "cpe"}, {"hash": "35d7d8d7f02f683cc4a314396a72d4ec", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "4ff832ec2a49c4b49f130b2c0694d10b", "key": "title"}, {"hash": "d41b0395d0888bb9dd5fbd2b8f1a402d", "key": "cvelist"}, {"hash": "2e3c438f66403fd816adabf5a1b82b29", "key": "modified"}, {"hash": "bada1467fd8a94b0a36d09ec60e935bc", "key": "pluginID"}, {"hash": "95f0d0ae70dcd0f0128672fc2b3db69b", "key": "href"}, {"hash": "0fc042d9dc33aa8d068f5e386d2f1a2c", "key": "description"}, {"hash": "e31ed89ab0cbb68ce2c40f17ec1e5483", "key": "naslFamily"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "7ea8316fbaf9e8df2d54cca1786807fc", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "6e6c9fb8a4a77bba78fc4ca5150a412d", "key": "references"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=73936", "id": "ORACLELINUX_ELSA-2014-0475.NASL", "lastseen": "2018-08-30T19:54:00", "modified": "2018-07-18T00:00:00", "naslFamily": "Oracle Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "73936", "published": "2014-05-09T00:00:00", "references": ["https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:0475 and \n# Oracle Linux Security Advisory ELSA-2014-0475 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73936);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/18 17:43:57\");\n\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_bugtraq_id(63888, 65943, 66279, 66441, 66678);\n script_xref(name:\"RHSA\", value:\"2014:0475\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2014-0475)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol\n(DCCP) packets used the skb_header_pointer() function. A remote\nattacker could use this flaw to send a specially crafted DCCP packet\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID\ncontroller (aacraid) checked permissions of compat IOCTLs. A local\nattacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged\nguest user could use this flaw to crash the host or corrupt QEMU\nprocess memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red\nHat.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-abi-whitelists-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-abi-whitelists-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-doc-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-firmware-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-headers-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"perf-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"python-perf-2.6.32-431.17.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "title": "Oracle Linux 6 : kernel (ELSA-2014-0475)", "type": "nessus", "viewCount": 1}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-08-30T19:54:00"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-firmware", "p-cpe:/a:oracle:linux:python-perf"], "cvelist": ["CVE-2013-6383", "CVE-2014-0077", "CVE-2014-2523"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "edition": 3, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "379c1e8d911b927a29e8e1f9365e3f060049ce86aff284e371e6e6d8a8d1629b", "hashmap": [{"hash": "cd0d1badcd4640189cb6e6c8f485a193", "key": "cpe"}, {"hash": "35d7d8d7f02f683cc4a314396a72d4ec", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "4ff832ec2a49c4b49f130b2c0694d10b", "key": "title"}, {"hash": "d41b0395d0888bb9dd5fbd2b8f1a402d", "key": "cvelist"}, {"hash": "2e3c438f66403fd816adabf5a1b82b29", "key": "modified"}, {"hash": "bada1467fd8a94b0a36d09ec60e935bc", "key": "pluginID"}, {"hash": "95f0d0ae70dcd0f0128672fc2b3db69b", "key": "href"}, {"hash": "0fc042d9dc33aa8d068f5e386d2f1a2c", "key": "description"}, {"hash": "e31ed89ab0cbb68ce2c40f17ec1e5483", "key": "naslFamily"}, {"hash": "7ea8316fbaf9e8df2d54cca1786807fc", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "6e6c9fb8a4a77bba78fc4ca5150a412d", "key": "references"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=73936", "id": "ORACLELINUX_ELSA-2014-0475.NASL", "lastseen": "2018-07-21T08:28:57", "modified": "2018-07-18T00:00:00", "naslFamily": "Oracle Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "73936", "published": "2014-05-09T00:00:00", "references": ["https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:0475 and \n# Oracle Linux Security Advisory ELSA-2014-0475 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73936);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/18 17:43:57\");\n\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_bugtraq_id(63888, 65943, 66279, 66441, 66678);\n script_xref(name:\"RHSA\", value:\"2014:0475\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2014-0475)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol\n(DCCP) packets used the skb_header_pointer() function. A remote\nattacker could use this flaw to send a specially crafted DCCP packet\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID\ncontroller (aacraid) checked permissions of compat IOCTLs. A local\nattacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged\nguest user could use this flaw to crash the host or corrupt QEMU\nprocess memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red\nHat.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-abi-whitelists-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-abi-whitelists-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-doc-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-firmware-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-headers-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"perf-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"python-perf-2.6.32-431.17.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "title": "Oracle Linux 6 : kernel (ELSA-2014-0475)", "type": "nessus", "viewCount": 1}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-07-21T08:28:57"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-firmware", "p-cpe:/a:oracle:linux:python-perf"], "cvelist": ["CVE-2013-6383", "CVE-2014-0077", "CVE-2014-2523"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "edition": 2, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "1e5edf5d83e104b78eff566dbdb34ce265648134808f0ccdbf1d5f7df0c502e0", "hashmap": [{"hash": "7682593865fe3c4bfddc41a9be4d6e7d", "key": "modified"}, {"hash": "cd0d1badcd4640189cb6e6c8f485a193", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "4ff832ec2a49c4b49f130b2c0694d10b", "key": "title"}, {"hash": "d41b0395d0888bb9dd5fbd2b8f1a402d", "key": "cvelist"}, {"hash": "bada1467fd8a94b0a36d09ec60e935bc", "key": "pluginID"}, {"hash": "95f0d0ae70dcd0f0128672fc2b3db69b", "key": "href"}, {"hash": "0fc042d9dc33aa8d068f5e386d2f1a2c", "key": "description"}, {"hash": "e31ed89ab0cbb68ce2c40f17ec1e5483", "key": "naslFamily"}, {"hash": "e751d34790f748a9f7c21ecbbf12d5a7", "key": "sourceData"}, {"hash": "7ea8316fbaf9e8df2d54cca1786807fc", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "6e6c9fb8a4a77bba78fc4ca5150a412d", "key": "references"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=73936", "id": "ORACLELINUX_ELSA-2014-0475.NASL", "lastseen": "2017-10-29T13:43:41", "modified": "2016-04-28T00:00:00", "naslFamily": "Oracle Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "73936", "published": "2014-05-09T00:00:00", "references": ["https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:0475 and \n# Oracle Linux Security Advisory ELSA-2014-0475 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73936);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2016/04/28 19:01:50 $\");\n\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_bugtraq_id(63888, 65943, 66279, 66441, 66678);\n script_osvdb_id(99324);\n script_xref(name:\"RHSA\", value:\"2014:0475\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2014-0475)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol\n(DCCP) packets used the skb_header_pointer() function. A remote\nattacker could use this flaw to send a specially crafted DCCP packet\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID\ncontroller (aacraid) checked permissions of compat IOCTLs. A local\nattacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged\nguest user could use this flaw to crash the host or corrupt QEMU\nprocess memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red\nHat.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-abi-whitelists-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-abi-whitelists-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-doc-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-firmware-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-headers-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"perf-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"python-perf-2.6.32-431.17.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "title": "Oracle Linux 6 : kernel (ELSA-2014-0475)", "type": "nessus", "viewCount": 1}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-10-29T13:43:41"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2013-6383", "CVE-2014-0077", "CVE-2014-2523"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "edition": 1, "enchantments": {}, "hash": "3581af1bd9aa079c17444d260d5f5d136c7e90fe2f17bd0fc0732b6bc9588bc1", "hashmap": [{"hash": "7682593865fe3c4bfddc41a9be4d6e7d", "key": "modified"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "4ff832ec2a49c4b49f130b2c0694d10b", "key": "title"}, {"hash": "d41b0395d0888bb9dd5fbd2b8f1a402d", "key": "cvelist"}, {"hash": "bada1467fd8a94b0a36d09ec60e935bc", "key": "pluginID"}, {"hash": "95f0d0ae70dcd0f0128672fc2b3db69b", "key": "href"}, {"hash": "0fc042d9dc33aa8d068f5e386d2f1a2c", "key": "description"}, {"hash": "e31ed89ab0cbb68ce2c40f17ec1e5483", "key": "naslFamily"}, {"hash": "e751d34790f748a9f7c21ecbbf12d5a7", "key": "sourceData"}, {"hash": "7ea8316fbaf9e8df2d54cca1786807fc", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "6e6c9fb8a4a77bba78fc4ca5150a412d", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=73936", "id": "ORACLELINUX_ELSA-2014-0475.NASL", "lastseen": "2016-09-26T17:26:08", "modified": "2016-04-28T00:00:00", "naslFamily": "Oracle Linux Local Security Checks", "objectVersion": "1.2", "pluginID": "73936", "published": "2014-05-09T00:00:00", "references": ["https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:0475 and \n# Oracle Linux Security Advisory ELSA-2014-0475 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73936);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2016/04/28 19:01:50 $\");\n\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_bugtraq_id(63888, 65943, 66279, 66441, 66678);\n script_osvdb_id(99324);\n script_xref(name:\"RHSA\", value:\"2014:0475\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2014-0475)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol\n(DCCP) packets used the skb_header_pointer() function. A remote\nattacker could use this flaw to send a specially crafted DCCP packet\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID\ncontroller (aacraid) checked permissions of compat IOCTLs. A local\nattacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged\nguest user could use this flaw to crash the host or corrupt QEMU\nprocess memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red\nHat.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-abi-whitelists-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-abi-whitelists-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-doc-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-firmware-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-headers-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"perf-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"python-perf-2.6.32-431.17.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "title": "Oracle Linux 6 : kernel (ELSA-2014-0475)", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:26:08"}], "edition": 7, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "cd0d1badcd4640189cb6e6c8f485a193"}, {"key": "cvelist", "hash": "d41b0395d0888bb9dd5fbd2b8f1a402d"}, {"key": "cvss", "hash": "2bdabeb49c44761f9565717ab0e38165"}, {"key": "description", "hash": "0fc042d9dc33aa8d068f5e386d2f1a2c"}, {"key": "href", "hash": "95f0d0ae70dcd0f0128672fc2b3db69b"}, {"key": "modified", "hash": "2e3c438f66403fd816adabf5a1b82b29"}, {"key": "naslFamily", "hash": "e31ed89ab0cbb68ce2c40f17ec1e5483"}, {"key": "pluginID", "hash": "bada1467fd8a94b0a36d09ec60e935bc"}, {"key": "published", "hash": "7ea8316fbaf9e8df2d54cca1786807fc"}, {"key": "references", "hash": "6e6c9fb8a4a77bba78fc4ca5150a412d"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "35d7d8d7f02f683cc4a314396a72d4ec"}, {"key": "title", "hash": "4ff832ec2a49c4b49f130b2c0694d10b"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "379c1e8d911b927a29e8e1f9365e3f060049ce86aff284e371e6e6d8a8d1629b", "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2013-6383", "CVE-2014-2523", "CVE-2014-0077"]}, {"type": "openvas", "idList": ["OPENVAS:871165", "OPENVAS:1361412562310881932", "OPENVAS:881932", "OPENVAS:1361412562310123416", "OPENVAS:1361412562310871165", "OPENVAS:1361412562310123413", "OPENVAS:1361412562310123414", "OPENVAS:1361412562310120205", "OPENVAS:1361412562310123415", "OPENVAS:1361412562310841787"]}, {"type": "redhat", "idList": ["RHSA-2014:0475", "RHSA-2014:0634", "RHSA-2014:0593", "RHSA-2014:0629", "RHSA-2014:0476"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2014-0634.NASL", "CENTOS_RHSA-2014-0475.NASL", "REDHAT-RHSA-2014-0475.NASL", "SL_20140507_KERNEL_ON_SL6_X.NASL", "ORACLELINUX_ELSA-2014-3022.NASL", "ORACLELINUX_ELSA-2014-3021.NASL", "REDHAT-RHSA-2014-0593.NASL", "ALA_ALAS-2014-328.NASL", "ORACLELINUX_ELSA-2014-3023.NASL", "REDHAT-RHSA-2014-0476.NASL"]}, {"type": "centos", "idList": ["CESA-2014:0475", "CESA-2014:0285"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-0475", "ELSA-2014-3021", "ELSA-2014-3022", "ELSA-2014-3023", "ELSA-2014-3016", "ELSA-2014-3015", "ELSA-2014-3034", "ELSA-2014-3014"]}, {"type": "amazon", "idList": ["ALAS-2014-328"]}, {"type": "seebug", "idList": ["SSV:61843", "SSV:62091"]}, {"type": "ubuntu", "idList": ["USN-2173-1", "USN-2174-1", "USN-2228-1", "USN-2221-1", "USN-2223-1", "USN-2108-1", "USN-2107-1", "USN-2224-1", "USN-2226-1", "USN-2076-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30535", "SECURITYVULNS:DOC:30757"]}], "modified": "2019-02-21T01:21:09"}, "score": {"value": 8.3, "vector": "NONE", "modified": "2019-02-21T01:21:09"}, "vulnersScore": 8.3}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:0475 and \n# Oracle Linux Security Advisory ELSA-2014-0475 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73936);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/18 17:43:57\");\n\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_bugtraq_id(63888, 65943, 66279, 66441, 66678);\n script_xref(name:\"RHSA\", value:\"2014:0475\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2014-0475)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol\n(DCCP) packets used the skb_header_pointer() function. A remote\nattacker could use this flaw to send a specially crafted DCCP packet\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID\ncontroller (aacraid) checked permissions of compat IOCTLs. A local\nattacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged\nguest user could use this flaw to crash the host or corrupt QEMU\nprocess memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red\nHat.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-abi-whitelists-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-abi-whitelists-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-doc-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-firmware-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-headers-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"perf-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"python-perf-2.6.32-431.17.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "naslFamily": "Oracle Linux Local Security Checks", "pluginID": "73936", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-firmware", "p-cpe:/a:oracle:linux:python-perf"], "scheme": null}

{"cve": [{"lastseen": "2019-05-29T18:13:06", "bulletinFamily": "NVD", "description": "The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAP_SYS_RAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call.", "modified": "2014-03-26T04:54:00", "id": "CVE-2013-6383", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6383", "published": "2013-11-27T04:43:00", "title": "CVE-2013-6383", "type": "cve", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:13:44", "bulletinFamily": "NVD", "description": "net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a DCCP packet that triggers a call to the (1) dccp_new, (2) dccp_packet, or (3) dccp_error function.", "modified": "2017-12-16T02:29:00", "id": "CVE-2014-2523", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2523", "published": "2014-03-24T16:40:00", "title": "CVE-2014-2523", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:13:42", "bulletinFamily": "NVD", "description": "drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable buffers are disabled, does not properly validate packet lengths, which allows guest OS users to cause a denial of service (memory corruption and host OS crash) or possibly gain privileges on the host OS via crafted packets, related to the handle_rx and get_rx_bufs functions.", "modified": "2017-01-07T02:59:00", "id": "CVE-2014-0077", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0077", "published": "2014-04-14T23:55:00", "title": "CVE-2014-0077", "type": "cve", "cvss": {"score": 5.5, "vector": "AV:A/AC:H/Au:S/C:P/I:P/A:C"}}], "openvas": [{"lastseen": "2017-07-27T10:48:45", "bulletinFamily": "scanner", "description": "Check for the Version of kernel", "modified": "2017-07-12T00:00:00", "published": "2014-05-12T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=871165", "id": "OPENVAS:871165", "title": "RedHat Update for kernel RHSA-2014:0475-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2014:0475-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(871165);\n script_version(\"$Revision: 6688 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:49:31 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-05-12 09:14:06 +0530 (Mon, 12 May 2014)\");\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Update for kernel RHSA-2014:0475-01\");\n\n tag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol (DCCP)\npackets used the skb_header_pointer() function. A remote attacker could use\nthis flaw to send a specially crafted DCCP packet to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-2523,\nImportant)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller\n(aacraid) checked permissions of compat IOCTLs. A local attacker could use\nthis flaw to bypass intended security restrictions. (CVE-2013-6383,\nModerate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged guest\nuser could use this flaw to crash the host or corrupt QEMU process memory\non the host, which could potentially result in arbitrary code execution on\nthe host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\";\n\n tag_affected = \"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"RHSA\", value: \"2014:0475-01\");\n script_xref(name: \"URL\" , value: \"https://www.redhat.com/archives/rhsa-announce/2014-May/msg00006.html\");\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:45", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-05-12T00:00:00", "id": "OPENVAS:1361412562310881932", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881932", "title": "CentOS Update for kernel CESA-2014:0475 centos6", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2014:0475 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881932\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-05-12 09:11:49 +0530 (Mon, 12 May 2014)\");\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Update for kernel CESA-2014:0475 centos6\");\n\n script_tag(name:\"affected\", value:\"kernel on CentOS 6\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any\nLinux operating system.\n\n * A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol (DCCP)\npackets used the skb_header_pointer() function. A remote attacker could use\nthis flaw to send a specially crafted DCCP packet to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-2523,\nImportant)\n\n * A flaw was found in the way the Linux kernel's Adaptec RAID controller\n(aacraid) checked permissions of compat IOCTLs. A local attacker could use\nthis flaw to bypass intended security restrictions. (CVE-2013-6383,\nModerate)\n\n * A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged guest\nuser could use this flaw to crash the host or corrupt QEMU process memory\non the host, which could potentially result in arbitrary code execution on\nthe host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"CESA\", value:\"2014:0475\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-May/020285.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:48:58", "bulletinFamily": "scanner", "description": "Check for the Version of kernel", "modified": "2017-07-10T00:00:00", "published": "2014-05-12T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=881932", "id": "OPENVAS:881932", "title": "CentOS Update for kernel CESA-2014:0475 centos6 ", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2014:0475 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(881932);\n script_version(\"$Revision: 6656 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:49:38 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-05-12 09:11:49 +0530 (Mon, 12 May 2014)\");\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Update for kernel CESA-2014:0475 centos6 \");\n\n tag_insight = \"The kernel packages contain the Linux kernel, the core of any\nLinux operating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol (DCCP)\npackets used the skb_header_pointer() function. A remote attacker could use\nthis flaw to send a specially crafted DCCP packet to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-2523,\nImportant)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller\n(aacraid) checked permissions of compat IOCTLs. A local attacker could use\nthis flaw to bypass intended security restrictions. (CVE-2013-6383,\nModerate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged guest\nuser could use this flaw to crash the host or corrupt QEMU process memory\non the host, which could potentially result in arbitrary code execution on\nthe host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\";\n\n tag_affected = \"kernel on CentOS 6\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"CESA\", value: \"2014:0475\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2014-May/020285.html\");\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:13", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2014-0475", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123416", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123416", "title": "Oracle Linux Local Check: ELSA-2014-0475", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-0475.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123416\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:03:30 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-0475\");\n script_tag(name:\"insight\", value:\"ELSA-2014-0475 - kernel security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-0475\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-0475.html\");\n script_cve_id(\"CVE-2014-0077\", \"CVE-2013-6383\", \"CVE-2014-2523\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~431.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~431.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~431.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~431.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~431.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~431.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~431.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~431.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~431.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~2.6.32~431.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:23", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2014-05-12T00:00:00", "id": "OPENVAS:1361412562310871165", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871165", "title": "RedHat Update for kernel RHSA-2014:0475-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2014:0475-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871165\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-05-12 09:14:06 +0530 (Mon, 12 May 2014)\");\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Update for kernel RHSA-2014:0475-01\");\n\n\n script_tag(name:\"affected\", value:\"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n * A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol (DCCP)\npackets used the skb_header_pointer() function. A remote attacker could use\nthis flaw to send a specially crafted DCCP packet to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-2523,\nImportant)\n\n * A flaw was found in the way the Linux kernel's Adaptec RAID controller\n(aacraid) checked permissions of compat IOCTLs. A local attacker could use\nthis flaw to bypass intended security restrictions. (CVE-2013-6383,\nModerate)\n\n * A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged guest\nuser could use this flaw to crash the host or corrupt QEMU process memory\non the host, which could potentially result in arbitrary code execution on\nthe host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"RHSA\", value:\"2014:0475-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2014-May/msg00006.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:32", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2014-3021", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123413", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123413", "title": "Oracle Linux Local Check: ELSA-2014-3021", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-3021.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123413\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:03:28 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-3021\");\n script_tag(name:\"insight\", value:\"ELSA-2014-3021 - Unbreakable Enterprise kernel security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-3021\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-3021.html\");\n script_cve_id(\"CVE-2014-0077\", \"CVE-2013-6383\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"dtrace-modules\", rpm:\"dtrace-modules~3.8.13~26.2.4.el6uek~0.4.2~3.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~3.8.13~26.2.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~3.8.13~26.2.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~3.8.13~26.2.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~3.8.13~26.2.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~3.8.13~26.2.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~3.8.13~26.2.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-headers\", rpm:\"kernel-uek-headers~3.8.13~26.2.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:45", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2014-3022", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123414", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123414", "title": "Oracle Linux Local Check: ELSA-2014-3022", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-3022.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123414\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:03:29 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-3022\");\n script_tag(name:\"insight\", value:\"ELSA-2014-3022 - Unbreakable Enterprise kernel security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-3022\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-3022.html\");\n script_cve_id(\"CVE-2014-0077\", \"CVE-2013-6383\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.39~400.214.6.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.39~400.214.6.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.39~400.214.6.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.39~400.214.6.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.39~400.214.6.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.39~400.214.6.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.39~400.214.6.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.39~400.214.6.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.39~400.214.6.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.39~400.214.6.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.39~400.214.6.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.39~400.214.6.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:43", "bulletinFamily": "scanner", "description": "Amazon Linux Local Security Checks", "modified": "2018-10-01T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310120205", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120205", "title": "Amazon Linux Local Check: ALAS-2014-328", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: alas-2014-328.nasl 6663 2017-07-11 09:58:05Z teissa$\n#\n# Amazon Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@iki.fi>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://ping-viini.org\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120205\");\n script_version(\"$Revision: 11711 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:20:06 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-01 14:30:57 +0200 (Mon, 01 Oct 2018) $\");\n script_name(\"Amazon Linux Local Check: ALAS-2014-328\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in the Linux kernel. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update kernel to update your system. You will need to reboot your system in order for the new kernel to be running.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2014-328.html\");\n script_cve_id(\"CVE-2014-2309\", \"CVE-2014-0077\", \"CVE-2014-2523\", \"CVE-2014-0055\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.37~47.135.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~3.10.37~47.135.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~3.10.37~47.135.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.37~47.135.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~3.10.37~47.135.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.37~47.135.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~3.10.37~47.135.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:18", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2014-3023", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123415", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123415", "title": "Oracle Linux Local Check: ELSA-2014-3023", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-3023.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123415\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:03:30 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-3023\");\n script_tag(name:\"insight\", value:\"ELSA-2014-3023 - Unbreakable Enterprise kernel security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-3023\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-3023.html\");\n script_cve_id(\"CVE-2013-6383\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.32~400.34.5.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.32~400.34.5.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.32~400.34.5.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.32~400.34.5.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.32~400.34.5.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.32~400.34.5.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-headers\", rpm:\"kernel-uek-headers~2.6.32~400.34.5.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~400.34.5.el5uek~1.5.7~2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~400.34.5.el5uekdebug~1.5.7~2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~400.34.5.el5uek~1.5.1~4.0.58\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~400.34.5.el5uekdebug~1.5.1~4.0.58\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.32~400.34.5.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.32~400.34.5.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.32~400.34.5.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.32~400.34.5.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.32~400.34.5.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.32~400.34.5.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-headers\", rpm:\"kernel-uek-headers~2.6.32~400.34.5.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~400.34.5.el6uek~1.5.7~0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~400.34.5.el6uekdebug~1.5.7~0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~400.34.5.el6uek~1.5.1~4.0.58\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~400.34.5.el6uekdebug~1.5.1~4.0.58\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:09", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2014-05-02T00:00:00", "id": "OPENVAS:1361412562310841783", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841783", "title": "Ubuntu Update for linux-ec2 USN-2174-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2174_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-ec2 USN-2174-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841783\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-05-02 10:10:49 +0530 (Fri, 02 May 2014)\");\n script_cve_id(\"CVE-2014-0101\", \"CVE-2014-2523\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-ec2 USN-2174-1\");\n\n script_tag(name:\"affected\", value:\"linux-ec2 on Ubuntu 10.04 LTS\");\n script_tag(name:\"insight\", value:\"A flaw was discovered in the Linux kernel's handling of SCTP\nhandshake. A remote attacker could exploit this flaw to cause a denial of\nservice (system crash). (CVE-2014-0101)\n\nAn error was discovered in the Linux kernel's DCCP protocol support. A\nremote attacked could exploit this flaw to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2014-2523)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2174-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2174-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-ec2'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-363-ec2\", ver:\"2.6.32-363.76\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:45:55", "bulletinFamily": "unix", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol (DCCP)\npackets used the skb_header_pointer() function. A remote attacker could use\nthis flaw to send a specially crafted DCCP packet to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-2523,\nImportant)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller\n(aacraid) checked permissions of compat IOCTLs. A local attacker could use\nthis flaw to bypass intended security restrictions. (CVE-2013-6383,\nModerate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged guest\nuser could use this flaw to crash the host or corrupt QEMU process memory\non the host, which could potentially result in arbitrary code execution on\nthe host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "modified": "2018-06-06T20:24:22", "published": "2014-05-07T04:00:00", "id": "RHSA-2014:0475", "href": "https://access.redhat.com/errata/RHSA-2014:0475", "type": "redhat", "title": "(RHSA-2014:0475) Important: kernel security and bug fix update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:47:14", "bulletinFamily": "unix", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol (DCCP)\npackets used the skb_header_pointer() function. A remote attacker could use\nthis flaw to send a specially crafted DCCP packet to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-2523,\nImportant)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller\n(aacraid) checked permissions of compat IOCTLs. A local attacker could use\nthis flaw to bypass intended security restrictions. (CVE-2013-6383,\nModerate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged guest\nuser could use this flaw to crash the host or corrupt QEMU process memory\non the host, which could potentially result in arbitrary code execution on\nthe host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "modified": "2015-04-24T14:18:31", "published": "2014-06-04T04:00:00", "id": "RHSA-2014:0634", "href": "https://access.redhat.com/errata/RHSA-2014:0634", "type": "redhat", "title": "(RHSA-2014:0634) Important: kernel security and bug fix update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:45:17", "bulletinFamily": "unix", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol (DCCP)\npackets used the skb_header_pointer() function. A remote attacker could use\nthis flaw to send a specially crafted DCCP packet to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-2523,\nImportant)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged guest\nuser could use this flaw to crash the host or corrupt QEMU process memory\non the host, which could potentially result in arbitrary code execution on\nthe host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes the following bug:\n\n* Prior to this update, a guest-provided value was used as the head length\nof the socket buffer allocated on the host. If the host was under heavy\nmemory load and the guest-provided value was too large, the allocation\ncould have failed, resulting in stalls and packet drops in the guest's Tx\npath. With this update, the guest-provided value has been limited to a\nreasonable size so that socket buffer allocations on the host succeed\nregardless of the memory load on the host, and guests can send packets\nwithout experiencing packet drops or stalls. (BZ#1092350)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "modified": "2015-04-24T14:20:45", "published": "2014-06-03T04:00:00", "id": "RHSA-2014:0593", "href": "https://access.redhat.com/errata/RHSA-2014:0593", "type": "redhat", "title": "(RHSA-2014:0593) Important: kernel security and bug fix update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:47:02", "bulletinFamily": "unix", "description": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: a subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nIt was found that OpenSSL clients and servers could be forced, via a\nspecially crafted handshake packet, to use weak keying material for\ncommunication. A man-in-the-middle attacker could use this flaw to decrypt\nand modify traffic between a client and a server. (CVE-2014-0224)\n\nNote: In order to exploit this flaw, both the server and the client must be\nusing a vulnerable version of OpenSSL; the server must be using OpenSSL\nversion 1.0.1 and above, and the client must be using any version of\nOpenSSL. For more information about this flaw, refer to:\nhttps://access.redhat.com/site/articles/904433\n\nA flaw was found in the way the handle_rx() function handled large network\npackets when mergeable buffers were disabled. A privileged guest user could\nuse this flaw to crash the host or corrupt QEMU process memory on the host,\nwhich could potentially result in arbitrary code execution on the host with\nthe privileges of the QEMU process. (CVE-2014-0077)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2014-0224. Upstream acknowledges KIKUCHI Masashi of Lepidum as the\noriginal reporter of CVE-2014-0224. The CVE-2014-0077 issue was discovered\nby Michael S. Tsirkin of Red Hat.\n\nThis updated package provides updated components that include fixes for\nvarious security issues. These issues have no security impact on Red Hat\nEnterprise Virtualization Hypervisor itself, however. The security fixes\nincluded in this update address the following CVE numbers:\n\nCVE-2014-0015 and CVE-2014-0138 (curl issues)\n\nCVE-2014-2523 and CVE-2013-6383 (kernel issues)\n\nCVE-2014-0179 (libvirt issue)\n\nCVE-2010-5298, CVE-2014-0198, CVE-2014-0221, CVE-2014-0195, and\nCVE-2014-3470 (openssl issues)\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which corrects these issues.\n", "modified": "2018-06-07T08:59:39", "published": "2014-06-05T04:00:00", "id": "RHSA-2014:0629", "href": "https://access.redhat.com/errata/RHSA-2014:0629", "type": "redhat", "title": "(RHSA-2014:0629) Important: rhev-hypervisor6 security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:45:27", "bulletinFamily": "unix", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A buffer overflow flaw was found in the way the qeth_snmp_command()\nfunction in the Linux kernel's QETH network device driver implementation\nhandled SNMP IOCTL requests with an out-of-bounds length. A local,\nunprivileged user could use this flaw to crash the system or, potentially,\nescalate their privileges on the system. (CVE-2013-6381, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller\n(aacraid) checked permissions of compat IOCTLs. A local attacker could use\nthis flaw to bypass intended security restrictions. (CVE-2013-6383,\nModerate)\n\nThis update also fixes the following bug:\n\n* Running a process in the background on a GFS2 file system could sometimes\ntrigger a glock recursion error that resulted in a kernel panic. This\nhappened when a readpage operation attempted to take a glock that had\nalready been held by another function. To prevent this error, GFS2 now\nverifies whether the glock is already held when performing the readpage\noperation. (BZ#1077789)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "modified": "2017-09-08T11:57:33", "published": "2014-05-07T04:00:00", "id": "RHSA-2014:0476", "href": "https://access.redhat.com/errata/RHSA-2014:0476", "type": "redhat", "title": "(RHSA-2014:0476) Important: kernel security and bug fix update", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2019-02-21T01:22:45", "bulletinFamily": "scanner", "description": "Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.4 Extended Update Support.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "modified": "2018-11-10T00:00:00", "id": "REDHAT-RHSA-2014-0634.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79028", "published": "2014-11-08T00:00:00", "title": "RHEL 6 : kernel (RHSA-2014:0634)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0634. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79028);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/10 11:49:53\");\n\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_bugtraq_id(63888, 66279, 66678);\n script_xref(name:\"RHSA\", value:\"2014:0634\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2014:0634)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix three security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.4 Extended\nUpdate Support.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol\n(DCCP) packets used the skb_header_pointer() function. A remote\nattacker could use this flaw to send a specially crafted DCCP packet\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID\ncontroller (aacraid) checked permissions of compat IOCTLs. A local\nattacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged\nguest user could use this flaw to crash the host or corrupt QEMU\nprocess memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red\nHat.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n # https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c6b506c4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:0634\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-6383\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-2523\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-0077\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0634\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debug-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debug-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-devel-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-devel-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-doc-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-firmware-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-headers-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-headers-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"perf-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"perf-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"perf-debuginfo-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"perf-debuginfo-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"python-perf-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"python-perf-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"python-perf-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"python-perf-debuginfo-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"python-perf-debuginfo-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-2.6.32-358.44.1.el6\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debug / kernel-debug-debuginfo / kernel-debug-devel / etc\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:21:09", "bulletinFamily": "scanner", "description": "Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "modified": "2018-11-10T00:00:00", "id": "CENTOS_RHSA-2014-0475.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=73923", "published": "2014-05-09T00:00:00", "title": "CentOS 6 : kernel (CESA-2014:0475)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0475 and \n# CentOS Errata and Security Advisory 2014:0475 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73923);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/10 11:49:31\");\n\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_bugtraq_id(63888, 66279, 66678);\n script_xref(name:\"RHSA\", value:\"2014:0475\");\n\n script_name(english:\"CentOS 6 : kernel (CESA-2014:0475)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix three security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol\n(DCCP) packets used the skb_header_pointer() function. A remote\nattacker could use this flaw to send a specially crafted DCCP packet\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID\ncontroller (aacraid) checked permissions of compat IOCTLs. A local\nattacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged\nguest user could use this flaw to crash the host or corrupt QEMU\nprocess memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red\nHat.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2014-May/020285.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c41d87f0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-abi-whitelists-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-debug-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-debug-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-doc-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-firmware-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-headers-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"perf-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"python-perf-2.6.32-431.17.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:21:09", "bulletinFamily": "scanner", "description": "Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "modified": "2018-11-10T00:00:00", "id": "REDHAT-RHSA-2014-0475.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=73937", "published": "2014-05-09T00:00:00", "title": "RHEL 6 : kernel (RHSA-2014:0475)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0475. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73937);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/10 11:49:53\");\n\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_bugtraq_id(63888, 66279, 66678);\n script_xref(name:\"RHSA\", value:\"2014:0475\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2014:0475)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix three security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol\n(DCCP) packets used the skb_header_pointer() function. A remote\nattacker could use this flaw to send a specially crafted DCCP packet\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID\ncontroller (aacraid) checked permissions of compat IOCTLs. A local\nattacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged\nguest user could use this flaw to crash the host or corrupt QEMU\nprocess memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red\nHat.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n # https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c6b506c4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:0475\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-6383\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-2523\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-0077\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0475\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-abi-whitelists-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-devel-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-devel-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-doc-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-firmware-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-headers-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-headers-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"perf-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"perf-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"perf-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"perf-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-perf-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-perf-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-perf-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-perf-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:21:09", "bulletinFamily": "scanner", "description": "* A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe system must be rebooted for this update to take effect.", "modified": "2018-12-28T00:00:00", "id": "SL_20140507_KERNEL_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=73938", "published": "2014-05-09T00:00:00", "title": "Scientific Linux Security Update : kernel on SL6.x i386/x86_64", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73938);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/12/28 10:10:35\");\n\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol\n(DCCP) packets used the skb_header_pointer() function. A remote\nattacker could use this flaw to send a specially crafted DCCP packet\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID\ncontroller (aacraid) checked permissions of compat IOCTLs. A local\nattacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged\nguest user could use this flaw to crash the host or corrupt QEMU\nprocess memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0077, Moderate)\n\nThe system must be rebooted for this update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1405&L=scientific-linux-errata&T=0&P=310\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e942d87f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"kernel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-abi-whitelists-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-debuginfo-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debuginfo-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", cpu:\"i386\", reference:\"kernel-debuginfo-common-i686-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-doc-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-firmware-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-headers-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"perf-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"perf-debuginfo-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"python-perf-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"python-perf-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:21:09", "bulletinFamily": "scanner", "description": "Description of changes:\n\n[2.6.39-400.214.6.el5uek]\n- aacraid: missing capable() check in compat ioctl (Dan Carpenter) [Orabug: 18721962] {CVE-2013-6383}\n- vhost: fix total length when packets are too short (Michael S. Tsirkin) [Orabug: 18721977] {CVE-2014-0077}", "modified": "2015-12-01T00:00:00", "id": "ORACLELINUX_ELSA-2014-3022.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=73960", "published": "2014-05-12T00:00:00", "title": "Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3022)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2014-3022.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73960);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2015/12/01 17:35:11 $\");\n\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\");\n script_bugtraq_id(63888, 66678);\n\n script_name(english:\"Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3022)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Description of changes:\n\n[2.6.39-400.214.6.el5uek]\n- aacraid: missing capable() check in compat ioctl (Dan Carpenter) \n[Orabug: 18721962] {CVE-2013-6383}\n- vhost: fix total length when packets are too short (Michael S. \nTsirkin) [Orabug: 18721977] {CVE-2014-0077}\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-May/004105.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-May/004108.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected unbreakable enterprise kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-2.6.39-400.214.6.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-debug-2.6.39-400.214.6.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-devel-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-debug-devel-2.6.39-400.214.6.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-devel-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-devel-2.6.39-400.214.6.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-doc-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-doc-2.6.39-400.214.6.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-firmware-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-firmware-2.6.39-400.214.6.el5uek\")) flag++;\n\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-2.6.39-400.214.6.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-2.6.39-400.214.6.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-devel-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-devel-2.6.39-400.214.6.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-devel-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-devel-2.6.39-400.214.6.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-doc-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-doc-2.6.39-400.214.6.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-firmware-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-firmware-2.6.39-400.214.6.el6uek\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:21:09", "bulletinFamily": "scanner", "description": "Description of changes:\n\nkernel-uek [3.8.13-26.2.4.el6uek]\n- aacraid: missing capable() check in compat ioctl (Dan Carpenter) [Orabug: 18721961] {CVE-2013-6383}\n- vhost: fix total length when packets are too short (Michael S. Tsirkin) [Orabug: 18721976] {CVE-2014-0077}", "modified": "2015-12-01T00:00:00", "id": "ORACLELINUX_ELSA-2014-3021.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=73959", "published": "2014-05-12T00:00:00", "title": "Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2014-3021)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2014-3021.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73959);\n script_version(\"$Revision: 1.5 $\");\n script_cvs_date(\"$Date: 2015/12/01 17:35:11 $\");\n\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\");\n script_bugtraq_id(63888, 66678);\n\n script_name(english:\"Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2014-3021)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Description of changes:\n\nkernel-uek\n[3.8.13-26.2.4.el6uek]\n- aacraid: missing capable() check in compat ioctl (Dan Carpenter) \n[Orabug: 18721961] {CVE-2013-6383}\n- vhost: fix total length when packets are too short (Michael S. \nTsirkin) [Orabug: 18721976] {CVE-2014-0077}\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-May/004113.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected unbreakable enterprise kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-26.2.4.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"dtrace-modules-3.8.13-26.2.4.el6uek-0.4.2-3.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-3.8.13\") && rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"kernel-uek-3.8.13-26.2.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-3.8.13\") && rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"kernel-uek-debug-3.8.13-26.2.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-devel-3.8.13\") && rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"kernel-uek-debug-devel-3.8.13-26.2.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-devel-3.8.13\") && rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"kernel-uek-devel-3.8.13-26.2.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-doc-3.8.13\") && rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"kernel-uek-doc-3.8.13-26.2.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-firmware-3.8.13\") && rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"kernel-uek-firmware-3.8.13-26.2.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-headers-3.8.13\") && rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"kernel-uek-headers-3.8.13-26.2.4.el6uek\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:22:45", "bulletinFamily": "scanner", "description": "Updated kernel packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 6.3 Extended Update Support.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes the following bug :\n\n* Prior to this update, a guest-provided value was used as the head length of the socket buffer allocated on the host. If the host was under heavy memory load and the guest-provided value was too large, the allocation could have failed, resulting in stalls and packet drops in the guest's Tx path. With this update, the guest-provided value has been limited to a reasonable size so that socket buffer allocations on the host succeed regardless of the memory load on the host, and guests can send packets without experiencing packet drops or stalls.\n(BZ#1092350)\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "modified": "2018-11-10T00:00:00", "id": "REDHAT-RHSA-2014-0593.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79024", "published": "2014-11-08T00:00:00", "title": "RHEL 6 : kernel (RHSA-2014:0593)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0593. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79024);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/10 11:49:53\");\n\n script_cve_id(\"CVE-2014-0077\", \"CVE-2014-2523\");\n script_xref(name:\"RHSA\", value:\"2014:0593\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2014:0593)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix two security issues and one bug are\nnow available for Red Hat Enterprise Linux 6.3 Extended Update\nSupport.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol\n(DCCP) packets used the skb_header_pointer() function. A remote\nattacker could use this flaw to send a specially crafted DCCP packet\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged\nguest user could use this flaw to crash the host or corrupt QEMU\nprocess memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red\nHat.\n\nThis update also fixes the following bug :\n\n* Prior to this update, a guest-provided value was used as the head\nlength of the socket buffer allocated on the host. If the host was\nunder heavy memory load and the guest-provided value was too large,\nthe allocation could have failed, resulting in stalls and packet drops\nin the guest's Tx path. With this update, the guest-provided value has\nbeen limited to a reasonable size so that socket buffer allocations on\nthe host succeed regardless of the memory load on the host, and guests\ncan send packets without experiencing packet drops or stalls.\n(BZ#1092350)\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:0593\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-2523\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-0077\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6\\.3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.3\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0593\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"i686\", reference:\"kernel-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"i686\", reference:\"kernel-debug-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-debug-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"i686\", reference:\"kernel-devel-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-devel-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", reference:\"kernel-doc-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", reference:\"kernel-firmware-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"i686\", reference:\"kernel-headers-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-headers-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"i686\", reference:\"perf-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"perf-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"x86_64\", reference:\"perf-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"i686\", reference:\"perf-debuginfo-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"perf-debuginfo-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"i686\", reference:\"python-perf-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"python-perf-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"x86_64\", reference:\"python-perf-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"i686\", reference:\"python-perf-debuginfo-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"python-perf-debuginfo-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-2.6.32-279.46.1.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debug / kernel-debug-debuginfo / kernel-debug-devel / etc\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:22:31", "bulletinFamily": "scanner", "description": "The ip6_route_add function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service (memory consumption) via a flood of ICMPv6 Router Advertisement packets.\n\ndrivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable buffers are disabled, does not properly validate packet lengths, which allows guest OS users to cause a denial of service (memory corruption and host OS crash) or possibly gain privileges on the host OS via crafted packets, related to the handle_rx and get_rx_bufs functions.\n\nnet/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a DCCP packet that triggers a call to the (1) dccp_new, (2) dccp_packet, or (3) dccp_error function.\n\nThe get_rx_bufs function in drivers/vhost/net.c in the vhost-net subsystem in the Linux kernel package before 2.6.32-431.11.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly handle vhost_get_vq_desc errors, which allows guest OS users to cause a denial of service (host OS crash) via unspecified vectors.", "modified": "2018-04-18T00:00:00", "id": "ALA_ALAS-2014-328.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=78271", "published": "2014-10-12T00:00:00", "title": "Amazon Linux AMI : kernel (ALAS-2014-328)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2014-328.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78271);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2014-0055\", \"CVE-2014-0077\", \"CVE-2014-2309\", \"CVE-2014-2523\");\n script_xref(name:\"ALAS\", value:\"2014-328\");\n\n script_name(english:\"Amazon Linux AMI : kernel (ALAS-2014-328)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The ip6_route_add function in net/ipv6/route.c in the Linux kernel\nthrough 3.13.6 does not properly count the addition of routes, which\nallows remote attackers to cause a denial of service (memory\nconsumption) via a flood of ICMPv6 Router Advertisement packets.\n\ndrivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable\nbuffers are disabled, does not properly validate packet lengths, which\nallows guest OS users to cause a denial of service (memory corruption\nand host OS crash) or possibly gain privileges on the host OS via\ncrafted packets, related to the handle_rx and get_rx_bufs functions.\n\nnet/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through\n3.13.6 uses a DCCP header pointer incorrectly, which allows remote\nattackers to cause a denial of service (system crash) or possibly\nexecute arbitrary code via a DCCP packet that triggers a call to the\n(1) dccp_new, (2) dccp_packet, or (3) dccp_error function.\n\nThe get_rx_bufs function in drivers/vhost/net.c in the vhost-net\nsubsystem in the Linux kernel package before 2.6.32-431.11.2 on Red\nHat Enterprise Linux (RHEL) 6 does not properly handle\nvhost_get_vq_desc errors, which allows guest OS users to cause a\ndenial of service (host OS crash) via unspecified vectors.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2014-328.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Run 'yum update kernel' to update your system. You will need to reboot\nyour system in order for the new kernel to be running.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"kernel-3.10.37-47.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-debuginfo-3.10.37-47.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-3.10.37-47.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-3.10.37-47.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-devel-3.10.37-47.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-doc-3.10.37-47.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-headers-3.10.37-47.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-3.10.37-47.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-debuginfo-3.10.37-47.135.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-i686 / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:21:09", "bulletinFamily": "scanner", "description": "Description of changes:\n\nkernel-uek [2.6.32-400.34.5.el5uek]\n- aacraid: missing capable() check in compat ioctl (Dan Carpenter) [Orabug: 18723276] {CVE-2013-6383}", "modified": "2015-12-01T00:00:00", "id": "ORACLELINUX_ELSA-2014-3023.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=73961", "published": "2014-05-12T00:00:00", "title": "Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3023)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2014-3023.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73961);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2015/12/01 17:35:11 $\");\n\n script_cve_id(\"CVE-2013-6383\");\n script_bugtraq_id(63888);\n\n script_name(english:\"Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3023)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Description of changes:\n\nkernel-uek\n[2.6.32-400.34.5.el5uek]\n- aacraid: missing capable() check in compat ioctl (Dan Carpenter) \n[Orabug: 18723276] {CVE-2013-6383}\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-May/004106.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-May/004107.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected unbreakable enterprise kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.34.5.el5uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.34.5.el5uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.34.5.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.34.5.el6uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-400.34.5.el5uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-400.34.5.el5uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-400.34.5.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-400.34.5.el6uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-2.6.32-400.34.5.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-debug-2.6.32-400.34.5.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-devel-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-debug-devel-2.6.32-400.34.5.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-devel-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-devel-2.6.32-400.34.5.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-doc-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-doc-2.6.32-400.34.5.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-firmware-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-firmware-2.6.32-400.34.5.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-headers-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-headers-2.6.32-400.34.5.el5uek\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"mlnx_en-2.6.32-400.34.5.el5uek-1.5.7-2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"mlnx_en-2.6.32-400.34.5.el5uekdebug-1.5.7-2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ofa-2.6.32-400.34.5.el5uek-1.5.1-4.0.58\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ofa-2.6.32-400.34.5.el5uekdebug-1.5.1-4.0.58\")) flag++;\n\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-2.6.32-400.34.5.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-2.6.32-400.34.5.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-devel-2.6.32-400.34.5.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-devel-2.6.32-400.34.5.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-doc-2.6.32-400.34.5.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-firmware-2.6.32-400.34.5.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-headers-2.6.32-400.34.5.el6uek\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mlnx_en-2.6.32-400.34.5.el6uek-1.5.7-0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mlnx_en-2.6.32-400.34.5.el6uekdebug-1.5.7-0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ofa-2.6.32-400.34.5.el6uek-1.5.1-4.0.58\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ofa-2.6.32-400.34.5.el6uekdebug-1.5.1-4.0.58\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:22:45", "bulletinFamily": "scanner", "description": "Updated kernel packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 5.9 Extended Update Support.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A buffer overflow flaw was found in the way the qeth_snmp_command() function in the Linux kernel's QETH network device driver implementation handled SNMP IOCTL requests with an out-of-bounds length. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system.\n(CVE-2013-6381, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\nThis update also fixes the following bug :\n\n* Running a process in the background on a GFS2 file system could sometimes trigger a glock recursion error that resulted in a kernel panic. This happened when a readpage operation attempted to take a glock that had already been held by another function. To prevent this error, GFS2 now verifies whether the glock is already held when performing the readpage operation. (BZ#1077789)\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "modified": "2018-11-10T00:00:00", "id": "REDHAT-RHSA-2014-0476.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79017", "published": "2014-11-08T00:00:00", "title": "RHEL 5 : kernel (RHSA-2014:0476)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0476. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79017);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/10 11:49:53\");\n\n script_cve_id(\"CVE-2013-6381\", \"CVE-2013-6383\");\n script_bugtraq_id(63888, 63890);\n script_xref(name:\"RHSA\", value:\"2014:0476\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2014:0476)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix two security issues and one bug are\nnow available for Red Hat Enterprise Linux 5.9 Extended Update\nSupport.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A buffer overflow flaw was found in the way the qeth_snmp_command()\nfunction in the Linux kernel's QETH network device driver\nimplementation handled SNMP IOCTL requests with an out-of-bounds\nlength. A local, unprivileged user could use this flaw to crash the\nsystem or, potentially, escalate their privileges on the system.\n(CVE-2013-6381, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID\ncontroller (aacraid) checked permissions of compat IOCTLs. A local\nattacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\nThis update also fixes the following bug :\n\n* Running a process in the background on a GFS2 file system could\nsometimes trigger a glock recursion error that resulted in a kernel\npanic. This happened when a readpage operation attempted to take a\nglock that had already been held by another function. To prevent this\nerror, GFS2 now verifies whether the glock is already held when\nperforming the readpage operation. (BZ#1077789)\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:0476\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-6383\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-6381\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5\\.9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.9\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0476\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-PAE-debuginfo-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-debuginfo-common-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", reference:\"kernel-doc-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-xen-debuginfo-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-348.25.1.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-debuginfo / kernel-PAE-devel / etc\");\n }\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2019-05-29T18:34:23", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2014:0475\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol (DCCP)\npackets used the skb_header_pointer() function. A remote attacker could use\nthis flaw to send a specially crafted DCCP packet to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-2523,\nImportant)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller\n(aacraid) checked permissions of compat IOCTLs. A local attacker could use\nthis flaw to bypass intended security restrictions. (CVE-2013-6383,\nModerate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged guest\nuser could use this flaw to crash the host or corrupt QEMU process memory\non the host, which could potentially result in arbitrary code execution on\nthe host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-May/020285.html\n\n**Affected packages:**\nkernel\nkernel-abi-whitelists\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-firmware\nkernel-headers\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-0475.html", "modified": "2014-05-08T17:53:25", "published": "2014-05-08T17:53:25", "href": "http://lists.centos.org/pipermail/centos-announce/2014-May/020285.html", "id": "CESA-2014:0475", "title": "kernel, perf, python security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:37:52", "bulletinFamily": "unix", "description": "[2.6.32-431.17.1]\n- [scsi] qla2xxx: Fixup looking for a space in the outstanding_cmds array in qla2x00_alloc_iocbs() (Chad Dupuis) [1085660 1070856]\n- [scsi] isci: fix reset timeout handling (David Milburn) [1080600 1040393]\n- [scsi] isci: correct erroneous for_each_isci_host macro (David Milburn) [1074855 1059325]\n- [kernel] sched: Fix small race where child->se.parent, cfs_rq might point to invalid ones (Naoya Horiguchi) [1081907 1032350]\n- [kernel] sched: suppress RCU lockdep splat in task_fork_fair (Naoya Horiguchi) [1081907 1032350]\n- [kernel] sched: add local variable to store task_group() to avoid kernel stall (Naoya Horiguchi) [1081908 1043733]\n- [fs] cifs: mask off top byte in get_rfc1002_length() (Sachin Prabhu) [1085358 1069737]\n- [kernel] Prevent deadlock when post_schedule_rt() results in calling wakeup_kswapd() on multiple CPUs (Larry Woodman) [1086095 1009626]\n- [scsi] AACRAID Driver compat IOCTL missing capability check (Jacob Tanenbaum) [1033533 1033534] {CVE-2013-6383}\n- [md] dm-thin: fix rcu_read_lock being held in code that can sleep (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: irqsave must always be used with the pool->lock spinlock (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: sort the per thin deferred bios using an rb_tree (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: use per thin device deferred bio lists (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: simplify pool_is_congested (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: fix dangling bio in process_deferred_bios error path (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: take care to copy the space map root before locking the superblock (Mike Snitzer) [1086007 1060381]\n- [md] dm-transaction-manager: fix corruption due to non-atomic transaction commit (Mike Snitzer) [1086007 1060381]\n- [md] dm-space-map-metadata: fix refcount decrement below 0 which caused corruption (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: fix Documentation for held metadata root feature (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: fix noflush suspend IO queueing (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: fix deadlock in __requeue_bio_list (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: fix out of data space handling (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: ensure user takes action to validate data and metadata consistency (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: synchronize the pool mode during suspend (Mike Snitzer) [1086007 1060381]\n- [md] fix Kconfig indentation (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: allow metadata space larger than supported to go unused (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: fix the error path for the thin device constructor (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: avoid metadata commit if a pool's thin devices haven't changed (Mike Snitzer) [1086007 1060381]\n- [md] dm-space-map-metadata: fix bug in resizing of thin metadata (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: fix pool feature parsing (Mike Snitzer) [1086007 1060381]\n- [md] dm-space-map-metadata: fix extending the space map (Mike Snitzer) [1086007 1060381]\n- [md] dm-space-map-common: make sure new space is used during extend (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: fix set_pool_mode exposed pool operation races (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: eliminate the no_free_space flag (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: add error_if_no_space feature (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: requeue bios to DM core if no_free_space and in read-only mode (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: cleanup and improve no space handling (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: log info when growing the data or metadata device (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: handle metadata failures more consistently (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: factor out check_low_water_mark and use bools (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: add mappings to end of prepared_* lists (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: return error from alloc_data_block if pool is not in write mode (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: use bool rather than unsigned for flags in structures (Mike Snitzer) [1086007 1060381]\n- [md] dm-persistent-data: cleanup dm-thin specific references in text (Mike Snitzer) [1086007 1060381]\n- [md] dm-space-map-metadata: limit errors in sm_metadata_new_block (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: fix discard support to a previously shared block (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: initialize dm_thin_new_mapping returned by get_next_mapping (Mike Snitzer) [1086007 1060381]\n- [md] dm-space-map: disallow decrementing a reference count below zero (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: allow pool in read-only mode to transition to read-write mode (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: re-establish read-only state when switching to fail mode (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: always fallback the pool mode if commit fails (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: switch to read-only mode if metadata space is exhausted (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: switch to read only mode if a mapping insert fails (Mike Snitzer) [1086007 1060381]\n- [md] dm-space-map-metadata: return on failure in sm_metadata_new_block (Mike Snitzer) [1086007 1060381]\n- [md] dm-space-map-disk: optimise sm_disk_dec_block (Mike Snitzer) [1086007 1060381]\n- [md] dm-table: print error on preresume failure (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: do not expose non-zero discard limits if discards disabled (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: always return -ENOSPC if no_free_space is set (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: set pool read-only if breaking_sharing fails block allocation (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: prefix pool error messages with pool device name (Mike Snitzer) [1086007 1060381]\n- [md] dm-space-map: optimise sm_ll_dec and sm_ll_inc (Mike Snitzer) [1086007 1060381]\n- [md] dm-btree: prefetch child nodes when walking tree for a dm_btree_del (Mike Snitzer) [1086007 1060381]\n- [md] dm-btree: use pop_frame in dm_btree_del to cleanup code (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: fix stacking of geometry limits (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: add data block size limits to Documentation (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: fix metadata dev resize detection (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: generate event when metadata threshold passed (Mike Snitzer) [1086007 1060381]\n- [md] dm-persistent-metadata: add space map threshold callback (Mike Snitzer) [1086007 1060381]\n- [md] dm-persistent-data: add threshold callback to space map (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: detect metadata device resizing (Mike Snitzer) [1086007 1060381]\n- [md] dm-persistent-data: support space map resizing (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: refactor data dev resize (Mike Snitzer) [1086007 1060381]\n- [md] dm-bufio: initialize read-only module parameters (Mike Snitzer) [1086007 1060381]\n- [md] dm-bufio: submit writes outside lock (Mike Snitzer) [1086007 1060381]\n- [md] dm-bufio: add recursive IO request BUG_ON (Mike Snitzer) [1086007 1060381]\n- [md] dm-bufio: prefetch (Mike Snitzer) [1086007 1060381]\n- [md] dm-bufio: fix slow IO latency issue specific to RHEL6 (Mike Snitzer) [1086490 1058528]\n- [netdrv] mlx4_en: Fixed crash when port type is changed (Amir Vadai) [1085658 1059586]\n- [netdrv] vmxnet3: fix netpoll race condition (Neil Horman) [1083175 1073218]\n- [net] netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages (Jiri Pirko) [1077345 1077346] {CVE-2014-2523}\n- [scsi] megaraid_sas: fix a small problem when reading state value from hw (Tomas Henzl) [1078641 1065187]\n- [fs] gfs2: Increase the max number of ACLs (Robert S Peterson) [1078874 1075713]\n- [net] filter: let bpf_tell_extensions return SKF_AD_MAX (Daniel Borkmann) [1079872 960275]\n- [net] introduce SO_BPF_EXTENSIONS (Daniel Borkmann) [1079872 960275]\n- [scsi] scsi_dh: cosmetic change to sizeof() (Ewan Milne) [1075554 1062494]\n- [acpi] thermal: Check for thermal zone requirement (Nigel Croxon) [1075651 1021044]\n- [acpi] thermal: Don't invalidate thermal zone if critical trip point is bad (Nigel Croxon) [1075651 1021044]\n- [mm] flush pages from pagevec of offlined CPU (Naoya Horiguchi) [1078007 1037467]\n- [fs] xfs: deprecate nodelaylog option (Eric Sandeen) [1076056 1055644]\n- [fs] Fix mountpoint reference leakage in linkat (Jeff Layton) [1069848 1059943]\n- [net] sock: Fix release_cb kABI brekage (Thomas Graf) [1066535 1039723]\n- [vhost] fix total length when packets are too short (Michael S. Tsirkin) [1064442 1064444] {CVE-2014-0077}\n- [net] sctp: fix sctp_sf_do_5_1D_ce to verify if peer is AUTH capable (Daniel Borkmann) [1070715 1067451] {CVE-2014-0101}\n- [vhost] validate vhost_get_vq_desc return value (Michael S. Tsirkin) [1062579 1058677] {CVE-2014-0055}\n[2.6.32-431.16.1]\n- [scsi] vmw_pvscsi: Fix pvscsi_abort() function (Ewan Milne) [1077874 1002727]\n[2.6.32-431.15.1]\n- [kernel] sched: Avoid throttle_cfs_rq() racing with period_timer stopping (Seth Jennings) [1083350 844450]\n[2.6.32-431.14.1]\n- [net] ip_tunnel: (revert old)/fix ecn decapsulation behaviour (Jiri Pirko) [1078011 1059402]\n- [net] ipv6: del unreachable route when an addr is deleted on lo (Vivek Dasgupta) [1078798 1028372]\n- [net] ipv6: add ip6_route_lookup (Vivek Dasgupta) [1078798 1028372]\n- [net] packet: improve socket create/bind latency in some cases (Daniel Borkmann) [1079870 1045150]\n[2.6.32-431.13.1]\n- [fs] dcache: fix cleanup on warning in d_splice_alias (J. Bruce Fields) [1063201 1042731]\n- [net] sctp: fix sctp_connectx abi for ia32 emulation/compat mode (Daniel Borkmann) [1076242 1053547]\n[2.6.32-431.12.1]\n- [mm] vmscan: re-introduce the ZONE_RECLAIM_NOSCAN bailout for zone_reclaim() (Rafael Aquini) [1073562 1039534]\n- [mm] vmscan: compaction works against zones, not lruvecs (Johannes Weiner) [1073564 982770]", "modified": "2014-05-07T00:00:00", "published": "2014-05-07T00:00:00", "id": "ELSA-2014-0475", "href": "http://linux.oracle.com/errata/ELSA-2014-0475.html", "title": "kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:31", "bulletinFamily": "unix", "description": "[3.8.13-26.2.4.el6uek]\n- aacraid: missing capable() check in compat ioctl (Dan Carpenter) [Orabug: 18721961] {CVE-2013-6383}\n- vhost: fix total length when packets are too short (Michael S. Tsirkin) [Orabug: 18721976] {CVE-2014-0077}", "modified": "2014-05-09T00:00:00", "published": "2014-05-09T00:00:00", "id": "ELSA-2014-3021", "href": "http://linux.oracle.com/errata/ELSA-2014-3021.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:52", "bulletinFamily": "unix", "description": "[2.6.39-400.214.6]\n- aacraid: missing capable() check in compat ioctl (Dan Carpenter) [Orabug: 18721962] {CVE-2013-6383}\n- vhost: fix total length when packets are too short (Michael S. Tsirkin) [Orabug: 18721977] {CVE-2014-0077}", "modified": "2014-05-08T00:00:00", "published": "2014-05-08T00:00:00", "id": "ELSA-2014-3022", "href": "http://linux.oracle.com/errata/ELSA-2014-3022.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:18", "bulletinFamily": "unix", "description": "kernel-uek\n[2.6.32-400.34.5uek]\n- aacraid: missing capable() check in compat ioctl (Dan Carpenter) [Orabug: 18723276] {CVE-2013-6383}", "modified": "2014-05-08T00:00:00", "published": "2014-05-08T00:00:00", "id": "ELSA-2014-3023", "href": "http://linux.oracle.com/errata/ELSA-2014-3023.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:02", "bulletinFamily": "unix", "description": "kernel-uek\n[2.6.32-400.34.4uek]\n- netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages (Daniel Borkmann) [Orabug: 18462076] {CVE-2014-2523}\n- net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH capable (Daniel Borkmann) [Orabug: 18461091] {CVE-2014-0101}", "modified": "2014-03-27T00:00:00", "published": "2014-03-27T00:00:00", "id": "ELSA-2014-3016", "href": "http://linux.oracle.com/errata/ELSA-2014-3016.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:03", "bulletinFamily": "unix", "description": "[2.6.39-400.214.4]\n- netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages (Daniel Borkmann) [Orabug: 18462070] {CVE-2014-2523}\n- net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH capable (Daniel Borkmann) [Orabug: 18461090] {CVE-2014-0101}\n- vhost-net: insufficient handling of error conditions in get_rx_bufs() (Guangyu Sun) [Orabug: 18461089] {CVE-2014-0055}", "modified": "2014-03-26T00:00:00", "published": "2014-03-26T00:00:00", "id": "ELSA-2014-3015", "href": "http://linux.oracle.com/errata/ELSA-2014-3015.html", "title": "unbreakable enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:16", "bulletinFamily": "unix", "description": "kernel-uek \r\n[3.8.13-35.el6uek] \r\n- n_tty: Fix n_tty_write crash when echoing in raw mode (Peter Hurley) [Orabug: 18754908] {CVE-2014-0196} {CVE-2014-0196} \r\n \n[3.8.13-34.el6uek] \r\n- aacraid: missing capable() check in compat ioctl (Dan Carpenter) [Orabug: 18721960] {CVE-2013-6383} \r\n- vhost: fix total length when packets are too short (Michael S. Tsirkin) [Orabug: 18721975] {CVE-2014-0077} \r\n \n[3.8.13-33.el6uek] \r\n- dtrace: ensure one can try to get user pages without locking or faulting (Kris Van Hees) [Orabug: 18653173] \r\n- ipv6: don't set DST_NOCOUNT for remotely added routes (Sabrina Dubroca) [Orabug: 18681501] {CVE-2014-2309} \r\n- kvm: x86: fix emulator buffer overflow (CVE-2014-0049) (Andrew Honig) [Orabug: 18681519] {CVE-2014-0049} \r\n- ib_core: fmr pool hard lock up when cache enabled (Shamir Rabinovitch) [Orabug: 18408531] \r\n- bnx2x: disable PTP clock support (Jerry Snitselaar) [Orabug: 18605376] \r\n- x86, mm: Revert back good_end setting for 64bit (Brian Maly) [Orabug: 17648536] \r\n- IB/sdp: disable APM by default (Shamir Rabinovitch) [Orabug: 18443201] \r\n- vxlan: kernel panic when bringing up vxlan (Venkat Venkatsubra) [Orabug: 18295741] \r\n- ocfs2: call ocfs2_update_inode_fsync_trans when updating any inode (Darrick J. Wong) [Orabug: 18257094] \r\n- ocfs2: improve fsync efficiency and fix deadlock between aio_write and sync_file (Darrick J. Wong) [Orabug: 18257094] \r\n- Revert \"ocfs2: fix i_mutex deadlock between aio_write and sync_file\" (Jerry Snitselaar) [Orabug: 18257094] \r\n- config: align with rhck (Jerry Snitselaar) [Orabug: 18685975] \r\n- config: disable atmel drivers for ol7 (Jerry Snitselaar) [Orabug: 18665656] \r\n- config: enable support for squashfs features (Jerry Snitselaar) [Orabug: 18655723] \r\n- qla4xxx: Update driver verion to v5.04.00.05.06.02-uek3 (Tej Parkash) [Orabug: 18552248] \r\n- net: ipv4: current group_info should be put after using. (Wang, Xiaoming) [Orabug: 18603519] {CVE-2014-2851} \r\n \n[3.8.13-32.el6uek] \r\n- mm / dtrace: Allow DTrace to entirely disable page faults. (Nick Alcock) [Orabug: 18412802] \r\n- mm: allow __get_user_pages() callers to avoid triggering page faults. (Nick Alcock) [Orabug: 18412802] \r\n- config: enable nfs client support for rdma (Jerry Snitselaar) [Orabug: 18560595] \r\n- NFS: Fix negative overflow in SETATTR timestamps (Chuck Lever) [Orabug: 18476361] \r\n- NFS: Transfer full int64 for NFSv4 SETATTR timestamps (Chuck Lever) [Orabug: 18476361] \r\n- NFS: Block file size updates during async READ (Chuck Lever) [Orabug: 18391310] \r\n- NFS: Use an RPC/RDMA long request for NFS symlink operations (Chuck Lever) [Orabug: 18261861] \r\n- SUNRPC: Support long RPC/RDMA requests (Chuck Lever) [Orabug: 18261861] \r\n- xprtrdma: Split the completion queue (Chuck Lever) [Orabug: 18560595] \r\n- xprtrdma: Make rpcrdma_ep_destroy() return void (Chuck Lever) [Orabug: 18560595] \r\n- xprtrdma: Simplify rpcrdma_deregister_external() synopsis (Chuck Lever) [Orabug: 18560595] \r\n- xprtrdma: Remove support for MEMWINDOWS registration mode (Chuck Lever) [Orabug: 18560595] \r\n- xprtrdma: Disable ALLPHYSICAL mode by default (Chuck Lever) [Orabug: 18560595] \r\n- xprtrdma: Remove BOUNCEBUFFERS memory registration mode (Chuck Lever) [Orabug: 18560595] \r\n- SUNRPC: RPC/RDMA must invoke xprt_wake_pending_tasks() in process context (Chuck Lever) [Orabug: 18560595] \r\n- xprtrdma: add separate Kconfig options for NFSoRDMA client and server support (Jeff Layton) [Orabug: 18560595] \r\n- NFS: incorrect \"port=\" value in /proc/mounts (Chuck Lever) [Orabug: 18560595] \r\n- NFS: advertise only supported callback netids (Chuck Lever) [Orabug: 18560595] \r\n- SUNRPC: remove KERN_INFO from dprintk() call sites (Chuck Lever) [Orabug: 18560595] \r\n- SUNRPC: Fix large reads on NFS/RDMA (Chuck Lever) [Orabug: 18560595] \r\n- fnic: Failing to queue aborts due to Q full cause terminate driver timeout (Simha) [Orabug: 18548644] \r\n- net: enic: include irq.h for irqreturn_t definitions (Josh Boyer) [Orabug: 18548634] \r\n- enic: Call dev_kfree_skb_any instead of dev_kfree_skb. (Eric W. Biederman) [Orabug: 18548634] \r\n- enic: Don't receive packets when the napi budget == 0 (Eric W. Biederman) [Orabug: 18548634] \r\n- net: enic: slight optimization of addr compare (dingtianhong) [Orabug: 18548634] \r\n- net: enic: remove unnecessary pci_set_drvdata() (Jingoo Han) [Orabug: 18548634] \r\n- driver/net: enic: update enic maintainers and driver (govindarajulu.v) [Orabug: 18548634] \r\n- driver/net: enic: Exposing symbols for Cisco's low latency driver (govindarajulu.v) [Orabug: 18548634] \r\n- driver/net: enic: Try DMA 64 first, then failover to DMA (govindarajulu.v) [Orabug: 18548634] \r\n- driver/net: enic: record q_number and rss_hash for skb (govindarajulu.v) [Orabug: 18548634] \r\n- driver/net: enic: Add multi tx support for enic (govindarajulu.v) [Orabug: 18548634] \r\n- drivers/net: enic: Generate notification of hardware crash (Neel Patel) [Orabug: 18548634] \r\n- drivers/net: enic: Add an interface for USNIC to interact with firmware (Neel Patel) [Orabug: 18548634] \r\n- drivers/net: enic: Adding support for Cisco Low Latency NIC (Neel Patel) [Orabug: 18548634] \r\n- drivers/net: enic: Move ethtool code to a separate file (Neel Patel) [Orabug: 18548634] \r\n- drivers/net: enic: release rtnl_lock on error-path (Konstantin Khlebnikov) [Orabug: 18548634] \r\n- enic: be less verbose about non-critical firmware errors (Stefan Assmann) [Orabug: 18548634] \r\n- enic: change sprintf() to snprintf() (Dan Carpenter) [Orabug: 18548634] \r\n- dtrace: implement omni-present cyclics (Kris Van Hees) [Orabug: 18323501] \r\n- Update .gitignore with generated SDT files. (Nick Alcock) [Orabug: 17851716] \r\n- dtrace: avoid unreliable entries in stack() output (Kris Van Hees) [Orabug: 18323450] \r\n- drm/i915: hsw: replace !is_pch_edp() with port==PORT_A (Imre Deak) [Orabug: 18429992] \r\n- drm/i915: IVB/HSW have 32 fence register (Ville Syrjala) [Orabug: 18429992] \r\n- drm/i915: Configure GAM_ECOCHK appropriatly for Gen7 (Ville Syrjala) [Orabug: 18429992] \r\n- drm/i915: use lower aux clock divider on non-ULT HSW (Jani Nikula) [Orabug: 18429992] \r\n- drm/i915: HSW PM Frequency bits fix (Rodrigo Vivi) [Orabug: 18429992] \r\n- drm/i915: there's no PIPESTAT on HAS_PCH_SPLIT platforms (Paulo Zanoni) [Orabug: 18429992] \r\n- drm/i915: there's no DSPPOS register on gen4+ (Paulo Zanoni) [Orabug: 18429992] \r\n- drm/i915: reorganize intel_lvds_supported (Paulo Zanoni) [Orabug: 18429992] \r\n- drm/i915: fix DSPADDR Gen check (Paulo Zanoni) [Orabug: 18429992] \r\n- drm/i915: there's no DSPADDR register on Haswell (Paulo Zanoni) [Orabug: 18429992] \r\n- drm/i915: there's no DSPSIZE register on gen4+ (Paulo Zanoni) [Orabug: 18429992] \r\n- drm/i915: Use cpu_transcoder for HSW_TVIDEO_DIP_* instead of pipe (Rodrigo Vivi) [Orabug: 18429992] \r\n- PM: intel_powerclamp: enable driver in defconfigs (Brian Maly) [Orabug: 18429987] \r\n- intel_powerclamp: Fix cstate counter detection. (Yuxuan Shui) [Orabug: 18429987] \r\n- thermal/intel_powerclamp: Add newer CPU models (Jacob Pan) [Orabug: 18429987] \r\n- PM: Introduce Intel PowerClamp Driver (Jacob Pan) [Orabug: 18429987] \r\n- tick: export nohz tick idle symbols for module use (Jacob Pan) [Orabug: 18429987] \r\n- x86/nmi: export local_touch_nmi() symbol for modules (Jacob Pan) [Orabug: 18429987] \r\n- ioatdma: disable RAID on non-Atom platforms and reenable unaligned copies (Brice Goglin) [Orabug: 18430022] \r\n- ioatdma: ioat3_alloc_sed can be static (Fengguang Wu) [Orabug: 18430022] \r\n- ioatdma: Adding write back descriptor error status support for ioatdma 3.3 (Dave Jiang) [Orabug: 18430022] \r\n- ioatdma: S1200 platforms ioatdma channel 2 and 3 falsely advertise RAID cap (Dave Jiang) [Orabug: 18430022] \r\n- ioatdma: Adding support for 16 src PQ ops and super extended descriptors (Dave Jiang) [Orabug: 18430022] \r\n- ioatdma: skip silicon bug workaround for pq_align for cb3.3 (Dave Jiang) [Orabug: 18430022] \r\n- ioatdma: Removing PQ val disable for cb3.3 (Dave Jiang) [Orabug: 18430022] \r\n- ioatdma: channel reset scheme fixup on Intel Atom S1200 platforms (Dave Jiang) [Orabug: 18430022] \r\n- ioatdma: Add 64bit chansts register read for ioat v3.3. (Dave Jiang) [Orabug: 18430022] \r\n- ioatdma: Adding PCI IDs for Intel Atom S1200 product family ioatdma devices (Dave Jiang) [Orabug: 18430022] \r\n- ioatdma: Adding Haswell devid for ioatdma (Dave Jiang) [Orabug: 18430022] \r\n- ioatdma: allow all channels to have irq coalescing support (Dave Jiang) [Orabug: 18430022] \r\n- ioatdma: make debug output more readable (Dave Jiang) [Orabug: 18430022] \r\n- ioat/dca: Update DCA BIOS workarounds to use TAINT_FIRMWARE_WORKAROUND (Alexander Duyck) [Orabug: 18430022] \r\n- dmaengine: ioat - fix spare sparse complain (Fengguang Wu) [Orabug: 18430022] \r\n- ioatdma: fix race between updating ioat->head and IOAT_COMPLETION_PENDING (Dave Jiang) [Orabug: 18430022] \r\n- ioat: remove chanerr mask setting for IOAT v3.x (Dave Jiang) [Orabug: 18430022] \r\n- PCI: Remove Intel Haswell D3 delays (Todd E Brandt) [Orabug: 18559933] \r\n- hyperv-fb: kick off efifb early (Gerd Hoffmann) [Orabug: 18276803] \r\n- hyperv-fb: add support for generation 2 virtual machines. (Gerd Hoffmann) [Orabug: 18276803] \r\n- vmbus: use resource for hyperv mmio region (Gerd Hoffmann) [Orabug: 18276803] \r\n- vmbus: add missing breaks (Gerd Hoffmann) [Orabug: 18276803] \r\n- Drivers: hv: fcopy_open() can be static (Fengguang Wu) [Orabug: 18276803] \r\n- Drivers: hv: Implement the file copy service (K. Y. Srinivasan) [Orabug: 18276803] \r\n- hv: Add hyperv.h to uapi headers (Bjarke Istrup Pedersen) [Orabug: 18276803] \r\n- Drivers: hv: Ballon: Make pressure posting thread sleep interruptibly (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: vmbus: Cleanup the packet send path (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: vmbus: Extract the mmio information from DSDT (K. Y. Srinivasan) [Orabug: 18276803] \r\n- add support for Hyper-V reference time counter (Vadim Rozenfeld) [Orabug: 18276803] \r\n- hyperv: enable framebuffer and keyboard drivers (Jerry Snitselaar) [Orabug: 18276803] \r\n- Drivers: hv: remove HV_DRV_VERSION (Olaf Hering) [Orabug: 18276803] \r\n- x86, hyperv: Move a variable to avoid an unused variable warning (H. Peter Anvin) [Orabug: 18276803] \r\ninclude (David Rientjes) [Orabug: 18276803] \r\n- x86, hyperv: Correctly guard the local APIC calibration code (K. Y. Srinivasan) [Orabug: 18276803] \r\n- x86, hyperv: Get the local APIC timer frequency from the hypervisor (K. Y. Srinivasan) [Orabug: 18276803] \r\n- x86: Correctly detect hypervisor (Jason Wang) [Orabug: 18276803] \r\n- x86, hyperv: Handle Xen emulation of Hyper-V more gracefully (K. Y. Srinivasan) [Orabug: 18276803] \r\n- X86: Handle Hyper-V vmbus interrupts as special hypervisor interrupts (K. Y. Srinivasan) [Orabug: 18276803] \r\n- X86: Add a check to catch Xen emulation of Hyper-V (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Input: hyperv-keyboard - pass through 0xE1 prefix (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Input: add a driver to support Hyper-V synthetic keyboard (K. Y. Srinivasan) [Orabug: 18276803] \r\n- [SCSI] storvsc: NULL pointer dereference fix (Ales Novak) [Orabug: 18276803] \r\n- [SCSI] storvsc: Increase the value of STORVSC_MAX_IO_REQUESTS (K. Y. Srinivasan) [Orabug: 18276803] \r\n- [SCSI] storvsc: Support FC devices (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Add the GUID fot synthetic fibre channel device (K. Y. Srinivasan) [Orabug: 18276803] \r\n- [SCSI] storvsc: Implement multi-channel support (K. Y. Srinivasan) [Orabug: 18276803] \r\n- [SCSI] storvsc: Update the storage protocol to win8 level (K. Y. Srinivasan) [Orabug: 18276803] \r\n- [SCSI] storvsc: Increase the value of scsi timeout for storvsc devices (K. Y. Srinivasan) [Orabug: 18276803] \r\n- [SCSI] storvsc: Handle dynamic resizing of the device (K. Y. Srinivasan) [Orabug: 18276803] \r\n- [SCSI] storvsc: Restructure error handling code on command completion (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: scsi: storvsc: Use the consolidated GUID definition (K. Y. Srinivasan) [Orabug: 18276803] \r\n- HID: hyperv: make sure input buffer is big enough (David Herrmann) [Orabug: 18276803] \r\n- HID: hyperv: convert alloc+memcpy to memdup (Thomas Meyer) [Orabug: 18276803] \r\n- Drivers: hid: hid-hyperv: Use consolidated GUID definitions (K. Y. Srinivasan) [Orabug: 18276803] \r\n- hyperv: Move state setting for link query (Haiyang Zhang) [Orabug: 18276803] \r\n- hyperv: Fix the carrier status setting (Haiyang Zhang) [Orabug: 18276803] \r\n- hyperv: Fix race between probe and open calls (Haiyang Zhang) [Orabug: 18276803] \r\n- hyperv: Fix the NETIF_F_SG flag setting in netvsc (Haiyang Zhang) [Orabug: 18276803] \r\n- Fix the VLAN_TAG_PRESENT in netvsc_recv_callback() (Haiyang Zhang) [Orabug: 18276803] \r\n- hyperv: Fix vlan_proto setting in netvsc_recv_callback() (Haiyang Zhang) [Orabug: 18276803] \r\n- hyperv: Fix a compiler warning in netvsc_send() (Haiyang Zhang) [Orabug: 18276803] \r\n- hyperv: Fix a kernel warning from netvsc_linkstatus_callback() (Haiyang Zhang) [Orabug: 18276803] \r\n- Drivers: net: hyperv: Use the consolidated GUID definition (K. Y. Srinivasan) [Orabug: 18276803] \r\n- hyperv-fb: add blanking support (Gerd Hoffmann) [Orabug: 18276803] \r\n- hyperv-fb: add pci stub (Gerd Hoffmann) [Orabug: 18276803] \r\n- drivers/video: add Hyper-V Synthetic Video Frame Buffer Driver (Haiyang Zhang) [Orabug: 18276803] \r\n- Drivers: hv: vmbus: Don't timeout during the initial connection with host (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: vmbus: Specify the target CPU that should receive notification (K. Y. Srinivasan) [Orabug: 18276803] \r\n- hyperv: Add support for physically discontinuous receive buffer (Haiyang Zhang) [Orabug: 18276803] \r\n- drivers: hv: Mark the function hv_synic_free_cpu() as static in hv.c (Rashika Kheria) [Orabug: 18276803] \r\n- Drivers: hv: vmbus: Fix a bug in channel rescind code (K. Y. Srinivasan) [Orabug: 18276803] \r\n- drivers: hv: Fix wrong check for synic_event_page (Felipe Pena) [Orabug: 18276803] \r\n- Drivers: hv: vmbus: Terminate vmbus version negotiation on timeout (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: util: Correctly support ws2008R2 and earlier (K. Y. Srinivasan) [Orabug: 18276803] \r\n- hv: vmbus: fix vmbus_recvpacket_raw() return code (Dan Carpenter) [Orabug: 18276803] \r\n- hv: Change variable type to bool (Peter Senna Tschudin) [Orabug: 18276803] \r\n- Drivers: hv: vmbus: Do not attempt to negoatiate a new version prematurely (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: vmbus: Fix a bug in the handling of channel offers (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: balloon: Do not post pressure status if interrupted (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: balloon: Fix a bug in the hot-add code (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: vmbus: incorrect device name is printed when child device is unregistered (Fernando Soto) [Orabug: 18276803] \r\n- Drivers: hv: balloon: Initialize the transaction ID just before sending the packet (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: util: Fix a bug in version negotiation code for util services (K. Y. Srinivasan) [Orabug: 18276803] \r\n- drivers: hv: allocate synic structures before hv_synic_init() (Jason Wang) [Orabug: 18276803] \r\n- drivers: hv: check interrupt mask before read_index (Jason Wang) [Orabug: 18276803] \r\n- drivers: hv: switch to use mb() instead of smp_mb() (Jason Wang) [Orabug: 18276803] \r\n- Drivers: hv: vmbus: Implement multi-channel support (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Fix a bug in get_vp_index() (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: vmbus: Fix a bug in hv_need_to_signal() (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Notify the host of permanent hot-add failures (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: balloon: Support 2M page allocations for ballooning (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: balloon: Permit Linux to specify hot-add alignment requirements (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: balloon: make local functions static (Wei Yongjun) [Orabug: 18276803] \r\n- Drivers: hv: Add a new driver to support host initiated backup (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: vmbus: Handle channel rescind message correctly (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: balloon: Implement hot-add functionality (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: balloon: Make the balloon driver not unloadable (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: balloon: Execute hot-add code in a separate context (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: balloon: Execute balloon inflation in a separate context (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: balloon: Do not request completion notification (K. Y. Srinivasan) [Orabug: 18276803] \r\n- driver: hv: remove cast for kmalloc return value (Zhang Yanfei) [Orabug: 18276803] \r\n- Drivers: hv: vmbus: Use the new infrastructure for delivering VMBUS interrupts (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: balloon: Prevent the host from ballooning the guest too low (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: balloon: Add a parameter to delay pressure reporting (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: balloon: Make adjustments to the pressure report (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Use consolidated GUID definitions (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: vmbus: Consolidate all offer GUID definitions in hyperv.h (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Bind all vmbbus interrupts to the boot CPU (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: vmbus_flow_handler() can be static (Fengguang Wu) [Orabug: 18276803] \r\n- Drivers: hv: remove unused variable in vmbus_recvpacket_raw() (Wei Yongjun) [Orabug: 18276803] \r\n- Drivers: hv: Cleanup and consolidate reporting of build/version info (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Capture the host build information (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Implement flow management on the send side (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Enable protocol negotiation with win8 hosts (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Add a check to deal with spurious interrupts (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Handle vmbus interrupts concurrently on all cpus (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Manage event tasklets on per-cpu basis (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Get rid of unnecessary request for offers (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Get rid of the unused global signaling state (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Add code to distribute channel interrupt load (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Modify the interrupt handling code to support win8 and beyond (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Add state to manage incoming channel interrupt load (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Setup a mapping for Hyper-V's notion cpu ID (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Cleanup vmbus_set_event() to support win7 and beyond (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Manage signaling state on a per-connection basis (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Move vmbus version definitions to hyperv.h (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Change the signature of vmbus_set_event() (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Change the signature for hv_signal_event() (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Save and export negotiated vmbus version (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Extend/modify vmbus_channel_offer_channel for win7 and beyond (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Update the ring buffer structure to match win8 functionality (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Support handling multiple VMBUS versions (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Get rid of hv_get_ringbuffer_interrupt_mask() (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Optimize the signaling on the write path (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Optimize signaling in the read path (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Turn off batched reading for util drivers (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Add state to manage batched reading (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Implement routines for read side signaling optimization (K. Y. Srinivasan) [Orabug: 18276803] \r\n- hv: hv_balloon: remove duplicated include from hv_balloon.c (Wei Yongjun) [Orabug: 18276803] \r\n- x86, kvm: Switch to use hypervisor_cpuid_base() (Jason Wang) [Orabug: 18276803] \r\n- x86: Introduce hypervisor_cpuid_base() (Jason Wang) [Orabug: 18276803] \r\n- x86, mm: Create slow_virt_to_phys() (Dave Hansen) [Orabug: 18276803] \r\n- x86, mm: Pagetable level size/shift/mask helpers (Dave Hansen) [Orabug: 18276803] \r\n- mm: export split_page() (K. Y. Srinivasan) [Orabug: 18276803] \r\n- x86, hyperv: HYPERV depends on X86_LOCAL_APIC (H. Peter Anvin) [Orabug: 18276803] \r\n- qla2xxx: Update the driver version to 8.07.00.08.39.0-k1. (Saurav Kashyap) [Orabug: 18524767] \r\n- qla2xxx: Remove ISP8044 ID from the pci table. (Saurav Kashyap) [Orabug: 18524767] \r\n- qla2xxx: Remove mapped vp index iterator macro dead code. (Himanshu Madhani) [Orabug: 18524767] \r\n- qla2xxx: Add MBC option for fast SFP data access. (Joe Carnuccio) [Orabug: 18524767] \r\n- qla2xxx: Fix ISPFX00 not displaying the correct FW version after FW update through sysfs Interface. (Armen Baloyan) [Orabug: 18524767] \r\n- qla2xxx: Fix beacon blink logic for ISP26xx/83xx. (Himanshu Madhani) [Orabug: 18524767] \r\n- qla2xxx: Don't check for firmware hung during the reset context for ISP82XX. (Tej Prakash) [Orabug: 18524767] \r\n- qla2xxx: Fixup looking for a space in the outstanding_cmds array in qla2x00_alloc_iocbs(). (Chad Dupuis) [Orabug: 18524767] \r\n- qla2xxx: Delay driver unload if there is any pending activity going on. (Sawan Chandak) [Orabug: 18524767] \r\n- qla2xxx: ISP27xx queue index shadow registers. (Joe Carnuccio) [Orabug: 18524767] \r\n- qla2xxx: ISP27xx firmware dump template spec updates (including T274). (Joe Carnuccio) [Orabug: 18524767] \r\n- qla2xxx: Reduce the time we wait for a command to complete during SCSI error handling. (Chad Dupuis) [Orabug: 18524767] \r\n- qla2xxx: Check the QLA8044_CRB_DRV_ACTIVE_INDEX register when we are not the owner of the reset. (Hiral Patel) [Orabug: 18524767] \r\n- qla2xxx: Clear loop_id for ports that are marked lost during fabric scanning. (Chad Dupuis) [Orabug: 18524767] \r\n- qla2xxx: Adjust adapter reset routine to the changes in firmware specification for ISPFx00. (Armen Baloyan) [Orabug: 18524767] \r\n- qla2xxx: Avoid escalating the SCSI error handler if the command is not found in firmware. (Chad Dupuis) [Orabug: 18524767] \r\n- qla2xxx: IOCB data should be copied to I/O mem using memcpy_toio. (Atul Deshmukh) [Orabug: 18524767] \r\n- qla2xxx: Use proper log message for flash lock failed error for ISP82XX. (Atul Deshmukh) [Orabug: 18524767] \r\n- qla2xxx: Remove configure VFs mailbox command call. (Chad Dupuis) [Orabug: 18524767] \r\n- qla2xxx: ISP8044 poll ipmdio bus timeout improvement. (Joe Carnuccio) [Orabug: 18524767] \r\n- qla2xxx: Poll during initialization for ISP25xx and ISP83xx. (Giridhar Malavali) [Orabug: 18524767] \r\n- qla2xxx: Fix build errors related to invalid print fields on some architectures. (Chad Dupuis) [Orabug: 18524767] \r\nfile for msleep declartion in qla_nx2.c file. (Atul Deshmukh) [Orabug: 18524767] \r\n- qla2xxx: Use proper log message for flash lock failed error. (Atul Deshmukh) [Orabug: 18524767] \r\n- qla2xxx: Decrease pci access for response queue processing for ISPFX00. (Armen Baloyan) [Orabug: 18524767] \r\n- qla2xxx: Use jiffies instead of struct timeval and gettimeofday(). (Atul Deshmukh) [Orabug: 18524767] \r\n- qla2xxx: Update entry type 270 to match spec update. (Joe Carnuccio) [Orabug: 18524767] \r\n- qla2xxx: Enable fw_dump_size for helga (Hiral Patel) [Orabug: 18524767] \r\n- qla2xxx: Remove unnecessary code from qlafx00_intr_handler (Hiral Patel) [Orabug: 18524767] \r\n- qla2xxx: Introduce fw_dump_flag to track fw dump progress (Hiral Patel) [Orabug: 18524767] \r\n- qla2xxx: Remove unnecessary delays from fw dump code path (Hiral Patel) [Orabug: 18524767] \r\n- qla2xxx: Track the process when the ROM_LOCK failure happens (Hiral Patel) [Orabug: 18524767] \r\n- qla2xxx: Correction to 27xx template entry types 256 and 258. (Joe Carnuccio) [Orabug: 18524767] \r\n- qla2xxx: Add 8044 serdes bsg interface. (Joe Carnuccio) [Orabug: 18524767] \r\n- qla2xxx: Fix P3P max debug ID. (Chad Dupuis) [Orabug: 18524767] \r\n- qla2xxx: Check for peg alive counter and clear any outstanding mailbox command. (Giridhar Malavali) [Orabug: 18524767] \r\n- qla2xxx: Support of new Helga minidump opcodes QLA8044_RDDFE(38), QLA8044_RDMDIO(39),QLA8044_POLLWR(40). (Pratik Mohanty) [Orabug: 18524767] \r\n- qla2xxx: Allow the next firmware dump if the previous dump capture fails for ISP8044. (Saurav Kashyap) [Orabug: 18524767] \r\n- qla2xxx: Add pci device id 0x2271. (Joe Carnuccio) [Orabug: 18524767] \r\n- qla2xxx: Issue abort command for outstanding commands during cleanup when only firmware is alive. (Giridhar Malavali) [Orabug: 18524767] \r\n- qla2xxx: Log when device state is moved to failed state. (Giridhar Malavali) [Orabug: 18524767] \r\n- qla2xxx: Fix sparse warnings in qla_mr.c (Armen Baloyan) [Orabug: 18524767] \r\n- qla2xxx: Correct operations for ISP27xx template types 270 and 271. (Joe Carnuccio) [Orabug: 18524767] \r\n- qla2xxx: Add and use 32Gbps FC-GS definitions. (Chad Dupuis) [Orabug: 18524767] \r\n- qla2xxx: Do not schedule reset when one is already active when receiving an invalid status handle. (Chad Dupuis) [Orabug: 18524767] \r\n- qla2xxx: Add IOCB Abort command asynchronous handling (Armen Baloyan) [Orabug: 18524767] \r\n- qla2xxx: Add ISP2701 to PCI ID table. (Sawan Chandak) [Orabug: 18524767] \r\n- Update qlge driver to v1.00.00.34 (Sucheta Chakraborty) [Orabug: 18552225] \r\n- [SCSI] hpsa: update driver version to 3.4.4-1 (Stephen M. Cameron) [Orabug: 18524766] \r\n- [SCSI] hpsa: fix bad endif placement in RAID 5 mapper code (Stephen M. Cameron) [Orabug: 18524766] \r\n- [SCSI] hpsa: Do not zero fields of ioaccel2 command structure twice (Stephen M. Cameron) [Orabug: 18524766] \r\n- [SCSI] hpsa: Add hba mode to the hpsa driver (Stephen M. Cameron) [Orabug: 18524766] \r\n- [SCSI] hpsa: remove unused struct request from CommandList (Stephen M. Cameron) [Orabug: 18524766] \r\n- [SCSI] hpsa: increase the probability of a reported success after a device reset (Tomas Henzl) [Orabug: 18524766] \r\n- [SCSI] hpsa: bring format-in-progress drives online when ready (Stephen M. Cameron) [Orabug: 18524766] \r\n- [SCSI] hpsa: remove unused kthread.h header (Stephen M. Cameron) [Orabug: 18524766] \r\n- bonding: Inactive slaves should keep inactive flag's value (zheng.li) [Orabug: 18345482] \r\n- dtrace: fix leaking psinfo objects (Kris Van Hees) [Orabug: 18383027] \r\n- xen/pvhvm: Support more than 32 VCPUs when migrating. (Konrad Rzeszutek Wilk) [Orabug: 18552664] \r\n- xen/microcode: Only load under initial domain. (Konrad Rzeszutek Wilk) [Orabug: 18379824] \r\n- audit: Make testing for a valid loginuid explicit. (Eric W. Biederman) [Orabug: 18346901] \r\n- audit: make validity checking generic (Eric Paris) [Orabug: 18346901] \r\n- audit: allow checking the type of audit message in the user filter (Eric Paris) [Orabug: 18346901] \r\n- i40e: enable CONFIG_I40E by default (Brian Maly) [Orabug: 18429973] \r\n- i40e: add kcompat calls (Brian Maly) [Orabug: 18429973] \r\n- i40e: include i40e in kernel proper (Jesse Brandeburg) [Orabug: 18429973] \r\n- i40e: debugfs interface (Jesse Brandeburg) [Orabug: 18429973] \r\n- i40e: init code and hardware support (Jesse Brandeburg) [Orabug: 18429973] \r\n- i40e: implement virtual device interface (Jesse Brandeburg) [Orabug: 18429973] \r\n- i40e: driver core headers (Jesse Brandeburg) [Orabug: 18429973] \r\n- i40e: driver ethtool core (Jesse Brandeburg) [Orabug: 18429973] \r\n- i40e: transmit, receive, and NAPI (Jesse Brandeburg) [Orabug: 18429973] \r\n- i40e: main driver core (Jesse Brandeburg) [Orabug: 18429973] \r\n- ocfs2: pass \"new\" parameter to ocfs2_init_xattr_bucket (Wengang Wang) [Orabug: 18447765] \r\n- qlcnic: make Kconfig", "modified": "2014-05-19T00:00:00", "published": "2014-05-19T00:00:00", "id": "ELSA-2014-3034", "href": "http://linux.oracle.com/errata/ELSA-2014-3034.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 7.4, "vector": "AV:A/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:22", "bulletinFamily": "unix", "description": "kernel-uek\n[3.8.13-26.2.2.el6uek]\n- netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages (Daniel Borkmann) [Orabug: 18421673] {CVE-2014-2523}\n- cifs: ensure that uncached writes handle unmapped areas correctly (Jeff Layton) [Orabug: 18461067] {CVE-2014-0069} {CVE-2014-0069}\n- net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH capable (Daniel Borkmann) [Orabug: 18461065] {CVE-2014-0101}\n- vhost-net: insufficient handling of error conditions in get_rx_bufs() (Guangyu Sun) [Orabug: 18461050] {CVE-2014-0055}", "modified": "2014-03-26T00:00:00", "published": "2014-03-26T00:00:00", "id": "ELSA-2014-3014", "href": "http://linux.oracle.com/errata/ELSA-2014-3014.html", "title": "unbreakable enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:26", "bulletinFamily": "unix", "description": "kernel\n[2.6.18-371.6.1.0.1]\n- i386: fix MTRR code (Zhenzhong Duan) [orabug 15862649]\n- [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030]\n- [oprofile] export __get_user_pages_fast() function [orabug 14277030]\n- [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030]\n- [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030]\n- [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030]\n- [kernel] Initialize the local uninitialized variable stats. [orabug 14051367]\n- [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763]\n- [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272]\n- [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075]\n- fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan)\n- [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan)\n- [x86] Fix lvt0 reset when hvm boot up with noapic param\n- [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason)\n [orabug 12342275]\n- [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346]\n- [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566]\n- [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042]\n- [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646]\n- fix filp_close() race (Joe Jin) [orabug 10335998]\n- make xenkbd.abs_pointer=1 by default [orabug 67188919]\n- [xen] check to see if hypervisor supports memory reservation change\n (Chuck Anderson) [orabug 7556514]\n- [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki)\n [orabug 10315433]\n- [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258]\n- [mm] Patch shrink_zone to yield during severe mempressure events, avoiding\n hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839]\n- [mm] Enhance shrink_zone patch allow full swap utilization, and also be\n NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919]\n- fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]\n- [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson)\n [orabug 9107465]\n- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson)\n [orabug 9764220]\n- Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615]\n- fix overcommit memory to use percpu_counter for (KOSAKI Motohiro,\n Guru Anbalagane) [orabug 6124033]\n- [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208]\n- [ib] fix memory corruption (Andy Grover) [orabug 9972346]\n- [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203]\n- [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203]\n- [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]", "modified": "2014-03-13T00:00:00", "published": "2014-03-13T00:00:00", "id": "ELSA-2014-0285-1", "href": "http://linux.oracle.com/errata/ELSA-2014-0285-1.html", "title": "1 ", "type": "oraclelinux", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "amazon": [{"lastseen": "2019-05-29T17:22:39", "bulletinFamily": "unix", "description": "**Issue Overview:**\n\nThe ip6_route_add function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service (memory consumption) via a flood of ICMPv6 Router Advertisement packets.\n\ndrivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable buffers are disabled, does not properly validate packet lengths, which allows guest OS users to cause a denial of service (memory corruption and host OS crash) or possibly gain privileges on the host OS via crafted packets, related to the handle_rx and get_rx_bufs functions.\n\nnet/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a DCCP packet that triggers a call to the (1) dccp_new, (2) dccp_packet, or (3) dccp_error function.\n\nThe get_rx_bufs function in drivers/vhost/net.c in the vhost-net subsystem in the Linux kernel package before 2.6.32-431.11.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly handle vhost_get_vq_desc errors, which allows guest OS users to cause a denial of service (host OS crash) via unspecified vectors.\n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. You will need to reboot your system in order for the new kernel to be running.\n\n \n\n\n**New Packages:**\n \n \n i686: \n kernel-3.10.37-47.135.amzn1.i686 \n perf-debuginfo-3.10.37-47.135.amzn1.i686 \n kernel-debuginfo-3.10.37-47.135.amzn1.i686 \n perf-3.10.37-47.135.amzn1.i686 \n kernel-debuginfo-common-i686-3.10.37-47.135.amzn1.i686 \n kernel-devel-3.10.37-47.135.amzn1.i686 \n kernel-headers-3.10.37-47.135.amzn1.i686 \n \n noarch: \n kernel-doc-3.10.37-47.135.amzn1.noarch \n \n src: \n kernel-3.10.37-47.135.amzn1.src \n \n x86_64: \n perf-debuginfo-3.10.37-47.135.amzn1.x86_64 \n kernel-debuginfo-common-x86_64-3.10.37-47.135.amzn1.x86_64 \n kernel-debuginfo-3.10.37-47.135.amzn1.x86_64 \n kernel-3.10.37-47.135.amzn1.x86_64 \n kernel-headers-3.10.37-47.135.amzn1.x86_64 \n perf-3.10.37-47.135.amzn1.x86_64 \n kernel-devel-3.10.37-47.135.amzn1.x86_64 \n \n \n", "modified": "2014-09-18T00:24:00", "published": "2014-09-18T00:24:00", "id": "ALAS-2014-328", "href": "https://alas.aws.amazon.com/ALAS-2014-328.html", "title": "Medium: kernel", "type": "amazon", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "seebug": [{"lastseen": "2017-11-19T17:30:06", "bulletinFamily": "exploit", "description": "BUGTRAQ ID: 66279\r\nCVE ID: CVE-2014-2523\r\n\r\nLinux Kernel\u662fLinux\u64cd\u4f5c\u7cfb\u7edf\u7684\u5185\u6838\u3002\r\n\r\nLinux Kernel 2.6.32.61, 3.2.55, 3.4.83, 3.10.33, 3.12.14, 3.13.6\u7248\u672c\u5728 &quot;dccp_new()&quot;, &quot;dccp_packet()&quot;, , &quot;dccp_error()&quot;\u51fd\u6570(net/netfilter/nf_conntrack_proto_dccp.c)\u7684\u5b9e\u73b0\u4e0a\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u6076\u610f\u7528\u6237\u901a\u8fc7\u7279\u5236\u7684DCCP\u6570\u636e\u5305\uff0c\u5229\u7528\u6b64\u6f0f\u6d1e\u53ef\u7834\u574f\u5185\u6838\u6808\uff0c\u7136\u540e\u4ee5\u5185\u6838\u6743\u9650\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\n0\nLinux kernel 3.4.x\r\nLinux kernel 3.2.x\r\nLinux kernel 3.13.x\r\nLinux kernel 3.12.x\r\nLinux kernel 3.10.x\r\nLinux kernel 2.6.x\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.kernel.org/", "modified": "2014-03-19T00:00:00", "published": "2014-03-19T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-61843", "id": "SSV:61843", "title": "Linux Kernel DCCP\u62a5\u6587\u5904\u7406\u5185\u5b58\u7834\u574f\u6f0f\u6d1e", "type": "seebug", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": ""}, {"lastseen": "2017-11-19T17:27:47", "bulletinFamily": "exploit", "description": "Bugtraq ID:66678\r\nCVE ID:CVE-2014-0077\r\n\r\nLinux Kernel\u662fLinux\u64cd\u4f5c\u7cfb\u7edf\u7684\u5185\u6838\u3002\r\n\r\nLinux kernel\u5728handle_rx()\u51fd\u6570\u5904\u7406\u8f83\u5927\u6570\u636e\u5305\u65f6\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u4f7f\u53d7\u5f71\u54cd\u5e94\u7528\u5d29\u6e83\u3002\n0\nLinux kernel\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8bf7\u4e0b\u8f7d\u4f7f\u7528\uff1a\r\nhttp://www.kernel.org/", "modified": "2014-04-09T00:00:00", "published": "2014-04-09T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-62091", "id": "SSV:62091", "title": "Linux Kernel 'handle_rx()'\u51fd\u6570\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "type": "seebug", "sourceData": "", "cvss": {"score": 5.5, "vector": "AV:ADJACENT_NETWORK/AC:HIGH/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}, "sourceHref": ""}], "ubuntu": [{"lastseen": "2019-05-29T19:22:04", "bulletinFamily": "unix", "description": "A flaw was discovered in the Linux kernel\u2019s handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2014-0101)\n\nAn error was discovered in the Linux kernel\u2019s DCCP protocol support. A remote attacked could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2014-2523)", "modified": "2014-04-26T00:00:00", "published": "2014-04-26T00:00:00", "id": "USN-2173-1", "href": "https://usn.ubuntu.com/2173-1/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T17:23:08", "bulletinFamily": "unix", "description": "A flaw was discovered in the Linux kernel\u2019s handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2014-0101)\n\nAn error was discovered in the Linux kernel\u2019s DCCP protocol support. A remote attacked could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2014-2523)", "modified": "2014-04-26T00:00:00", "published": "2014-04-26T00:00:00", "id": "USN-2174-1", "href": "https://usn.ubuntu.com/2174-1/", "title": "Linux kernel (EC2) vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T19:21:18", "bulletinFamily": "unix", "description": "Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. (CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the vhost-net subsystem of the Linux kernel. Guest OS users could exploit this flaw to cause a denial of service (host OS crash). (CVE-2014-0055)\n\nA flaw was discovered in the handling of network packets when mergeable buffers are disabled for virtual machines in the Linux kernel. Guest OS users may exploit this flaw to cause a denial of service (host OS crash) or possibly gain privilege on the host OS. (CVE-2014-0077)\n\nA flaw was discovered in the Linux kernel\u2019s handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux kernel\u2019s IPv6 stack. A remote attacker could exploit this flaw to cause a denial of service (memory consumption) via a flood of ICMPv6 router advertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel\u2019s DCCP protocol support. A remote attacked could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless driver in the Linux kernel. This race could be exploited by remote attackers to cause a denial of service (system crash). (CVE-2014-2672)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol stack in the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have unspecified other impact. (CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel\u2019s Generic IEEE 802.11 Networking Stack (mac80211). Remote attackers could exploit this flaw to cause a denial of service (system crash). (CVE-2014-2706)\n\nA flaw was discovered in the Linux kernel\u2019s ping sockets. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges via a crafted application. (CVE-2014-2851)\n\nSasha Levin reported a bug in the Linux kernel\u2019s virtual memory management subsystem. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2014-3122)", "modified": "2014-05-27T00:00:00", "published": "2014-05-27T00:00:00", "id": "USN-2224-1", "href": "https://usn.ubuntu.com/2224-1/", "title": "Linux kernel (Raring HWE) vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T17:23:26", "bulletinFamily": "unix", "description": "Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. (CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the Linux kernel\u2019s IPC reference counting. An unprivileged local user could exploit this flaw to cause a denial of service (OOM system crash). (CVE-2013-4483)\n\nA flaw was discovered in the vhost-net subsystem of the Linux kernel. Guest OS users could exploit this flaw to cause a denial of service (host OS crash). (CVE-2014-0055)\n\nA flaw was discovered in the handling of network packets when mergeable buffers are disabled for virtual machines in the Linux kernel. Guest OS users may exploit this flaw to cause a denial of service (host OS crash) or possibly gain privilege on the host OS. (CVE-2014-0077)\n\nA flaw was discovered in the Linux kernel\u2019s handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux kernel\u2019s IPv6 stack. A remote attacker could exploit this flaw to cause a denial of service (memory consumption) via a flood of ICMPv6 router advertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel\u2019s DCCP protocol support. A remote attacked could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless driver in the Linux kernel. This race could be exploited by remote attackers to cause a denial of service (system crash). (CVE-2014-2672)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol stack in the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have unspecified other impact. (CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel\u2019s Generic IEEE 802.11 Networking Stack (mac80211). Remote attackers could exploit this flaw to cause a denial of service (system crash). (CVE-2014-2706)\n\nA flaw was discovered in the Linux kernel\u2019s ping sockets. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges via a crafted application. (CVE-2014-2851)\n\nSasha Levin reported a bug in the Linux kernel\u2019s virtual memory management subsystem. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2014-3122)", "modified": "2014-05-27T00:00:00", "published": "2014-05-27T00:00:00", "id": "USN-2223-1", "href": "https://usn.ubuntu.com/2223-1/", "title": "Linux kernel (Quantal HWE) vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T17:22:48", "bulletinFamily": "unix", "description": "Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. (CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the Linux kernel\u2019s IPC reference counting. An unprivileged local user could exploit this flaw to cause a denial of service (OOM system crash). (CVE-2013-4483)\n\nAl Viro discovered an error in how CIFS in the Linux kernel handles uncached write operations. An unprivileged local user could exploit this flaw to cause a denial of service (system crash), obtain sensitive information from kernel memory, or possibly gain privileges. (CVE-2014-0069)\n\nA flaw was discovered in the handling of network packets when mergeable buffers are disabled for virtual machines in the Linux kernel. Guest OS users may exploit this flaw to cause a denial of service (host OS crash) or possibly gain privilege on the host OS. (CVE-2014-0077)\n\nA flaw was discovered in the Linux kernel\u2019s handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux kernel\u2019s IPv6 stack. A remote attacker could exploit this flaw to cause a denial of service (memory consumption) via a flood of ICMPv6 router advertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel\u2019s DCCP protocol support. A remote attacked could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless driver in the Linux kernel. This race could be exploited by remote attackers to cause a denial of service (system crash). (CVE-2014-2672)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol stack in the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have unspecified other impact. (CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel\u2019s Generic IEEE 802.11 Networking Stack (mac80211). Remote attackers could exploit this flaw to cause a denial of service (system crash). (CVE-2014-2706)\n\nA flaw was discovered in the Linux kernel\u2019s ping sockets. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges via a crafted application. (CVE-2014-2851)\n\nJouni Malinen reported a flaw in the handling of fragmentation in the mac8Linux subsystem of the kernel. A remote attacker could exploit this flaw to obtain potential sensitive cleartext information by reading packets. (CVE-2014-8709)", "modified": "2014-05-26T00:00:00", "published": "2014-05-26T00:00:00", "id": "USN-2221-1", "href": "https://usn.ubuntu.com/2221-1/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T17:22:30", "bulletinFamily": "unix", "description": "A flaw was discovered in the Linux kernel\u2019s compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. (CVE-2013-6383)\n\nmpd reported an information leak in the recvfrom, recvmmsg, and recvmsg system calls in the Linux kernel. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel stack memory. (CVE-2013-7263)\n\nmpb reported an information leak in the Layer Two Tunneling Protocol (l2tp) of the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel stack memory. (CVE-2013-7264)\n\nmpb reported an information leak in the Phone Network protocol (phonet) in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel stack memory. (CVE-2013-7265)\n\nmpb reported an information leak in the Low-Rate Wireless Personal Area Networks support (IEEE 802.15.4) in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel stack memory. (CVE-2013-7281)", "modified": "2014-02-18T00:00:00", "published": "2014-02-18T00:00:00", "id": "USN-2108-1", "href": "https://usn.ubuntu.com/2108-1/", "title": "Linux kernel (EC2) vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T17:23:19", "bulletinFamily": "unix", "description": "A flaw was discovered in the Linux kernel\u2019s compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. (CVE-2013-6383)\n\nmpd reported an information leak in the recvfrom, recvmmsg, and recvmsg system calls in the Linux kernel. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel stack memory. (CVE-2013-7263)\n\nmpb reported an information leak in the Layer Two Tunneling Protocol (l2tp) of the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel stack memory. (CVE-2013-7264)\n\nmpb reported an information leak in the Phone Network protocol (phonet) in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel stack memory. (CVE-2013-7265)\n\nmpb reported an information leak in the Low-Rate Wireless Personal Area Networks support (IEEE 802.15.4) in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel stack memory. (CVE-2013-7281)", "modified": "2014-02-18T00:00:00", "published": "2014-02-18T00:00:00", "id": "USN-2107-1", "href": "https://usn.ubuntu.com/2107-1/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T17:22:34", "bulletinFamily": "unix", "description": "Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. (CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the vhost-net subsystem of the Linux kernel. Guest OS users could exploit this flaw to cause a denial of service (host OS crash). (CVE-2014-0055)\n\nA flaw was discovered in the handling of network packets when mergeable buffers are disabled for virtual machines in the Linux kernel. Guest OS users may exploit this flaw to cause a denial of service (host OS crash) or possibly gain privilege on the host OS. (CVE-2014-0077)\n\nNikolay Aleksandrov discovered a race condition in Linux kernel\u2019s IPv4 fragment handling code. Remote attackers could exploit this flaw to cause a denial of service (system crash) or possibly have other unspecified impact. (CVE-2014-0100)\n\nA flaw was discovered in the Linux kernel\u2019s handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux kernel\u2019s IPv6 stack. A remote attacker could exploit this flaw to cause a denial of service (memory consumption) via a flood of ICMPv6 router advertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel\u2019s DCCP protocol support. A remote attacked could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless driver in the Linux kernel. This race could be exploited by remote attackers to cause a denial of service (system crash). (CVE-2014-2672)\n\nAdhemerval Zanella Neto discovered a flaw the in the Transactional Memory \u2122 implementation for powerpc based machine. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2014-2673)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol stack in the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have unspecified other impact. (CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel\u2019s Generic IEEE 802.11 Networking Stack (mac80211). Remote attackers could exploit this flaw to cause a denial of service (system crash). (CVE-2014-2706)\n\nA flaw was discovered in the Linux kernel\u2019s ping sockets. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges via a crafted application. (CVE-2014-2851)", "modified": "2014-05-27T00:00:00", "published": "2014-05-27T00:00:00", "id": "USN-2228-1", "href": "https://usn.ubuntu.com/2228-1/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T17:23:11", "bulletinFamily": "unix", "description": "Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. (CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the handling of network packets when mergeable buffers are disabled for virtual machines in the Linux kernel. Guest OS users may exploit this flaw to cause a denial of service (host OS crash) or possibly gain privilege on the host OS. (CVE-2014-0077)\n\nT\u00f6r\u00f6k Edwin discovered a flaw with Xen netback driver when used with Linux configurations that do not allow sleeping in softirq context. A guest administrator could exploit this flaw to cause a denial of service (system crash) on the host. (CVE-2014-2580)\n\nA flaw was discovered in the Linux kernel\u2019s ping sockets. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges via a crafted application. (CVE-2014-2851)\n\nHannes Frederic Sowa reported a hash collision ordering problem in the xfs filesystem in the Linux kernel. A local user could exploit this flaw to cause filesystem corruption and a denial of service (oops or panic). (CVE-2014-7283)", "modified": "2014-05-27T00:00:00", "published": "2014-05-27T00:00:00", "id": "USN-2226-1", "href": "https://usn.ubuntu.com/2226-1/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:51", "bulletinFamily": "software", "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2173-1\r\nApril 26, 2014\r\n\r\nlinux vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 10.04 LTS\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in the kernel.\r\n\r\nSoftware Description:\r\n- linux: Linux kernel\r\n\r\nDetails:\r\n\r\nA flaw was discovered in the Linux kernel&#39;s handling of SCTP handshake. A\r\nremote attacker could exploit this flaw to cause a denial of service\r\n&#40;system crash&#41;. &#40;CVE-2014-0101&#41;\r\n\r\nAn error was discovered in the Linux kernel&#39;s DCCP protocol support. A\r\nremote attacked could exploit this flaw to cause a denial of service\r\n&#40;system crash&#41; or possibly execute arbitrary code. &#40;CVE-2014-2523&#41;\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 10.04 LTS:\r\n linux-image-2.6.32-58-386 2.6.32-58.120\r\n linux-image-2.6.32-58-generic 2.6.32-58.120\r\n linux-image-2.6.32-58-generic-pae 2.6.32-58.120\r\n linux-image-2.6.32-58-ia64 2.6.32-58.120\r\n linux-image-2.6.32-58-lpia 2.6.32-58.120\r\n linux-image-2.6.32-58-powerpc 2.6.32-58.120\r\n linux-image-2.6.32-58-powerpc-smp 2.6.32-58.120\r\n linux-image-2.6.32-58-powerpc64-smp 2.6.32-58.120\r\n linux-image-2.6.32-58-preempt 2.6.32-58.120\r\n linux-image-2.6.32-58-server 2.6.32-58.120\r\n linux-image-2.6.32-58-sparc64 2.6.32-58.120\r\n linux-image-2.6.32-58-sparc64-smp 2.6.32-58.120\r\n linux-image-2.6.32-58-versatile 2.6.32-58.120\r\n linux-image-2.6.32-58-virtual 2.6.32-58.120\r\n\r\nAfter a standard system update you need to reboot your computer to make\r\nall the necessary changes.\r\n\r\nATTENTION: Due to an unavoidable ABI change the kernel updates have\r\nbeen given a new version number, which requires you to recompile and\r\nreinstall all third party kernel modules you might have installed. If\r\nyou use linux-restricted-modules, you have to update that package as\r\nwell to get modules which work with the new kernel version. Unless you\r\nmanually uninstalled the standard kernel metapackages &#40;e.g. linux-generic,\r\nlinux-server, linux-powerpc&#41;, a standard system upgrade will automatically\r\nperform this as well.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2173-1\r\n CVE-2014-0101, CVE-2014-2523\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/linux/2.6.32-58.120\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "modified": "2014-05-04T00:00:00", "published": "2014-05-04T00:00:00", "id": "SECURITYVULNS:DOC:30535", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30535", "title": "[USN-2173-1] Linux kernel vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:52", "bulletinFamily": "software", "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2228-1\r\nMay 27, 2014\r\n\r\nlinux vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 13.10\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in the kernel.\r\n\r\nSoftware Description:\r\n- linux: Linux kernel\r\n\r\nDetails:\r\n\r\nMatthew Daley reported an information leak in the floppy disk driver of the\r\nLinux kernel. An unprivileged local user could exploit this flaw to obtain\r\npotentially sensitive information from kernel memory. &#40;CVE-2014-1738&#41;\r\n\r\nMatthew Daley reported a flaw in the handling of ioctl commands by the\r\nfloppy disk driver in the Linux kernel. An unprivileged local user could\r\nexploit this flaw to gain administrative privileges if the floppy disk\r\nmodule is loaded. &#40;CVE-2014-1737&#41;\r\n\r\nA flaw was discovered in the vhost-net subsystem of the Linux kernel. Guest\r\nOS users could exploit this flaw to cause a denial of service &#40;host OS\r\ncrash&#41;. &#40;CVE-2014-0055&#41;\r\n\r\nA flaw was discovered in the handling of network packets when mergeable\r\nbuffers are disabled for virtual machines in the Linux kernel. Guest OS\r\nusers may exploit this flaw to cause a denial of service &#40;host OS crash&#41; or\r\npossibly gain privilege on the host OS. &#40;CVE-2014-0077&#41;\r\n\r\nNikolay Aleksandrov discovered a race condition in Linux kernel&#39;s IPv4\r\nfragment handling code. Remote attackers could exploit this flaw to cause a\r\ndenial of service &#40;system crash&#41; or possibly have other unspecified impact.\r\n&#40;CVE-2014-0100&#41;\r\n\r\nA flaw was discovered in the Linux kernel&#39;s handling of the SCTP handshake.\r\nA remote attacker could exploit this flaw to cause a denial of service\r\n&#40;system crash&#41;. &#40;CVE-2014-0101&#41;\r\n\r\nA flaw was discovered in the handling of routing information in Linux\r\nkernel&#39;s IPv6 stack. A remote attacker could exploit this flaw to cause a\r\ndenial of service &#40;memory consumption&#41; via a flood of ICMPv6 router\r\nadvertisement packets. &#40;CVE-2014-2309&#41;\r\n\r\nAn error was discovered in the Linux kernel&#39;s DCCP protocol support. A\r\nremote attacked could exploit this flaw to cause a denial of service\r\n&#40;system crash&#41; or possibly execute arbitrary code. &#40;CVE-2014-2523&#41;\r\n\r\nMax Sydorenko discovered a race condition in the Atheros 9k wireless driver\r\nin the Linux kernel. This race could be exploited by remote attackers to\r\ncause a denial of service &#40;system crash&#41;. &#40;CVE-2014-2672&#41;\r\n\r\nAdhemerval Zanella Neto discovered a flaw the in the Transactional Memory\r\n&#40;TM&#41; implementation for powerpc based machine. An unprivileged local user\r\ncould exploit this flaw to cause a denial of service &#40;system crash&#41;.\r\n&#40;CVE-2014-2673&#41;\r\n\r\nAn error was discovered in the Reliable Datagram Sockets &#40;RDS&#41; protocol\r\nstack in the Linux kernel. A local user could exploit this flaw to cause a\r\ndenial of service &#40;system crash&#41; or possibly have unspecified other impact.\r\n&#40;CVE-2014-2678&#41;\r\n\r\nYaara Rozenblum discovered a race condition in the Linux kernel&#39;s Generic\r\nIEEE 802.11 Networking Stack &#40;mac80211&#41;. Remote attackers could exploit\r\nthis flaw to cause a denial of service &#40;system crash&#41;. &#40;CVE-2014-2706&#41;\r\n\r\nA flaw was discovered in the Linux kernel&#39;s ping sockets. An unprivileged\r\nlocal user could exploit this flaw to cause a denial of service &#40;system\r\ncrash&#41; or possibly gain privileges via a crafted application.\r\n&#40;CVE-2014-2851&#41;\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 13.10:\r\n linux-image-3.11.0-22-generic 3.11.0-22.38\r\n linux-image-3.11.0-22-generic-lpae 3.11.0-22.38\r\n\r\nAfter a standard system update you need to reboot your computer to make\r\nall the necessary changes.\r\n\r\nATTENTION: Due to an unavoidable ABI change the kernel updates have\r\nbeen given a new version number, which requires you to recompile and\r\nreinstall all third party kernel modules you might have installed. If\r\nyou use linux-restricted-modules, you have to update that package as\r\nwell to get modules which work with the new kernel version. Unless you\r\nmanually uninstalled the standard kernel metapackages &#40;e.g. linux-generic,\r\nlinux-server, linux-powerpc&#41;, a standard system upgrade will automatically\r\nperform this as well.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2228-1\r\n CVE-2014-0055, CVE-2014-0077, CVE-2014-0100, CVE-2014-0101,\r\n CVE-2014-1737, CVE-2014-1738, CVE-2014-2309, CVE-2014-2523,\r\n CVE-2014-2672, CVE-2014-2673, CVE-2014-2678, CVE-2014-2706,\r\n CVE-2014-2851\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/linux/3.11.0-22.38\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "modified": "2014-05-29T00:00:00", "published": "2014-05-29T00:00:00", "id": "SECURITYVULNS:DOC:30757", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30757", "title": "[USN-2228-1] Linux kernel vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}